Cloud Computing Governance, Cyber Security, Risk, and Compliance Business Rules System and Method

US 20120011077A1
Filed: 01/29/2011
Published: 01/12/2012
Est. Priority Date: 07/12/2010
Status: Abandoned Application

First Claim

Patent Images

1. A computer-implemented method comprising:

a cloud computer system comprising a SaaS level, a PaaS level, and an IaaS level;

the SaaS level further comprised of;

a presentation layer;

a presentation desktop;

an application integration logic; and

application logic;

meta data;

master data;

container objects;

contacts;

workflow and collaboration logic;

visualization logic; and

application and security logic;

the PaaS level further comprised of;

an application programming interface platform with governance business rules and application security logic, collaboration rules and workflow rules as well as business process specific non-technical rules; and

the IaaS level further comprised of;

abstraction and delivery of data based on established rules;

hardware including the operating system and administration rules; and

a facility that includes the physical security rules, cyber security and logical database security rules as well as infrastructure specific technical governance;

execution of tasks and controls for risks;

execution of collaboration and workflow engines to assign and track the progress of risk remediation;

relation of cyber security, compliance and regulatory risks to multiple business rules enabling on-going management of efficiency and risk mitigation;

maintenance and modification of an industry specific repository of business rules and corporate governance control objectives;

collaborative management of the assessment of specific business process control effectiveness at design level as well as operational level aligning it with overall corporate strategic objectives;

display of customizable reporting dashboards with capabilities to report key corporate governance, cyber security and board objectives aligned with right and threats coming in way of these objectives;

providing executive transparence over compliance and risk mitigation of enterprise risks and hurdles across all levels;

provide visibility in day-to-day field operations for all levels of management;

track and monitor global performance, governance, cyber security, risk and compliance initiatives.

View all claims

0 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Cloud Computing Governance, Cyber Security, Risk, and Compliance Business Rules System and Method that enable real-time, on-demand, transparent and complete perspective across the risks, threats and opportunities through an enterprise across many operational domains. Cloud platform ensures 24×7 “On Demand” risk-based private and public strategic alignment with regulatory and compliance priorities towards organizational governance objectives. A user can put in place tasks and controls for risks, and use the platform'"'"'s cloud collaboration and workflow engine to track continuous remediation and governance improvements. Relate enterprise security, risks to multiple business rules which can be controls driven or efficiency driven ensuring on-going management of efficiency and risk monitoring. Design, maintain and modify an industry specific repository of business rules and process objectives, and easily manage the assessment and monitoring of specific business process control effectiveness at design, operational level.

Citations

17 Claims

1. A computer-implemented method comprising:
- a cloud computer system comprising a SaaS level, a PaaS level, and an IaaS level;
  
  the SaaS level further comprised of;
  
  a presentation layer;
  
  a presentation desktop;
  
  an application integration logic; and
  
  application logic;
  
  meta data;
  
  master data;
  
  container objects;
  
  contacts;
  
  workflow and collaboration logic;
  
  visualization logic; and
  
  application and security logic;
  
  the PaaS level further comprised of;
  
  an application programming interface platform with governance business rules and application security logic, collaboration rules and workflow rules as well as business process specific non-technical rules; and
  
  the IaaS level further comprised of;
  
  abstraction and delivery of data based on established rules;
  
  hardware including the operating system and administration rules; and
  
  a facility that includes the physical security rules, cyber security and logical database security rules as well as infrastructure specific technical governance;
  
  execution of tasks and controls for risks;
  
  execution of collaboration and workflow engines to assign and track the progress of risk remediation;
  
  relation of cyber security, compliance and regulatory risks to multiple business rules enabling on-going management of efficiency and risk mitigation;
  
  maintenance and modification of an industry specific repository of business rules and corporate governance control objectives;
  
  collaborative management of the assessment of specific business process control effectiveness at design level as well as operational level aligning it with overall corporate strategic objectives;
  
  display of customizable reporting dashboards with capabilities to report key corporate governance, cyber security and board objectives aligned with right and threats coming in way of these objectives;
  
  providing executive transparence over compliance and risk mitigation of enterprise risks and hurdles across all levels;
  
  provide visibility in day-to-day field operations for all levels of management;
  
  track and monitor global performance, governance, cyber security, risk and compliance initiatives.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17)
- - 2. The method of claim 1 further comprising the steps of:
    - communicating platform, infrastructure and governance rules from the platform services PaaS a cloud governance business rules studio composer engine;
      
