Definition: Compliance is an IT non-functional requirement that refers to the ability of a system or application to adhere to legal, regulatory, and industry standards. This requirement ensures that the system or application meets the necessary security, privacy, and data protection standards, as well as any other relevant regulations. Compliance is critical for organizations that handle sensitive data, such as financial institutions, healthcare providers, and government agencies, as it helps to mitigate risks and avoid legal and financial penalties.
Source: TOGAF
Source reference: https://pubs.opengroup.org/architecture/togaf9-doc/arch/chap03.html
Additional information: According to the TOGAF specification, Compliance is a non-functional requirement that refers to the ability of an IT system to adhere to legal, regulatory, and industry standards. Compliance requirements are often imposed by external entities, such as government agencies or industry associations, and failure to comply can result in legal or financial penalties.
To ensure compliance, IT systems must be designed and implemented in accordance with relevant standards and regulations. This may involve incorporating specific security measures, data protection protocols, or other controls to meet compliance requirements.
Compliance is an important consideration for organizations in many industries, particularly those that handle sensitive data or operate in highly regulated environments. By ensuring compliance, organizations can minimize the risk of legal or financial penalties, protect their reputation, and demonstrate their commitment to ethical and responsible business practices.
Overall, compliance is a critical non-functional requirement that must be carefully considered and addressed in the design and implementation of IT systems.
Example: One example of an IT non-functional requirement for compliance could be ensuring that the system meets all relevant regulatory requirements, such as HIPAA for healthcare data or PCI DSS for credit card information. This could include implementing appropriate security measures, maintaining audit logs, and regularly conducting vulnerability assessments.
LOST view: Digital Solution Non-Functional Requirements Catalogue view
Identifier: http://data.europa.eu/dr8/egovera/ComplianceRequirement
EIRA traceability: eira:DigitalSolutionNonFunctionalRequirementRequirement
ABB name: egovera:ComplianceRequirement
EIRA concept: eira:ArchitectureBuildingBlock
Last modification: 2023-05-16
dct:identifier: http://data.europa.eu/dr8/egovera/ComplianceRequirement
dct:title: Compliance Non-Functional Requirement
|
|
| dct:modified | 2024-01-28 |
| dct:identifier | http://data.europa.eu/dr8/ComplianceRequirement |
| dct:title | Compliance Non-Functional Requirement |
| skos:example | One example of an IT non-functional requirement for compliance could be ensuring that the system meets all relevant regulatory requirements, such as HIPAA for healthcare data or PCI DSS for credit card information. This could include implementing appropriate security measures, maintaining audit logs, and regularly conducting vulnerability assessments. |
| skos:definition | Compliance is an IT non-functional requirement that refers to the ability of a system or application to adhere to legal, regulatory, and industry standards. This requirement ensures that the system or application meets the necessary security, privacy, and data protection standards, as well as any other relevant regulations. Compliance is critical for organizations that handle sensitive data, such as financial institutions, healthcare providers, and government agencies, as it helps to mitigate risks and avoid legal and financial penalties. |
| eira:concept | eira:ArchitectureBuildingBlock |
| eira:definitionSource | TOGAF |
| eira:definitionSourceReference | https://pubs.opengroup.org/architecture/togaf9-doc/arch/chap03.html |
| skos:note | According to the TOGAF specification, Compliance is a non-functional requirement that refers to the ability of an IT system to adhere to legal, regulatory, and industry standards. Compliance requirements are often imposed by external entities, such as government agencies or industry associations, and failure to comply can result in legal or financial penalties.
To ensure compliance, IT systems must be designed and implemented in accordance with relevant standards and regulations. This may involve incorporating specific security measures, data protection protocols, or other controls to meet compliance requirements.
Compliance is an important consideration for organizations in many industries, particularly those that handle sensitive data or operate in highly regulated environments. By ensuring compliance, organizations can minimize the risk of legal or financial penalties, protect their reputation, and demonstrate their commitment to ethical and responsible business practices.
Overall, compliance is a critical non-functional requirement that must be carefully considered and addressed in the design and implementation of IT systems. |
| eira:PURI | http://data.europa.eu/dr8/ComplianceRequirement |
| dct:type | eira:ComplianceRequirement |
| eira:view | Digital Solution Non-Functional Requirements Catalogue view |
| eira:eifLayer | N/A |
| skos:broader | http://data.europa.eu/dr8/DigitalSolutionNonFunctionalRequirementRequirement |