Exercising Due Diligence in Legal Requirements Acquisition: A Tool-supported, Frame-Based Approach

Government laws and organizational policies introduce critical legal requirements that govern information systems. Unlike traditional requirements elicited from stakeholders, legal requirements have unique characteristics that software engineers must address to ensure that their systems are demonstrably compliant with relevant laws and policies. This paper presents important terminology for developing legally compliant software systems and a methodology consisting of procedures and models for acquiring, representing and analyzing phenomena in legal documents, which constitute rich sources of legal requirements. Based on a grounded theory, the method has been validated through a mixed-methods approach consisting of multiple, descriptive case studies. This paper presents a human subject experiment that tests a fundamental part of the theory to understand the efficacy of multiple users applying the method to a sample regulation text.