DETAILED ACTION
Notice of Pre-AIA or AIA Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .
The following FINAL Office Action is in response to Applicant’s communication filed 12/15/2025 regarding Application 18/625,780.
Status of Claim(s)
Claim(s) 1-20 is/are currently pending and are rejected as follows.
Response to Arguments- 101 Rejection
Applicant’s arguments in regards to the previously applied 101 rejection have been fully considered and deemed persuasive.
Examiner accordingly withdraws the previously applied 101 rejection.
Response to Arguments – 103 Rejection
Applicant’s arguments in regards to the previously applied 103 rejection have been fully considered but are not deemed persuasive.
Applicant argues that none of the applied prior art of either Brannon, Page, or Wiersma in any combination read on the amended language of “retrieving, via one or more monitoring agents, from the one or more datastores, the changes to the policy records” or “preprocessing, via a preprocessing engine, the retrieved changes to extract textual content and metadata for input to a large language model (LLM)”.
Examiner does not find this argument persuasive as Brannon recites in, at least Paragraph(s) 117, monitoring of one or more website for changes in privacy policies and further discloses in Paragraphs 351-358 scanning various databases and resources for the continuous tracking and management of policies. With regards to pre-processing for context and metadata, Page discloses in Paragraph 48 the capabilities of providing context data, of which data schema and metadata are explicitly included. This is further supported by Paragraph 53 where records are parsed and tagged, which would be deemed by one of ordinary skill in the art to be a form of preprocessing, for use as input into an LLM. Therefore the previously applied prior art remains applicable to the claims even as amended, and are therefore still rejected 35 U.S.C. 103. Further recitations and elaborations are given in the amended prior art rejection below.
Claim Rejections - 35 USC § 103
In the event the determination of the status of the application as subject to AIA 35 U.S.C. 102 and 103 (or as subject to pre-AIA 35 U.S.C. 102 and 103) is incorrect, any correction of the statutory basis (i.e., changing from AIA to pre-AIA ) for the rejection will not be considered a new ground of rejection if the prior art relied upon, and the rationale supporting the rejection, would be the same under either status.
The following is a quotation of 35 U.S.C. 103 which forms the basis for all obviousness rejections set forth in this Office action:
A patent for a claimed invention may not be obtained, notwithstanding that the claimed invention is not identically disclosed as set forth in section 102, if the differences between the claimed invention and the prior art are such that the claimed invention as a whole would have been obvious before the effective filing date of the claimed invention to a person having ordinary skill in the art to which the claimed invention pertains. Patentability shall not be negated by the manner in which the invention was made.
The factual inquiries for establishing a background for determining obviousness under 35 U.S.C. 103 are summarized as follows:
1. Determining the scope and contents of the prior art.
2. Ascertaining the differences between the prior art and the claims at issue.
3. Resolving the level of ordinary skill in the pertinent art.
4. Considering objective evidence present in the application indicating obviousness or nonobviousness.
Claim(s) 1-5, 14, and 16-20 is/are rejected under 35 U.S.C. 103 as being unpatentable over Brannon (US 2020/0004938 Al) in view of Page (US 2025/0245091 Al)
Claim(s) 1, 18, and 20 –
Brannon discloses the following:
A non-transitory computer-readable medium storing instructions (Brannon: Paragraph 13, "A system, in various aspects, comprises a non-transitory computer-readable medium storing instructions, and a processing device communicatively coupled to the non-transitory computer-readable medium. In particular aspects, the processing device is configured to execute the instructions and thereby perform operations comprising: (1) receiving, via a first graphical user interface, an indication of a first jurisdiction, an indication of a second jurisdiction, and incident information regarding an incident impacting an entity; (2) retrieving a first reporting task for the first jurisdiction and a second reporting ask for the second jurisdiction from a data structure; (3) determining a first penalty for violation of the first reporting task and a second penalty for violation of the second reporting task; ( 4) determining a first risk level based on the incident information and the first penalty and a second risk level based on the incident information and the second penalty; (5) generating a customized incident response plan by ordering the first reporting task before the second reporting task in an incident response plan based on the first risk level and the second risk level; (6) generating a second graphical user interface by configuring a presentation element configured for presenting the customized incident response plan on the second graphical user interface; and (7) transmitting an instruction to a user device to retrieve the customized incident response plan and present the second graphical user interface on the user device.")
Continuously monitoring, via one or more monitoring agents executing on a processor, one or more data stores storing policy records for changes to the policy records; (Brannon: Paragraph 117, “In particular embodiments, the system may be configured to monitor the one or more websites (e.g., one or more webpages) to identify one or more changes to the one or more vendor attributes. For example, a vendor may update a privacy policy for the website (e.g., to comply with one or more legal or policy changes). In some embodiments, a change in a privacy policy may modify a relationship between a website and its users. In such embodiments, the system may be configured to: (1) determine that a particular website has changed its privacy policy; and (2) perform a new scan of the website in response to determining the change. The system may, for example, scan a website's privacy policy at a first time and a second time to determine whether a change has occurred. The system may be configured to analyze the change in privacy policy to determine whether to modify the calculated risk rating for the vendor (e.g., based on the change).”; Paragraph 118, “The system may, for example, be configured to continuously monitor for one or more changes. In other embodiments, the system may be configured to scan for one or more changes according to a particular schedule (e.g., hourly, daily, weekly, or any other suitable schedule.). For example, the system may be configured to scan the one or more webpages on an ongoing basis to determine whether the one or more vendor attributes have changed (e.g., if the vendor did not renew its Privacy Shield membership, lost its ISO certification, etc.).”; Paragraph 119, "In particular embodiments, the system may be configured to monitor the one or more websites (e.g., one or more webpages) to identify one or more changes to the one or more vendor attributes. For example, a vendor may update a privacy policy for the website (e.g., to comply with one or more legal or policy changes). In some embodiments, a change in a privacy policy may modify a relationship between a website and its users. In such embodiments, the system may be configured to: (1) determine that a particular website has changed its privacy policy; and (2) perform a new scan of the website in response to determining the change. The system may, for example, scan a website's privacy policy at a first time and a second time to determine whether a change has occurred. The system may be configured to analyze the change in privacy policy to determine whether to modify the calculated risk rating for the vendor (e.g., based on the change)."; Paragraph 120, "The system may, for example, be configured to continuously monitor for one or more changes. In other embodiments, the system may be configured to scan for one or more changes according to a particular schedule (e.g., hourly, daily, weekly, or any other suitable schedule.). For example, the system may be configured to scan the one or more webpages on an ongoing basis to determine whether the one or more vendor attributes have changed (e.g., if the vendor did not renew its Privacy Shield membership, lost its ISO certification, etc.)."; Paragraph 356, “The system may then start a continuous monitoring of the web site site to detect whether any new cookies, SDKs, or tracking technologies are used. In various embodiments, the system is configured to, for example, generate an alert to an appropriate individual (e.g., a designated privacy officer) to inform them of the change to the website. The privacy officer may use this information, for example, to determine whether to modify the privacy policy for the website or to coordinate discontinuing use of the new tracking technologies and/or SDK's.”; Paragraph 358, “It should be understood that the above methods of automatically assessing behavior and/or compliance with one or more privacy policies may be done in any suitable way (e.g., ways other than website scanning and app scanning). For example, the system may alternatively, or in addition, automatically detect, scan and/or monitor any appropriate technical system(s) (e.g., computer system and/or system component or software), cloud services, apps, websites and/or data structures, et”; Paragraph 455, “In particular embodiments, the system may be configured to monitor the one or more websites (e.g., one or more webpages) to identify one or more changes to the one or more vendor attributes. For example, a vendor may update a privacy policy for the website (e.g., to comply with one or more legal or policy changes). In some embodiments, a change in a privacy policy may modify a relationship between a website and its users. In such embodiments, the system may be configured to: (1) determine that a particular website has changed its privacy policy; and (2) perform a new scan of the website in response to determining the change. The system may, for example, scan a website's privacy policy at a first time and a second time to determine whether a change has occurred. The system may be configured to analyze the change in privacy policy to determine whether to modify the calculated risk rating for the vendor (e.g., based on the change).”; Paragraph 516, “In various examples, the system may perform analysis of vendor information, publicly available vendor information, and/or one or more vendor risk scores at Step 2440 to determine the additional information. For example, the system may analyze one or more news reports retrieved at Step 2420 to identify a data breach involving the particular vendor and determine, as additional vendor information, that the breach was a high risk incident. In another example, the system may analyze the status of a privacy certification held by the particular vendor and determine that the certification expires within a short time period. In response, as additional vendor information, the system may determine at Step 2440 (e.g., based on one or more additional pieces of information) that the particular vendor is at high risk of losing the privacy certification. In another example, the system may analyze a number of and/or one or more descriptions of privacy-related officers in the particular vendor's organization (e.g., their respective job titles and/or backgrounds) and determine, as additional vendor information, that the particular vendor treats privacy issues as a high priority, and therefore has lower relative privacy risk as opposed to other organizations. In yet another example, the system may determine one or more additional scores and/or rankings beyond a vendor risk score reflecting calculations based on other criteria at Step 2440, such as a compliance score reflecting the particular vendor's compliance with a particular privacy standard and/or regulatory regime. The system may use any information available for the particular vendor to determine any additional vendor information.”)
