Computer-based system for assessing compliance with governmental regulations
First Claim
1. A computer-based system for managing and controlling a firm'"'"'s program for complying with a regulation put forth by a governmental agency, said system comprising:
- (1) an electronic database that documents said regulation and associates said regulation with a firm'"'"'s interpretations and best practices for compliance with said regulation;
(2) an electronic database that records descriptive information relating to a computer-based system in an inventory and screening criteria to determine if said computer-based system in said inventory is covered by said regulation; and
(3) an electronic database that provides an analytical capability to determine whether said computer-based system in said inventory and covered by said regulation meets criteria of compliance with said regulation.
1 Assignment
0 Petitions
Accused Products
Abstract
A computer-based system comprising the following three components:
(1) an electronic database that documents a governmental regulation and associates the regulation with a firm'"'"'s interpretations and best practices for compliance therewith;
(2) an electronic database that records descriptive information relating to a computer-based system and screening criteria to determine if the computer-based system being inventoried is covered by the governmental regulation; and
(3) an electronic database that assesses whether the computer-based systems included in the inventory and covered by the regulation meet the criteria of compliance.
Preferably, the computer-based system further comprises means for tracking actions taken to correct any deficiencies noted.
This invention provides numerous benefits. One major benefit involves providing the capability to determine whether the computer-based systems of a firm comply with a governmental regulation. A second major benefit involves providing a means for remediating the computer-based system, if the assessment of the computer-based system indicates that the computer-based system does not meet the criteria of compliance. A third major benefit involves providing a means for tracking the status of any projects for remediating those computer-based systems that fail to comply with the regulation.
-
Citations
9 Claims
-
1. A computer-based system for managing and controlling a firm'"'"'s program for complying with a regulation put forth by a governmental agency, said system comprising:
-
(1) an electronic database that documents said regulation and associates said regulation with a firm'"'"'s interpretations and best practices for compliance with said regulation;
(2) an electronic database that records descriptive information relating to a computer-based system in an inventory and screening criteria to determine if said computer-based system in said inventory is covered by said regulation; and
(3) an electronic database that provides an analytical capability to determine whether said computer-based system in said inventory and covered by said regulation meets criteria of compliance with said regulation. - View Dependent Claims (2, 3, 4, 5)
-
-
6. A computer-based system for documenting and distributing a regulation of a governmental agency and interpretations, best practices, standards, and examples relating to said regulation, whereby consistency in determining the state of a firm'"'"'s compliance with said regulation is required by said government agency.
-
7. A method for managing and controlling a firm'"'"'s program for complying with a regulation put forth by a governmental agency, said method comprising the steps of:
-
(a) creating an inventory record, said inventory record comprising a description of a computer-based system and a determination whether said system is covered by said regulation;
(b) submitting said inventory record for approval;
(c) if said inventory record is not approved, correcting said inventory record and repeating step (b);
(d) if said inventory record is approved and said regulation does not apply to said inventory record, terminating said method;
(e) if said inventory record is approved and said regulation applies to said inventory record, providing an evaluation of said system to determine if said system is deficient with respect to said regulation;
(f) submitting said evaluation for approval;
(g) if said evaluation is not approved, correcting said evaluation and repeating step (e); and
(h) if said evaluation is approved and said system is not deficient with respect to said regulation, terminating said method. - View Dependent Claims (8, 9)
-
Specification