CN115115222A - System compliance management method and system - Google Patents

System compliance management method and system Download PDF

Info

Publication number
CN115115222A
CN115115222A CN202210740427.XA CN202210740427A CN115115222A CN 115115222 A CN115115222 A CN 115115222A CN 202210740427 A CN202210740427 A CN 202210740427A CN 115115222 A CN115115222 A CN 115115222A
Authority
CN
China
Prior art keywords
compliance
data
analysis
behavior
regimes
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202210740427.XA
Other languages
Chinese (zh)
Inventor
马炜
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Shanghai Jiebei Intelligent Technology Co ltd
Original Assignee
Shanghai Jiebei Intelligent Technology Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Shanghai Jiebei Intelligent Technology Co ltd filed Critical Shanghai Jiebei Intelligent Technology Co ltd
Priority to CN202210740427.XA priority Critical patent/CN115115222A/en
Publication of CN115115222A publication Critical patent/CN115115222A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q10/00Administration; Management
    • G06Q10/06Resources, workflows, human or project management; Enterprise or organisation planning; Enterprise or organisation modelling
    • G06Q10/063Operations research, analysis or management

Abstract

The invention provides a method and a system for managing the compliance of a degree, wherein the method comprises the following steps: in response to a selection of a regime for which compliance management is to be performed, determining a set of regimes associated with the selected regime; determining a set of compliance check items associated with the set of regimes through analysis of the regimes in the set of regimes; determining a set of data dimensions associated with the set of compliance check items; and collecting data of the determined set of data dimensions from one or more data sources and analyzing the collected data to generate an analysis result.