retrieving, via the one or more monitoring agents, from the one or more data stores, the changes to the policy records by using a structured query language (SQL) query, an online file transfer, or a combination thereof ; (Brannon: Paragraph 117, “In particular embodiments, the system may be configured to monitor the one or more websites (e.g., one or more webpages) to identify one or more changes to the one or more vendor attributes. For example, a vendor may update a privacy policy for the website (e.g., to comply with one or more legal or policy changes). In some embodiments, a change in a privacy policy may modify a relationship between a website and its users. In such embodiments, the system may be configured to: (1) determine that a particular website has changed its privacy policy; and (2) perform a new scan of the website in response to determining the change. The system may, for example, scan a website's privacy policy at a first time and a second time to determine whether a change has occurred. The system may be configured to analyze the change in privacy policy to determine whether to modify the calculated risk rating for the vendor (e.g., based on the change).”; Paragraph 118, “The system may, for example, be configured to continuously monitor for one or more changes. In other embodiments, the system may be configured to scan for one or more changes according to a particular schedule (e.g., hourly, daily, weekly, or any other suitable schedule.). For example, the system may be configured to scan the one or more webpages on an ongoing basis to determine whether the one or more vendor attributes have changed (e.g., if the vendor did not renew its Privacy Shield membership, lost its ISO certification, etc.).”; Paragraph 119, "In particular embodiments, the system may be configured to monitor the one or more websites (e.g., one or more webpages) to identify one or more changes to the one or more vendor attributes. For example, a vendor may update a privacy policy for the website (e.g., to comply with one or more legal or policy changes). In some embodiments, a change in a privacy policy may modify a relationship between a website and its users. In such embodiments, the system may be configured to: (1) determine that a particular website has changed its privacy policy; and (2) perform a new scan of the website in response to determining the change. The system may, for example, scan a website's privacy policy at a first time and a second time to determine whether a change has occurred. The system may be configured to analyze the change in privacy policy to determine whether to modify the calculated risk rating for the vendor (e.g., based on the change)."; Paragraph 120, "The system may, for example, be configured to continuously monitor for one or more changes. In other embodiments, the system may be configured to scan for one or more changes according to a particular schedule (e.g., hourly, daily, weekly, or any other suitable schedule.). For example, the system may be configured to scan the one or more webpages on an ongoing basis to determine whether the one or more vendor attributes have changed (e.g., if the vendor did not renew its Privacy Shield membership, lost its ISO certification, etc.)."; Paragraph 356, “The system may then start a continuous monitoring of the web site site to detect whether any new cookies, SDKs, or tracking technologies are used. In various embodiments, the system is configured to, for example, generate an alert to an appropriate individual (e.g., a designated privacy officer) to inform them of the change to the website. The privacy officer may use this information, for example, to determine whether to modify the privacy policy for the website or to coordinate discontinuing use of the new tracking technologies and/or SDK's.”; Paragraph 358, “It should be understood that the above methods of automatically assessing behavior and/or compliance with one or more privacy policies may be done in any suitable way (e.g., ways other than website scanning and app scanning). For example, the system may alternatively, or in addition, automatically detect, scan and/or monitor any appropriate technical system(s) (e.g., computer system and/or system component or software), cloud services, apps, websites and/or data structures, et”; Paragraph 455, “In particular embodiments, the system may be configured to monitor the one or more websites (e.g., one or more webpages) to identify one or more changes to the one or more vendor attributes. For example, a vendor may update a privacy policy for the website (e.g., to comply with one or more legal or policy changes). In some embodiments, a change in a privacy policy may modify a relationship between a website and its users. In such embodiments, the system may be configured to: (1) determine that a particular website has changed its privacy policy; and (2) perform a new scan of the website in response to determining the change. The system may, for example, scan a website's privacy policy at a first time and a second time to determine whether a change has occurred. The system may be configured to analyze the change in privacy policy to determine whether to modify the calculated risk rating for the vendor (e.g., based on the change).”; Paragraph 516, “In various examples, the system may perform analysis of vendor information, publicly available vendor information, and/or one or more vendor risk scores at Step 2440 to determine the additional information. For example, the system may analyze one or more news reports retrieved at Step 2420 to identify a data breach involving the particular vendor and determine, as additional vendor information, that the breach was a high risk incident. In another example, the system may analyze the status of a privacy certification held by the particular vendor and determine that the certification expires within a short time period. In response, as additional vendor information, the system may determine at Step 2440 (e.g., based on one or more additional pieces of information) that the particular vendor is at high risk of losing the privacy certification. In another example, the system may analyze a number of and/or one or more descriptions of privacy-related officers in the particular vendor's organization (e.g., their respective job titles and/or backgrounds) and determine, as additional vendor information, that the particular vendor treats privacy issues as a high priority, and therefore has lower relative privacy risk as opposed to other organizations. In yet another example, the system may determine one or more additional scores and/or rankings beyond a vendor risk score reflecting calculations based on other criteria at Step 2440, such as a compliance score reflecting the particular vendor's compliance with a particular privacy standard and/or regulatory regime. The system may use any information available for the particular vendor to determine any additional vendor information.”)
determining, ... using the changes to the policy records as input, a list of one or more entities in an organization that are affected by the changes to the policy records; (Brannon: Paragraph 149, "The process 400 may begin at step 405, wherein the Main Privacy Compliance Module 400 of the System 100 receives a command to add a privacy campaign. In exemplary embodiments, the user selects an on-screen button (e.g., the Add Data Flow button 1555 of FIG. 15) that the Main Privacy Compliance Module 400 displays on a landing page, which may be displayed in a graphical user interface (GUI), such as a window, dialog box, or the like. The landing page may be, for example, the inventory page 1500 below. The inventory page 1500 may display a list of one or more privacy campaigns that have already been input into the System 100. As mentioned above, a privacy campaign may represent, for example, a business operation that the organization is engaged in, or some business record, that may require the use of personal data, which may include the personal data of a customer or some other entity. Examples of campaigns might include, for example, Internet Usage History, Customer Payment Information, Call History Log, Cellular Roaming Records, etc. For the campaign "Internet Usage History," a marketing department may need customers' on-line browsing patterns to run analytics. This might entail retrieving and storing customers' IP addresses, MAC address, URL history, subscriber ID, and other information that may be considered personal data (and even sensitive personal data). As will be described herein, the System 100, through the use of one or more modules, including the Main Privacy Campaign Module 400, creates a record for each campaign. Data elements of campaign data may be associated with each campaign record that represents attributes such as: the type of personal data associated with the campaign; the subjects having access to the personal data; the person or persons within the company that take ownership (e.g., business owner) for ensuring privacy compliance for the personal data associated with each campaign; the location of the personal data; the entities having access to the data; the various computer systems and software applications that use the personal data; and the Risk Level (see below) associated with the campaign."; Paragraph 290, "As discussed above, the system may then analyze the one or more revisions that have made to the product to determine whether the one or more revisions substantively impact the product's compliance with one or more privacy standards. Finally, the system generates a privacy-by-design report that may, for example, include a listing of any of the one or more revisions that have been made and that substantively impact the product's compliance with one or more privacy standards.")
deriving ...an impact metric for each of the one or more affected entities; (Brannon: Paragraph 149, "The process 400 may begin at step 405, wherein the Main Privacy Compliance Module 400 of the System 100 receives a command to add a privacy campaign. In exemplary embodiments, the user selects an on-screen button (e.g., the Add Data Flow button 1555 of FIG. 15) that the Main Privacy Compliance Module 400 displays on a landing page, which may be displayed in a graphical user interface (GUI), such as a window, dialog box, or the like. The landing page may be, for example, the inventory page 1500 below. The inventory page 1500 may display a list of one or more privacy campaigns that have already been input into the System 100. As mentioned above, a privacy campaign may represent, for example, a business operation that the organization is engaged in, or some business record, that may require the use of personal data, which may include the personal data of a customer or some other entity. Examples of campaigns might include, for example, Internet Usage History, Customer Payment Information, Call History Log, Cellular Roaming Records, etc. For the campaign "Internet Usage History," a marketing department may need customers' on-line browsing patterns to run analytics. This might entail retrieving and storing customers' IP addresses, MAC address, URL history, subscriber ID, and other information that may be considered personal data (and even sensitive personal data). As will be described herein, the System 100, through the use of one or more modules, including the Main Privacy Campaign Module 400, creates a record for each campaign. Data elements of campaign data may be associated with each campaign record that represents attributes such as: the type of personal data associated with the campaign; the subjects having access to the personal data; the person or persons within the company that take ownership (e.g., business owner) for ensuring privacy compliance for the personal data associated with each campaign; the location of the personal data; the entities having access to the data; the various computer systems and software applications that use the personal data; and the Risk Level (see below) associated with the campaign."; Paragraph 290, "As discussed above, the system may then analyze the one or more revisions that have made to the product to determine whether the one or more revisions substantively impact the product's compliance with one or more privacy standards. Finally, the system generates a privacy-by-design report that may, for example, include a listing of any of the one or more revisions that have been made and that substantively impact the product's compliance with one or more privacy standards."; Paragraph 321, "In various embodiments, the organization using the system can customize one or more algorithms used by the system to measure the privacy maturity of a business group (e.g., by specifying one or more variables and/or relative weights for each variable in calculating a privacy maturity score for the group). The following are examples of variables that may be used in this process:")
identifying, via a processor using a customizable threshold, for each of the one or more affected entities, that their impact metric exceeds the customizable threshold; (Brannon: Paragraph 397, "Continuing with Concept 9, above, in various embodiments, the system may execute multiple integrated steps to generate a personal data inventory for a particular organization. For example, in a particular embodiment, the system first conducts a Privacy Threshold Assessment (PTA) by asking a user a relatively short set of questions (e.g., between 1 and 15 questions) to quickly determine whether the risk associated with the campaign may potentially exceed a pre-determined risk threshold (e.g., whether the campaign is a potentially high-risk campaign). The system may do this, for example, by using any of the above techniques to assign a collective risk score to the user's answers to the questions and determining whether the collective risk score exceeds a particular risk threshold value. Alternatively, the system may be configured to determine that the risk associated with the campaign exceeds the risk threshold value if the user answers a particular one or more of the questions in a certain way."; Paragraph 398, "The system may be configured for, in response to the user's answers to one or more of the questions within the Privacy Threshold Assessment indicating that the campaign exceeds, or may potentially exceed, a pre-determined risk threshold, presenting the user with a longer set of detailed questions regarding the campaign (e.g., a Privacy Impact Assessment). The system may then use the user's answers to this longer list of questions to assess the overall risk of the campaign, for example, as described above.")
generating ... for each of the one or more identified affected entities, an impact assessment report detailing a predicted effect of the changes to the policy records; and (Brannon: Paragraph 273, "The privacy assessment report may, in various embodiments, include an updated privacy impact assessment that evaluates the one or more privacy impact features after the one or more recommended steps discussed above are implemented. The system may generate this updated privacy impact assessment automatically by, for example, automatically modifying any answers from within the question/answer pairings of the initial impact privacy assessment to reflect any modifications to the product that have been made in the course of completing the one or more tasks that implement the one or more substantive recommendations. For example, if a particular question from the initial privacy impact assessment indicated that certain personal data was personally identifiable data, and a recommendation was made to anonymize the data, the question/answer pairing for the particular question could be revised so the answer to the question indicates that the data has been anonymized. Any revised question/answer pairings may then be used to complete an updated privacy assessment report."; Paragraph 291, "In various embodiments, the privacy-by-design report may also comprise, for example, a log of data demonstrating that the business, in the normal course of its operations: (1) conducts privacy impact assessments on new products before releasing them; and (2) implements any changes needed to comply with one or more privacy polies before releasing the new products. Such logs may include data documenting the results of any privacy impact assessments conducted by the business (and/or any particular sub-part of the business) on new products before each respective new product's launch date, any revisions that the business (and/or any particular subpart of the business) make to new products before the launch of the product. The report may also optionally include the results of any updated privacy impact assessments conducted on products after the products have been revised to comply with one or more privacy regulations and/or policies. The report may further include a listing of any changes that the business has made to particular products in response to initial impact privacy assessment results for the products. The system may also list which of the listed changes were determined, by the system, to be substantial changes (e.g., that the changes resulted in advancing the product's compliance with one or more privacy regulations).")
transmitting, via the processor, the impact assessment report to each of the one or more identified affected entities. (Brannon: Paragraph 273, "The privacy assessment report may, in various embodiments, include an updated privacy impact assessment that evaluates the one or more privacy impact features after the one or more recommended steps discussed above are implemented. The system may generate this updated privacy impact assessment automatically by, for example, automatically modifying any answers from within the question/answer pairings of the initial impact privacy assessment to reflect any modifications to the product that have been made in the course of completing the one or more tasks that implement the one or more substantive recommendations. For example, if a particular question from the initial privacy impact assessment indicated that certain personal data was personally identifiable data, and a recommendation was made to anonymize the data, the question/answer pairing for the particular question could be revised so the answer to the question indicates that the data has been anonymized. Any revised question/answer pairings may then be used to complete an updated privacy assessment report."; Paragraph 355, "In various embodiments, the system is adapted to (optionally) automatically monitor (e.g., continuously monitor) one or more online software application marketplaces (such as Microsoft, Google, or Apple's App Store) to determine whether the application has changed. If so, the system may, for example: (1) automatically scan the application as discussed above; and (2) automatically notify one or more designated individuals (e.g., privacy office representatives) that an app was detected that the business failed to perform a privacy assessment on prior to launching the application."; Paragraph 361, "The system may then start a continuous monitoring of the website site to detect whether any new cookies, SDKs, or tracking technologies are used. In various embodiments, the system is configured to, for example, generate an alert to an appropriate individual (e.g., a designated privacy officer) to inform them of the change to the website. The privacy officer may use this information, for example, to determine whether to modify the privacy policy for the website or to coordinate discontinuing use of the new tracking technologies and/or SDK's."; Paragraph 362, "In various embodiments, the system may also auto-detect whether any changes have been made to the policy or the location of the privacy policy link on the page and, in response to auto-detecting such changes, trigger an audit of the project. [0363] It should be understood that the above methods of automatically assessing behavior and/or compliance with one or more privacy policies may be done in any suitable way (e.g., ways other than website scanning and app scanning). For example, the system may alternatively, or in addition, automatically detect, scan and/or monitor any appropriate technical system(s) (e.g., computer system and/or system component or software), cloud services, apps, websites and/or data structures, etc.")
