CN115760160A - Compliance behavior tracing and evaluating method, system, electronic device and storage medium - Google Patents
Compliance behavior tracing and evaluating method, system, electronic device and storage medium Download PDFInfo
- Publication number
- CN115760160A CN115760160A CN202211461894.5A CN202211461894A CN115760160A CN 115760160 A CN115760160 A CN 115760160A CN 202211461894 A CN202211461894 A CN 202211461894A CN 115760160 A CN115760160 A CN 115760160A
- Authority
- CN
- China
- Prior art keywords
- compliance
- behavior data
- hash value
- unique identifier
- tracing
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Landscapes
- Management, Administration, Business Operations System, And Electronic Commerce (AREA)
Abstract
The invention provides a method and a system for tracing and evaluating compliance behaviors of an enterprise, which comprise the following steps: extracting original behavior data in a system to be evaluated, and associating a unique identifier for the original behavior data; recording and storing the unique identifier; and acquiring a unique identifier of the original behavior data to be traced, and extracting the associated original behavior data in the system to be evaluated according to the unique identifier. The scheme perfects the existing compliance management and control scheme from the perspective of compliance trace, is beneficial to the post-event tracing of the compliance behaviors of enterprises, and avoids the problem of incapability of compliance proof; secondly, the system is in a lightweight application form and is in butt joint with the existing system to be evaluated through an interface or a data extraction tool without influencing the normal architecture and the service flow of the system, the development cost of the system is low, the butt joint speed is high, and the reusability and the universality are high; finally, whole-course trace chaining can be carried out on the whole behavior data, the event passing, the control process and the like, and the objective, real and normative compliance management of enterprises is guaranteed.
Description
Technical Field
The application belongs to the technical field of compliance processing of data, and particularly relates to a method, a system, electronic equipment and a storage medium for tracing and evaluating compliance behaviors of an enterprise.
Background
Under the background of enterprise digital transformation and law enforcement enterprises, enterprises gradually begin to introduce a concept of compliance management in a management system. The compliance management of the enterprise is implemented, and the main purpose is to effectively identify and manage the behaviors of enterprise personnel violation, operation violation and the like, avoid the occurrence of external violation events inside and outside the enterprise, and reduce the risk of enterprise operation management to the greatest extent. At the same time, process behavior data notching in compliance management is also important. With the increasing importance of the country on personal information protection, when the personal information rights and interests are infringed by personal information processing activities, an information processor needs to prove that the personal information rights and interests do not have errors, and the purpose of protecting the personal information is realized by the transfer of proof responsibility, so that for enterprises, the enterprises can prove that the enterprises do not have errors only by performing 'compliance trace keeping'.
The existing enterprise compliance management scheme is mostly applied to traditional production type enterprises, the management and control and risk prevention in the production process are carried out by adopting the pre-warning modes such as data acquisition, monitoring and warning, and the like, and the wind control system is usually built according to the business of a single industry or an enterprise, so that the development period is long, the cost is high, and the universality is weak.
Disclosure of Invention
In view of the above problems, a first aspect of the present application provides an enterprise compliance behavior tracing and evaluating method, including:
extracting original behavior data in a system to be evaluated, and associating a unique identifier for the original behavior data; recording and storing the unique identifier; and acquiring a unique identifier of the original behavior data to be traced, and extracting the associated original behavior data in the system to be evaluated according to the unique identifier.
Preferably, the method further comprises: calculating the hash value of the original behavior data to obtain an initial hash value, and uploading the initial hash value to a block chain for preservation; calculating a hash value of the associated original behavior data in the system to be evaluated, which is extracted according to the unique identifier, to obtain a recalculated hash value; and comparing the initial hash value with the recalculated hash value. By synchronously calculating the hash value of the original behavior data file and uploading the hash value to the block chain in real time, behavior data can be prevented from being tampered, and timeliness, accuracy and objectivity of the data are guaranteed.
Optionally, the manner of extracting the raw behavior data in the system to be evaluated includes: defining an interface field, and calling an interface to extract original behavior data; or providing a data extraction tool, and extracting the original behavior data by the data extraction tool according to the set data extraction rule. The data interface with the system to be evaluated is realized through an interface or a data extraction tool, and the original behavior data in the system to be evaluated can be extracted under the condition of not influencing the existing architecture and the conventional business process in the system to be evaluated.
