公开(公告)号：US12130927B2

公开(公告)日：2024-10-29

申请号：US17186445

申请日：2021-02-26

Applicant: International Business Machines Corporation

Inventor： Arun Kumar ,  Sneha Mondal ,  Simon Metson ,  Mandy Hinton

IPC: G06F21/57 ,  G06F16/2457 ,  G06F16/248 ,  G06F16/93 ,  G06N20/00

CPC classification number: G06F21/577 ,  G06F16/24578 ,  G06F16/248 ,  G06F16/93 ,  G06N20/00 ,  G06F2221/034

Abstract: Methods, systems, and computer program products for incremental regulatory compliance are provided herein. A computer-implemented method includes obtaining at least one first document indicative of a first set of requirements, at least one second document indicative of a second set of requirements, and a baseline document indicative of one or more security controls currently implemented in a system architecture; performing a document comparison between the at least one first document, the at least one second document, and the baseline document to identify overlapping requirements across the first set and the second set that are not satisfied by the one or more security controls; and recommending at least one additional security control to be implemented in said system architecture for satisfying at least one of the identified overlapping requirements.

公开(公告)号：US20220277082A1

公开(公告)日：2022-09-01

申请号：US17186445

申请日：2021-02-26

Applicant: International Business Machines Corporation

Inventor： Arun Kumar ,  Sneha Mondal ,  Simon Metson ,  Mandy Hinton

IPC: G06F21/57 ,  G06F16/93 ,  G06F16/2457 ,  G06F16/248 ,  G06N20/00

Abstract: Methods, systems, and computer program products for incremental regulatory compliance are provided herein. A computer-implemented method includes obtaining at least one first document indicative of a first set of requirements, at least one second document indicative of a second set of requirements, and a baseline document indicative of one or more security controls currently implemented in a system architecture; performing a document comparison between the at least one first document, the at least one second document, and the baseline document to identify overlapping requirements across the first set and the second set that are not satisfied by the one or more security controls; and recommending at least one additional security control to be implemented in said system architecture for satisfying at least one of the identified overlapping requirements.