773 resultados para policies, mandates, compliance
Resumo:
A realização deste estudo propiciou analisar a aplicação dos instrumentos previstos na legislação brasileira levantada para a gestão dos recursos hídricos, por meio dos Comitês de Bacias Hidrográficas e municípios. Foram eleitos a cidade de Araraquara e o Comitê de Bacia Hidrográfica Tietê-Jacaré, como forma de apurar a aplicação dos instrumentos de gestão existentes nas Políticas Federal e Estadual Paulista de Recursos Hídricos, consubstanciadas nas leis 9.433/97 e 7.663/91, respectivamente. Tal escolha se deu uma vez que o referido município encontra-se, aparentemente, organizado dentro dos ditames existentes no ordenamento ambiental legal brasileiro e faz parte da competência territorial daquele comitê. Constatou-se que o CBH-TJ não realiza suas atividades de forma adequada, pois, além de estar estruturado em desacordo com os ditames na lei federal de recursos hídricos, ainda carece de recursos financeiros, técnicos e de tomada de decisão (por ainda não possuir o Plano de Bacia e Agência de Água). O Poder Executivo do Município de Araraquara, mesmo tendo uma situação ambiental relativamente controlada, não utiliza o comitê da forma preconizada nas políticas de recursos hídricos, pois sua participação nele é pouco efetiva, o que acaba influenciando negativamente seu modo de gestão administrativa municipal, tornando-o apenas local, em alguns aspectos, deixando em segundo plano o restante da bacia hidrográfica.
Resumo:
A draft of the College of Medicine's Faculty Bylaws submitted for review and approval by the Florida International University Administration on October 5, 2007.
Resumo:
Provenance plays a pivotal in tracing the origin of something and determining how and why something had occurred. With the emergence of the cloud and the benefits it encompasses, there has been a rapid proliferation of services being adopted by commercial and government sectors. However, trust and security concerns for such services are on an unprecedented scale. Currently, these services expose very little internal working to their customers; this can cause accountability and compliance issues especially in the event of a fault or error, customers and providers are left to point finger at each other. Provenance-based traceability provides a mean to address part of this problem by being able to capture and query events occurred in the past to understand how and why it took place. However, due to the complexity of the cloud infrastructure, the current provenance models lack the expressibility required to describe the inner-working of a cloud service. For a complete solution, a provenance-aware policy language is also required for operators and users to define policies for compliance purpose. The current policy standards do not cater for such requirement. To address these issues, in this paper we propose a provenance (traceability) model cProv, and a provenance-aware policy language (cProvl) to capture traceability data, and express policies for validating against the model. For implementation, we have extended the XACML3.0 architecture to support provenance, and provided a translator that converts cProvl policy and request into XACML type.
Resumo:
Data collected under federally funded research is subject to compliance rules and regulations. Policies affecting what you can and cannot do with your data, who is responsible, and what role your institution plays can vary with funding agencies and the type of data collected. This talk will address many of the compliance issues associated with research data, as well as funder mandates that you need to be aware of to ensure compliance.
Resumo:
Monitoring and enforcement are perhaps the biggest challenges in the design and implementation of environmental policies in developing countries where the actions of many small informal actors cause significant impacts on the ecosystem services and where the transaction costs for the state to regulate them could be enormous. This dissertation studies the potential of innovative institutions based on decentralized coordination and enforcement to induce better environmental outcomes. Such policies have in common that the state plays the role of providing the incentives for organization but the process of compliance happens through decentralized agreements, trust building, signaling and monitoring. I draw from the literatures in collective action, common-pool resources, game-theory and non-point source pollution to develop the instruments proposed here. To test the different conditions in which such policies could be implemented I designed two field-experiments that I conducted with small-scale gold miners in the Colombian Pacific and with users and providers of ecosystem services in the states of Veracruz, Quintana Roo and Yucatan in Mexico. This dissertation is organized in three essays.
