Sep 25, 2014
A paper has been accepted for publication at the European Institute for Computer Anti-Virus Research (EICAR): Trust and Transparency in IT Security. In the paper entitled "Deriving and Modelling Compliance Requirements from Legal Audits ", the author team (Bernhard Waltl, Alexander W. Schneider and Florian Matthes) discusses the derivation of compliance requirements from legal audits. Thereby, they present a method to derive concrete requirements using a combination of emprical and analytical study. Furthermore, the paper addresses the impact of legal obligations in risk management of IT systems regarding to Basel II and how those can be added to enterprise models using a common modeling language, namely ArchiMate.