Figure 9 - available from: Service Oriented Computing and Applications
This content is subject to copyright. Terms and conditions apply.
Source publication
The mapping of regulatory guidelines with organizational processes is an important aspect of a regulatory-compliance management system. Automating this mapping process can greatly improve the overall compliance process. Currently, there is research on mapping between different entities such as ontology mapping, sentence similarity, semantic similar...
Similar publications
This chapter describes Hermes, a framework for building personalized news services using Semantic Web technologies. The Hermes framework consists of four phases: classification, which categorizes news items with respect to a domain ontology, knowledge base updating, which keeps the knowledge base up-to-date based on the news information, news query...
Citations
... Various research attempts have been focused in modelling that complex, ever evolving pharma environment, along with an appropriate regulatory compliance framework. There is a plethora of approaches which have been successfully applied on other sector business process modelling, and they are mainly based on combining well established knowledge management semantic techniques (Resource Description Framework-RDF, natural language processing-NLP, etc), with semantic web based representations, such as ontologies coupled with Web Ontology Language (OWL) [3], or NLP accordingly [4]. The successful results of the combination of conceptual modelling with semantic representation have driven the research community to adopt relevant techniques in various industrial environments, including the pharma manufacturing sector. ...
Regulatory compliance in the pharmaceutical industry is challenging, requiring dedicated resources and meticulous control over production processes to ensure adherence to established regulatory guidelines, specifically ALCOA+ (Attributable, Legible, Contemporaneous, Original, Accurate, Complete, Consistent, Enduring, and Available) principles. This paper introduces an innovative approach to assess pharma regulatory compliance, utilizing a network model of the production process. The model dynamically configures production line characteristics based on manufacturing process data, overcoming complexity and scalability challenges. Purpose: The main purpose is to address the challenges of regulatory compliance in the pharmaceutical industry by introducing a novel approach using a network model. The research question involves assessing the effectiveness of this model in ensuring compliance with ALCOA+ principles. Methods: The approach involves dynamic configuration of the network model parameters based on manufacturing process data. Network analysis methods are then applied to evaluate the conformity of manufacturing process data to ALCOA+ principles. Results: Testing the proposed approach on a real dataset from a representative pharma production line demonstrates its effectiveness in assessing pharma regulatory compliance. The results highlight the potential of network modelling in managing data quality and integrity within the regulatory framework. Conclusions: The study concludes that the network model offers a strategic solution for evaluating and ensuring regulatory compliance in pharmaceutical manufacturing. The approach shows promise in addressing the complexities of data management within the stringent regulatory framework of the industry.
... However, they demonstrate this in the context of NIST STiGs and CIS Benchmarks which have overlapping fine grained requirements as compared to a regulatory document such as HIPAA. Mapping across a semantic ontology created from regulations and an existing business process ontology is described in (Sapkota et al. 2016). Given the tough nature of this problem of mapping text across different kinds of documents, this problem is still largely unsolved. ...
Webscale services dealing with sensitive content are increasingly being deployed in public and hybrid cloud environments. At the same time, the impact of security breaches have also increased manifold averaging at USD 3.86M per data breach. To tackle such increasing risks, regulations and security frameworks are defined that an organization must comply with. Most of these frameworks are published in natural language text that run into hundreds of pages resulting into thousands of requirements and controls. When these frameworks undergo revisions, understanding the changes, and interpreting their impact consumes huge amount of time, effort and resources. In this paper, we propose a change management system that supports SMEs with AI-assisted automation of this extremely manual and time consuming activity. Specifically, we introduce the concept of live crosswalks – a framework that models complex relationships among security and compliance documents along with associated operations to manage the change. It uses natural language processing (NLP) and algorithmic techniques to transform the current document-driven, highly manual process into a data-driven interactive intelligent system. We present the overall design and demonstrate its efficacy over several hundreds of diversified controls through experimental evaluation.
... Both of these works provide a semantic representation of obligations which in turn can be converted into business process execution logic. There has been some work around mapping the obligations with business process [6] to identify the affected business process in case of any change in the regulation. Despite the importance of the problem [7], [8], there has been limited work in compliance change tracking, in fact, to the best of our knowledge, there is no academic work particularly in this area. ...
... Those changes are then compiled into one place and made available for a fee. One such paid subscription service is RIA by Thomson Reuters 6 . In other less developed countries, where such services are not available, or those organizations that cannot afford the fee, they seek the help of compliance officers to manually browse through important websites and keep track of the changes. ...