Preferably, the method further comprises: determining a compliance trace node according to the current compliance rule, and constructing a node behavior data model; and generating a compliance assessment report by combining the node behavior data model.
Preferably, the method further comprises: tracing a compliance event in the system to be evaluated according to the associated original behavior data in the system to be evaluated extracted by the unique identifier; and determining a compliance event evaluation index according to the current compliance rule, and evaluating the compliance event according to the compliance event evaluation index.
The second aspect of the present application provides an enterprise compliance behavior tracing and evaluating system, including:
the data extraction module is configured to extract original behavior data in the system to be evaluated and associate a unique identifier for the original behavior data;
the data security module is configured for recording and storing the unique identifier;
and the event tracing module is configured to acquire the unique identifier of the original behavior data to be traced and extract the associated original behavior data in the system to be evaluated according to the unique identifier.
Preferably, the data security module is further configured to: calculating the hash value of the original behavior data to obtain an initial hash value, and uploading the initial hash value to a block chain for preservation; calculating a hash value of the associated original behavior data in the system to be evaluated, which is extracted according to the unique identifier, to obtain a recalculated hash value; and comparing the initial hash value with the recalculated hash value.
A third aspect of the present application provides an electronic device for enterprise compliance behavior tracing and assessment, comprising:
a processor; a memory for storing processor-executable instructions; wherein the processor implements any of the methods as described in the first aspect by executing the executable instructions.
A fourth aspect of the present application proposes a computer readable storage medium for enterprise compliance behavior tracing and assessment, having stored thereon one or more computer programs which, when executed by a computer processor, implement any of the methods according to the first aspect.
The method and the system for tracing and evaluating the compliance behaviors of the enterprise improve the existing compliance management and control scheme from the perspective of compliance trace, are beneficial to the post-tracing of the compliance behaviors of the enterprise, and avoid the problem of incapability of compliance proof; secondly, the scheme can be butted with the existing system to be evaluated through an interface or a data extraction tool in a light application mode without influencing the normal architecture and business process of the system to be evaluated, and compared with the existing compliance management systems or risk management systems of large enterprises, the scheme has the advantages of low development cost, high butting speed, high reusability and high universality; finally, compared with other systems, the system has the function of 'trace chaining', can perform the whole-process trace chaining on the whole behavior data, the whole event passing, the whole control process and the like, and ensures that the compliance management of enterprises is more objective, real and standard.
Drawings
The accompanying drawings assist in a further understanding of the present application. The elements of the drawings are not necessarily to scale relative to each other. For convenience of description, only portions related to the related invention are shown in the drawings.
FIG. 1 is a schematic flow chart illustrating a method for tracing and evaluating compliance activities of an enterprise according to an embodiment of the present application;
FIG. 2 is a schematic flow chart diagram of a method for tracking and evaluating compliance activities of an enterprise according to another embodiment of the present application;
FIG. 3 is a schematic flow chart diagram illustrating a method for tracking and evaluating compliance activities of an enterprise according to another embodiment of the present application;
FIG. 4 is a block diagram of an enterprise compliance behavior tracing and assessment system in another embodiment of the present application.
Detailed Description
The present application will be described in further detail with reference to the drawings and examples. It is to be understood that the specific embodiments described herein are merely illustrative of the relevant invention and not restrictive of the invention. In other embodiments, the steps of the corresponding methods are not necessarily performed in the order shown and described in the specification.
Fig. 1 is a schematic flowchart of an embodiment of a method for tracing and evaluating an enterprise compliance behavior according to a first aspect of the present application, where the flowchart specifically includes:
s1, extracting original behavior data in a system to be evaluated, and associating unique identification for the original behavior data;
s2, recording and storing the unique identifier;
and S3, acquiring the unique identifier of the original behavior data to be traced, and extracting the associated original behavior data in the system to be evaluated according to the unique identifier.
In a preferred embodiment, the hash value of the original behavior data can be synchronously calculated, an initial hash value is obtained, and the initial hash value is uploaded to a block chain for preservation; calculating the hash value of the associated original behavior data in the system to be evaluated, which is extracted according to the unique identifier, and obtaining a recalculated hash value; and comparing the initial hash value with the recalculated hash value. When tracing the original behavior data, the authenticity of the extracted associated original behavior data needs to be verified to prevent the original behavior data from being inconsistent with the original behavior data. In this embodiment, the hash value of the original behavior data is calculated as the initial hash value and uploaded to the block chain for preservation, and when the original behavior data needs to be traced due to disputes and the like, the hash value of the associated original behavior data extracted at this time is calculated as the recalculated hash value and compared with the preserved initial hash value in the block chain for verification, so that the original behavior data is prevented from being tampered, and the timeliness, the accuracy and the objectivity of the extracted original behavior data are guaranteed.
