Seeing is believing: designing visualizations for managing risk and compliance
This paper explores the design of visualizations that support mandated organizational compliance processes. We draw on the research literature to show how visualizations can operate as effective user interfaces for complex, distributed processes. We ...
Optimized enterprise risk management
As the result of the increasing costs of risk and compliance activities, enterprises are beginning to integrate compliance and risk management into a comprehensive enterprise risk management function and thus proactively address all sorts of risk, ...
Best practices and tools for personal information compliance management
Recent incidents involving the loss of personal information and identity theft have raised concerns worldwide over information privacy. In Japan, the Personal Information Protection Act went into effect in April 2005, requiring every enterprise to ...
Compliance with data protection laws using hippocratic database active enforcement and auditing
Governments worldwide are enacting data protection laws that restrict the disclosure and processing of personal information. These laws impose administrative and financial burdens on companies that manage personal information and may hinder the ...
A survey of static analysis methods for identifying security vulnerabilities in software systems
In this paper we survey static analysis methods for identifying security vulnerabilities in software systems. We cover three areas that have been associated with sources of security vulnerabilities: access-control, information-flow, and application-...
Ariadne: an eclipse-based system for tracking the originality of source code
In this paper we introduce Ariadne, an Eclipse-based system for tracking the originality of source code in collaborative software development environments in which software reuse is a common practice. We describe its architecture within the Eclipse ...
Role of an auditing and reporting service in compliance management
Regulatory compliance has become a major focus in today's business environment as companies adapt to comply with regulations such as Sarbanes-Oxley, Basel II, and HIPAA (the Health Insurance Portability and Accountability Act). Runtime audit data that ...
Addressing the data aspects of compliance with industry models
A fundamental aspect of compliance involves the capability to produce business reports which constitute adequate audit and control records. This presents two significant challenges. Very often, international and government regulators do not coordinate ...
A static compliance-checking framework for business process models
Regulatory compliance of business operations is a critical problem for enterprises. As enterprises increasingly use business process management systems to automate their business processes, technologies to automatically check the compliance of process ...