Brannon does not specifically disclose the use of an LLM, however, in analogous art of prediction and impact analysis, Page discloses the following:
Preprocess, via a preprocessing engine component, the retrieved changes to extract textual content and metadata for input to a Large Language Model (LLM) (Page: Paragraph 48, “In an embodiment, the AI engine, the event management server, and the like, are configured to provide context data to the LLM. In some embodiments, context data includes a data schema, metadata, and the like. In an embodiment, the event management server is configured to generate a prompt using retrieval augmented generation (RAG). In certain embodiments, generating a prompt using RAG includes generating a prompt based on context data. In an embodiment, context data is retrieved from a data store.”; Paragraph 64, “At S420, data values are extracted from an event record. In an embodiment, an event record is parsed based on predetermined data fields. In an embodiment, an event record is parsed based on a predetermined tag. According to some embodiments, a tag includes a plurality of identifiers of data fields, each of which pertains to a same type, context, and the like, of data. For example, a tag ‘resource’ is associated with data fields ‘id’, ‘name’, ‘machine’, and the like, according to an embodiment.”; Paragraph 69, “At S440, an incident summary is generated. In an embodiment, generating an incident summary includes generating a prompt for a large language model (LLM). In some embodiments, an event management server is configured to generate a prompt for an LLM, for example based on a predefined template. In some embodiments, the template is modified based on context data, metadata, and the like, associated with events correlated to the incident.”; Paragraph 70, “For example, in an embodiment, an event management server is configured to modify a prompt template based on context data, metadata, and the like, of a data source from which the correlated events are received. In an embodiment, the event management server is further configured to generate a prompt for an LLM based on the modified prompt, wherein the generated prompt includes the incident record data (i.e., data which was extracted from the correlated event records).”)
... via an LLM using the extracted textual content and metadata ... (Page: Paragraph 38, "For example, in an embodiment, the event management server 130 is configured to generate a prompt based on a plurality of correlated events and provide the generated prompt to an LLM of an AI engine 150. In some embodiments, the prompt, when processed by the LLM, configures the AI engine 150 to generate an output. In an embodiment, the generated output is utilized in generating an incident report 140.")
Brannon discloses a method for determining impact analysis on policy changes and monitoring. Page discloses an invention for the using of an LLM to aid in the impact analysis of various events and available information. At the time of Applicant's filed invention, one of ordinary skill in the art would have deemed it obvious to combine the methods of Brannon with the teachings of Page in order to improve the monitoring and alerting of changes and their impact as disclosed by Page (Page: Paragraph 5, "As yet another example, various resources, monitors, agents, etc. can be configured to generate alerts based on a status of resources. For example, a server can be configured to generate an alert when processor usage exceeds some predetermined threshold.")
Claim(s) 2 and 19 –
Brannon in view of Page disclose the limitations of claims 1 and 18
Brannon further discloses the following:
automatically providing ... the changes to the policy records as input; (Brannon: Paragraph 119, "In particular embodiments, the system may be configured to monitor the one or more websites (e.g., one or more webpages) to identify one or more changes to the one or more vendor attributes. For example, a vendor may update a privacy policy for the website (e.g., to comply with one or more legal or policy changes). In some embodiments, a change in a privacy policy may modify a relationship between a website and its users. In such embodiments, the system may be configured to: (1) determine that a particular website has changed its privacy policy; and (2) perform a new scan of the website in response to determining the change. The system may, for example, scan a website's privacy policy at a first time and a second time to determine whether a change has occurred. The system may be configured to analyze the change in privacy policy to determine whether to modify the calculated risk rating for the vendor (e.g., based on the change).")
...to analyze the changes to the policy records and to derive a potential impact based on the analysis; (Brannon: Paragraph 119, "In particular embodiments, the system may be configured to monitor the one or more websites (e.g., one or more webpages) to identify one or more changes to the one or more vendor attributes. For example, a vendor may update a privacy policy for the website (e.g., to comply with one or more legal or policy changes). In some embodiments, a change in a privacy policy may modify a relationship between a website and its users. In such embodiments, the system may be configured to: (1) determine that a particular website has changed its privacy policy; and (2) perform a new scan of the website in response to determining the change. The system may, for example, scan a website's privacy policy at a first time and a second time to determine whether a change has occurred. The system may be configured to analyze the change in privacy policy to determine whether to modify the calculated risk rating for the vendor (e.g., based on the change)."; Paragraph 362, "In various embodiments, the system may also auto-detect whether any changes have been made to the policy or the location of the privacy policy link on the page and, in response to auto-detecting such changes, trigger an audit of the project. [0363] It should be understood that the above methods of automatically assessing behavior and/or compliance with one or more privacy policies may be done in any suitable way (e.g., ways other than website scanning and app scanning). For example, the system may alternatively, or in addition, automatically detect, scan and/or monitor any appropriate technical system(s) (e.g., computer system and/or system component or software), cloud services, apps, websites and/or data structures, etc."; Paragraph 459, "In particular embodiments, the system may be configured to monitor the one or more websites (e.g., one or more webpages) to identify one or more changes to the one or more vendor attributes. For example, a vendor may update a privacy policy for the website (e.g., to comply with one or more legal or policy changes). In some embodiments, a change in a privacy policy may modify a relationship between a website and its users. In such embodiments, the system may be configured to: (1) determine that a particular website has changed its privacy policy; and (2) perform a new scan of the website in response to determining the change. The system may, for example, scan a website's privacy policy at a first time and a second time to determine whether a change has occurred. The system may be configured to analyze the change in privacy policy to determine whether to modify the calculated risk rating for the vendor (e.g., based on the change).")
for each of the one or more affected entities. (Brannon: Paragraph 119, "In particular embodiments, the system may be configured to monitor the one or more websites (e.g., one or more webpages) to identify one or more changes to the one or more vendor attributes. For example, a vendor may update a privacy policy for the website (e.g., to comply with one or more legal or policy changes). In some embodiments, a change in a privacy policy may modify a relationship between a website and its users. In such embodiments, the system may be configured to: (1) determine that a particular website has changed its privacy policy; and (2) perform a new scan of the website in response to determining the change. The system may, for example, scan a website's privacy policy at a first time and a second time to determine whether a change has occurred. The system may be configured to analyze the change in privacy policy to determine whether to modify the calculated risk rating for the vendor (e.g., based on the change)."; Paragraph 362, "In various embodiments, the system may also auto-detect whether any changes have been made to the policy or the location of the privacy policy link on the page and, in response to auto-detecting such changes, trigger an audit of the project.”; Paragraph 363, “It should be understood that the above methods of automatically assessing behavior and/or compliance with one or more privacy policies may be done in any suitable way (e.g., ways other than website scanning and app scanning). For example, the system may alternatively, or in addition, automatically detect, scan and/or monitor any appropriate technical system(s) (e.g., computer system and/or system component or software), cloud services, apps, websites and/or data structures, etc."; Paragraph 459, "In particular embodiments, the system may be configured to monitor the one or more websites (e.g., one or more webpages) to identify one or more changes to the one or more vendor attributes. For example, a vendor may update a privacy policy for the website (e.g., to comply with one or more legal or policy changes). In some embodiments, a change in a privacy policy may modify a relationship between a website and its users. In such embodiments, the system may be configured to: (1) determine that a particular website has changed its privacy policy; and (2) perform a new scan of the website in response to determining the change. The system may, for example, scan a website's privacy policy at a first time and a second time to determine whether a change has occurred. The system may be configured to analyze the change in privacy policy to determine whether to modify the calculated risk rating for the vendor (e.g., based on the change).")
Brannon does not specifically disclose the following, however, in the analogous art of prediction and impact analysis, Page discloses the following:
... via an LLM prompt using the extracted textual content and metadata ... (Page: Paragraph 38, "For example, in an embodiment, the event management server 130 is configured to generate a prompt based on a plurality of correlated events and provide the generated prompt to an LLM of an AI engine 150. In some embodiments, the prompt, when processed by the LLM, configures the AI engine 150 to generate an output. In an embodiment, the generated output is utilized in generating an incident report 140.")
Brannon discloses a method for determining impact analysis on policy changes and monitoring. Page discloses an invention for the using of an LLM to aid in the impact analysis of various events and available information. At the time of Applicant's filed invention, one of ordinary skill in the art would have deemed it obvious to combine the methods of Brannon with the teachings of Page in order to improve the monitoring and alerting of changes and their impact as disclosed by Page (Page: Paragraph 5, "As yet another example, various resources, monitors, agents, etc. can be configured to generate alerts based on a status of resources. For example, a server can be configured to generate an alert when processor usage exceeds some predetermined threshold.")
