Write a Blog >>
RE2021
Mon 20 - Fri 24 September 2021
Wed 22 Sep 2021 10:00 - 10:30 at Golden Dome - Adoption in Industry II Chair(s): Daniel Amyot

Compliance reviews within a software organization are internal attempts to verify regulatory and security requirements during product development before its release. However, these reviews are not enough to adequately assess and address regulatory and security requirements throughout a software’s development lifecycle. We believe requirements engineers can benefit from an improved understanding of how software practitioners treat and perceive compliance requirements. This paper describes an interview study seeking to understand how regulatory and security standard requirements are addressed, how burdensome they may be for businesses, and how our participants perceived them in the software development lifecycle. We interviewed 15 software practitioners from 13 organizations with different roles in the software development process and working in various industry domains, including big tech, healthcare, data analysis, finance, and small businesses. Our findings suggest that, for our participants, the software release process is the ultimate focus for regulatory and security compliance reviews. Also, most participants suggested that having a defined process for addressing compliance requirements was freeing rather than burdensome. Finally, participants generally saw compliance requirements as an investment for both employees and customers. These findings may be unintuitive, and we discuss seven lessons this work may hold for requirements engineering.

Wed 22 Sep

Displayed time zone: Eastern Time (US & Canada) change

09:30 - 10:30
Adoption in Industry IIResearch Papers at Golden Dome
Chair(s): Daniel Amyot University of Ottawa

Go to midspace

09:30
30m
Research paper
The practical role of context modeling in the elicitation of context-aware functionalities: a surveyResearch Paper
Research Papers
Rodrigo Falcão Fraunhofer IESE, Karina Villela Fraunhofer IESE, Vaninha Vieira Federal University of Bahia (UFBA), Marcus Trapp Fraunhofer IESE, Igor Lopes de Faria Federal University of Bahia (UFBA)
Pre-print
10:00
30m
Talk
Perspectives on Compliance Requirements in Software EngineeringAvailableReusableResearch Paper
Research Papers
Evelyn Kempe University of Maryland, Baltimore County, Aaron Massey University of Maryland Baltimore County
DOI Media Attached