In another embodiment, the original behavior data in the system to be evaluated is extracted in an interface transmission mode by defining an interface field, and is uploaded for data preservation.
In another embodiment, the original behavior data in the system to be evaluated is extracted according to the corresponding data extraction rule by the data extraction tool in an active extraction mode, and is uploaded for data preservation.
In another embodiment, as shown in fig. 2, the flow of the enterprise compliance behavior tracing and evaluating method further includes:
s201, determining a compliance trace node according to the existing compliance rule, and constructing a node behavior data model.
Wherein the current compliance rules are the current laws and regulations related to the self-operation of the enterprise. Specifically, the compliance rules and compliance scenes of dimensions such as 'market trading', 'labor employment', 'fund internal control', 'intellectual property right', 'business partner' and the like can be combed according to the existing laws and regulations, compliance trace nodes are combed based on the compliance rules and the compliance scenes, and a node behavior data digital model is constructed. The content of the compliant traceable node generally needs to include basic elements such as a user, time, place, event, scene type and the like, and a node behavior data digital model is sequentially constructed, for example, a person operates a certain (event) at a certain (time) and a certain (place).
And S202, generating a compliance assessment report by combining the node behavior data model. The basic elements in the node behavior data model can be used for compliance assessment, for example, in the labor employment rule, a field of trial period wages is extracted, and whether the trial period wages meet the relevant regulations of labor law is judged.
Taking a contract event as an example, the digital model of the compliance trace nodes and the corresponding node behavior data comprises:
A. an event node 1, an xxx salesman xx account logs in a xxx platform xxx time to select an xx contract template, fills in xxx content and creates a xxx contract, wherein contract information comprises basic information of contract targets, contract timeliness, contract content, settlement modes, contract targets, partners, agents and the like;
B. an event node 2, a xxx legal xxx account logs in a xxx platform to select xxx contracts for auditing, and reviews the opinions xxxx;
C. event node 3, interactive draft, contract draft;
D. an event node 4, a contract approval process and a xxx account login xx platform xxx time approval process;
E. an event node 5, signing a contract, and sealing a xxx contract xxx by a xxx time xxx account;
F. event node 6, contract tracking, payment;
G. event node 7, billing;
H. the event node 8 checks, accepts and delivers;
I. event node 9, remittance;
J.……
fields such as name of an operator, account number, platform type, time, contract name and the like can be integrated into the data model through the digital code identification, so that a corresponding compliance evaluation report is provided.
In another embodiment, as shown in fig. 3, the flow of the enterprise compliance behavior tracing and evaluating method further includes:
s301, tracing a compliance event in the system to be evaluated according to the original behavior data associated in the system to be evaluated extracted by the unique identifier.
After the original behavior data is obtained, the associated time and event nodes can be connected in series according to the original behavior data, so that the whole compliance event can be traced. Furthermore, the original behavior data belonging to the same compliance event is given the same service number when the original behavior data is generated, so that the original behavior data in the compliance event can be traced through the service number.
S302, determining a compliance event evaluation index according to the current compliance rule, and evaluating the compliance event according to the compliance event evaluation index.
Wherein the current compliance rules are the current laws and regulations related to the self-operation of the enterprise. According to the existing compliance rule, a compliance standard library can be formed by building a scoring mechanism, and behavior data is analyzed and evaluated according to different dimensions such as scenes, time and the like. Specifically, the compliance rules for evaluating the relevant compliance events can be combed from the aspects of laws and regulations, regulatory provisions, industry guidelines, enterprise regulations, international treaties and the like, and the relevant compliance events can be combed from the dimensions of market trading, labor employment, intellectual property, business partners, fund internal control, data security and the like. Furthermore, a corresponding compliance data management report, a compliance cockpit, a compliance assessment report and the like can be generated, so that the next action of the standardization enterprise is guided.
Taking a contract event as an example, the generated compliance cockpit displays information such as service contract in execution, contract amount in fulfillment, average contract amount, average performance period, overdue performance contract amount and the like in a report form; in the generated compliance assessment report, the displayed information comprises:
1. overview of events
Overview the overall compliance scenario, compliance event.