Claim(s) 3 –
Brannon in view of Page disclose the limitations of claims 1-2
Brannon further discloses the following:
a section describing the organization's structure and departments, employee job descriptions, department functions, and department roles, to add to a knowledge repository ... (Brannon: Paragraph 452, "In still other embodiments, the system is configured to analyze one or more social networking sites (e.g., Linkedin, Facebook, etc.) and/or one or more business related job sites (e.g., one or more job-posting sites, one or more corporate websites, etc.) or other third-party websites that are associated with the vendor (e.g., but not maintained by the vendor). The system may, for example, use social networking and other data to identify one or more employee titles of the vendor, one or more job roles for one or more employees of the vendor, one or more job postings for the vendor, etc. The system may then analyze the one or more job titles, postings, listings, roles, etc. to determine whether the vendor has or is seeking one or more employees that have a role associated with data privacy or other privacy concerns. In this way, the system may determine whether the vendor is particularly focused on privacy or other related activities. The system may then calculate a privacy awareness score and/or risk rating based on such a determination (e.g., a vendor that has one or more employees whose roles or titles are related to privacy may receive a relatively higher privacy awareness score)."; Paragraph 532, "In various embodiments, vendor information ( of any type) may be retrieved using one or more data models. A data model may be stored in a vendor information database and/or in any other storage means available to the disclosed systems. A data model may be associated with a vendor and may map one or more relationships between and/or among a plurality of data assets utilized by a vendor (e.g., alone or in combination with another entity). In particular embodiments, each of the plurality of data assets (e.g., data systems) may include, for example, any asset that collects, processes, contains, and/or transfers data (e.g., such as a software application, "internet of things" computerized device, database, website, datacenter, server, etc.). For example, a first data asset may include any software or device (e.g., server or servers) utilized by a particular vendor for such data collection, processing, transfer, storage, etc. A data model may store any of the following information: (1) the vendor that owns and/or uses a particular data asset; (2) one or more departments within the vendor responsible for the data asset; (3) one or more software applications that collect data (e.g., personal data) for storage in and/or use by the data asset (e.g., or one or more other suitable collection assets from which the personal data that is collected, processed, stored, etc. by the primary data asset is sourced); (4) one or more particular data subjects and/or categories of data subjects that information is collected from for use by the data asset; (5) one or more particular types of data that are collected by each of the particular applications for storage in and/or use by the data asset; (6) one or more individuals (e.g., particular individuals or types of individuals) that are permitted to access and/or use the data stored in, or used by, the data asset; (7) which particular types of data each of those individuals are allowed to access and use; and/or (8) one or more data assets (destination assets) that the data is transferred to for other use, and which particular data is transferred to each of those data assets. In particular embodiments, the data model stores this information for each of a plurality of different data assets and may include links between, for example, a portion of the model that provides information for a first particular data asset and a second portion of the model that provides information for a second particular data asset.")
Brannon does not specifically disclose the following, however, in the analogous art of prediction and impact analysis, Page discloses the following:
... an LLM ... (Page: Paragraph 12, "Implementations may include one or more of the following features. Method may include: generating the prompt further based on the incident data record and context data of a data source, where the data source generated a portion of the correlated group of event records. Method may include: storing in the incident data record only the extracted data values of the correlated group of event records. Method may include: generating the prompt further based on a prompt template, the prompt template including an input which, when executed by the LLM, outputs any one of: an incident title, an incident summary, a root cause analysis, a root cause reasoning, and a combination thereof. Method may include: generating the incident title, the incident summary, the root cause analysis, and root cause reasoning, utilizing a first LLM; and generating a summarized: incident title, incident summary, root cause analysis, root cause reasoning, and a combination thereof, utilizing a second LLM. Method where the first LLM includes a first context length, and the second LLM includes a second context length. Method may include: generating the prompt for the root cause analysis based on any one of: a generated incident summary, the correlated group of event records, and a combination thereof. Method may include: generating the prompt for the root cause reasoning based on: a root cause analysis, an incident summary, the correlated group of event records, and a combination thereof. Method where the predetermined data field is a tag. Implementations of the described techniques may include hardware, a method or process, or a computer tangible medium."; Paragraph 38, "For example, in an embodiment, the event management server 130 is configured to generate a prompt based on a plurality of correlated events and provide the generated prompt to an LLM of an AI engine 150. In some embodiments, the prompt, when processed by the LLM, configures the AI engine 150 to generate an output. In an embodiment, the generated output is utilized in generating an incident report 140.")
Brannon discloses a method for determining impact analysis on policy changes and monitoring. Page discloses an invention for the using of an LLM to aid in the impact analysis of various events and available information. At the time of Applicant's filed invention, one of ordinary skill in the art would have deemed it obvious to combine the methods of Brannon with the teachings of Page in order to improve the monitoring and alerting of changes and their impact as disclosed by Page (Page: Paragraph 5, "As yet another example, various resources, monitors, agents, etc. can be configured to generate alerts based on a status of resources. For example, a server can be configured to generate an alert when processor usage exceeds some predetermined threshold.")
Claim(s) 4 –
Brannon in view of Page disclose the limitations of claims 1-2
Brannon further discloses the following:
comprising ... the organization's structure and departments, employee job descriptions, department functions, and department roles, to add to a knowledge repository ... (Brannon: Paragraph 452, "In still other embodiments, the system is configured to analyze one or more social networking sites (e.g., Linkedin, Facebook, etc.) and/or one or more business related job sites (e.g., one or more job-posting sites, one or more corporate websites, etc.) or other third-party websites that are associated with the vendor (e.g., but not maintained by the vendor). The system may, for example, use social networking and other data to identify one or more employee titles of the vendor, one or more job roles for one or more employees of the vendor, one or more job postings for the vendor, etc. The system may then analyze the one or more job titles, postings, listings, roles, etc. to determine whether the vendor has or is seeking one or more employees that have a role associated with data privacy or other privacy concerns. In this way, the system may determine whether the vendor is particularly focused on privacy or other related activities. The system may then calculate a privacy awareness score and/or risk rating based on such a determination (e.g., a vendor that has one or more employees whose roles or titles are related to privacy may receive a relatively higher privacy awareness score)."; Paragraph 532, "In various embodiments, vendor information ( of any type) may be retrieved using one or more data models. A data model may be stored in a vendor information database and/or in any other storage means available to the disclosed systems. A data model may be associated with a vendor and may map one or more relationships between and/or among a plurality of data assets utilized by a vendor (e.g., alone or in combination with another entity). In particular embodiments, each of the plurality of data assets (e.g., data systems) may include, for example, any asset that collects, processes, contains, and/or transfers data (e.g., such as a software application, "internet of things" computerized device, database, website, datacenter, server, etc.). For example, a first data asset may include any software or device (e.g., server or servers) utilized by a particular vendor for such data collection, processing, transfer, storage, etc. A data model may store any of the following information: (1) the vendor that owns and/or uses a particular data asset; (2) one or more departments within the vendor responsible for the data asset; (3) one or more software applications that collect data (e.g., personal data) for storage in and/or use by the data asset (e.g., or one or more other suitable collection assets from which the personal data that is collected, processed, stored, etc. by the primary data asset is sourced); (4) one or more particular data subjects and/or categories of data subjects that information is collected from for use by the data asset; (5) one or more particular types of data that are collected by each of the particular applications for storage in and/or use by the data asset; (6) one or more individuals (e.g., particular individuals or types of individuals) that are permitted to access and/or use the data stored in, or used by, the data asset; (7) which particular types of data each of those individuals are allowed to access and use; and/or (8) one or more data assets (destination assets) that the data is transferred to for other use, and which particular data is transferred to each of those data assets. In particular embodiments, the data model stores this information for each of a plurality of different data assets and may include links between, for example, a portion of the model that provides information for a first particular data asset and a second portion of the model that provides information for a second particular data asset.")
Brannon does not specifically disclose the following, however, in the analogous art of prediction and impact analysis, Page discloses the following:
... providing as input to the LLM, via a retrieval augmented generation (RAG) system ... (Page: Paragraph 48, "In an embodiment, the AI engine, the event management server, and the like, are configured to provide context data to the LLM. In some embodiments, context data includes a data schema, metadata, and the like. In an embodiment, the event management server is configured to generate a prompt using retrieval augmented generation (RAG). In certain embodiments, generating a prompt using RAG includes generating a prompt based on context data. In an embodiment, context data is retrieved from a data store."; Paragraph 56, "At S330, an incident record is generated. In an embodiment, an event management server is configured to generate an incident record based on data extracted from a plurality of events. In some embodiments, it is advantageous to maintain an incident record, as the incident record contains therein only data that is predetermined to be relevant to an incident. Thus, the amount of data is reduced, which allows to store multiple incidents for a longer time (e.g., using the same amount of storage), allows searching through incident records faster (i.e., searching a smaller data set is faster than searching through a larger data set), etc.")
Brannon discloses a method for determining impact analysis on policy changes and monitoring. Page discloses an invention for the using of an LLM to aid in the impact analysis of various events and available information. At the time of Applicant's filed invention, one of ordinary skill in the art would have deemed it obvious to combine the methods of Brannon with the teachings of Page in order to improve the monitoring and alerting of changes and their impact as disclosed by Page (Page: Paragraph 5, "As yet another example, various resources, monitors, agents, etc. can be configured to generate alerts based on a status of resources. For example, a server can be configured to generate an alert when processor usage exceeds some predetermined threshold.")
Claim(s) 5 –
Brannon in view of Page disclose the limitations of claims 1-2
Brannon further discloses the following:
... to add the organization's structure and departments, employee job descriptions, department functions, and department roles, to add to a knowledge repository ... (Brannon: Paragraph 452, "In still other embodiments, the system is configured to analyze one or more social networking sites (e.g., Linkedin, Facebook, etc.) and/or one or more business related job sites (e.g., one or more job-posting sites, one or more corporate websites, etc.) or other third-party websites that are associated with the vendor (e.g., but not maintained by the vendor). The system may, for example, use social networking and other data to identify one or more employee titles of the vendor, one or more job roles for one or more employees of the vendor, one or more job postings for the vendor, etc. The system may then analyze the one or more job titles, postings, listings, roles, etc. to determine whether the vendor has or is seeking one or more employees that have a role associated with data privacy or other privacy concerns. In this way, the system may determine whether the vendor is particularly focused on privacy or other related activities. The system may then calculate a privacy awareness score and/or risk rating based on such a determination (e.g., a vendor that has one or more employees whose roles or titles are related to privacy may receive a relatively higher privacy awareness score)."; Paragraph 532, "In various embodiments, vendor information (of any type) may be retrieved using one or more data models. A data model may be stored in a vendor information database and/or in any other storage means available to the disclosed systems. A data model may be associated with a vendor and may map one or more relationships between and/or among a plurality of data assets utilized by a vendor (e.g., alone or in combination with another entity). In particular embodiments, each of the plurality of data assets (e.g., data systems) may include, for example, any asset that collects, processes, contains, and/or transfers data ( e.g., such as a software application, "internet of things" computerized device, database, website, data-center, server, etc.). For example, a first data asset may include any software or device (e.g., server or servers) utilized by a particular vendor for such data collection, processing, transfer, storage, etc. A data model may store any of the following information: (1) the vendor that owns and/or uses a particular data asset; (2) one or more departments within the vendor responsible for the data asset; (3) one or more software applications that collect data (e.g., personal data) for storage in and/or use by the data asset (e.g., or one or more other suitable collection assets from which the personal data that is collected, processed, stored, etc. by the primary data asset is sourced); (4) one or more particular data subjects and/or categories of data subjects that information is collected from for use by the data asset; (5) one or more particular types of data that are collected by each of the particular applications for storage in and/or use by the data asset; (6) one or more individuals (e.g., particular individuals or types of individuals) that are permitted to access and/or use the data stored in, or used by, the data asset; (7) which particular types of data each of those individuals are allowed to access and use; and/or (8) one or more data assets (destination assets) that the data is transferred to for other use, and which particular data is transferred to each of those data assets. In particular embodiments, the data model stores this information for each of a plurality of different data assets and may include links between, for example, a portion of the model that provides information for a first particular data asset and a second portion of the model that provides information for a second particular data asset.")