Description

System compliance management method and system
Technical Field
The present invention relates to the field of information technology, and more particularly, to a method and system for institutional compliance management.
Background
The system (sometimes called "policy") refers to a behavior criterion or regulation with restriction issued by a government agency, a regulatory agency, an industry association or an enterprise, such as "securities law", "insurance law", "management method for first open issue of stock registration of a subject creation board", "management method for information disclosure of listed companies", "management method for performance assessment of companies", and the like. Whether it is a business or an individual, it is particularly important for the business that the laws and regulations associated therewith be complied with. If certain regulations are violated inadvertently, enterprises are subjected to different levels of penalties and losses.
However, how to examine whether the behavior complies with each system requires detailed knowledge about the system itself and also requires considerable information to be collected for comparison and verification, which can make the work quite complicated and burdensome, and many enterprises have to set up specialists or hire third-party specialized institutions to be responsible for the work, which results in high costs. In addition, for the system formulation party, considerable manpower and material resources are also required for assessing the system compliance of the relevant party.
It is therefore desirable to provide an efficient intelligent, digital tool for institutional compliance management.
Disclosure of Invention
This summary is provided to introduce a selection of concepts in a simplified form that are further described below in the detailed description. This summary is not intended to identify key features or essential features of the claimed subject matter, nor is it intended to be used as an aid in determining the scope of the claimed subject matter.
In order to solve the above-mentioned problems, according to an aspect of the present invention, there is provided a computer-implemented method for institutional compliance management, comprising: in response to a selection of a regime for which compliance management is to be performed, determining a set of regimes associated with the selected regime; determining a set of compliance check items associated with the set of regimes through analysis of the regimes in the set of regimes; determining a set of data dimensions associated with the set of compliance check items; and collecting data of the determined set of data dimensions from one or more data sources and analyzing the collected data to generate an analysis result.
According to a further embodiment of the present invention, determining a set of compliance checks associated with the set of regimes through parsing of the regimes of the set of regimes comprises: parsing text of a system in the set of systems to determine requirements in the system relating to at least one of an action and a result, respectively; and determining the set of compliance checks based on the requirements relating to at least one of behavior and outcome, wherein the compliance checks include at least one of behavior compliance and outcome compliance.
According to a further embodiment of the invention, analyzing the collected data comprises one or more of: determining whether a behavioral event corresponding to the behavioral compliance item has occurred based at least in part on temporal information in the collected data; determining whether the time of occurrence of the behavior event corresponding to the behavior compliance item meets a respective requirement based at least in part on time information in the collected data; determining whether a behavior event corresponding to the behavior compliance item occurs based at least in part on textual information in the collected data; determining whether content of a behavior event corresponding to the behavior compliance item meets a corresponding requirement based at least in part on textual information in the collected data; determining whether a data result corresponding to the result compliance item meets a respective requirement based at least in part on numerical information in the collected data; or determining a degree of completion of the current state as compared to a data result to which the result compliance item corresponds based at least in part on numerical information in the collected data.
According to a further embodiment of the invention, the method further comprises: generating a compliance behavior recommendation for the set of regimens based on the analysis results, wherein generating the compliance behavior recommendation comprises one or more of: presenting the behavior compliance item in the form of a to-do event list; presenting the result compliance item in the form of a target value to be achieved; presenting, in textual form, a description and guidance for at least some of the behavior compliance items and the result compliance items; providing reference information for at least some of the behavior compliance items and the result compliance items; providing a causal analysis of compliance with currently unmet requirements; or to assess the overall compliance of the user.
According to a further embodiment of the invention, the method further comprises: tracking data of the set of data dimensions; and analyzing the tracked data and updating the compliance behavior recommendation based on the analysis result.
According to a further embodiment of the invention, the method further comprises: collecting analysis results for a plurality of compliance analysis objects; and based on the analysis results, executing an object compliance representation, wherein the object compliance representation includes one or more of: making a system compliance portrait according to the compliance of the system set to the analysis object; and performing object compliance portrayal according to the compliance of the analysis object to different system sets.
According to a further embodiment of the invention, the method further comprises: collecting analysis results for a plurality of compliance analysis objects; based on the analysis result, performing overall or itemized evaluation on the system compliance of the compliance analysis objects; and ranking the plurality of compliance analysis objects according to the overall or itemized assessment.
According to another aspect of the present invention, there is provided a computing device comprising: a processing unit; and a storage unit storing computer executable code which, when executed by the processing unit, causes the processing unit to perform a method for institutional compliance management as described in the present invention.
According to yet another aspect of the present invention, there is provided a system for institutional compliance management comprising: a client configured to: in response to a selection of a regime for which compliance management is to be performed, determining a set of regimes associated with the selected regime; determining a set of compliance check items associated with the set of regimes through analysis of the regimes in the set of regimes; determining a set of data dimensions associated with the set of compliance check items; and collecting data of the determined set of data dimensions from one or more data sources and analyzing the collected data to generate an analysis result; and a server configured to: collecting analysis results for a plurality of compliance analysis objects; and performing an object compliance picture or evaluation based on the analysis results.
According to yet another aspect of the present invention, there is provided a computer-readable storage medium having stored thereon computer-executable code which, when executed by a processor, causes the processor to perform a method for institutional compliance management as described in the present invention.
Compared with the prior art, the method and the system for institutional compliance management provided by the invention have at least the following advantages:
1. the system compliance management tool can be provided for the managed objects of the system, the system can be analyzed in a targeted manner, implementation suggestions can be provided, the implementation effect can be tracked, and the time and cost consumed by manual management are obviously reduced;
2. a convenient tool for examining the compliance of the managed object can be provided for an institution maker;
3. the system management method can be used for imaging the compliance of a system managed object through technologies such as artificial intelligence, big data and the like so as to provide valuable analysis and reference for system management of a system maker; and
4. the system is not only suitable for known specific systems such as laws and regulations, but also suitable for unknown systems such as newly made laws and internal regulations of companies by utilizing technologies such as artificial intelligence, big data and the like.
These and other features and advantages will become apparent upon reading the following detailed description and upon reference to the accompanying drawings. It is to be understood that both the foregoing general description and the following detailed description are explanatory only and are not restrictive of aspects as claimed.