2. Law of compliance
Summary compliance standards, legal provisions, and the like.
3. Full flow description of events
The compliant scar nodes are enumerated.
4. Behavioral data verification results
It is determined whether the original behavior data was tampered with.
5. Compliance assessment results
And performing multi-dimensional evaluation on the compliance event based on a scoring mechanism, and giving a compliance score and a result.
FIG. 4 is a schematic diagram of an enterprise compliance behavior tracing and assessment system 400 according to a second aspect of the present application, including:
the data extraction module 401 is configured to extract original behavior data in the system to be evaluated, and associate a unique identifier with the original behavior data;
a data security module 402 configured to record and store the unique identifier; further, the method is also used for calculating the hash value of the original behavior data, obtaining an initial hash value, and uploading the initial hash value to the block chain for preservation; calculating a hash value of the associated original behavior data in the system to be evaluated, which is extracted according to the unique identifier, to obtain a recalculated hash value; and comparing the initial hash value with the recalculated hash value.
The event tracing module 403 is configured to obtain a unique identifier of the original behavior data to be traced, and extract the associated original behavior data in the system to be evaluated according to the unique identifier.
On the other hand, the present application also provides a computer-readable storage medium, which may be included in the electronic device described in the above embodiment; or may exist separately without being assembled into the electronic device. The computer readable storage medium carries one or more programs which, when executed by the electronic device, cause the electronic device to: extracting original behavior data in a system to be evaluated, and associating a unique identifier for the original behavior data; recording and storing the unique identifier; and acquiring a unique identifier of the original behavior data to be traced, and extracting the associated original behavior data in the system to be evaluated according to the unique identifier.
As can be seen from the above embodiments, the method and system for tracing and evaluating the compliance behavior of the enterprise provided by the present application form a corresponding algorithm in combination with the compliance laws and regulations of the current industry, and can realize real-time monitoring, compliance trace, behavior tracing and compliance system event evaluation on the business behavior of the enterprise based on the existing business system or OA data inside the enterprise, further form a compliance management and control cockpit, and provide a decision basis for an enterprise administrator. The method has the characteristics of wide coverage, strong practicability and universality and the like, and has a wide application prospect along with the increasing requirements of enterprise digital transformation, enterprise compliance and the like.
While this application has been particularly shown and described with references to preferred embodiments thereof, it will be understood by those skilled in the art that various changes in form and details may be made therein without departing from the spirit and scope of the application as defined by the appended claims.
Claims (10)
1. A method for tracing and evaluating compliance behaviors of an enterprise is characterized by comprising the following steps:
extracting original behavior data in a system to be evaluated, and associating a unique identifier for the original behavior data;
recording and storing the unique identification;
and acquiring a unique identifier of the original behavior data to be traced, and extracting the associated original behavior data in the system to be evaluated according to the unique identifier.
2. The enterprise compliance behavior tracing and assessment method of claim 1, further comprising:
calculating the hash value of the original behavior data to obtain an initial hash value, and uploading the initial hash value to a block chain for preservation;
calculating the hash value of the associated original behavior data in the system to be evaluated, which is extracted according to the unique identifier, and obtaining a recalculated hash value;
and comparing the initial hash value with the recalculated hash value.
3. The enterprise compliance behavior tracing and assessment method according to claim 1, wherein said extracting raw behavior data within the system under assessment comprises: defining an interface field, and calling an interface to extract the original behavior data.
4. The enterprise compliance behavior tracing and assessment method according to claim 1, wherein said extracting raw behavior data within the system under assessment comprises: and providing a data extraction tool, wherein the data extraction tool extracts the original behavior data according to a set data extraction rule.
5. The enterprise compliance behavior tracing and assessment method of claim 1, further comprising:
determining a compliance trace node according to the current compliance rule, and constructing a node behavior data model;
and generating a compliance assessment report by combining the node behavior data model.
6. The enterprise compliance behavior tracing and assessment method of claim 1, further comprising:
tracing a compliance event in the system to be evaluated according to the associated original behavior data in the system to be evaluated extracted by the unique identifier;
determining a compliance event evaluation index according to an existing compliance rule, and evaluating the compliance event according to the compliance event evaluation index.
7. An enterprise compliance behavior tracing and assessment system, comprising:
the data extraction module is configured to extract original behavior data in a system to be evaluated and associate a unique identifier for the original behavior data;
the data security module is configured to record and store the unique identifier;
and the event tracing module is configured to acquire a unique identifier of the original behavior data to be traced and extract the associated original behavior data in the system to be evaluated according to the unique identifier.