Brannon does not specifically disclose the following, however, in the analogous art of prediction and impact analysis, Page discloses the following:
... comprising fine tuning the LLM, based on additional training ... (Page: Paragraph 48, "In an embodiment, the AI engine, the event management server, and the like, are configured to provide context data to the LLM. In some embodiments, context data includes a data schema, metadata, and the like. In an embodiment, the event management server is configured to generate a prompt using retrieval augmented generation (RAG). In certain embodiments, generating a prompt using RAG includes generating a prompt based on context data. In an embodiment, context data is retrieved from a data store."; Paragraph 56, "At S330, an incident record is generated. In an embodiment, an event management server is configured to generate an incident record based on data extracted from a plurality of events. In some embodiments, it is advantageous to maintain an incident record, as the incident record contains therein only data that is predetermined to be relevant to an incident. Thus, the amount of data is reduced, which allows to store multiple incidents for a longer time (e.g., using the same amount of storage), allows searching through incident records faster (i.e., searching a smaller data set is faster than searching through a larger data set), etc."; Paragraph 112, "n an embodiment, an input from a binary toggle is utilized in training an LLM which generated the incident summary, the root cause analysis, the root cause reasoning, a combination thereof, and the like. In some embodiments, the input is utilized in a reinforced learning mechanism for an AI engine.")
Brannon discloses a method for determining impact analysis on policy changes and monitoring. Page discloses an invention for the using of an LLM to aid in the impact analysis of various events and available information. At the time of Applicant's filed invention, one of ordinary skill in the art would have deemed it obvious to combine the methods of Brannon with the teachings of Page in order to improve the monitoring and alerting of changes and their impact as disclosed by Page (Page: Paragraph 5, "As yet another example, various resources, monitors, agents, etc. can be configured to generate alerts based on a status of resources. For example, a server can be configured to generate an alert when processor usage exceeds some predetermined threshold.")
Claim(s) 15 –
Brannon in view of Page disclose the limitations of claim 1
Brannon further discloses the following:
to automatically retrieve the changes to the policy records on a predetermined schedule or upon automatic notification of a presence of a new policy record, an updated policy record, or the combination thereof (Brannon: Paragraph 120, "The system may, for example, be configured to continuously monitor for one or more changes. In other embodiments, the system may be configured to scan for one or more changes according to a particular schedule (e.g., hourly, daily, weekly, or any other suitable schedule.). For example, the system may be configured to scan the one or more webpages on an ongoing basis to determine whether the one or more vendor attributes have changed (e.g., if the vendor did not renew its Privacy Shield membership, lost its ISO certification, etc.).")
Brannon does not specifically disclose the following, however, in the analogous art of prediction and impact analysis, Page discloses the following:
wherein the retrieving of the changes to the policy records comprises using a file retrieval protocol, a batch retrieval process, or a combination thereof. .. (Page: Paragraph 48, "In an embodiment, the AI engine, the event management server, and the like, are configured to provide context data to the LLM. In some embodiments, context data includes a data schema, metadata, and the like. In an embodiment, the event management server is configured to generate a prompt using retrieval augmented generation (RAG). In certain embodiments, generating a prompt using RAG includes generating a prompt based on context data. In an embodiment, context data is retrieved from a data store."; Paragraph 49, "At S310, a plurality of event records are processed. In an embodiment, a plurality of event records (also referred to as 'events') are received. In certain embodiments, the events are received as a stream of events. In some embodiments, an event log, a cloud log, a network log, a bucket, a cloud-based storage, combinations thereof, and the like, are accessed to retrieve therefrom event records.")
Brannon discloses a method for determining impact analysis on policy changes and monitoring. Page discloses an invention for the using of an LLM to aid in the impact analysis of various events and available information. At the time of Applicant's filed invention, one of ordinary skill in the art would have deemed it obvious to combine the methods of Brannon with the teachings of Page in order to improve the monitoring and alerting of changes and their impact as disclosed by Page (Page: Paragraph 5, "As yet another example, various resources, monitors, agents, etc. can be configured to generate alerts based on a status of resources. For example, a server can be configured to generate an alert when processor usage exceeds some predetermined threshold.")
Claim(s) 16 –
Brannon in view of Page disclose the limitations of claim 1
Brannon further discloses the following:
wherein the changes to the policy records comprise an update to an existing policy or an addition of a new policy. (Brannon: Paragraph 119, "In particular embodiments, the system may be configured to monitor the one or more websites (e.g., one or more webpages) to identify one or more changes to the one or more vendor attributes. For example, a vendor may update a privacy policy for the website (e.g., to comply with one or more legal or policy changes). In some embodiments, a change in a privacy policy may modify a relationship between a website and its users. In such embodiments, the system may be configured to: (1) determine that a particular website has changed its privacy policy; and (2) perform a new scan of the website in response to determining the change. The system may, for example, scan a website's privacy policy at a first time and a second time to determine whether a change has occurred. The system may be configured to analyze the change in privacy policy to determine whether to modify the calculated risk rating for the vendor (e.g., based on the change).")
Claim(s) 17 –
Brannon in view of Page disclose the limitations of claims 1 and 16
Brannon further discloses the following:
wherein the existing policy or the new policy comprises a rule, a regulation, a guideline, a law, a procedure, or a combination thereof. (Brannon: Paragraph 119, "In particular embodiments, the system may be configured to monitor the one or more websites (e.g., one or more webpages) to identify one or more changes to the one or more vendor attributes. For example, a vendor may update a privacy policy for the website (e.g., to comply with one or more legal or policy changes). In some embodiments, a change in a privacy policy may modify a relationship between a website and its users. In such embodiments, the system may be configured to: (1) determine that a particular website has changed its privacy policy; and (2) perform a new scan of the website in response to determining the change. The system may, for example, scan a website's privacy policy at a first time and a second time to determine whether a change has occurred. The system may be configured to analyze the change in privacy policy to determine whether to modify the calculated risk rating for the vendor (e.g., based on the change)."; Paragraph 272, "The system may also be adapted to generate a privacy assessment report showing that, in the course of a business's normal operations: (1) the business evaluates projects prior to go-live for compliance with one or more privacy-related regulations or policies; and (2) related substantive recommendations are made and implemented prior to go-live. This may be useful in documenting that privacy-by-design is being effectively implemented for a particular privacy campaign.")
Claim(s) 6-13 is/are rejected under 35 U.S.C. 103 as being unpatentable over Brannon (US 2020/0004938 Al) in view of Page (US 2025/0245091 Al) and Wiersma (US 20220253766 Al)
Claim(s) 6 –
Brannon in view of Page disclose the limitations of claim 1
Brannon in view of Page do not explicitly disclose the following, however, in analogous art of impact assessment, Wiersma discloses the following:
wherein at least one of the one or more affected entities comprises an employee of the organization and wherein the impact assessment report comprises a customized impact assessment report describing how the changes to the policy records affect the employee's job procedures, job duties, job responsibilities, or combination thereof, within the organization. (Wiersma: Paragraph 46, "As depicted, at one or more of the facilities 102A-N, a policy change can be proposed (A). This proposal can be made by an employee, such as a team leader, in a change impact assessment application (e.g., refer to FIGS. 7 A-C) that is displayed to the employee at a computing device. One or more change proposals can be made at a facility. Change proposals can include an of a variety of changes to a facility that may affect worker performance of their duties such as, for example, training workers on new processes, systems, devices, and/or equipment, human resources ("HR") initiatives (e.g., diversity and inclusion training), capital improvements ("CapEx") (e.g., physical changes to facility, such as construction, repairs, and improvements), and/or other change proposals. Change impact specifications for the change proposal can be transmitted to the change management system 110 (B). The system 110 can then generate a change impact score based on the change impact specifications (C). A change impact score can be generated for each proposed policy change. The change impact score can be generated for a team that can be effected by the proposed policy change. In some implementations, the system 110 can additionally or alternatively generate an aggregate change impact score for a facility that can be effected by the proposed policy change.")
Brannon discloses a method for determining impact analysis on policy changes and monitoring. Page discloses an invention for the using of an LLM to aid in the impact analysis of various events and available information. Wiersma discloses a method for managing and tracking changes within an organization. At the time of Applicant's filed invention, one of ordinary skill in the art would have deemed it obvious to combine the methods of Brannon in view of Page with the teachings of Wiersma in order to improve the planning and prediction of organizational changes as disclosed by Wiersma (Wiersma: Paragraph 4, "The disclosed technology can permit for improved planning and coordination to implement operational changes.")
Claim(s) 7 –
Brannon in view of Page disclose the limitations of claim 1
Brannon in view of Page do not explicitly disclose the following, however, in analogous art of impact assessment, Wiersma discloses the following:
wherein at least one of the one or more affected entities comprises a department of the organization and wherein the impact assessment report comprises a customized impact assessment report describing how the changes to the policy records affect the department's procedures, responsibilities, or combination thereof, within the organization. (Wiersma: Paragraph 15, "Without the disclosed technology, it can be challenging to assess the impact of changes across teams and departments. By providing an accurate quantification of the impact of a change on a team, the disclosed technology can create a better way to monitor for, schedule, and roll out changes across groups in an organization to ensure that teams are not overloaded with change at any point in time. The resulting benefits of using this technology is that by scheduling changes with teams at appropriate times (i.e., when they are not overloaded with other changes), they are able to better retain and implement the changes, they are less likely to need retraining, and they are likely to perform their duties better. Example metrics to quantify change can include, for example, people metrics, process metrics, technology metrics, data metrics, and deployment duration metrics, which can be combined to determine an overall change impact metric. Using these metrics, the disclosed technology can provide for a more holistic quantification of change and how it can impact a team, a department, a facility, and/or an enterprise. This change quantification can be used to efficiently and effectively implement changes and maintain sustainable practices in the enterprise."; Paragraph 122, "Example data fields include initiative/project 701, project manager 702, region 704, location(s) 706, start/end dates 708, initiative duration 710, department(s) impacted 712, role(s) impacted 714, and level(s) impacted 716. One or more fewer or additional data fields can be provided through the application 206. For example, multiple data fields that are associated with each of the metrics used to determine the change impact score (e.g., people impacted, process changes, technology impact, data impact, deployment duration) can be displayed in the application 206. The employee can also provide information such as an updated date for starting or ending the change initiative, an updated number of people needed to implement the change, and/or any other updates or modifications to information that the employee initially provided to the application 206. In some implementations, a computer system, such as the change management system 110, can predict certain values, inputs, or information for the proposed change. As a non-limiting example, the system can predict an end date (e.g., data field 708) for the proposed change, roles impacted (e.g., data field 714), and/or initiative duration (e.g., data field 710).")