Drawings
So that the manner in which the above recited features of the present invention can be understood in detail, a more particular description of the invention, briefly summarized above, may be had by reference to embodiments, some of which are illustrated in the appended drawings. It is to be noted, however, that the appended drawings illustrate only some typical aspects of this invention and are therefore not to be considered limiting of its scope, for the description may admit to other equally effective aspects.
FIG. 1 is an example flow diagram of a method for institutional compliance management according to one embodiment of the present invention.
FIG. 2 is an exemplary architecture diagram of a general purpose computing device that may be used to implement the policy data management method of the present invention, according to one embodiment of the present invention.
Figure 3 is an exemplary architecture diagram of a system for institutional compliance management according to one embodiment of the present invention.
Detailed Description
The present invention will be described in detail below with reference to the attached drawings, and the features of the present invention will be further apparent from the following detailed description. In the following detailed description, numerous specific details are set forth in order to provide a thorough understanding of the described exemplary embodiments. It will be apparent, however, to one skilled in the art, that the described embodiments may be practiced without some or all of these specific details. In other exemplary embodiments, well-known structures or processing steps have not been described in detail in order to avoid unnecessarily obscuring the concepts of the present disclosure.
In the present specification, unless otherwise specified, the term "a or B" used through the present specification means "a and B" and "a or B", and does not mean to exclude a and B.
To improve the convenience of system compliance management, the present invention provides a system for system compliance management implemented by a computer. In one aspect, the system of the present invention can be used by an applicable object of a system (also called a managed party of a system, such as an enterprise), when a user wants to know the requirements of a system and the compliance of the behavior of the user according to the system, the system can automatically analyze the system to generate check items related to the system, automatically determine a data dimension set for judging the compliance according to the check items, and provide a corresponding analysis result by collecting and analyzing data. On the other hand, the system of the invention can also be managed by the maker of the system (also called the supervisor of the system) or a third party, for example, the system can automatically generate the checking items and the associated data dimension sets, and automatically check and evaluate the compliance conditions of different objects based on the data. Therefore, the intelligent system compliance management system can provide a digital management tool with the functions of automatically analyzing the system, automatically checking compliance and the like for multi-party users such as policy making parties, managed parties and the like, and save a large amount of cost for the users.
In the present invention, the system generally refers to documents of regulated nature which are prepared by various entities and have influence and restriction force within a certain range, such as laws, regulations, ordinances, rules, regulations, specifications, regulations, approaches, rules, treaties and the like issued by governments, industry associations, enterprises, social groups and the like at all levels. In addition, a system may also include product or service terms presented in the form of a legal-effect contract or similar document, such as insurance product terms, fund/financing/trust product terms, and the like.
FIG. 1 is an example flow diagram of a method 100 for institutional compliance management according to one embodiment of the present invention. As shown in FIG. 1, the method 100 begins at step 102 by, in response to selection of a regimen for which compliance management is to be performed, determining a set of regimens associated with the selected regimen. The method of the present invention may be implemented by a computer, for use by a user in the form of a computer software product. When the user launches the system compliance management tool, the system that is to be subject to compliance management can be selected from the user interface. In one example, a library of systems may be maintained in the system, with a list of systems in the library being displayed to the user for selection therefrom. Alternatively, the institutional list may be obtained by linking to an open institutional database or an internal institutional database. Furthermore, it is to be understood that "selection" of the present invention also encompasses selection of regimes not present in the library. In this case, the user may manually enter the name of the system and provide text for the system.
Relationships may exist between systems, for example, where one system may be a higher level system than another, and where certain terms and meanings within one system are defined and explained in another, more specific system. Thus, when a user selects a regimen, the system can intelligently determine whether there is a regimen associated with that regimen. For example, when the user selects the "method for managing the first public issuance of stock certificates" related to the "national securities and national laws", the "national public laws of the people's republic of China", the "national Community general Committee for the representative of the people" adjusts the decision on the regulation of the "national securities and national laws" in the implementation of the reform of the system of issuing and registering stocks ", the" general Committee for the representative of the people "adjusts the decision on the regulation term of the" national securities and national laws "in the implementation of the reform of the system of issuing and registering stocks", the "implementation comments on the plate of the innovation of the" and the registration system of the national securities exchange "set up in the Shanghai province, the" method for issuing and reimbursement management of securities and filing ", the" method for recommending the management of the stock certificates in the "transfer of the national securities and the proctorial of the" or the development of the certificate of the "in the system of issuing and the" of the certificate of the "in the" of issuing and the registration of the stock distribution and the "of the stock distribution and the" of the stock distribution and the "of the" are selected Know ", etc. When managing system compliance with the registration management approach, it is often necessary to take these relevant systems into account to obtain more scientific and comprehensive results. In one example, determining other regimes associated with a regime may be determined by text parsing of the regime, such as identified in the regime text by a particular keyword or a particular symbol (e.g., title number). Alternatively, it can also be determined by the institutional relevance label carried by the institution itself in the institutional library. Further, as will be understood by those skilled in the art, a set of regimes refers to a set of one or more regimes, and in the absence of an associated regime, the set of ultimately determined regimes may comprise only the regime itself to be managed.
At step 104, a set of compliance checks associated with the set of regimes is determined through a resolution of the regimes in the set of regimes. The system exists in a text form, and in order to enable the system to automatically check the compliance of the system, the system needs to be parsed into specific and detailed individual compliance checking items. Therefore, the system can have text analysis capability, and can intelligently recognize specific requirements contained in a system/system set through pre-training. In an alternative example, these specifications may be broadly divided into two categories, requirements related to behavior and requirements related to outcome. Accordingly, the compliance check term set determined by the system through parsing may also include behavior compliance terms and/or result compliance terms accordingly. It should be understood that the compliance verification terms may also be divided into fewer or more types as needed for parsing or verification.