The first essay, “Collective Incentives for Cleaner Small-Scale Gold Mining on the Frontier: Experimental Tests of Compliance with Group Incentives given Limited State Monitoring”, examines whether collective incentives, i.e. incentives provided to a group conditional on collective compliance, could “outsource” the required local monitoring, i.e. induce group interactions that extend the reach of the state that can observe only aggregate consequences in the context of small-scale gold mining. I employed a framed field-lab experiment in which the miners make decisions regarding mining intensity. The state sets a collective target for an environmental outcome, verifies compliance and provides a group reward for compliance which is split equally among members. Since the target set by the state transforms the situation into a coordination game, outcomes depend on expectations of what others will do. I conducted this experiment with 640 participants in a mining region of the Colombian Pacific and I examine different levels of policy severity and their ordering. The findings of the experiment suggest that such instruments can induce compliance but this regulation involves tradeoffs. For most severe targets – with rewards just above costs – raise gains if successful but can collapse rapidly and completely. In terms of group interactions, better outcomes are found when severity initially is lower suggesting learning.
The second essay, “Collective Compliance can be Efficient and Inequitable: Impacts of Leaders among Small-Scale Gold Miners in Colombia”, explores the channels through which communication help groups to coordinate in presence of collective incentives and whether the reached solutions are equitable or not. Also in the context of small-scale gold mining in the Colombian Pacific, I test the effect of communication in compliance with a collective environmental target. The results suggest that communication, as expected, helps to solve coordination challenges but still some groups reach agreements involving unequal outcomes. By examining the agreements that took place in each group, I observe that the main coordination mechanism was the presence of leaders that help other group members to clarify the situation. Interestingly, leaders not only helped groups to reach efficiency but also played a key role in equity by defining how the costs of compliance would be distributed among group members.
The third essay, “Creating Local PES Institutions and Increasing Impacts of PES in Mexico: A real-Time Watershed-Level Framed Field Experiment on Coordination and Conditionality”, considers the creation of a local payments for ecosystem services (PES) mechanism as an assurance game that requires the coordination between two groups of participants: upstream and downstream. Based on this assurance interaction, I explore the effect of allowing peer-sanctions on upstream behavior in the functioning of the mechanism. This field-lab experiment was implemented in three real cases of the Mexican Fondos Concurrentes (matching funds) program in the states of Veracruz, Quintana Roo and Yucatan, where 240 real users and 240 real providers of hydrological services were recruited and interacted with each other in real time. The experimental results suggest that initial trust-game behaviors align with participants’ perceptions and predicts baseline giving in assurance game. For upstream providers, i.e. those who get sanctioned, the threat and the use of sanctions increase contributions. Downstream users contribute less when offered the option to sanction – as if that option signal an uncooperative upstream – then the contributions rise in line with the complementarity in payments of the assurance game.
Resumo:
In the last few years, academic communities have seen an increase in the number of Open Access (OA) policies being adopted at the institutional and funder levels. In parallel to policy implementation, institutions and funders have also been engaged in developing mechanisms to monitor academics and researchers compliance with the existing OA policies. This study highlights a few of the cases where compliance is being effectively monitored by institutions and funders. In the first section, Open Access is briefly overviewed and the rationale for monitoring OA policy compliance is explained. The second section looks at best practices in monitoring policy compliance with OA policies by funders and institutions. The case studies reflect on compliance with the UK Funding Councils and the USA National Institutes of Health OA policies. The third section makes recommendations on what processes and procedures universities and funders should adopt to monitor compliance with their OA policies. The final section recapitulates some of the key ideas related to monitoring policy compliance.
Resumo:
Current regulatory requirements on data privacy make it increasingly important for enterprises to be able to verify and audit their compliance with their privacy policies. Traditionally, a privacy policy is written in a natural language. Such policies inherit the potential ambiguity, inconsistency and mis-interpretation of natural text. Hence, formal languages are emerging to allow a precise specification of enforceable privacy policies that can be verified. The EP3P language is one such formal language. An EP3P privacy policy of an enterprise consists of many rules. Given the semantics of the language, there may exist some rules in the ruleset which can never be used, these rules are referred to as redundant rules. Redundancies adversely affect privacy policies in several ways. Firstly, redundant rules reduce the efficiency of operations on privacy policies. Secondly, they may misdirect the policy auditor when determining the outcome of a policy. Therefore, in order to address these deficiencies it is important to identify and resolve redundancies. This thesis introduces the concept of minimal privacy policy - a policy that is free of redundancy. The essential component for maintaining the minimality of privacy policies is to determine the effects of the rules on each other. Hence, redundancy detection and resolution frameworks are proposed. Pair-wise redundancy detection is the central concept in these frameworks and it suggests a pair-wise comparison of the rules in order to detect redundancies. In addition, the thesis introduces a policy management tool that assists policy auditors in performing several operations on an EP3P privacy policy while maintaining its minimality. Formal results comparing alternative notions of redundancy, and how this would affect the tool, are also presented.
