Explanation of Proofs of Regulatory (Non-)Compliance Using Semantic Vocabularies

Sunkle, Sagar; Kholkar, Deepali; Kulkarni, Vinay

doi:10.1007/978-3-319-21542-6_25

Cited by 9 publications

(8 citation statements)

References 21 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…In our earlier works, the problem of semantic disparity between regulations and enterprise has been tackled (Sunkle et al, 2015c;Sunkle et al, 2015d), and a mapping between vocabularies on both sides is proposed. Generation of NL proof explanations of (non-) compliance, and handling regulatory change have been described in (Sunkle et al, 2015a) and (Sunkle et al, 2015b) respectively, while an endto-end model-based method has been introduced in (Sunkle et al, 2016). These works however, do not cover identification of a conceptual model of the data needed by the regulation, and mapping to or extraction of this data from enterprise physical databases.…”

Section: Related Work and Discussionmentioning

confidence: 99%

From Natural-language Regulations to Enterprise Data using Knowledge Representation and Model Transformations

Kholkar¹,

Sunkle²,

Kulkarni³

2016

Proceedings of the 11th International Joint Conference on Software Technologies

Self Cite

View full text Add to dashboard Cite

Enterprises today face an unprecedented regulatory regime and are increasingly looking to technology to ease their regulatory compliance concerns. Formal approaches in research focus on checking compliance of business processes against rules, and assume usage of matching terminology on both sides. We focus on run-time compliance of enterprise data, and the specific problem of identifying enterprise data relevant to a regulation, in an automated manner. We present a knowledge representation approach and semi-automated solution using models and model transformations to extract the same from distributed enterprise databases. We use a Semantics of Business Vocabulary and Rules (SBVR) model of regulation rules as the basis to arrive at the necessary and sufficient model of enterprise data. The approach is illustrated using a real-life case study of the MiFID-II financial regulation.

show abstract

Section: Related Work and Discussionmentioning

confidence: 99%

From Natural-language Regulations to Enterprise Data using Knowledge Representation and Model Transformations

Kholkar¹,

Sunkle²,

Kulkarni³

2016

Proceedings of the 11th International Joint Conference on Software Technologies

Self Cite

View full text Add to dashboard Cite

show abstract

“…As described in Section 2, we utilize formalism from academic approaches toward formal compliance checking, proof explanation, and change management, the details of which can be found in [18], [26], [39], and [40].…”

Section: Discussion and Future Workmentioning

confidence: 99%

“…2. [39], in which we explain how rules and facts from the legal text and operations respectively are encoded as DR-Prolog rules and facts and how we obtain proofs of (non-)compliance and then query the respective vocabularies to generate natural language explanation. 3.…”

Section: Approaches Using Mappingmentioning

confidence: 99%

Toward Better Mapping between Regulations and Operations of Enterprises Using Vocabularies and Semantic Similarity

Sunkle

Kholkar

Kulkarni

2015

CSIMQ

Self Cite

View full text Add to dashboard Cite

Abstract. Industry governance, risk, and compliance (GRC) solutions stand to gain from various analyses offered by formal compliance checking approaches. Such adoption is made difficult by the fact that most formal approaches assume that a mapping between concepts of regulations and models of operational specifics exists. Industry solutions offer tagging mechanisms to map regulations to operational specifics; however, they are mostly semi-formal in nature and tend to rely extensively on experts. We propose to use Semantics of Business Vocabularies and Rules along with similarity measures to create an explicit mapping between concepts of regulations and models of operational specifics of the enterprise. We believe that our work-in-progress takes a step toward adapting and leveraging formal compliance checking approaches in industry GRC solutions.

show abstract

“…This work consists of a domain ontology describing the basic elements that are required by the GDPR. A second step is to provide a set of rules [9] to ensure compliance and to identify the gap to be compliant, e.g., [10]. Following the ontological approach, [11] proposes a framework for a generic compliance tool (i.e.…”

Section: Related Workmentioning

confidence: 99%

Using an Enterprise Architecture Model for GDPR Compliance Principles

Blanco-Lainé¹,

Sottet²,

Dupuy-Chessa³

2019

Lecture Notes in Business Information Processing

View full text Add to dashboard Cite

Nowadays, all enterprises must take into account the legal frameworks at all levels of their organization. Over the past two years, the focus has been on the GDPR. This regulation on data and their processing activities impacts on the vision of the enterprise information system. In order to identify these impacts, it is necessary to define an approach to conciliate regulatory and business points of view. Our proposal is to use an enterprise architecture modeling approach to integrate regulatory concerns. This article describes a high-level Archimate model for implementing a GDPR compliance approach.

show abstract

Explanation of Proofs of Regulatory (Non-)Compliance Using Semantic Vocabularies

Cited by 9 publications

References 21 publications

From Natural-language Regulations to Enterprise Data using Knowledge Representation and Model Transformations

From Natural-language Regulations to Enterprise Data using Knowledge Representation and Model Transformations

Toward Better Mapping between Regulations and Operations of Enterprises Using Vocabularies and Semantic Similarity

Using an Enterprise Architecture Model for GDPR Compliance Principles

Contact Info

Product

Resources

About