Abstract: Systems, computer-implemented methods, and computer program products that can facilitate compliance process risk assessment are provided. According to an embodiment, a system can comprise a memory that stores computer executable components and a processor that executes the computer executable components stored in the memory. The computer executable components can comprise a metric assignment component that assigns one or more risk assessment metrics based on vulnerability data of a compliance process. The computer executable components can further comprise a risk assignment component that assigns a risk score of the compliance process based on the one or more risk assessment metrics.

Abstract: Systems, computer-implemented methods, and computer program products that can facilitate compliance policy management and scheduling are provided. According to an embodiment, a system can comprise a memory that stores computer executable components and a processor that executes the computer executable components stored in the memory. The computer executable components can comprise a policy analyzer component that identifies one or more dependency relationships between a first compliance policy and one or more second compliance policies. The computer executable components can further comprise a scheduler component that generates a policy execution plan based on the one or more dependency relationships.

Abstract: A method provides for controlling compliance remediation that includes performing compliance inspection runs by account nodes for multiple accounts. Inspection results of the inspection runs from each account node are aggregated by an account cognitive policy advisory (CPA) service. The inspection results from each account are aggregated. It is determined whether remediations are required by analyzing the inspection results combined with a current compliance mode of a server. Upon a determination that the current compliance mode of the server is a first mode, the account CPA service determines whether a policy fingerprint has changed. Upon a change to the policy fingerprint, compliance enforcement runs on the account nodes are temporarily suspended.

Abstract: A system, program product, and method for use with an information handling system to detect and resolve faults in a run-time environment. As faults are detected, one or more corresponding general query responses are identified and subject to a ranking based on relevance criteria. At least one modified response is transformed into a command, selectively blended with context, and encoded as a context aware instruction. The instruction is subject to testing with corresponding output being subject to measurement.

Abstract: Methods, systems and computer program products for providing automated script review utilizing crowdsourced inputs are provided. Aspects include receiving a new script including a script text and a script description. Aspects include comparing the new script to each of a plurality of previously classified scripts to determine a degree of similarity. Each of the previously classified scripts and the new script have an associated set of attributes. Responsive to determining that the degree of similarity is below a predetermined threshold, aspects include mapping the new script to a crowdsourcing platform to identify a similar script. Aspects also include receiving information indicative of one or more features from the crowdsourcing platform. Responsive to inputting the one or more features into an acceptance model, aspects include generating an acceptance recommendation associated with the new script.

Abstract: Embodiments relate to an intelligent computer platform to utilize machine learning techniques to minimize compliance risk. Data, collected from a plurality of sources is subject to analysis and correlation to assess impact across data points. The assessment measures impact between at least two different compliance domains, facilitates understanding of cross-impact between compliance domains, and provides an estimation of compliance risk. A recommendation plan for one or more new compliance activities is created and dynamically subject to a machine learning reinforcement algorithm.

Abstract: A system includes a memory that stores computer executable components and neural network data, and a processor executes computer executable components stored in the memory. An assessment component assesses a computer network, and classifies the computer network relative to M network classifications stored in a repository, wherein M is an integer greater than one. A risk component determines risk of vulnerability subject to change impact regarding protection against a computer virus or cyber-attack based on historical information regarding vulnerability exposure and vulnerability remediation changes relative to the classification of the computer network. A recommendation component that generates recommendations and best action to mitigate risk and impact, and remediate the vulnerabilities based on the risk assessment and business priorities.

Abstract: Systems, computer-implemented methods, and computer program products that can facilitate creating and querying a knowledge base of identified topics, computer code actions, and parameters, are provided. According to an embodiment, a system can comprise a memory that stores computer executable components and a processor that executes the computer executable components stored in the memory. The computer executable components can comprise a parameter component that can identify a result parameter in ones of one or more results, wherein the one or more results comprise topics and computer code actions. The computer executable components can further comprise a result component that can select a result of the one or more results based on a mapping of a query to the one or more results, the mapping being based on the result parameter identified in the result and a criterion.

Abstract: Embodiments relate to monitoring an information technology (IT) environment having a plurality of domains through key performance indicator (KPI) data. In response to detection of a technical health problem, a first KPI related to the problem is identified. A root cause analysis is performed on the identified KPI generating a knowledge graph. A second KPI related to the first KPI is identified through the discovery of a correlation between the two identified KPIs. A diagnosis is generated for the technical health problem within the IT environment based on the discovered hidden correlation between the first KPI and second KPI. The generated diagnosis includes the root cause of the technical health issue.

Abstract: A system, program product, and method for use with an information handling system to detect and resolve faults in a run-time environment. As faults are detected, one or more corresponding general query responses are identified and subject to a ranking based on relevance criteria. At least one modified response is transformed into a command, selectively blended with context, and encoded as a context aware instruction. The instruction is subject to testing with corresponding output being subject to measurement.

Abstract: A method, a computer program product, and a computer system for receiving and sharing files in a group messaging environment. One or more servers in an infrastructure computing environment receive a file from a mobile device of a first user in a group of users in a session of group messaging. The one or more servers determine locations, battery levels, and data download speeds of mobile devices of the users. The one or more servers determine co-located users, based on the locations. The one or more servers select a second user from the co-located users, based on the battery levels and the data download speeds. The one or more servers send the file to a mobile device of the second user. The mobile device of the second user sends the file to mobile devices of the co-located users through a short-range communication medium.