Resumo:
Governments around the world are increasingly investing in information and communications technology (ICT) as a means of improving service delivery to citizens. Government ICT adoption is also being driven by a desire to streamline information accessibility and information flows within government - both between different levels of government and between different departments at the same level. Increasing the availability of information internally and to citizens has clear and compelling benefits but it also carries risks that must be carefully managed. This talk will examine the implications of such E-government initiatives for a range of compliance obligations, with a focus on information privacy. It will review recent developments in the area of systems-based enforcement of privacy policies and the particular privacy challenges presented by the aggregation of geospatial information.
Resumo:
With the development of enterprise informatisation, Product Lifecycle Management (PLM) systems have been widely deployed and applied in enterprises. This paper analyzes the requirement that conducting version operations on business objects as specified in process models should be compliant with the versioning policies imposed by product lifecycles. This leads to the introduction of the concept of versioning compliance, and the approach of compliance checking that we proposed in our earlier work, which comprises both syntactical compatibility and behavioural compatibility checking. The paper then focuses on the tool implementation for providing automated support to the versioning compliance checking. An empirical evaluation of the tool was also performed with industrial partners using the well-known questionnaire-based method. The evaluation and feedback from practitioners further evidence the practical significance of this research question in the PLM field and demonstrate that the proposed solution with its automated tool support possesses a high application potential.
Resumo:
Norms regulate the behaviour of their subjects and define what is legal and what is illegal. Norms typically describe the conditions under which they are applicable and the normative effects as a results of their applications. On the other hand, process models specify how a business operation or service is to be carried out to achieve a desired outcome. Norms can have significant impact on how business operations are conducted and they can apply to the whole or part of a business process. For example, they may impose conditions on the different aspects of a process (e.g., perform tasks in a specific sequence (control-flow), at a specific time or within a certain time frame (temporal aspect), by specific people (resources)). We propose a framework that provides the formal semantics of the normative requirements for determining whether a business process complies with a normative document (where a normative document can be understood in a very broad sense, ranging from internal policies to best practice policies, to statutory acts). We also present a classification of normal requirements based on the notion of different types of obligations and the effects of violating these obligations.
Resumo:
Product Lifecycle Management (PLM) systems are widely used in the manufacturing industry. A core feature of such systems is to provide support for versioning of product data. As workflow functionality is increasingly used in PLM systems, the possibility emerges that the versioning transitions for product objects as encapsulated in process models do not comply with the valid version control policies mandated in the objects’ actual lifecycles. In this paper we propose a solution to tackle the (non-)compliance issues between processes and object version control policies. We formally define the notion of compliance between these two artifacts in product lifecycle management and then develop a compliance checking method which employs a well-established workflow analysis technique. This forms the basis of a tool which offers automated support to the proposed approach. By applying the approach to a collection of real-life specifications in a main PLM system, we demonstrate the practical applicability of our solution to the field.
Resumo:
Purpose The purpose of this paper is to examine equal employment policies in Australia’s male-dominated construction industry and categorise the types of activities undertaken against an equal employment typology to identify links to outcomes for women in the form of increased participation and management. Design/methodology/approach To explore the issue of low representation of women in construction through the content analysis of 83 construction organisations’ equal employment opportunity (EEO) reports. Findings This industry is not engaging with equal employment issues and the numbers of women working in the industry and/or management are based on individual decision rather than an institutional commitment to equality in diversity. Research limitations/implications Australian legislation mandates organisational reporting of relevant data and offers public access to this information offering a unique data set. Practical implications An ageing population means that the predominately older male workforce is leaving construction in greater numbers with fewer potential replacements making new labour markets a vital consideration. Social implications Legislation and organisational policies designed to promote EEO for women have existed in numerous countries for decades. One objective of this legislation was to reduce male domination in senior positions and industries/occupations where women were under-represented. Despite this, few women are employed in construction in operational or management roles worldwide. Originality/value This study offers a comprehensive analysis of a male-dominated industry in one jurisdiction rather than a few selected cases and uses a broader rigorous typology for analysis that acknowledges both equal and different treatment options.
Resumo:
XVIII IUFRO World Congress, Ljubljana 1986.
