监管世界和机器:协调法律要求及其影响的系统

David G. Gordon
{"title":"监管世界和机器:协调法律要求及其影响的系统","authors":"David G. Gordon","doi":"10.1109/RE.2013.6636760","DOIUrl":null,"url":null,"abstract":"The past decade has seen a substantial increase in the issuance of privacy and security regulations governing personal information. Ensuring system and organizational compliance is both more important and more difficult than ever before, as the penalties have become more severe, and regulations more complex and nuanced. This also presents substantial difficulties for multi-national companies, as different states, countries, or regions do not adhere to a uniform standard, resulting in a mixed set of regulations for the systems they govern. In this work, I describe a framework to address this issue, referred to as requirements water marking, wherein requirements from different jurisdictions that govern the same system may be evaluated and reduced to a single standard of care, establishing a “high water mark” for regulatory compliance and reducing requirements complexity. The framework, which draws on work in requirements specification languages and requirements comparison, allows engineers and legal experts to systematically simplify compliance and determine both high and low standards of care, while maintaining traceability back to the original legal text. In addition, I investigate the proposed value of legal requirements models, demonstrating the relationship between proposed value of these models to organizational decision-making and the validity of the model.","PeriodicalId":6342,"journal":{"name":"2013 21st IEEE International Requirements Engineering Conference (RE)","volume":"83 1","pages":"381-384"},"PeriodicalIF":0.0000,"publicationDate":"2013-07-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"2","resultStr":"{\"title\":\"The regulatory world and the machine: Harmonizing legal requirements and the systems they affect\",\"authors\":\"David G. Gordon\",\"doi\":\"10.1109/RE.2013.6636760\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"The past decade has seen a substantial increase in the issuance of privacy and security regulations governing personal information. Ensuring system and organizational compliance is both more important and more difficult than ever before, as the penalties have become more severe, and regulations more complex and nuanced. This also presents substantial difficulties for multi-national companies, as different states, countries, or regions do not adhere to a uniform standard, resulting in a mixed set of regulations for the systems they govern. In this work, I describe a framework to address this issue, referred to as requirements water marking, wherein requirements from different jurisdictions that govern the same system may be evaluated and reduced to a single standard of care, establishing a “high water mark” for regulatory compliance and reducing requirements complexity. The framework, which draws on work in requirements specification languages and requirements comparison, allows engineers and legal experts to systematically simplify compliance and determine both high and low standards of care, while maintaining traceability back to the original legal text. In addition, I investigate the proposed value of legal requirements models, demonstrating the relationship between proposed value of these models to organizational decision-making and the validity of the model.\",\"PeriodicalId\":6342,\"journal\":{\"name\":\"2013 21st IEEE International Requirements Engineering Conference (RE)\",\"volume\":\"83 1\",\"pages\":\"381-384\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2013-07-15\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"2\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2013 21st IEEE International Requirements Engineering Conference (RE)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/RE.2013.6636760\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2013 21st IEEE International Requirements Engineering Conference (RE)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/RE.2013.6636760","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 2

摘要

在过去十年中,有关个人信息的隐私和安全法规的发布大幅增加。确保系统和组织的遵从性比以往任何时候都更加重要,也更加困难,因为惩罚变得更加严厉,法规变得更加复杂和微妙。这也给跨国公司带来了实质性的困难,因为不同的州、国家或地区不遵守统一的标准,导致它们所管理的系统的一套混合规则。在这项工作中,我描述了一个框架来解决这个问题,称为需求水印,其中来自管理同一系统的不同司法管辖区的需求可以被评估并减少到单一的注意标准,为法规遵从性建立“高水位”并降低需求复杂性。该框架利用需求规范语言和需求比较方面的工作,允许工程师和法律专家系统地简化遵从性,并确定高标准和低标准,同时保持对原始法律文本的可追溯性。此外,我还研究了法律要求模型的建议价值,证明了这些模型对组织决策的建议价值与模型有效性之间的关系。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
The regulatory world and the machine: Harmonizing legal requirements and the systems they affect
The past decade has seen a substantial increase in the issuance of privacy and security regulations governing personal information. Ensuring system and organizational compliance is both more important and more difficult than ever before, as the penalties have become more severe, and regulations more complex and nuanced. This also presents substantial difficulties for multi-national companies, as different states, countries, or regions do not adhere to a uniform standard, resulting in a mixed set of regulations for the systems they govern. In this work, I describe a framework to address this issue, referred to as requirements water marking, wherein requirements from different jurisdictions that govern the same system may be evaluated and reduced to a single standard of care, establishing a “high water mark” for regulatory compliance and reducing requirements complexity. The framework, which draws on work in requirements specification languages and requirements comparison, allows engineers and legal experts to systematically simplify compliance and determine both high and low standards of care, while maintaining traceability back to the original legal text. In addition, I investigate the proposed value of legal requirements models, demonstrating the relationship between proposed value of these models to organizational decision-making and the validity of the model.
求助全文
通过发布文献求助,成功后即可免费获取论文全文。 去求助
来源期刊
自引率
0.00%
发文量
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
确定
请完成安全验证×
copy
已复制链接
快去分享给好友吧!
我知道了
右上角分享
点击右上角分享
0
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信