Analyst-Mediated Contextualization of Regulatory Policies

Increasing legislative and regulatory concerns have fueled an interest in effective and efficient tools for managing business process compliance within organizations. In particular, the key challenge is to understand high-level compliance policies in natural language, and interpret them for a partic...

Full description

Saved in:
Bibliographic Details
Main Authors: Koliadis, G, Desai, N V, Narendra, N C, Ghose, A K
Format: Conference Proceeding
Language:English
Subjects:
Business Process
Compliance
Context
Contextualization
Natural languages
Organizations
Policies
Prototypes
Security
Semantics
Online Access:Request full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:Increasing legislative and regulatory concerns have fueled an interest in effective and efficient tools for managing business process compliance within organizations. In particular, the key challenge is to understand high-level compliance policies in natural language, and interpret them for a particular usage context. These interpreted policies can then be represented in a formal language, and used to (for example) automatically verify compliance of business process executions against these policies. In this paper, we focus on the first part of this problem: interpreting regulatory policies - called \emph{contextualization}. We employ a natural language parser to extract key phrases from the natural language statements and generate possible interpretations from predefined templates. An analyst chooses interpretations according to the organizational context. These interpretations are then grounded further and represented in a formal language. Via a prototype, we demonstrate our approach on real-life security compliance obligations used within IBM's IT service delivery units.
DOI:10.1109/SCC.2010.12