Abstract: A method and system of identifying a computing device vulnerability is provided. Social media communication is monitored. Social media threads that are related to a vulnerability, based on the monitored social media communication, are identified, filtered, and categorized into one or more predetermined categories of computing device vulnerabilities. Upon determining that a number of social media posts related to the vulnerability is above a first predetermined threshold, one or more dependable social media threads in a same one or more categories as the vulnerability are searched. One or more possible root causes of the vulnerability are determined from the searched dependable social media threads. A validity score for each of the one or more possible root causes is assigned. A possible root cause from that has a highest validity score that is above a second predetermined threshold is selected to be the root cause of the vulnerability.

Abstract: Techniques that facilitate group patching recommendation and/or remediation with risk assessment are provided. In one example, a system includes a vertical stack component, a horizontal stack component and a risk classification component. The vertical stack component identifies a first patch profile from a software system associated with a computer system environment. The horizontal stack component identifies a second patch profile from a hardware system associated with network nodes of the computer system environment. The system learns over time to identify repetitive patterns using machine learning techniques. Then, the risk classification component performs a machine learning process to determine a risk classification for the computer system environment based on the first patch profile and the second patch profile.

Abstract: A compliance of a system is managed. Internal parameters of the system are received. One or more compliance control documents that relate to the system are identified. Each compliance control document is decomposed into one or more auditable units. Auditable units that are relevant to the system, are identified. Relevant auditable units are mapped to a corresponding available executable code. Each mapped executable code is executed. A risk associated with each relevant auditable unit that is deemed to be not compliant is identified. For each compliance control document, a compliance risk is calculated based on the identified risk. A report of compliance risk for each document is created to be displayed on a user interface of a computing device.

Abstract: Techniques regarding providing artificial intelligence problem descriptions are provided. For example, one or more embodiments described herein can comprise a system, which can comprise a memory that can store computer executable components. The system can also comprise a processor, operably coupled to the memory, and that can execute the computer executable components stored in the memory. The computer executable components can include, at least: a query component that generates key performance indicators from a query, determines a subset of key performance indicators that individually have a performance below a threshold, and maps the subset of key performance indicators to operational metrics; a learning component that generates, using artificial intelligence, problem descriptions from one or more of the subset of key performance indicators or the operational metrics and transmits the problem descriptions to a database.

Abstract: Techniques for dynamic server groups that can be patched together using stream clustering algorithms, and learning components in order to reuse the repeatable patterns using machine learning are provided herein. In one example, in response to a first risk associated with a first server device, a risk assessment component patches a server group to mitigate a vulnerability of the first server device and a second server device, wherein the server group is comprised of the first server device and the second server device. Additionally, a monitoring component monitors data associated with a second risk to the server group to mitigate the second risk to the server group.

Abstract: A method and system of identifying technical experts for an identified vulnerability is provided. One or more technical experts for each of one or more categories of the vulnerability are identified. Questions are sent to and answers are received from the one or more identified technical experts for each of the one or more categories of vulnerabilities, via a chatbot module. Answers to parameters that are missing for a Common Vulnerability Scoring System (CVSS) for the identified vulnerability are determined from the received answers to the parameters. The answers to the parameters are validated and a CVSS score is calculated based on the validated determined answers.

Abstract: A method and system of identifying a computing device vulnerability is provided. Social media communication is monitored. Social media threads that are related to a vulnerability, based on the monitored social media communication, are identified, filtered, and categorized into one or more predetermined categories of computing device vulnerabilities. Upon determining that a number of social media posts related to the vulnerability is above a first predetermined threshold, one or more dependable social media threads in a same one or more categories as the vulnerability are searched. One or more possible root causes of the vulnerability are determined from the searched dependable social media threads. A validity score for each of the one or more possible root causes is assigned. A possible root cause from that has a highest validity score that is above a second predetermined threshold is selected to be the root cause of the vulnerability.

Abstract: Techniques facilitating maintenance of tribal knowledge for accelerated compliance control deployment are provided. In one example, a system includes a memory that stores computer executable components and a processor that executes computer executable components stored in the memory, wherein the computer executable components include a knowledge base generation component that generates a knowledge graph corresponding to respective commitments created via tribal exchanges, the knowledge graph comprising a semantic level and an operational level; a semantic graph population component that populates the semantic level of the knowledge graph based on identified parties to the respective commitments; and an operational graph population component that populates the operational level of the knowledge graph based on tracked status changes associated with the respective commitments.

Abstract: Techniques for dynamic server groups that can be patched together using stream clustering algorithms, and learning components in order to reuse the repeatable patterns using machine learning are provided herein. In one example, in response to a first risk associated with a first server device, a risk assessment component patches a server group to mitigate a vulnerability of the first server device and a second server device, wherein the server group is comprised of the first server device and the second server device. Additionally, a monitoring component monitors data associated with a second risk to the server group to mitigate the second risk to the server group.