Much research is ongoing to assess and improve compliance to laws and regulations. As this domain continues to grow and mature, and with more modelling methods introduced to support compliance tasks, important questions need to be asked. What exactly are these methods used for? Where have they been applied? What benefits do they offer? This paper explores how goal-oriented and non-goal-oriented modelling methods have been used for legal and regulatory compliance, and identifies their main claimed benefits and drawbacks based on the kind of compliance tasks they perform. Using a systematic literature mapping approach, we evaluated 103 articles describing the use of modelling methods obtained from a pool of 286 articles. The results indicate that modelling methods focus on the intent of a law, but goal-oriented modelling methods do so while also reflecting the structure of a law, generally with substantial benefits for all compliance tasks. In addition, whereas modelling methods are used for compliance modelling, checking, analysis and enactment tasks, our analysis indicates that the coverage of these methods is more frequent in the healthcare domain with 55% of the articles reviewed targeting it. In terms of the contexts modelling methods address, privacy has the highest level of attention with a focus from 54% of the reviewed articles. The articles reviewed revealed a total of 60 different laws and regulations from 14 different countries, with 62% focusing on privacy. Moreover, while 82% of the articles reviewed addressed concerns of regulated parties, only 12% addressed the concerns of regulators, and 6% addressed concerns of both regulating and regulated parties. This study highlights the benefits and drawbacks of both types of modelling methods and identifies potential benefits and common drawbacks that will be of interest to researchers and practitioners in the selection of modelling methods or in the identification of selection criteria. Finally, the mapping results emphasize the need for more studies outside of healthcare, that are related to contexts other than privacy, that target compliance enactment tasks or that take the concerns of regulators into consideration.

中文翻译：

---

法律和法规遵从性目标和非目标建模方法的系统文献映射

许多研究正在进行中，以评估和改善对法律和法规的遵守情况。随着该领域不断发展和成熟，并且引入了更多建模方法来支持合规性任务，需要提出重要问题。这些方法究竟是用来做什么的？它们被应用到哪里了？他们提供什么好处？本文探讨了面向目标和非面向目标的建模方法如何用于法律和监管合规，并根据它们执行的合规任务类型确定其主要声称的优点和缺点。使用系统的文献映射方法，我们评估了 103 篇文章，这些文章描述了从 286 篇文章中获得的建模方法的使用。结果表明建模方法侧重于法律的意图，但是面向目标的建模方法这样做的同时也反映了法律的结构，通常对所有合规任务都有实质性的好处。此外，虽然建模方法用于合规建模、检查、分析和制定任务，但我们的分析表明，这些方法的覆盖范围在医疗保健领域更为频繁，55% 的评论文章都针对它。就上下文建模方法所解决的问题而言，隐私具有最高的关注度，有 54% 的评论文章关注这一点。所审查的文章共揭示了来自 14 个不同国家/地区的 60 项不同法律法规，其中 62% 关注隐私。此外，虽然 82% 的评论文章解决了受监管方的担忧，但只有 12% 解决了监管机构的担忧，6% 解决了监管方和受监管方的担忧。本研究强调了两种建模方法的优点和缺点，并确定了研究人员和从业人员在选择建模方法或确定选择标准时会感兴趣的潜在优点和常见缺点。最后，映射结果强调需要在医疗保健之外进行更多研究，这些研究与隐私以外的环境相关，针对合规性制定任务或考虑监管机构的担忧。本研究强调了两种建模方法的优点和缺点，并确定了研究人员和从业人员在选择建模方法或确定选择标准时会感兴趣的潜在优点和常见缺点。最后，映射结果强调需要在医疗保健之外进行更多研究，这些研究与隐私以外的环境相关，针对合规性制定任务或考虑监管机构的担忧。本研究强调了两种建模方法的优点和缺点，并确定了研究人员和从业人员在选择建模方法或确定选择标准时会感兴趣的潜在优点和常见缺点。最后，映射结果强调需要在医疗保健之外进行更多研究，这些研究与隐私以外的环境相关，针对合规性制定任务或考虑监管机构的担忧。