The requirements relating to behavior refer to the behavior and related requirements that the applicable subject of the regime specified in the regime should fulfill. When the behavior is fulfilled and meets the relevant requirements, the object is considered to comply with the behavior requirement, i.e. the corresponding behavior compliance item is satisfied, and thus can also be understood as a dynamic requirement. Take the example of "bank insurance agency related transaction management method", in which the bank insurance agency is required to disclose information for related transaction, which is a requirement related to behavior, the requirement related to the behavior includes disclosure modes, such as single disclosure, quarter disclosure, year disclosure, and also specifies the corresponding disclosure transaction types and disclosure contents, i.e. which types of management transaction should adopt which disclosure modes and which contents should be disclosed. Through the analysis of the institutional text, the requirement for information disclosure of the associated transaction can be firstly analyzed, then the requirement related to the behavior is analyzed, and further the requirement is determined as a behavior compliance item, and the related specific requirement is also included in the content of the behavior compliance item.
The requirements relating to the results refer to the conditions for which the system as specified in the system applies itself or the specific requirements which the results should fulfil, such requirements being usually qualitative or quantitative in numerical form. When the state or result of an object meets the relevant requirement, the object is considered to comply with the result requirement, i.e., the corresponding result compliance item is satisfied, and thus, the object can also be understood as a static requirement. Taking the 'method for managing stock registration published by the scientific and creative board for the first time' and 'the provision for publishing and recommending the state of the market and the temporary regulations for the scientific and creative board enterprise' as examples, scientific and technological innovation enterprises meeting national strategies and breaking through key core technologies, scientific and technological innovation enterprises belonging to high-end equipment, new materials, new energy sources, energy-saving, environmental protection, biological medicine and other high-tech industries and strategic emerging industries, and three types of enterprises such as internet, big data, cloud computing, artificial intelligence and advanced manufacturing industry integration scientific and technological innovation enterprises and the like are preferentially recommended, and the requirements of enterprises to be listed on the aspect of intellectual property rights include: the research and development investment accounts for more than 5% of the business income in the last three years or the research and development investment sums up to more than 6000 ten thousand in the last three years, the proportion of research and development personnel to the total number of the staff in the same year is not lower than 10%, and the like. In the above requirements, the attributes (including properties, regions, and industries) of the enterprise belong to the state of the object itself, and the research and development investment and the proportion of research and development personnel of the enterprise belong to numerical index conditions. By analyzing the system text, the requirements can be analyzed firstly, then the requirements which are related to the result are analyzed, and then the requirements are determined as result compliance items, and the related specific requirements are also included in the content of the result compliance items.
At step 106, a set of data dimensions associated with the set of compliance check items is determined. Each compliance check item determined in the previous step can be used to check the compliance of a system/system set on an item-by-item basis. According to one embodiment of the present invention, the checking work may be at least partially automated by the system, and for this purpose, it is necessary to further associate each check item to a specific data dimension or dimensions, thereby allowing the system to determine whether each check item is satisfied or completed through these data dimensions, instead of manual determination and checking.
Compliance verification terms have typically been clearly described and defined for the objects and content to be verified. Taking the verification term of "research and development effort accounts for 5% or more of income in the last three years" as an example, the verification term can be analyzed into elements such as "research and development effort", "income", "proportion", "5% or more" and the like. Accordingly, based on some pre-set rules or trained models, the system can determine the data dimensions corresponding to the audit item as "research and development effort" and "revenue". The "last three years" can be used as a screen for the collected data of the two data dimensions, the "ratio" can be used as the data to be subsequently processed on the collected data, and the "more than 5% of the data is the target value to be referred to when analyzing the data. As yet another example, for a check that "big associated transactions should be revealed individually within 15 working days of the contract transaction agreement," it may be determined that the associated data dimensions include: "disclosure", "disclosure time", "transaction content", "transaction program", "transaction signing time", and the like.
The data dimensions determined to be associated with compliance checkitems are associated with the checkitems. As an example, compliance checks and their associated data dimensions can be stored in a database of the system, and if the user himself or another user encounters the same compliance checks in a new institutional compliance management process in the future, the system can directly invoke the set of associated data dimensions. Thus, a check item library including a plurality of compliance check item-data dimension combinations (or data systems) can be gradually constructed.
Further, as another example, the audit library of the system may have self-learning capabilities through artificial intelligence techniques such as machine learning, the system may have the ability to refine the data dimensions associated with an audit by itself through learning and training of existing "compliance audit-data dimension" combinations, and when a new compliance audit is parsed, the system may intelligently determine which data dimensions may be associated with the audit based on the existing "compliance audit-data dimension" combinations.
At step 108, data for the determined set of data dimensions is collected from one or more data sources and the collected data is analyzed to generate analysis results. As one example, the system may be connected to various types of data sources through a data collection module, obtain data through a public or private data source interface, such as public business yearbook data, information disclosure data, and so forth, which may be obtained from a specialized data source. As another example, some data may also be obtained by crawling web page data, such as related news report articles may be crawled from government websites, industry portals, enterprise official networks, and so forth. In addition, the data sources may also include local or private data sources, such as document databases, contract databases, mail databases, financial databases, etc. within the enterprise.
The system may then analyze the collected data and provide analysis results. As an example, the data analysis and determination of the data dimensions may result from the same parsing process, e.g., "last three years", "proportion", "above 5% of" in the previously mentioned example may be used in the analysis process, and by analysis of the collected "development effort" and "revenue" data, it may be calculated whether the proportion of development effort and revenue in the last three years is above 5%. For the check item that "the big relevant transaction should be disclosed separately within 15 working days of the contract agreement", whether disclosure is made, whether disclosure time is within 15 working days of the contract agreement, whether disclosure content includes a prescribed content, and the like can be further analyzed by the acquired "disclosure content", "disclosure time", "transaction content", "transaction program", "transaction contract time".
More specifically, as some non-limiting examples, analyzing the collected data may further be performed by:
(1) determining whether an action event corresponding to the action compliance item occurs based at least in part on time information in the collected data, for example, whether information disclosure is performed may be determined according to time information included in the collected data, such as transaction information and disclosure information;
(2) determining, based at least in part on temporal information in the collected data, whether a time of occurrence of a behavior event corresponding to the behavior compliance item meets a respective requirement, e.g., whether the information is timely disclosed, as previously mentioned;
(3) determining whether a behavior event corresponding to the behavior compliance item occurs based at least in part on the text information in the collected data, for example, by searching a document information base inside the enterprise, whether the enterprise has made corresponding regulations and procedures inside the enterprise can be determined;
(4) determining whether the content of the behavior event corresponding to the behavior compliance item meets the corresponding requirement based at least in part on the text information in the collected data, for example, as mentioned before, whether the information disclosed in the information contains the specified content, is clear enough, and so on;
