Automated impact assessment and updates of compliance response plans pursuant to policy changes
First Claim
Patent Images
1. A computer-implemented method for managing compliance requirements in an enterprise comprising steps of:
- a computer system receiving compliance requirements, the computer system comprising a processor, the computer system identifying compliance changes as differences between the received compliance requirements and previously received compliance requirements;
the computer system conducting one or more surveys relating to the received compliance requirements with one or more survey participants, the computer system initiating a collaboration to decide, using results of the surveys, whether or not to update policies and procedures of the enterprise in order to accommodate the received compliance requirements, the computer system managing a plurality of workflows relating to updating the policies and procedures of the enterprise in order to accommodate the received compliance requirements,wherein initiating a collaboration comprises the computer system identifying a plurality of decision-making participants based on contents of the received compliance requirements and on contents of the compliance changes, and scheduling a meeting among the plurality of decision-making participants.
2 Assignments
0 Petitions
Accused Products
Abstract
A compliance management system is disclosed, including an analysis engine to analyze received compliance requirements. Stakeholders and relevant surveys are identified using results of the analysis. An assessment engine initiates and manages a process to assess the received compliance requirements. Results of the assessment are used to determine changes to existing policies and procedures. A workflow engine initiates and manages workflows to effect changes the policies and procedures.
-
Citations
17 Claims
-
1. A computer-implemented method for managing compliance requirements in an enterprise comprising steps of:
a computer system receiving compliance requirements, the computer system comprising a processor, the computer system identifying compliance changes as differences between the received compliance requirements and previously received compliance requirements;
the computer system conducting one or more surveys relating to the received compliance requirements with one or more survey participants, the computer system initiating a collaboration to decide, using results of the surveys, whether or not to update policies and procedures of the enterprise in order to accommodate the received compliance requirements, the computer system managing a plurality of workflows relating to updating the policies and procedures of the enterprise in order to accommodate the received compliance requirements,wherein initiating a collaboration comprises the computer system identifying a plurality of decision-making participants based on contents of the received compliance requirements and on contents of the compliance changes, and scheduling a meeting among the plurality of decision-making participants. - View Dependent Claims (2, 3, 4, 5, 6)
-
7. A system in an enterprise comprising:
-
a computer system; a storage system; and computer-executable program code stored on the storage system which, when executed by the computer system, causes the computer system to; receive compliance requirements; identify compliance changes as differences between the received compliance requirements and previously received compliance requirements; conduct one or more surveys relating to the received compliance requirements with one or more survey participants; initiate a collaboration to decide, using results of the surveys, whether or not to update policies and procedures of the enterprise in order to accommodate the received compliance requirements; and manage a plurality of workflows relating to updating the policies and procedures of the enterprise in order to accommodate the received compliance requirements, wherein initiating a collaboration comprises the computer system identifying a plurality of decision-making participants based on contents of the received compliance requirements and on contents of the compliance changes, and scheduling a meeting among the plurality of decision-making participants. - View Dependent Claims (8, 9, 10, 11, 12, 16)
-
-
13. A non-transitory computer readable storage medium having stored thereon computer executable program code which, when executed by a computer system, caused the computer system to perform steps of:
-
receiving compliance requirements; identifying compliance changes as differences between the received compliance requirements and previously received compliance requirements; conducting one or more surveys relating to the received compliance requirements with one or more survey participants; initiating a collaboration to decide, using results of the surveys, whether or not to update policies and procedures of the enterprise in order to accommodate the received compliance requirements; and managing a plurality of workflows relating to updating the policies and procedures of the enterprise in order to accommodate the received compliance requirements, wherein initiating a collaboration comprises the computer system identifying a plurality of decision-making participants based on contents of the received compliance requirements and on contents of the compliance changes, and scheduling a meeting among the plurality of decision-making participants. - View Dependent Claims (14, 15, 17)
-
Specification