Brannon discloses a method for determining impact analysis on policy changes and monitoring. Page discloses an invention for the using of an LLM to aid in the impact analysis of various events and available information. Wiersma discloses a method for managing and tracking changes within an organization. At the time of Applicant's filed invention, one of ordinary skill in the art would have deemed it obvious to combine the methods of Brannon in view of Page with the teachings of Wiersma in order to improve the planning and prediction of organizational changes as disclosed by Wiersma (Wiersma: Paragraph 4, "The disclosed technology can permit for improved planning and coordination to implement operational changes.")
Claim(s) 8 –
Brannon in view of Page disclose the limitations of claim 1
Brannon does not specifically disclose the following, however, in the analogous art of prediction and impact analysis, Page discloses the following:
... using one or more LLM prompts that instruct the LLM to ... (Page: Paragraph 48, "In an embodiment, the AI engine, the event management server, and the like, are configured to provide context data to the LLM. In some embodiments, context data includes a data schema, metadata, and the like. In an embodiment, the event management server is configured to generate a prompt using retrieval augmented generation (RAG). In certain embodiments, generating a prompt using RAG includes generating a prompt based on context data. In an embodiment, context data is retrieved from a data store."; Paragraph 56, "At S330, an incident record is generated. In an embodiment, an event management server is configured to generate an incident record based on data extracted from a plurality of events. In some embodiments, it is advantageous to maintain an incident record, as the incident record contains therein only data that is predetermined to be relevant to an incident. Thus, the amount of data is reduced, which allows to store multiple incidents for a longer time (e.g., using the same amount of storage), allows searching through incident records faster (i.e., searching a smaller data set is faster than searching through a larger data set), etc."; Paragraph 112, "n an embodiment, an input from a binary toggle is utilized in training an LLM which generated the incident summary, the root cause analysis, the root cause reasoning, a combination thereof, and the like. In some embodiments, the input is utilized in a reinforced learning mechanism for an AI engine.")
Brannon in view of Page do not explicitly disclose the following, however, in analogous art of impact assessment, Wiersma discloses the following:
wherein the deriving of the impact metric for each of the one or more affected entities comprises ... assign an impact metric value based on a predefined scale, where the scale ranges from a lower value indicating a lesser impact to a higher value indicating a greater impact on the entity's role or responsibilities in the organization. (Wiersma: Paragraph 8, "Referring to the process 400, people impacted can be quantified in 402. A people impacted score can be determined based on one or more factors. The people impacted score can be a numeric value that is scaled and/or weighted based on the factors. Such factors can include but are not limited to a competency of people impacted by the change, a behavior of people impacted by the change, a reaction to change, roles of people impacted, and/or departments that are impacted. For example, people who are not often impacted by change may not be competent about how change is implemented or what change entails. This can increase the people impacted score. As another example, if a lot of people are impacted by the change, the people impacted score can increase. If people impacted by change have a generally negative attitude towards change, the people impacted score can increase. If people have, in the past, positively responded to change, the people impacted score can decrease. Likewise, if they reacted negatively to similar change in the past, the people impacted score can increase. As yet another example, if few roles are impacted, the people impact score can decrease. If many different roles are impacted, this can suggest that change implementation can be more challenging, so the people impact score can increase. Likewise if only one department is impacted, the people impact score can decrease. However, if many departments are impacted, the people impact score can increase. The people impact score can also be scaled appropriately based on how many people are impacted by the proposed change. For example, if only one department is impacted but the department has an amount of people that exceeds some threshold value, then the people impact score can increase. One or more other variations on the people impacted score determination can be realized.")
Brannon discloses a method for determining impact analysis on policy changes and monitoring. Page discloses an invention for the using of an LLM to aid in the impact analysis of various events and available information. Wiersma discloses a method for managing and tracking changes within an organization. At the time of Applicant's filed invention, one of ordinary skill in the art would have deemed it obvious to combine the methods of Brannon with the teachings of Page in order to improve the monitoring and alerting of changes and their impact as disclosed by Page (Page: Paragraph 5, "As yet another example, various resources, monitors, agents, etc. can be configured to generate alerts based on a status of resources. For example, a server can be configured to generate an alert when processor usage exceeds some predetermined threshold."). Further, one of ordinary skill in the art would have deemed it obvious to combine the methods of Brannon in view of Page with the teachings of Wiersma in order to improve the planning and prediction of organizational changes as disclosed by Wiersma (Wiersma: Paragraph 4, "The disclosed technology can permit for improved planning and coordination to implement operational changes.")
Claim(s) 9 –
Brannon in view of Page disclose the limitations of claim 1
Brannon does not specifically disclose the following, however, in the analogous art of prediction and impact analysis, Page discloses the following:
... as derived by the LLM ... (Page: Paragraph 48, "In an embodiment, the AI engine, the event management server, and the like, are configured to provide context data to the LLM. In some embodiments, context data includes a data schema, metadata, and the like. In an embodiment, the event management server is configured to generate a prompt using retrieval augmented generation (RAG). In certain embodiments, generating a prompt using RAG includes generating a prompt based on context data. In an embodiment, context data is retrieved from a data store."; Paragraph 56, "At S330, an incident record is generated. In an embodiment, an event management server is configured to generate an incident record based on data extracted from a plurality of events. In some embodiments, it is advantageous to maintain an incident record, as the incident record contains therein only data that is predetermined to be relevant to an incident. Thus, the amount of data is reduced, which allows to store multiple incidents for a longer time (e.g., using the same amount of storage), allows searching through incident records faster (i.e., searching a smaller data set is faster than searching through a larger data set), etc."; Paragraph 112, "n an embodiment, an input from a binary toggle is utilized in training an LLM which generated the incident summary, the root cause analysis, the root cause reasoning, a combination thereof, and the like. In some embodiments, the input is utilized in a reinforced learning mechanism for an AI engine.")
Brannon in view of Page do not explicitly disclose the following, however, in analogous art of impact assessment, Wiersma discloses the following:
wherein the generating of the impact assessment report comprises providing a detailed explanation of reasons for the predicted effect ... and wherein the impact assessment report further comprises a suggestion for actions to be taken by the affected entities to comply with or adapt to the changes in the policy records. (Wiersma: Paragraph 63, "The data change quantifier 232 can determine a measure of how much metrics, reporting, and/or visualization of information may be changed by the proposed change. As an example, the more that new GUis or metrics are implemented, the more likely the data change value will be higher."; Paragraph 114, "Change implementation reporting can be received in 604. The reporting can be received in real-time, during implementation, after implementation, and/or during any times of the deployment duration. For example, reporting can be received at set times during deployment (e.g., at initiation/start, midway through, and at the end). Employees can report information about the change implementation. The employees can complete online questionnaires or evaluations provided via applications or websites on mobile devices (e.g., refer to FIG. 1). The team leader or a leader of the change implementation can report the information. The information can also be received from databases or other systems that track the change, performance, and/or operation within the team, department, facility, and/or region. The reporting can include information about whether implementation is going as projected or planned, what steps/actions have been completed, responses/attitudes/behaviors of people impacted by the change, any obstacles (expected or unexpected) that occur during the change, etc."; Paragraph 122, "Example data fields include initiative/project 701, project manager 702, region 704, location(s) 706, start/end dates 708, initiative duration 710, department(s) impacted 712, role(s) impacted 714, and level(s) impacted 716. One or more fewer or additional data fields can be provided through the application 206. For example, multiple data fields that are associated with each of the metrics used to determine the change impact score (e.g., people impacted, process changes, technology impact, data impact, deployment duration) can be displayed in the application 206. The employee can also provide information such as an updated date for starting or ending the change initiative, an updated number of people needed to implement the change, and/or any other updates or modifications to information that the employee initially provided to the application 206. In some implementations, a computer system, such as the change management system 110, can predict certain values, inputs, or information for the proposed change. As a non-limiting example, the system can predict an end date (e.g., data field 708) for the proposed change, roles impacted (e.g., data field 714), and/or initiative duration (e.g., data field 710)."; Paragraph 145, "As described herein, readiness metrics can be viewed based on region, facility, quarter, or any other desired timeframe. The different views and displayed information can be useful to identify top down and bottom up issues that may need to be addressed in order for performance and change implementation to improve. For example, a score in the red can cause a notification to be generated and displayed to the employee or other user viewing the interface 1000. This notification can direct the employee's attention to the facility having the red score. The red score can be an indicator that leaders in that facility may not be properly equipped or able to lead the facility through change. Other reasons for the red score can be gleaned from the information displayed in the interface 1000.")
Brannon discloses a method for determining impact analysis on policy changes and monitoring. Page discloses an invention for the using of an LLM to aid in the impact analysis of various events and available information. Wiersma discloses a method for managing and tracking changes within an organization. At the time of Applicant's filed invention, one of ordinary skill in the art would have deemed it obvious to combine the methods of Brannon with the teachings of Page in order to improve the monitoring and alerting of changes and their impact as disclosed by Page (Page: Paragraph 5, "As yet another example, various resources, monitors, agents, etc. can be configured to generate alerts based on a status of resources. For example, a server can be configured to generate an alert when processor usage exceeds some predetermined threshold."). Further, one of ordinary skill in the art would have deemed it obvious to combine the methods of Brannon in view of Page with the teachings of Wiersma in order to improve the planning and prediction of organizational changes as disclosed by Wiersma (Wiersma: Paragraph 4, "The disclosed technology can permit for improved planning and coordination to implement operational changes.")
Claim(s) 10 –
Brannon in view of Page disclose the limitations of claim 1
Brannon does not specifically disclose the following, however, in the analogous art of prediction and impact analysis, Page discloses the following:
further comprising refining the LLM's outputs... (Page: Paragraph 48, "In an embodiment, the AI engine, the event management server, and the like, are configured to provide context data to the LLM. In some embodiments, context data includes a data schema, metadata, and the like. In an embodiment, the event management server is configured to generate a prompt using retrieval augmented generation (RAG). In certain embodiments, generating a prompt using RAG includes generating a prompt based on context data. In an embodiment, context data is retrieved from a data store."; Paragraph 56, "At S330, an incident record is generated. In an embodiment, an event management server is configured to generate an incident record based on data extracted from a plurality of events. In some embodiments, it is advantageous to maintain an incident record, as the incident record contains therein only data that is predetermined to be relevant to an incident. Thus, the amount of data is reduced, which allows to store multiple incidents for a longer time (e.g., using the same amount of storage), allows searching through incident records faster (i.e., searching a smaller data set is faster than searching through a larger data set), etc."; Paragraph 112, "n an embodiment, an input from a binary toggle is utilized in training an LLM which generated the incident summary, the root cause analysis, the root cause reasoning, a combination thereof, and the like. In some embodiments, the input is utilized in a reinforced learning mechanism for an AI engine.")