(5) determining whether a data result corresponding to the result compliance item meets corresponding requirements, such as whether the ratio of research and development investment to business income meets the requirements, whether the ratio of research and development personnel to the total number of employees in the year meets the requirements, and the like, at least partially based on numerical information in the collected data;
(6) based at least in part on numerical information in the collected data, a degree of completion of the current state compared to the data result corresponding to the result compliance item is determined, e.g., what percentage of completion the development effort in the current computing cycle is compared to the required 6000 million, and so on.
The results of the analysis may be further used in subsequent management processes. For example, in one optional example, compliance behavior suggestions for a set of regimes can be generated based on the analysis results so that the user can not only intuitively understand and master their current compliance status, but also clearly know how to next do to meet, improve, or maintain compliance.
As some non-limiting examples, the compliance behavior suggestion may include one or more of the following:
(1) presenting behavior compliance items in the form of a to-be-completed event list, such as financial data to be submitted, information disclosure data to be submitted, related processes of a to-be-formulated company and the like;
(2) presenting the resulting compliance item in the form of a target value to be achieved, such as a target amount value to be achieved by the development effort, a percentage of the current amount invested to the target amount (which may be considered as a degree of completion of the compliance);
(3) presenting a description and guidance for at least some of the behavioral and resultant compliance items in textual form, e.g., for each compliance check item, a written description may be provided to let the user know the specific content of the check item, the purpose of the check, the check time node, while additional written descriptions may be provided to guide the user on how to meet the requirements of such a check item;
(4) providing reference information for at least some of the behavioral compliance items and the resultant compliance items, such as when a company is required to internally establish corresponding regulations, providing corresponding reference text, relating to information disclosure, providing corresponding information disclosure templates, reference cases, and the like;
(5) providing reason analysis for compliance with currently unsatisfied requirements, for example, conditions found to be unsatisfied during the analysis can be collated and displayed, such as missing specific contents in the disclosure information, overtime of the disclosure time, etc.;
(6) the overall compliance of the user is evaluated, for example, the overall compliance evaluation of the user can be given according to the analysis result of the compliance of the user on each check item in the system/system set.
In one example, the overall compliance assessment may be in the form of a score or the like. For example, when there are a total of 60 checkouts, when the user has completed 55 of them, an overall compliance assessment score of 92 points may be given. In yet another example, different audit terms may be categorized, and each category may be scored separately. For example, for the related transaction disclosure, the checking items can be divided into a form compliance and a content compliance, wherein the form compliance is the disclosure time and the disclosure position of the key review regulation, and the content compliance is the disclosure content of the key review regulation. In addition, different classes or different check items can be given different weights, and the scores or the like of the users in different classes and the overall scores or the like are obtained through weighting and summarizing.
In another example, the overall compliance assessment may be in the form of a radar map. By reflecting the user's scores on different classes or equally on the multiple axis coordinates of the radar map, the user can intuitively understand which block he is currently doing better and which needs more attention and improvement.
In yet another alternative, management of institutional compliance is a continuous process, and accordingly, the system of the present invention may also continuously track data for a set of data dimensions and analyze the tracked data. Based on the analysis results, updated compliance behavior suggestions may be provided to the user. For example, the percentage values of research and development may be continually updated based on the ongoing tracking of research and development investment data and revenue data. In another example, a target completion level may be dynamically displayed, for example, 50 patent grants are required, 30 are currently obtained, and the completion level is 60%, and as the patent information database is continuously tracked, as new patent grant notice information is received, the data and the completion level may be updated accordingly. In yet another example, when it is detected in the contract record database of the company that the company completes a new associated transaction contract, the pending event may be generated and timely reminded according to the corresponding rule. The continuous collection and tracking of data by a computer system takes full advantage of the tremendous productivity advantages of computers over labor in such relatively repetitive, mechanical work, and can significantly reduce the human input and cost of an enterprise in repetitive work in institutional compliance management work.
The above described method can be used by a user (e.g., a business) who is the applicable or managed object of a system to assess and manage whether or not the user himself complies with the compliance requirements of the system, and can also be used by a user who is the maker or supervisor of the system or other third party to assess and supervise the compliance of the applicable object of the system.
Taking the supervisor as an example, according to another embodiment of the present invention, the steps in the method 100 described above may be used by the supervisor, differing only in whether the object being analyzed is itself or another entity, as compared to the process of the managed object using the method. In addition, the management method of the invention can provide more management functions for the monitoring party.
As one example, analysis results for multiple compliance analysis objects (e.g., businesses) may be collected. The analysis results may be provided by each analysis object, or may be obtained by the supervision policy performing the above method on each analysis object. On the basis of these analysis results, various analyses can be performed.
An exemplary analysis is to perform a institutional compliance portrait. For example, the overall compliance situation, the average situation, the distribution situation and the like of the industry can be analyzed on the basis of the compliance situation of a plurality of analysis objects in the same industry on the whole or the subentry of the same set of systems based on a data analysis means such as big data technology. In one example, a ranking table for rating may be set based on the distribution, such as setting A, B, C, D four equal or corresponding excellent, good, pass, fail, and corresponding criteria according to compliance. Furthermore, typical features of objects of different compliance, etc. may also be depicted based on big data technology. Then, for the real-time tracking analysis situation of each analysis object, the future compliance situation of each analysis object can be predicted. Additionally, based on the compliance image, different types of objects can be effectively screened for the supervisor, so that subsequent work can be carried out in a targeted manner. For example, objects with a good compliance profile may be whitelisted, exempt from check, or least frequent random object list, while objects with a poor compliance profile may be blacklisted, key checked, and the like.
Another example of further analyzing the analysis results of the plurality of compliance analysis objects is to perform an evaluation. The evaluation may be for the whole, classified or itemized, and this process may be similar to the managed object evaluating its compliance with the management tool of the present invention, but may also be different, for example, the evaluation criteria executed on the managed object side is usually static because it only has its own data, while the evaluation criteria executed on the supervisor side may be dynamic, for example, four levels of ABCD, the corresponding score criteria that may be static on the managed object side, and the percentage criteria on the supervisor side may be. Further, in an optional example, the supervisor side may rank the analysis objects according to a holistic or itemized evaluation. In a further example, the ranking may be further refined to different dimensions, for example, the ranking may be performed according to the type of the analysis object, for example, for the insurance industry, the ranking may be performed respectively by different types of companies such as group companies (stock companies), property insurance companies, personal insurance companies, and the like.
