Abstract
All systems during their lifecycle, no matter how simple, will generate legal implications that need to be managed. The potential cost of an inadequate management of legal aspects can even imply the failure of the project. As a consequence, legal risk management should not only be a major activity of the development lifecycle, but it needs to be performed by qualified personnel following well-defined procedures and standards. However, current software process improvement models do not properly include processes for legal audits and more concretely legal risks management for each phase of the software development lifecycle. Neither in industry related to manage legal risks of software projects is possible to find well-defined and standardised projects. This lack of standardised process means that legal risks are handled reactively instead of proactively. This work presents a process for managing legal risks. It is organised by a series of activities to be performed at each stage of the software development lifecycle to eliminate or minimize the risk of project failures for legal reasons.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsPreview
Unable to display preview. Download preview PDF.
References
CMMI-SE/SW/IPPD/SS: V1.1 Capability Maturity Model Integration. CMMISM for Systems Engineering, Software Engineering, Integrated Product and Process Development, and Supplier Sourcing
SPICE – ISO 15504: Information Technology - Software Process Assessment
Directive 2001/84/EC of the European Parliament and of the Council on the Resale Right for the Benefit of the Author of an Original Work of Art
Directive 91/250/EEC of the European Parliament and of the Council on the legal protection of computer programs
WIPO International Forum on the Exercise and Management of Copyright and Neighboring Rights in the Face of the Challenges of Digital Technology (1997)
Directive 91/250/EEC of the European Parliament and of the Council relating to the approximation of the laws, regulations and administrative provisions of the Member States concerning misleading advertising
Directive 98/6/EEC of the European Parliament and of the Council on consumer protection in the indication of the prices of products offered to consumers
Directive 97/7/EEC of the European Parliament and of the Council on the protection of consumers in respect of distance contracts
WIPO Intellectual Property Handbook: Policy, Law and Use (2004)
Directive 2000/31 of the European Parliament and of the Council on certain legal aspects of information society services
Directive 97/66 of the European Parliament and of the Council concerning the processing of personal data and the protection of privacy in the telecommunications sector
Directive 2002/58 of the European Parliament and of the Council concerning the processing of personal data and the protection of privacy in the electronic communications sector
W3C World Wide Web Consortium. Web Site: http://www.w3c.org/
Author information
Authors and Affiliations
Editor information
Rights and permissions
Copyright information
© 2007 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Rejas-Muslera, R.J., Cuadrado-Gallego, J.J., Rodriguez, D. (2007). Defining a Legal Risk Management Strategy: Process, Legal Risk and Lifecycle. In: Abrahamsson, P., Baddoo, N., Margaria, T., Messnarz, R. (eds) Software Process Improvement. EuroSPI 2007. Lecture Notes in Computer Science, vol 4764. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-75381-0_11
Download citation
DOI: https://doi.org/10.1007/978-3-540-75381-0_11
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-74765-9
Online ISBN: 978-3-540-75381-0
eBook Packages: Computer ScienceComputer Science (R0)