Brannon in view of Page do not explicitly disclose the following, however, in analogous art of impact assessment, Wiersma discloses the following:
... based on a user feedback to improve a relevance and accuracy of future impact assessment reports, wherein the user feedback comprises user ratings, binary responses, or open-ended comments regarding the usefulness, accuracy, clarity, or a combination thereof, of information provided in the impact assessment reports. (Wiersma: Paragraph 63, "The data change quantifier 232 can determine a measure of how much metrics, reporting, and/or visualization of information may be changed by the proposed change. As an example, the more that new GUis or metrics are implemented, the more likely the data change value will be higher."; Paragraph 114, "Change implementation reporting can be received in 604. The reporting can be received in real-time, during implementation, after implementation, and/or during any times of the deployment duration. For example, reporting can be received at set times during deployment (e.g., at initiation/start, midway through, and at the end). Employees can report information about the change implementation. The employees can complete online questionnaires or evaluations provided via applications or websites on mobile devices (e.g., refer to FIG. 1). The team leader or a leader of the change implementation can report the information. The information can also be received from databases or other systems that track the change, performance, and/or operation within the team, department, facility, and/or region. The reporting can include information about whether implementation is going as projected or planned, what steps/actions have been completed, responses/attitudes/behaviors of people impacted by the change, any obstacles (expected or unexpected) that occur during the change, etc."; Paragraph 122, "Example data fields include initiative/project 701, project manager 702, region 704, location(s) 706, start/end dates 708, initiative duration 710, department(s) impacted 712, role(s) impacted 714, and level(s) impacted 716. One or more fewer or additional data fields can be provided through the application 206. For example, multiple data fields that are associated with each of the metrics used to determine the change impact score (e.g., people impacted, process changes, technology impact, data impact, deployment duration) can be displayed in the application 206. The employee can also provide information such as an updated date for starting or ending the change initiative, an updated number of people needed to implement the change, and/or any other updates or modifications to information that the employee initially provided to the application 206. In some implementations, a computer system, such as the change management system 110, can predict certain values, inputs, or information for the proposed change. As a non-limiting example, the system can predict an end date (e.g., data field 708) for the proposed change, roles impacted (e.g., data field 714), and/or initiative duration (e.g., data field 710)."; Paragraph 145, "As described herein, readiness metrics can be viewed based on region, facility, quarter, or any other desired timeframe. The different views and displayed information can be useful to identify top down and bottom up issues that may need to be addressed in order for performance and change implementation to improve. For example, a score in the red can cause a notification to be generated and displayed to the employee or other user viewing the interface 1000. This notification can direct the employee's attention to the facility having the red score. The red score can be an indicator that leaders in that facility may not be properly equipped or able to lead the facility through change. Other reasons for the red score can be gleaned from the information displayed in the interface 1000.")
Brannon discloses a method for determining impact analysis on policy changes and monitoring. Page discloses an invention for the using of an LLM to aid in the impact analysis of various events and available information. Wiersma discloses a method for managing and tracking changes within an organization. At the time of Applicant's filed invention, one of ordinary skill in the art would have deemed it obvious to combine the methods of Brannon with the teachings of Page in order to improve the monitoring and alerting of changes and their impact as disclosed by Page (Page: Paragraph 5, "As yet another example, various resources, monitors, agents, etc. can be configured to generate alerts based on a status of resources. For example, a server can be configured to generate an alert when processor usage exceeds some predetermined threshold."). Further, one of ordinary skill in the art would have deemed it obvious to combine the methods of Brannon in view of Page with the teachings of Wiersma in order to improve the planning and prediction of organizational changes as disclosed by Wiersma (Wiersma: Paragraph 4, "The disclosed technology can permit for improved planning and coordination to implement operational changes.")
Claim(s) 11 –
Brannon in view of Page disclose the limitations of claim 1
Brannon does not specifically disclose the following, however, in the analogous art of prediction and impact analysis, Page discloses the following:
providing a user interface (UI) to access the LLM; (Page: Paragraph 107, "FIG. 6 is an example graphical user interface of an incident summary generated by an event management server, utilized to describe an embodiment. In an embodiment, an event management server, such as the event management server 130 of FIG. 1 above, is configured to generate a graphical user interface (GUI), including various graphical and textual elements.")
Brannon in view of Page do not explicitly disclose the following, however, in analogous art of impact assessment, Wiersma discloses the following:
receiving, via the UI, a request for an analysis of a new policy draft; and generating ... a description of effects of the new policy draft, wherein the description includes a potential impact of the new policy draft on various entities within the organization. (Wiersma: Paragraph 47, "The system 110 can also determine team readiness for the proposed change (D). Team readiness can take into account one or more factors, such as environmental conditions, the team's prior experiences with implementing change, and how healthy the team is to implement change. The system 110 can transmit the impact score and readiness metric(s) to the scheduling system 112 (E). The scheduling system 112 can determine a change implementation decision guidance framework (F). In some implementations, determining the decision guidance framework can be performed dynamically and/or automatically by the system 112. In other implementations, an employee of the system 100 can determine and/or adjust the change implementation decision guidance framework. Decision guidance framework can be provided to the facilities that proposed policy changes (G). The decision guidance framework can include new or modified change implementation decision guidance. The decision guidance framework can also include graphical displays (e.g., bar charts, roadmaps) of change metrics, readiness, and/or change impact scores that can be used by employees at the facility to determine how to implement the proposed change. The decision guidance framework can include scheduling guidance, sequencing guidance, prioritization guidance, etc."; Paragraph 48, "The decision guidance framework can be outputted to computing devices of employees at the facility (H). As described throughout this disclosure, graphical user interfaces (GUis) can provide different displays of change metrics, roadmaps, and/or change decision guidance frameworks. The displays can follow a bottom up and/or top down approach, in which the metrics, roadmaps, and/or change schedules or decision guidance can be specific to a particular team, department, facility, region, etc.")
Brannon discloses a method for determining impact analysis on policy changes and monitoring. Page discloses an invention for the using of an LLM to aid in the impact analysis of various events and available information. Wiersma discloses a method for managing and tracking changes within an organization. At the time of Applicant's filed invention, one of ordinary skill in the art would have deemed it obvious to combine the methods of Brannon with the teachings of Page in order to improve the monitoring and alerting of changes and their impact as disclosed by Page (Page: Paragraph 5, "As yet another example, various resources, monitors, agents, etc. can be configured to generate alerts based on a status of resources. For example, a server can be configured to generate an alert when processor usage exceeds some predetermined threshold."). Further, one of ordinary skill in the art would have deemed it obvious to combine the methods of Brannon in view of Page with the teachings of Wiersma in order to improve the planning and prediction of organizational changes as disclosed by Wiersma (Wiersma: Paragraph 4, "The disclosed technology can permit for improved planning and coordination to implement operational changes.")
Claim(s) 12 –
Brannon in view of Page and Wiersma disclose the limitations of claims 1 and 11
Brannon does not specifically disclose the following, however, in the analogous art of prediction and impact analysis, Page discloses the following:
... via the LLM ... (Page: Paragraph 48, "In an embodiment, the AI engine, the event management server, and the like, are configured to provide context data to the LLM. In some embodiments, context data includes a data schema, metadata, and the like. In an embodiment, the event management server is configured to generate a prompt using retrieval augmented generation (RAG). In certain embodiments, generating a prompt using RAG includes generating a prompt based on context data. In an embodiment, context data is retrieved from a data store."; Paragraph 56, "At S330, an incident record is generated. In an embodiment, an event management server is configured to generate an incident record based on data extracted from a plurality of events. In some embodiments, it is advantageous to maintain an incident record, as the incident record contains therein only data that is predetermined to be relevant to an incident. Thus, the amount of data is reduced, which allows to store multiple incidents for a longer time (e.g., using the same amount of storage), allows searching through incident records faster (i.e., searching a smaller data set is faster than searching through a larger data set), etc."; Paragraph 112, "n an embodiment, an input from a binary toggle is utilized in training an LLM which generated the incident summary, the root cause analysis, the root cause reasoning, a combination thereof, and the like. In some embodiments, the input is utilized in a reinforced learning mechanism for an AI engine.")
Brannon in view of Page do not explicitly disclose the following, however, in analogous art of impact assessment, Wiersma discloses the following:
via the UI, a second request to generate a revision to the new policy draft;
(Wiersma: Paragraph 96, "Data changes can be quantified in 408. A data change score can be determined based on one or more factors. The score can be a numeric value that is scaled and/or weighted based on the factors. Such factors can include a change in metrics, a change in reporting, and/or a change in visualization or user interfaces of data. As an example, the proposed change can require one or more new metrics to be understood and/or adopted by people. If the new metrics are hard to understand and/or require training/onboarding, the data change score can increase. In other words, if the new metrics require an amount of training that exceeds a threshold value, the score can increase. In some implementations, if only one new metric is being introduced but it requires significant training, the data change score can increase. If the new metrics are merely variations of existing metrics, the data change score can decrease. As another example, if the proposed change requires updating or modifying one or more existing metrics, the data change score can be adjusted accordingly based on a quantity of such updates, a difficulty in making such updates, a difficulty level of training to use/understand the updates, etc."; Paragraph 112, "Example data fields include initiative/project 701, project manager 702, region 704, location(s) 706, start/end dates 708, initiative duration 710, department(s) impacted 712, role(s) impacted 714, and level(s) impacted 716. One or more fewer or additional data fields can be provided through the application 206. For example, multiple data fields that are associated with each of the metrics used to determine the change impact score (e.g., people impacted, process changes, technology impact, data impact, deployment duration) can be displayed in the application 206. The employee can also provide information such as an updated date for starting or ending the change initiative, an updated number of people needed to implement the change, and/or any other updates or modifications to information that the employee initially provided to the application 206. In some implementations, a computer system, such as the change management system 110, can predict certain values, inputs, or information for the proposed change. As a non-limiting example, the system can predict an end date (e.g., data field 708) for the proposed change, roles impacted (e.g., data field 714), and/or initiative duration (e.g., data field 710)."; Paragraph 123, "FIGS. 7B-C depict example graphical user interfaces (GUis) for change impact assessment. The change impact assessment application 206 includes the user interface features 700, as described in reference to FIG. 7 A. Referring to both FIGS. 7B-C, different input features can be provided to the employee. For example, text fields, drop-down menus, calendar pop-ups, and radio buttons can be presented in the application 206.")
generating ... the revision to the new policy draft; and generating ... a second description of second effects of the new policy draft and the revision, wherein the description includes a second potential impact on the various entities within the organization. (Wiersma: Paragraph 96, "Data changes can be quantified in 408. A data change score can be determined based on one or more factors. The score can be a numeric value that is scaled and/or weighted based on the factors. Such factors can include a change in metrics, a change in reporting, and/or a change in visualization or user interfaces of data. As an example, the proposed change can require one or more new metrics to be understood and/or adopted by people. If the new metrics are hard to understand and/or require training/onboarding, the data change score can increase. In other words, if the new metrics require an amount of training that exceeds a threshold value, the score can increase. In some implementations, if only one new metric is being introduced but it requires significant training, the data change score can increase. If the new metrics are merely variations of existing metrics, the data change score can decrease. As another example, if the proposed change requires updating or modifying one or more existing metrics, the data change score can be adjusted accordingly based on a quantity of such updates, a difficulty in making such updates, a difficulty level of training to use/understand the updates, etc."; Paragraph 112, "Example data fields include initiative/project 701, project manager 702, region 704, location(s) 706, start/end dates 708, initiative duration 710, department(s) impacted 712, role(s) impacted 714, and level(s) impacted 716. One or more fewer or additional data fields can be provided through the application 206. For example, multiple data fields that are associated with each of the metrics used to determine the change impact score (e.g., people impacted, process changes, technology impact, data impact, deployment duration) can be displayed in the application 206. The employee can also provide information such as an updated date for starting or ending the change initiative, an updated number of people needed to implement the change, and/or any other updates or modifications to information that the employee initially provided to the application 206. In some implementations, a computer system, such as the change management system 110, can predict certain values, inputs, or information for the proposed change. As a non-limiting example, the system can predict an end date (e.g., data field 708) for the proposed change, roles impacted (e.g., data field 714), and/or initiative duration (e.g., data field 710)."; Paragraph 123, "FIGS. 7B-C depict example graphical user interfaces (GUis) for change impact assessment. The change impact assessment application 206 includes the user interface features 700, as described in reference to FIG. 7 A. Referring to both FIGS. 7B-C, different input features can be provided to the employee. For example, text fields, drop-down menus, calendar pop-ups, and radio buttons can be presented in the application 206."; Paragraph 151, "As another example, a manager at a facility can input information about proposed change into the application 206. The manager can also view information about his facility and/or a particular department, level, role, or team in the facility. This information can be based on the input that the manager provides to the application 206. In other words, when proposed change is inputted into the application 206, the views 1104, 1106, and 1108 can be dynamically updated to indicate how the proposed change would impact existing performance in the facility.")