      monitoring performance and availability rules for technical and environmental information from the cloud infrastructure management layer IaaS;
      
      monitoring application governance rules from the business applications SaaS plus Legacy non-cloud IT a cloud governance SaaS;
      
      providing platform governance application development rules from the cloud platform services PaaS and in combination comprising the cloud governance driven by corporate governance sustainability, cyber security, risk and compliance policies, and regulations cloud;
      
      driving cloud governance transparency by corporate governance sustainability, cyber security, risk and compliance policies, and regulations cloud; and
      
      communicating by corporate governance sustainability, cyber security, risk and compliance policies, and regulations cloud with global regulation hierarchies, global risk universe, global compliance directives, and global process control practices.
  - 3. The method of claim 1 further comprising the steps of:
    - creating cloud governance rules from interaction with;
      
      the IaaS infrastructure services to obtain the infrastructure governance rules including logs and network information;
      
      the PaaS cloud platform logical and application programming services;
      
      the SaaS cloud business application and governance rules; and
      
      the SaaS cloud management services software containing business driven and strategically aligned monitoring rules.
  - 4. The method of claim 1 wherein the IaaS infrastructure governance is comprised of:
    - storage with data storage rules;
      
      CPU computing with rules and logic; and
      
      service data pipes with data flow rules that communicate with an infrastructure integration cloud layer and clear GRC rules engine.
  - 5. The method of claim 1 wherein platform governance is comprised of:
    - a database with database rules;
      
      a general application development platform with application development rules;
      
      a Business Intelligence with business analytics rules;
      
      a geo-spatial and geographic risk and cyber security threat intelligence mapping visualization rules;
      
      an integration component with integration rules; and
      
      a development and testing component with development and testing rulesthat all interact in an umbrella cloud with the platform integration layer which communicates with the clear GRC rules engine.
  - 6. The method of claim 1 further comprising a cloud management software integration services cloud layer that is comprised of:
    - data with monitoring;
      
      computing with CPU monitoring;
      
      appliances with remote appliances;
      
      storage with monitoring; and
      
      cloud management with monitoring and rules which communicates with a cloud services trust layer which communicates with a clear GRC rules engine 135.
  - 7. The method of claim 1 wherein the cloud business application governance cloud, implemented by SaaS, is comprised of business applications (listed but not limited to):
    - ERP, Billing, Financials, Legal, Sales, Desktop, CRM, Document Management, Social Networking, Human Resources, Program and Project governance, IT Governance and Collaboration which all interact with the application relevant business rules and testing, auditing, and workflow which communicates with the platform integration layer connected to a clear GRC rules engine; and
      
      non-cloud application business rules from an outside cloud can be joined with the cloud business application output as it is sent to the platform integration layer.
  - 8. The method of claim 1 further comprising the steps of:
    - accessing the clear GRC rules engine and customer applications and content governance via either a Cloud application or legacy system;
      
      providing access to a plurality of clients;
      
      providing shared cloud governance and shared non-cloud governance that can also interact with a customer in both a public shared data center and a private onsite data center using the Clear GRC, API and PaaS and IaaS systems;
      
      providing a multi tenant cloud with public access;
      
      providing public data centers by the Clear GRC API IaaS layer.
  - 9. The method of claim 1 wherein,the SaaS level includes a Cloud governance API, and clear GRC, PaaS, and IaaS 322;
    - a subscription layer that provides a multiple tenant private cloud that can be divided by company division which can then access a customers private onsite data center using the Clear GRC, API and PaaS and IaaS systems; and
      
      supplementing the multiple tenant private cloud by either non cloud governance or cloud governance; and
      
      sharing cloud and non-cloud governance by each division that can also interact with a customer through a series of virtual machines in both a public shared data center and a private onsite data center using a Clear GRC, API and PaaS and IaaS systems.
  - 10. The method of claim 9 wherein a division may include a virtual private machine that communicates with the divisions cloud governance, non-cloud governance, GRC weaver corporate governance, cyber security, risk, compliance and regulatory business rules subscription, and multi-tenant hybrid cloud.
  - 11. The method of claim 1 wherein,a cloud governance dashboard analytics engine layout is configurable from a plurality of presentation and layout configuration options;
    - standard custom objects are converted to reports by an analytics engine in either a standard or custom format, which are then accessible through drill down menus or displays by the dashboard presentation layer; and
      
      mapped through geographic and geo-spatial risk mapping layer;
      
      a dashboard can then send messages to users via desktops or mobile devices or provide a visual display via the visualization engine;
      
