Skip to main content
    Country/region [change]    Terms of use
    Home    Products    Services & solutions    Support & downloads    My account    

IBM Systems Journal

Compliance Management Volume 46, Number 2, 2007 Click to enlarge
SJ 46-2
Businesses currently expend significant resources to comply with regulatory mandates or adopt new standards for business practices. Eight of the 10 papers in this issue describe new technologies and tools that help businesses manage their compliance requirements, including a system for tracking the originality of source code, a visualization tool that supports compliance with the Sarbanes-Oxley Act, a middleware component for accessing a database that enforces compliance with security and privacy regulations, and a technology for managing audit data that has been incorporated in several IBM products. A survey of static analysis methods for identifying security vulnerabilities in software systems and an article on the use of WORM (write once read many) devices for trustworthy record keeping complete the issue.
Table of Contents Papers in:        Order No. G321-0165-00
Introduction Charles W. Lickel, Vice President, Software, IBM Research Division  
Preface John J. Ritsko and Alex Birman p. 203
Risk management
Seeing is believing: Designing visualizations for managing risk and compliance R. K. E. Bellamy, T. Erickson, B. Fuller, W. A. Kellogg, R. Rosenbaum, J. C. Thomas, and T. Vetting Wolf p. 205
Optimized enterprise risk management C. Abrams, J. von Känel, S. Müller, B. Pfitzmann, and S. Ruschka-Taylor p. 219
Privacy and data protection
Best practices and tools for personal information compliance management M. Kudo, Y. Araki, H. Nomiyama, S. Saito, and Y. Sohda p. 235
Compliance with data protection laws using Hippocratic Database active enforcement and auditing C. M. Johnson and T. W. A. Grandison p. 255
A survey of static analysis methods for identifying security vulnerabilities in software systems M. Pistoia, S. Chandra, S. J. Fink, and E. Yahav p. 265
Ariadne: An Eclipse-based system for tracking originality of source code L. Luo, D. M. Hao, Z. Tian, Y. B. Dang, B. Hou, P. Malkin, and S. X. Yang p. 289
Auditing and reporting
Role of an auditing and reporting service in compliance management J. Ramanathan, R. J. Cohen, E. Plassmann, and K. Ramamoorthy p. 305
Addressing the data aspects of compliance with industry models M. Delbaere and R. Ferreira p. 319
A static compliance-checking framework for business process models Y. Liu, S. Müller, and K. Xu p. 335
Technical Forum
WORM storage is not enough W. W. Hsu and S. Ong p. 363

    About IBMPrivacyContact