As yet another example of analysis, a summary of the industry's overall situation may also be made, such as summarizing industry lights, typical problems, potential trends, problem warnings, and so forth. Further, in another example, the system may also evaluate and suggest the rationality of the institutional design itself based on an overall summary of circumstances for institutional compliance.
FIG. 2 is an exemplary architecture diagram of a general purpose computing device 200 that can be used to implement the institutional compliance management methods of the present invention, according to one embodiment of the present invention. The computing device 200 may be a personal computer, a server, or a mobile computing device, such as a smartphone, a tablet, etc. As shown in fig. 2, computing device 200 may include a processing unit 202, a storage unit 204, a communication unit 206, an input unit 208, and a display unit 210.
The processing unit 202 may include one or more processors, which may be any type of processor including, but not limited to, a general purpose processor, a Digital Signal Processor (DSP), a Central Processing Unit (CPU), a microcontroller, an Application Specific Integrated Circuit (ASIC), a Field Programmable Gate Array (FPGA), a programmable logic device, discrete gate or transistor logic components, discrete hardware components, or any combination thereof. In some cases, the processor may be configured to operate the memory array using the memory controller. In other cases, the memory controller may be integrated into the processor. The processor may be configured to execute computer programs stored in the memory to perform various functions.
Storage unit 204 may include, or be connected with, a non-transitory storage device, which may be any storage device that is non-transitory and that enables data storage, including, but not limited to, a disk drive, an optical storage device, solid state storage, a floppy disk, a flexible disk, a hard disk, a magnetic tape or any other magnetic medium, an optical disk or any other optical medium, a ROM (read only memory), a RAM (random access memory), a cache memory, and/or any other memory chip or cartridge, and/or any other medium from which a computer can read data, instructions, and/or code. Memory unit 204 may store computer-readable or executable software comprising instructions that, when executed, cause processing unit 202 to perform various functions described herein. Further, the storage unit 204 may be a distributed storage structure, may have a plurality of storage nodes both local and remote, may store data at a local or server as needed, and may provide data backup functions through the distributed storage structure.
The communication unit 206 may be any type of device or system capable of enabling communication with external devices and/or networks, and may include, but is not limited to, modems, network cards, infrared communication devices, wireless communication devices such as bluetooth devices, 802.11 devices, WiFi devices, WiMax devices, cellular communication facilities, and/or chipsets, among others. The communication unit 206 may be used to enable communication between the computing device and the server, as well as to collect data from external data sources.
Input unit 208 may be any type of device that can input information into a computing device, including but not limited to a mouse, keyboard, touch screen, microphone, and the like. Display unit 210 may include a display or the like that may be used to display an interface that interacts with a user and presents results during institutional compliance management of the present invention.
It will be apparent to those skilled in the art that the present invention may be implemented by software having necessary hardware, or by hardware, firmware, etc. With this understanding in mind, embodiments of the present invention may be implemented in part in software. The computer software may be stored in a readable storage medium such as a floppy disk, hard disk, optical disk, or flash memory of the computer. The computer software includes a series of instructions to cause a computer (e.g., a personal computer, a service station, or a network terminal) to perform the methods according to the respective embodiments of the present disclosure or a portion thereof.
FIG. 3 is an exemplary architecture diagram of a system 300 for institutional compliance management according to one embodiment of the present invention. As shown in fig. 3, system 300 may include one or more clients 301 and a server 302. The server 302 and each client 301 can communicate with each other through a network.
In one example scenario, client 301 can be configured on a managed object (e.g., enterprise) side of a system for use by the managed object to learn its compliance with the system/system set and obtain corresponding information or recommendations. Client 301 may be configured to, in response to selection of a regime for compliance management to be performed, determine a set of regimes associated with the selected regime; determining a compliance check item set associated with the system set through analysis of the systems in the system set; determining a set of data dimensions associated with a set of compliance check items; and collecting data of the determined set of data dimensions from one or more data sources and analyzing the collected data to generate an analysis result. Further, client 301 can also perform various embodiments of the methods described in connection with FIG. 1, such as generating compliance behavior suggestions for a set of regimes based on the analysis results, and tracking data for a set of data dimensions; and analyzing the tracked data and updating the compliance behavior recommendation based on the analysis result.
The server 302 can be configured on the side of the institutional maker or supervisor or other third party, and is used for checking and supervising the compliance of each managed object with the institutional/institutional set and obtaining corresponding analysis data for better management. The server 302 may be configured to collect analysis results for a plurality of compliance analysis objects; and performing an object compliance picture or evaluation based on the analysis results. The compliance image may include a institutional compliance image for compliance with the analysis object by institutional set, an object compliance image for compliance with the analysis object with a different institutional set, and so forth. In addition, overall or itemized evaluation can be performed on the basis of the system compliance of each compliance analysis object according to the analysis result, and each compliance analysis object is ranked according to the overall or itemized evaluation.
It should be understood that while in the present example scenario, the server 302 and the client 301 are described as being deployed separately on the administrator and the managed party of the system and providing functionality that is suitable for both of the different roles, this is merely an example, and in practice, the functionality that the server and the client can actually provide or deploy may be more flexible. For example, an enterprise may be both a regulated party and a regulation maker and supervisor, so that the functions of the client and the server can be configured on the enterprise side. Optionally, in this case, the management tool of the present invention may include all functions as a software product, and the user may be given the right to use different functions through setting different rights.
In yet another example, the client may perform only very limited work requiring computational resources and capabilities, parsing, processing, analyzing, etc., and the computational requirements of such work are turned over to the server for processing. In an extreme case, all the functions of the client may be performed at the server, while the client only provides the user access to the service, similar to a cloud service. In addition, the server can utilize the advantage that the server can collect data of a plurality of client users, various databases, template libraries and case libraries can be built through artificial intelligence and big data technology, various intelligent models are trained for being transplanted to the client or being called by the client, and for example, a model for determining an associated system of the system and a model for analyzing the system into data dimensions and checking criteria for analysis can be made to be more intelligent and accurate through iterative training.
What has been described above includes examples of aspects of the claimed subject matter. It is, of course, not possible to describe every conceivable combination of components or methodologies for purposes of describing the claimed subject matter, but one of ordinary skill in the art may recognize that many further combinations and permutations of the claimed subject matter are possible. Accordingly, the disclosed subject matter is intended to embrace all such alterations, modifications and variations that fall within the spirit and scope of the appended claims.