Regulatory compliance is an organization's adherence to laws, regulations, guidelines and specifications relevant to its business. Compliance officers responsible for maintaining adherence constantly struggle to keep up with the large amount of changes in regulatory requirements. Keeping up with the changes entail two main tasks: fetching the regulatory announcements that actually contain changes of interest, and incorporating those changes in the business process. In this paper we focus on the first task, and present a Compliance Change Tracking System, that gathers regulatory announcements from government sites, news sites, email subscriptions; classifies their importance i.e Actionability through a hierarchical classifier, and business process applicability through a multi-class classifier. For these classifiers, we experiment with several approaches such as vanilla classification methods (e.g. Naive Bayes, logistic regression etc.), hierarchical classification methods, rule based approach, hybrid approach with various preprocessing and feature selection methods; and show that despite the richness of other models, a simple hierarchical classification with bag-of-words features works the best for Actionability classifier and multi-class logistic regression works the best for Applicability classifier. The system has been deployed in global delivery centers, and has received positive feedback from payroll compliance officers.
... More recently Dragoni et al. [12] and similarly the work of [17] propose a standard NLP technique combined with ontology, using Stanford NLP tools and WordNet ontology to extract legal concepts from legal documents. Sapkota et al. present the ReCMantic system that uses NLP technique combined with ontology and structure analysis to extract legal concepts and support the compliance process [20]. Boella et al. [3] apply ontologies and semantic text classification in their EuNómos system, to analyze and manage legal documents, enabling users to keep track of the state of the relevant law on any given topic. ...
Laws and regulations impact the design of software systems, as they introduce new requirements and constrain existing ones. The analysis of a software system and the degree to which it complies with applicable laws can be greatly facilitated by models of applicable laws. However, laws are inherently voluminous, often consisting of hundreds of pages of text, and so are their models, consisting of thousands of concepts and relationships. This paper studies the possibility of building models of law semi-automatically by using the NómosT tool. Specifically, we present the NómosT architecture and the process by which a user constructs a model of law semi-automatically, by first annotating the text of a law and then generating from it a model. We then evaluate the performance of the tool relative to building a model of a fragment of law manually. In addition, we offer statistics on the quality of the final output that suggest that tool supported generation of models of law reduces substantially human effort without affecting the quality of the output.
... Recently a Hit (Human Intelligence Tasks) was called for on Amazon Mturk (https://www.mturk.com) to have people apply their approach to the annotation of legal documents. RegCMantic framework is another system using ontologies to map guidelines in legal documents with organisational processes (Sapkota et al., 2016). ...
We present the GaiusT 2.0 framework for annotating legal documents. The framework
was designed and implemented as a web-based system to semi-automate the extraction of legal
concepts from text. In requirements analysis these concepts can be used to identify requirements a
software system has to fulfil to comply with a law or regulation. The analysis and annotation of
legal documents in prescriptive natural language is still an open problem for research in the field. In
GaiusT 2.0, a multistep process exploits a number of linguistic and technological resources to offer
a comprehensive annotation environment. The modules of the system are presented as evolutions
from corresponding modules of the original GaiusT framework, which in turn was based on a
general-purpose annotation tool, Cerno. The application of GaiusT 2.0 is illustrated with two use
cases, to demonstrate the extraction process and its adaptability to different law models.
... Recently a Hit (Human Intelligence Tasks) was called for on Amazon Mturk (https://www.mturk.com) to have people apply their approach to the annotation of legal documents. RegCMantic framework is another system using ontologies to map guidelines in legal documents with organisational processes (Sapkota et al., 2016). ...
We present the GaiusT 2.0 framework for annotating legal documents. The framework was designed and implemented as a web-based system to semi-automate the extraction of legal concepts from text. In requirements analysis these concepts can be used to identify requirements a software system has to fulfil to comply with a law or regulation. The analysis and annotation of legal documents in prescriptive natural language is still an open problem for research in the field. In GaiusT 2.0, a multistep process exploits a number of linguistic and technological resources to offer a comprehensive annotation environment. The modules of the system are presented as evolutions from corresponding modules of the original GaiusT framework, which in turn was based on a general-purpose annotation tool, Cerno. The application of GaiusT 2.0 is illustrated with two use cases, to demonstrate the extraction process and its adaptability to different law models.
Legislation is a technical domain characterized by highly specialized knowledge forming a large corpus where content is interdependent in nature, but the context is poorly formalized. Typically, the legal domain involves several document types that can be related. Amendments, past judicial interpretations, or new laws can refer to other legal documents to contextualize or support legal formulation. Lengthy and complex texts are frequently unstructured or in some cases semi-structured. Therefore, several problems arise since legal documents, articles, or specific constraints can be cited and referenced differently. Based on legal annotations from a real-world scenario, an architectural approach for modeling a Knowledge Organization System for classifying legal documents and the related legal objects is presented. Data is summarized and classified using a topic modeling approach, with a view toward the improvement of browsing and retrieval of main legal topics and associated terms.
