Compliance management in multi-actor contexts

CEUR Workshop Proceedings

Volumn 459, Issue , 2009, Pages

  Bonazzi, Riccardo ^a   Pigneur, Yves ^a  

^a UNIVERSITY OF LAUSANNE   (Switzerland)

Author keywords

Compliance; Governance; Requirement engineering; Risk

Indexed keywords

BUSINESS MANAGERS; COMPLIANCE; COMPLIANCE MANAGEMENT; COMPLIANCE OFFICERS; ENTERPRISE INFORMATION SYSTEM; GOVERNANCE; MULTI ACTORS; REQUIREMENT ENGINEERING;

REGULATORY COMPLIANCE; RISKS;

INFORMATION SYSTEMS;

EID: 84866656966     PISSN: 16130073     EISSN: None     Source Type: Conference Proceeding    
DOI: None     Document Type: Conference Paper

References (21)

1. McClean, C., Rasmussen, M.: Topic Overview: Governance, Risk And Compliance. (2007). Available at http://www.forrester.com
2. Basel Committee on Banking Supervision: Compliance and the compliance function in banks (2005), http://www.bis.org/publ/bcbs113.pdf
3. Economist Intelligence Unit: Regulatory Risk: Trends and Strategies for the CRO (2005).
4. IT Policy Compliance Group: Annual Report: IT Governance, Risk and Compliance - Improving Business Results and Mitigating Financial Risk (IT Policy Compliance Group, 2008). Available at http://www.itpolicycompliance.com/ research-reports/it-governance/.
5. McClean, C.: The GRC Technology Puzzle: Getting All The Pieces To Fit (2009). Available at http://www.forrester.com
6. Beardsley, S., Enriquez, L., Nuttall, R.: Managing regulation in a new era. The McKinsey Quarterly, 90-97 (2009).
7. Bonazzi, R., Hussami, L., Pigneur, Y.: Compliance management is becoming a major issue in IS design. In: D'Atri, A., Saccà, D (eds.) Information Systems: People, Organizations, Institutions, and Technologies, In press. Springer (2008). Available at: http://tinyurl.com/grc-dss
8. Othersen, M.: Cutting Through The IT GRC Hype (2008). Available at http://www.forrester.com
9. Bagheri, E. & Ghorbani, A.A.: The Analysis and Management of Non-Canonical Requirement Specifications through a Belief Integration Game. Accepted Knowledge and Information Systems: An International Journal (2009). Available at: http://glass.cs.unb.ca/~ebrahim/papers/kais.pdf.
10. Volonino, L., Gessner, G.H. & Kermis, G.F.: Holistic Compliance with Sarbanes-Oxley. The Communications of the Association for Information Systems, 12, 457-468 (2003).
11. Compagna, L., El Khoury, P., Krausová, A., Massacci, F., Zannone, N.: How to integrate legal requirements into a requirements engineering methodology for the development of security and privacy patterns. Artificial Intelligence and Law, 17, 1-30 (2009).
12. Rifaut, A. & Faltus, C. Improving Operational Risk Management System by Formalizing the Basel II Regulation with Goal Models and the ISO/IEC 15504 Approach (2006).
13. Breaux, T.D. & Antón, A.I.: Managing Ambiguity and Traceability in Regulatory Requirements: A Tool-supported Frame-based Approach, (2007). Available at ftp://ftp.ncsu.edu/pub/unity/lockers/ftp/csc-anon/tech/ 2007/TR-2007-26.pdf
14. Cheng, C.P., Lau, G.T., Law, K.H., Pan, J., Jones, A.: Regulation Retrieval Using Industry Specific Taxonomies, Artificial Intelligence and Law, 16, 277-303 (2008).
15. Bellamy, R.K.E. et al.: Seeing is believing: Designing visualizations for managing risk and compliance. IBM Systems Journal, 46(2), 205-218 (2007).
16. Rasmussen, M.: Overcoming Risk And Compliance Myopia, (2006). Available at http://www.forrester.com
17. Van de Ven, A.H. & Poole, M.S.: Explaining development and change in organizations. Academy of management review, 520 (1995).
18. Nalebuff, B. & Brandenburger, A.: Co-opetition: Competitive and cooperative business strategies for the digital economy. Strategy & Leadership, 25(6), 28-35 (1997).
19. Fritscher, B.: Business Model Designer From Sticky Note To Screen Interaction. (2008). Available at: http://www.fritscher.ch/hec/projets
20. Muller, S. & Supatgiat, C.: A quantitative optimization model for dynamic risk-based compliance management. IBM Journal of Research and Development, 51(3), 295-308 (2007).
21. Hussami, L: A decision-support system for IS compliance management (2009). Available at: http://tinyurl.com/grc-dss1