监管世界和机器:协调法律要求及其影响的系统

David G. Gordon
{"title":"监管世界和机器:协调法律要求及其影响的系统","authors":"David G. Gordon","doi":"10.1109/RE.2013.6636760","DOIUrl":null,"url":null,"abstract":"The past decade has seen a substantial increase in the issuance of privacy and security regulations governing personal information. Ensuring system and organizational compliance is both more important and more difficult than ever before, as the penalties have become more severe, and regulations more complex and nuanced. This also presents substantial difficulties for multi-national companies, as different states, countries, or regions do not adhere to a uniform standard, resulting in a mixed set of regulations for the systems they govern. In this work, I describe a framework to address this issue, referred to as requirements water marking, wherein requirements from different jurisdictions that govern the same system may be evaluated and reduced to a single standard of care, establishing a “high water mark” for regulatory compliance and reducing requirements complexity. The framework, which draws on work in requirements specification languages and requirements comparison, allows engineers and legal experts to systematically simplify compliance and determine both high and low standards of care, while maintaining traceability back to the original legal text. In addition, I investigate the proposed value of legal requirements models, demonstrating the relationship between proposed value of these models to organizational decision-making and the validity of the model.","PeriodicalId":6342,"journal":{"name":"2013 21st IEEE International Requirements Engineering Conference (RE)","volume":"83 1","pages":"381-384"},"PeriodicalIF":0.0000,"publicationDate":"2013-07-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"2","resultStr":"{\"title\":\"The regulatory world and the machine: Harmonizing legal requirements and the systems they affect\",\"authors\":\"David G. Gordon\",\"doi\":\"10.1109/RE.2013.6636760\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"The past decade has seen a substantial increase in the issuance of privacy and security regulations governing personal information. Ensuring system and organizational compliance is both more important and more difficult than ever before, as the penalties have become more severe, and regulations more complex and nuanced. This also presents substantial difficulties for multi-national companies, as different states, countries, or regions do not adhere to a uniform standard, resulting in a mixed set of regulations for the systems they govern. In this work, I describe a framework to address this issue, referred to as requirements water marking, wherein requirements from different jurisdictions that govern the same system may be evaluated and reduced to a single standard of care, establishing a “high water mark” for regulatory compliance and reducing requirements complexity. The framework, which draws on work in requirements specification languages and requirements comparison, allows engineers and legal experts to systematically simplify compliance and determine both high and low standards of care, while maintaining traceability back to the original legal text. In addition, I investigate the proposed value of legal requirements models, demonstrating the relationship between proposed value of these models to organizational decision-making and the validity of the model.\",\"PeriodicalId\":6342,\"journal\":{\"name\":\"2013 21st IEEE International Requirements Engineering Conference (RE)\",\"volume\":\"83 1\",\"pages\":\"381-384\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2013-07-15\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"2\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2013 21st IEEE International Requirements Engineering Conference (RE)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/RE.2013.6636760\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2013 21st IEEE International Requirements Engineering Conference (RE)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/RE.2013.6636760","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 2

摘要

在过去十年中,有关个人信息的隐私和安全法规的发布大幅增加。确保系统和组织的遵从性比以往任何时候都更加重要,也更加困难,因为惩罚变得更加严厉,法规变得更加复杂和微妙。这也给跨国公司带来了实质性的困难,因为不同的州、国家或地区不遵守统一的标准,导致它们所管理的系统的一套混合规则。在这项工作中,我描述了一个框架来解决这个问题,称为需求水印,其中来自管理同一系统的不同司法管辖区的需求可以被评估并减少到单一的注意标准,为法规遵从性建立“高水位”并降低需求复杂性。该框架利用需求规范语言和需求比较方面的工作,允许工程师和法律专家系统地简化遵从性,并确定高标准和低标准,同时保持对原始法律文本的可追溯性。此外,我还研究了法律要求模型的建议价值,证明了这些模型对组织决策的建议价值与模型有效性之间的关系。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
查看原文
分享 分享
微信好友 朋友圈 QQ好友 复制链接
本刊更多论文
The regulatory world and the machine: Harmonizing legal requirements and the systems they affect
The past decade has seen a substantial increase in the issuance of privacy and security regulations governing personal information. Ensuring system and organizational compliance is both more important and more difficult than ever before, as the penalties have become more severe, and regulations more complex and nuanced. This also presents substantial difficulties for multi-national companies, as different states, countries, or regions do not adhere to a uniform standard, resulting in a mixed set of regulations for the systems they govern. In this work, I describe a framework to address this issue, referred to as requirements water marking, wherein requirements from different jurisdictions that govern the same system may be evaluated and reduced to a single standard of care, establishing a “high water mark” for regulatory compliance and reducing requirements complexity. The framework, which draws on work in requirements specification languages and requirements comparison, allows engineers and legal experts to systematically simplify compliance and determine both high and low standards of care, while maintaining traceability back to the original legal text. In addition, I investigate the proposed value of legal requirements models, demonstrating the relationship between proposed value of these models to organizational decision-making and the validity of the model.
求助全文
通过发布文献求助,成功后即可免费获取论文全文。 去求助
来源期刊
自引率
0.00%
发文量
0
期刊最新文献
Using defect taxonomies for requirements validation in industrial projects A tool implementation of the unified requirements modeling language as enterprise architect add-in Challenges in balancing the amount of solution information in requirement specifications for embedded products Requirements reviews revisited: Residual challenges and open research questions Identifying top challenges for international research on requirements engineering for systems of systems engineering
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
0
微信
客服QQ
Book学术公众号 扫码关注我们
反馈
×
意见反馈
请填写您的意见或建议
请填写您的手机或邮箱
已复制链接
已复制链接
快去分享给好友吧!
我知道了
×
扫码分享
扫码分享
Book学术官方微信
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术
文献互助 智能选刊 最新文献 互助须知 联系我们:info@booksci.cn
Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。
Copyright © 2023 Book学术 All rights reserved.
ghs 京公网安备 11010802042870号 京ICP备2023020795号-1