Claims (10)

1. A computer-implemented method for institutional compliance management, comprising:
in response to a selection of a regime for which compliance management is to be performed, determining a set of regimes associated with the selected regime;
determining a set of compliance check items associated with the set of regimes through analysis of the regimes in the set of regimes;
determining a set of data dimensions associated with the set of compliance check items; and
data for the determined set of data dimensions is collected from one or more data sources and the collected data is analyzed to generate analysis results.
2. The method of claim 1, wherein determining a set of compliance checks associated with the set of regimes through parsing of the regimes in the set of regimes comprises:
parsing text of a system in the set of systems to determine requirements in the system relating to at least one of an action and a result, respectively; and
determining the set of compliance checks based on the requirements relating to at least one of behavior and outcome, wherein the compliance checks include at least one of behavior compliance and outcome compliance.
3. The method of claim 2, wherein analyzing the collected data comprises one or more of:
determining whether a behavioral event corresponding to the behavioral compliance item has occurred based at least in part on temporal information in the collected data;
determining whether a time of occurrence of a behavior event corresponding to the behavior compliance item meets a respective requirement based at least in part on time information in the collected data;
determining whether a behavior event corresponding to the behavior compliance item occurs based at least in part on textual information in the collected data;
determining whether content of a behavior event corresponding to the behavior compliance item meets a corresponding requirement based at least in part on textual information in the collected data;
determining whether a data result corresponding to the result compliance item meets a respective requirement based at least in part on numerical information in the collected data; or alternatively
Determining a degree of completion of the current state as compared to a data result to which the result compliance item corresponds based at least in part on numerical information in the collected data.
4. The method of claim 2, wherein the method further comprises:
generating a compliance behavior recommendation for the set of regimens based on the analysis results, wherein generating the compliance behavior recommendation comprises one or more of:
presenting the behavior compliance item in the form of a to-do event list;
presenting the result compliance item in the form of a target value to be achieved;
presenting, in textual form, a description and guidance for at least some of the behavior compliance items and the result compliance items;
providing reference information for at least some of the behavior compliance items and the result compliance items;
providing a causal analysis of compliance with currently unmet requirements; or
The overall compliance of the user is evaluated.
5. The method of claim 1, wherein the method further comprises:
tracking data of the set of data dimensions; and
analyzing the tracked data and updating the compliance behavior recommendation based on the analysis result.
6. The method of claim 1, wherein the method further comprises:
collecting analysis results for a plurality of compliance analysis objects; and
based on the analysis results, executing an object compliance representation, wherein the object compliance representation includes one or more of:
making a system compliance portrait according to the compliance of the system set to the analysis object;
and performing object compliance portrayal according to the compliance of the analysis object to different system sets.
7. The method of claim 1, wherein the method further comprises:
collecting analysis results for a plurality of compliance analysis objects;
based on the analysis result, performing overall or itemized evaluation on the system compliance of the compliance analysis objects; and
ranking the plurality of compliance analysis objects according to the holistic or itemized evaluations.
8. A computing device, comprising:
a processing unit; and
a storage unit storing computer executable code which, when executed by the processing unit, causes the processing unit to perform the method of any one of claims 1-7.
9. A system for institutional compliance management comprising:
a client configured to:
in response to a selection of a regime for which compliance management is to be performed, determining a set of regimes associated with the selected regime;
determining a set of compliance check items associated with the set of regimes through analysis of the regimes in the set of regimes;
determining a set of data dimensions associated with the set of compliance check items; and
collecting data of the determined set of data dimensions from one or more data sources and analyzing the collected data to generate an analysis result; and
a server configured to:
collecting analysis results for a plurality of compliance analysis objects; and
based on the analysis results, an object compliance picture or assessment is performed.
10. A computer-readable storage medium storing computer-executable code which, when executed by a processor, causes the processor to perform the method of any one of claims 1-7.
CN202210740427.XA 2022-06-27 2022-06-27 System compliance management method and system Pending CN115115222A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202210740427.XA CN115115222A (en) 2022-06-27 2022-06-27 System compliance management method and system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202210740427.XA CN115115222A (en) 2022-06-27 2022-06-27 System compliance management method and system