8. The enterprise compliance behavior tracing and assessment system according to claim 7, wherein said data security module is further configured for:
calculating the hash value of the original behavior data to obtain an initial hash value, and uploading the initial hash value to a block chain for preservation;
calculating the hash value of the associated original behavior data in the system to be evaluated, which is extracted according to the unique identifier, to obtain a recalculated hash value;
and comparing the initial hash value with the recalculated hash value.
9. An electronic device for enterprise compliance behavior tracing and assessment, comprising:
a processor;
a memory for storing processor-executable instructions;
wherein the processor implements the method of any one of claims 1-6 by executing the executable instructions.
10. A computer readable storage medium for enterprise compliance behavior tracing and assessment, having one or more computer programs stored thereon, wherein the one or more computer programs, when executed by a computer processor, implement the method of any of claims 1-6.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202211461894.5A CN115760160A (en) | 2022-11-17 | 2022-11-17 | Compliance behavior tracing and evaluating method, system, electronic device and storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202211461894.5A CN115760160A (en) | 2022-11-17 | 2022-11-17 | Compliance behavior tracing and evaluating method, system, electronic device and storage medium |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN115760160A true CN115760160A (en) | 2023-03-07 |
Family
ID=85334535
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202211461894.5A Pending CN115760160A (en) | 2022-11-17 | 2022-11-17 | Compliance behavior tracing and evaluating method, system, electronic device and storage medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN115760160A (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN116205496A (en) * | 2023-04-04 | 2023-06-02 | 广东远景信息科技有限公司 | Compliance risk management and control method, system, electronic equipment and storage medium |
-
2022
- 2022-11-17 CN CN202211461894.5A patent/CN115760160A/en active Pending
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN116205496A (en) * | 2023-04-04 | 2023-06-02 | 广东远景信息科技有限公司 | Compliance risk management and control method, system, electronic equipment and storage medium |
| CN116205496B (en) * | 2023-04-04 | 2023-08-15 | 广东远景信息科技有限公司 | Compliance risk management and control method, system, electronic equipment and storage medium |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US9305278B2 (en) | System and method for compiling intellectual property asset data | |
| US8595042B2 (en) | Processing of provenance data for automatic discovery of enterprise process information | |
| Kotb et al. | The impact of e‐business on the audit process: An investigation of the factors leading to change | |
| US20100114628A1 (en) | Validating Compliance in Enterprise Operations Based on Provenance Data | |
| US20100179951A1 (en) | Systems and methods for mapping enterprise data | |
| MX2007015671A (en) | Method and system for determining effectiveness of a compliance program. | |
| CN109508825A (en) | Employee's image method for prewarning risk and relevant apparatus | |
| Specking et al. | Assessing engineering resilience for systems with multiple performance measures | |
| US20050131818A1 (en) | Method for performing Due diligence and legal, financial and other types of audits | |
| CN115760160A (en) | Compliance behavior tracing and evaluating method, system, electronic device and storage medium | |
| CN111160783A (en) | Method and system for evaluating digital asset value and electronic equipment | |
| Borhani et al. | Adopting blockchain technology to improve financial reporting by using the technology acceptance model (TAM) | |
| Ceolin et al. | A trust model to estimate the quality of annotations using the web | |
| CN108038667B (en) | Policy generation method, device and equipment | |
| CN112702410B (en) | Evaluation system, method and related equipment based on blockchain network | |
| US20180293681A1 (en) | Automated background checks | |
| Volk et al. | Ask the Right Questions: Requirements Engineering for the Execution of Big Data Projects. | |
| CN107993010B (en) | Project due diligence automatic analysis system and automatic analysis method | |
| CN111798246A (en) | Financial risk grade assessment method and device | |
| Becker et al. | On the relevance of enterprise architecture and IT governance for digital preservation | |
| CN115600972A (en) | Method, device, equipment and storage medium for verifying and selling of bad assets | |
| Groulx et al. | A social media tax data warehouse to manage the underground economy | |
| CN111353882A (en) | Privatized deployment retail asset wind control method and device and electronic equipment | |
| Kuzminykh et al. | Information Security Risk Assessment. Encyclopedia 2021, 1, 602–617 | |
| Barateiro et al. | Integrated management of risk information |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |