Browsing by Author "Correia, Anacleto"
Now showing 1 - 3 of 3
Results Per Page
Sort Options
- An approach to GDPR based on object role modelingPublication . Gonçalves, António; Correia, Anacleto; Cavique, LuísThe General Data Protection Regulation 2016/679 (GDPR) is a set of legal rules to attain the privacy of people in the handling of their personal data and the movement of such data across countries. When those rules are considered in the operation of information systems, the one becomes attainable for legal approval within that scope. This paper presents a model we are developing to help enterprises do align their information system with the GDPR requirements. The model shall serve the purpose of analyzing the enterprises in what concerns the use of the subject’s personal data, allowing to capture and improve data protection capabilities placed in the GDPR. The main issue of our approach is to set a baseline to define the requirements for establishing, implementing, maintaining and continually improving data protection management system on organizations.
- Data protection risk modeling into business process analysisPublication . Gonçalves, António; Correia, Anacleto; Cavique, LuísWe present a novel way to link business process model with data protection risk management. We use established body of knowledge regarding risk manager concepts and business process towards data protections. We try to contribute to the problems that today organizations should find a suitable data protection model that could be used in as a risk framework. The purpose of this document is to define a model to describe data protection in the context of risk. Our approach including the identification of the main concepts of data protection according to the scope of the with EU directive data protection regulation. We outline data protection model as a continuous way of protection valued organization information regarding personal identifiable information. Data protection encompass the preservation of personal data information from unauthorized access, use, modification, recording or destruction. Since this kind of service is offered in a continuous way, it is important to stablish a way to measure the effectiveness of awareness of data subject discloses regrading personal identifiable information.
- Developing anti-bribery organization system based on quantitative pair-wise information: an approach based on activity theoryPublication . Goncalves, Antonio; Correia, Anacleto; Cavique, LuísNowadays an important issue, for an organization is to be able to implement relevant anti-bribery risk management systems with mandatory laws. Managers strive to reach an equilibrium between a pure mandatory rule oriented organization and people freedom of choice to mitigate bribery on organization. The problem is how to develop and manage efficiently anti-bribery system in an organization without putting at risk its day by day operation. They are concerned how to balance between deep control and flexible way of people work on organization. The purpose of this document is to introduce a decision-making way of defining a context to establish an anti-bribery risk management system in accordance with the best practices. To address this matter, we will support our work in a theoretical framework for the analysis of human work and introduce anti-bribery as non-functional requirement (generic qualities of services) of organization information systems.