IT Compliance: Aligning Legal and Product Requirements

IT Professional
2009
Issue No. 5 - September/October
Abstract - IT Compliance: Aligning Legal and Product Requirements

	This Article
	Subscribers, please Login Purchase article: $19 PDF HTML IEEE Xplore Subscribers RSS feed
	Share
	Email this Article to a friend
	Bibliographic References
	ASCII Text BibTex RefWorks Procite/RefMan
	Add to:
	Digg Furl Spurl Blink Simpy Google Del.icio.us Y!MyWeb
	Search
	Similar Articles Articles by Travis D. Breaux Articles by Annie I. Antón Articles by Kent Boucher Articles by Merlin Dorfman

September/October 2009 (vol. 11 no. 5)

pp. 54-58

	ASCII Text	x
	Travis D. Breaux, Annie I. Antón, Kent Boucher, Merlin Dorfman, "IT Compliance: Aligning Legal and Product Requirements," IT Professional, vol. 11, no. 5, pp. 54-58, September/October, 2009.

	BibTex	x
	@article{ 10.1109/MITP.2009.101, author = {Travis D. Breaux and Annie I. Antón and Kent Boucher and Merlin Dorfman}, title = {IT Compliance: Aligning Legal and Product Requirements}, journal ={IT Professional}, volume = {11}, number = {5}, issn = {1520-9202}, year = {2009}, pages = {54-58}, doi = {http://doi.ieeecomputersociety.org/10.1109/MITP.2009.101}, publisher = {IEEE Computer Society}, address = {Los Alamitos, CA, USA}, }

	RefWorks Procite/RefMan/Endnote	x
	TY - MGZN JO - IT Professional TI - IT Compliance: Aligning Legal and Product Requirements IS - 5 SN - 1520-9202 SP54 EP58 EPD - 54-58 A1 - Travis D. Breaux, A1 - Annie I. Antón, A1 - Kent Boucher, A1 - Merlin Dorfman, PY - 2009 KW - Information technology KW - legal aspects of computing KW - IT compliance KW - accessibility KW - assistive technologies for persons with disabilities VL - 11 JA - IT Professional ER -

Travis D. Breaux, Institute for Defense Analyses

Annie I. Antón, North Carolina State University

Kent Boucher, Cisco Systems

Merlin Dorfman, Cisco Systems

DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/MITP.2009.101

Laws and regulations increasingly impose requirements on IT business practices and products. A key difficulty in responding to these requirements emerges from the need to translate legal language structures into domain-specific product specifications. Researchers at North Carolina State University developed a formal method to systematically acquire legal requirements from policies and regulations. As a part of validating the frame-based requirements analysis method (FBRAM), the NCSU researchers teamed with Cisco to study its product requirements developed to comply with US Section 508 regulations for electronic and IT accessibility. The study demonstrated the use of metrics to identify gaps between legal and product requirements as well as patterns that could help reduce the ambiguities in legal compliance.

1. T.D. Breaux and A.I. Antón, "Analyzing Regulatory Rules for Privacy and Security Requirements," IEEE Trans. Software Eng., vol. 34, no. 1, 2008, pp. 5–20.
2. T.D. Breaux et al., "Legal Requirements, Compliance and Practice: An Industry Case Study," Proc. 16th IEEE Int'l Requirements Eng. Conf., IEEE CS Press, 2008, pp. 43–52.
3. E. Wenger . Communities of Practice: Learning, Meaning, and Identity, Cambridge Univ. Press, 1998.
4. D.T. Campbell, "Pattern Matching as an Essential in Distal Knowing," The Psychology of Egon Brunswick, Holt, Rinehart, Winston, 1966, pp. 81–106.
5. B.A. Garner, Black's Law Dictionary, 8th ed., Thompson West, 2004.

Index Terms:

Information technology, legal aspects of computing, IT compliance, accessibility, assistive technologies for persons with disabilities

Citation:

Travis D. Breaux, Annie I. Antón, Kent Boucher, Merlin Dorfman, "IT Compliance: Aligning Legal and Product Requirements," IT Professional, vol. 11, no. 5, pp. 54-58, Sep./Oct. 2009, doi:10.1109/MITP.2009.101

Peer Review Notice | Give Us Feedback

Usage of this product signifies your acceptance of the Terms of Use.