Compliance Requirements Checking in Variable Environments

Ensuring compliance with complex privacy related regulations is more challenging in the presence of changing operating environments, such as cloud based services. This motivates the needs for tools and techniques that support systematic modeling and analysis of compliance requirements checking while considering the impact of operating environment changes on them. This paper demonstrates how goaloriented requirements engineering tools can be used to model variability in compliance sources and operating environments. We report a case study to demonstrate that the proposed modeling approach enables preforming trade-off analysis between organizational goals and alternative compliance controls.