      the Visual display also is drag and drop or plug and play selection between various formats of Risk and Governance Visualization pattern logic.
  - 12. The method of claim 1 wherein,a report type is determined by the custom objects and standard objects contained within the data;
    - the selected report type configuration, using query optimization, is then sent to the custom report logic, which uses input from standard formulas, custom formulas, and filters for sorting report information to generate a visual display by the data visualization engine; and
      
      the reports are then sent to a dashboard for data visualization to occur before a user for review and the data is exported as desired in many different formats.
  - 13. The method of claim 1 further comprising the steps of:
    - receiving by the governance collaboration engine inbound continuous improvement ideas along with real time 24/7 scheduled information from social media risk monitors, global risk monitors, and global new monitors;
      
      collaborating with the cloud governance mirror data, strategic board level details, and governance details data beforeconducting logic testing;
      
      evaluating by the clear governance technical object 619, using mass data input received via a data management element, data attachments, correlation logic and consisting of the company hierarchy and regulation hierarchy as well as resilient risk the data inputs;
      
      filtering the data;
      
      generating a report through the use of formula configuration, filters, and management manipulation;
      
      sending the report to a dashboard for data visualization to occur before a user for review; and
      
      collaboration among multiple users as provided by the governance collaboration engine.
  - 14. The method of claim 1 further comprising the steps of:
    - providing, by the governance collaboration engine, the collaboration logic for considering financial exposure, assessment, and basic risk information;
      
      testing of the logic by the resilient risk technical object;
      
      using mass data input received via a data management element, data attachments, and workflow management by the resilient risk technical object;
      
      applying the correlation logic consisting of governance received from the governance junction, rules received from the rules junction, company hierarchy received from the company hierarchy element, and regulation hierarchy to the data received from the regulation hierarchy element;
      
      creating a report by the reports engine through the use of filters and management manipulation before it is exported;
      
      sending the reports to a dashboard for data visualization; and
      
      providing visual display and review, and collaboration among multiple users as provided by the governance collaboration engine.
  - 15. The method of claim 1 further comprising the steps of:
    - providing by the governance collaboration engine, collaboration logic for the rules characteristic data, rules design data, and rules operational assessment data;
      
      testing of the logic is then performed by the rules studio;
      
      using, by the rules studio, mass data input received via a data management element, data attachments, and workflow management;
      
      applying correlation logic consisting of;
      
      governance received from the governance junction, rules received from the rules junction, company hierarchy received from the company hierarchy element, and regulation hierarchy to the data received from the regulation hierarchy element;
      
      creating a report by the reports engine through the use of filters and management manipulation;
      
      sending the reports to a dashboard for data visualization to occur before a user for review; and
      
      collaboration among multiple users can occur as provided by the governance collaboration engine.
  - 16. The method of claim 1 further comprising the steps of:
    - receiving by the case management cloud object program, project, product and process issues and resolution object governance, mass email cases, and risk issues and compliance cases as input;
      
      generating program, project, product and process related issues remediation output or risk and potential liability related action items such as product defects, potential liability cases, and governance project and program management;
      
      filtering the data as output;
      
      combining the filtered data with another filter or management component;
      
      generating an out of box or customized report for each issue instance and data export; and
      
      sending the reports to a dashboard for data visualization to occur before a user for review.
  - 17. The method of claim 1 further comprising the steps of:
    - receiving by a contract compliance management technical object a request for contract creating;
      
      accessing by the contract compliance management technical object contract history, contract metrics, and contract compliance data;
      
      generating data output;
      
      filtering data;
      
      transforming data into a report by a report logic element through the use of formula configuration and filters and management manipulation; and
      
      sending the reports a dashboard for data visualization to occur before a user for review.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Bhavesh C. Bhagat
Original Assignee
Bhavesh C. Bhagat
Inventors
Bhagat, Bhavesh C.

Application Number

US13/016,999
Publication Number

US 20120011077A1
Time in Patent Office

Days
Field of Search
US Class Current

705/317
CPC Class Codes

G06F 21/554   involving event detection a...

G06Q 10/0635   Risk analysis of enterprise...

G06Q 30/018   Certifying business or prod...

Cloud Computing Governance, Cyber Security, Risk, and Compliance Business Rules System and Method

First Claim

0 Assignments

0 Petitions

Accused Products

Abstract

Citations

17 Claims

Specification

Solutions

Use Cases

Quick Links

Cloud Computing Governance, Cyber Security, Risk, and Compliance Business Rules System and Method

First Claim

0 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

17 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links