Brannon discloses a method for determining impact analysis on policy changes and monitoring. Page discloses an invention for the using of an LLM to aid in the impact analysis of various events and available information. Wiersma discloses a method for managing and tracking changes within an organization. At the time of Applicant's filed invention, one of ordinary skill in the art would have deemed it obvious to combine the methods of Brannon with the teachings of Page in order to improve the monitoring and alerting of changes and their impact as disclosed by Page (Page: Paragraph 5, "As yet another example, various resources, monitors, agents, etc. can be configured to generate alerts based on a status of resources. For example, a server can be configured to generate an alert when processor usage exceeds some predetermined threshold."). Further, one of ordinary skill in the art would have deemed it obvious to combine the methods of Brannon in view of Page with the teachings of Wiersma in order to improve the planning and prediction of organizational changes as disclosed by Wiersma (Wiersma: Paragraph 4, "The disclosed technology can permit for improved planning and coordination to implement operational changes.")
Claim(s) 14 –
Brannon in view of Page and Wiersma disclose the limitations of claims 1 and 11-12
Brannon does not specifically disclose the following, however, in the analogous art of prediction and impact analysis, Page discloses the following:
... LLM prompt ... (Page: 37, "In certain embodiments, the event management server 130 is configured to generate the input for the AI engine 150 as a prompt. In some embodiments, event management server is configured to generate the prompt based on a predefined template."; Paragraph 38, "For example, in an embodiment, the event management server 130 is configured to generate a prompt based on a plurality of correlated events and provide the generated prompt to an LLM of an AI engine 150. In some embodiments, the prompt, when processed by the LLM, configures the AI engine 150 to generate an output. In an embodiment, the generated output is utilized in generating an incident report 140.")
Brannon in view of Page do not explicitly disclose the following, however, in analogous art of impact assessment, Wiersma discloses the following:
wherein the effects of the new policy draft comprise a non-compliance or an inconsistency with an existing policy, and wherein the second request comprises to resolve the non-compliance or the inconsistency via the revision. (Wiersma: Paragraph 67, "Similarly, the performance readiness determiner 218 can be configured to determine how the team has handled change in the past, which can impact implementation of the proposed change. The determiner 218 can receive information about historic team performance from the user device 200 (e.g., via the impact assessment application 206). The determiner 218 can also receive information about team performance from one or more other computer systems, servers, and/or databases. Performance readiness can be measured over a predetermined period of time (e.g., 8 weeks). Performance readiness can indicate whether a team handled change well in the past, handled change poorly in the past, was adaptable to change, rejected change, experienced problems or issues in implementing change, positively implemented change, etc. The determiner 218 can generate a score or value associated with performance readiness. This score can be used by the impact score determiner 212 as a weight to modify and/or adjust the change impact score. For example, a team may dislike any change. Therefore, the determiner 218 can assign a performance readiness value that corresponds to the team being against change. This value can be weighted with the people impacted, process change, technology change, data change, duration values, and even external readiness value and/or team health value in generating the change impact score by the determiner 212. In this example, the performance readiness value can cause the change impact score to increase, which can indicate that the proposed change should not be implemented immediately (e.g., it would not be sustainable)."; Paragraph 145, "As described herein, readiness metrics can be viewed based on region, facility, quarter, or any other desired timeframe. The different views and displayed information can be useful to identify top down and bottom up issues that may need to be addressed in order for performance and change implementation to improve. For example, a score in the red can cause a notification to be generated and displayed to the employee or other user viewing the interface 1000. This notification can direct the employee's attention to the facility having the red score. The red score can be an indicator that leaders in that facility may not be properly equipped or able to lead the facility through change. Other reasons for the red score can be gleaned from the information displayed in the interface 1000."; Paragraph 149, "As an example, if certain departments have low change impact scores, a manager may decide to propose additional change for those departments since those departments can handle the change. If certain departments have high impact scores in comparison to other departments, the manager may choose to shift some of the change from the departments with higher impact scores to the departments with lower impact scores. As a result, the overall impact score for the facility may also be improved, which can have positive impacts on an overall performance of not only the facility but also the region. In some implementations, the manager may choose to shift certain roles or people (e.g., team leaders who handle change well) from one team to another team so that they can assist in better performance and/or change implementation.")
Brannon discloses a method for determining impact analysis on policy changes and monitoring. Page discloses an invention for the using of an LLM to aid in the impact analysis of various events and available information. Wiersma discloses a method for managing and tracking changes within an organization. At the time of Applicant's filed invention, one of ordinary skill in the art would have deemed it obvious to combine the methods of Brannon with the teachings of Page in order to improve the monitoring and alerting of changes and their impact as disclosed by Page (Page: Paragraph 5, "As yet another example, various resources, monitors, agents, etc. can be configured to generate alerts based on a status of resources. For example, a server can be configured to generate an alert when processor usage exceeds some predetermined threshold."). Further, one of ordinary skill in the art would have deemed it obvious to combine the methods of Brannon in view of Page with the teachings of Wiersma in order to improve the planning and prediction of organizational changes as disclosed by Wiersma (Wiersma: Paragraph 4, "The disclosed technology can permit for improved planning and coordination to implement operational changes.")
Claim(s) 14 is/are rejected under 35 U.S.C. 103 as being unpatentable over Brannon (US 2020/0004938 Al) in view of Page (US 2025/0245091 Al) and Epple (US 2019/0245894 A1)
Claim(s) 14 –
Brannon in view of Page disclose the limitations of claim 1
Brannon further discloses the following:
... query the data stores for a new policy record, update to a policy record, or a combination thereof (Brannon: Paragraph 119, "In particular embodiments, the system may be configured to monitor the one or more websites (e.g., one or more webpages) to identify one or more changes to the one or more vendor attributes. For example, a vendor may update a privacy policy for the website (e.g., to comply with one or more legal or policy changes). In some embodiments, a change in a privacy policy may modify a relationship between a website and its users. In such embodiments, the system may be configured to: (1) determine that a particular website has changed its privacy policy; and (2) perform a new scan of the website in response to determining the change. The system may, for example, scan a website's privacy policy at a first time and a second time to determine whether a change has occurred. The system may be configured to analyze the change in privacy policy to determine whether to modify the calculated risk rating for the vendor (e.g., based on the change).")
Brannon in view of Page does not explicitly disclose the following, however, in analogous art of prediction and impact analysis, Epple discloses the following:
wherein the monitoring comprises using a process daemon… (Epple: Paragraph 119, “In general, a threat management facility 404 for the enterprise 410 may include an IOC collector 426 that receives the IOC 422 from the endpoint 402 and determines an appropriate action. This may include any suitable remedial action, or where one or more IOCs 422 are inconclusive, continued monitoring or increased monitoring as appropriate.”; Paragraph 117, “In this context, it will be appreciated that an application or process identifier in the label may be used as a single item of information in a broader context for the network message. For example, the label may include a health status of the endpoint, other status information of the endpoint, a user identifier for a user of the application or a related process (e.g., automated machine activity—e.g., daemon, backup service—might be treated differently from human activity, categories of users may be treated differently than others, and the like), a name of the endpoint, reputation information for the source application, and so forth. Thus, the application identifier may be useful by itself, but the accuracy of attack detection may be improved still further by using additional context for the network message, which may include various pieces of contextual information inserted directly into the label for the network message, as well as other information available to a network device called upon to make a routing decision for a particular network message (e.g., allowing, blocking, rerouting, and so forth). The routing decision may include blocking the message. All such variations that would be apparent to one of ordinary skill in the art are intended to fall within the scope of this disclosure.”)
Brannon discloses a method for determining impact analysis on policy changes and monitoring. Page discloses an invention for the using of an LLM to aid in the impact analysis of various events and available information. Epple discloses a method of monitoring activities within an organization to detect changes and determine their impacts. At the time of Applicant's filed invention, one of ordinary skill in the art would have deemed it obvious to combine the methods of Brannon in view of Page with the methods of Epple in order to improve the threat and vulnerability management of an organization as disclosed by Epple (Epple: Paragraph 42, “In one aspect, the policy management facility 112 may be used to update the policies of all corporate computing assets with a proper policy control facility or it may update a select few. By using the threat management facility 100 to facilitate setting, updating and controlling such policies, a corporation (or other applicable entity) only needs to be concerned with keeping the threat management facility 100 up to date on such policies.”)
Conclusion
Applicant's amendment necessitated the new ground(s) of rejection presented in this Office action. Accordingly, THIS ACTION IS MADE FINAL. See MPEP § 706.07(a). Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a).
A shortened statutory period for reply to this final action is set to expire THREE MONTHS from the mailing date of this action. In the event a first reply is filed within TWO MONTHS of the mailing date of this final action and the advisory action is not mailed until after the end of the THREE-MONTH shortened statutory period, then the shortened statutory period will expire on the date the advisory action is mailed, and any nonprovisional extension fee (37 CFR 1.17(a)) pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of the advisory action. In no event, however, will the statutory period for reply expire later than SIX MONTHS from the mailing date of this final action.
Any inquiry concerning this communication or earlier communications from the examiner should be directed to Philip N Warner whose telephone number is (571)270-7407. The examiner can normally be reached Monday-Friday 7am-4:00pm.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Jerry O’Connor can be reached at 571-272-6787. The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of published or unpublished applications may be obtained from Patent Center. Unpublished application information in Patent Center is available to registered users. To file and manage patent submissions in Patent Center, visit: https://patentcenter.uspto.gov. Visit https://www.uspto.gov/patents/apply/patent-center for more information about Patent Center and https://www.uspto.gov/patents/docx for information about filing in DOCX format. For additional questions, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/Philip N Warner/Examiner, Art Unit 3624
/Jerry O'Connor/Supervisory Patent Examiner,Group Art Unit 3624