Publications (1)

Publication Number Publication Date
CN115115222A true CN115115222A (en) 2022-09-27

Family

ID=83330839

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202210740427.XA Pending CN115115222A (en) 2022-06-27 2022-06-27 System compliance management method and system

Country Status (1)

Country Link
CN (1) CN115115222A (en)

Similar Documents

Publication Publication Date Title
Ayling et al. Putting AI ethics to work: are the tools fit for purpose?
US20230325396A1 (en) Real-time content analysis and ranking
Santos-Neto et al. Enterprise maturity models: a systematic literature review
US11537649B2 (en) Artificially intelligent system employing modularized and taxonomy-based classifications to generated and predict compliance-related content
AU2023206202A1 (en) Risk identification and risk register generation system and engine
US10394837B2 (en) Digital communications interface and graphical user interface
US20180053128A1 (en) System and method for automated discovery and ranking of regulatory compliance risks
US20170235820A1 (en) System and engine for seeded clustering of news events
US20180075554A1 (en) System and interface for generating real-time regulatory compliance alerts using modularized and taxonomy-based classification of regulatory obligations
US20160350823A1 (en) System and methods for automatically generating regulatory compliance manual using modularized and taxonomy-based classification of regulatory obligations
US20140244524A1 (en) System and method for identifying potential legal liability and providing early warning in an enterprise
US20150019513A1 (en) Time-series analysis based on world event derived from unstructured content
US20150347489A1 (en) Information retrieval system and method based on query and record metadata in combination with relevance between disparate items in classification systems
CN110727852A (en) Method, device and terminal for pushing recruitment recommendation service
Felicetti et al. Total quality management and corporate social responsibility: a systematic review of the literature and implications of the COVID-19 pandemics
CN114303140A (en) Analysis of intellectual property data related to products and services
Rosnidah et al. Detecting and preventing fraud with big data analytics: Auditing perspective
US20220343353A1 (en) Identifying Competitors of Companies
CN115115222A (en) System compliance management method and system
US10643227B1 (en) Business lines
US20180189803A1 (en) A method and system for providing business intelligence
US11934413B2 (en) Techniques and systems for smart natural language processing of search results
Ye et al. Examining causes of disputes in subcontracting litigation cases using text mining and natural language processing techniques
KR20210095601A (en) Public information sharing system affiliated agency oriented self-diagnosis system for enhancing information sharing by using text mining : method thereof
WO2022271431A1 (en) System and method that rank businesses in environmental, social and governance (esg)

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination