Back to Projects

Regulatory Monitoring Automation

Automated pipeline for tracking regulatory changes using RSS feeds, LLM summarization, and Slack notifications.

View Source
PythonOpenAI APISlack APIRSSGitHub Actions

Problem

Staying up-to-date with the rapidly changing landscape of cybersecurity regulations (ISO 27001, NIS2, EU AI Act) is a manual and time-consuming process. Compliance teams often miss critical updates buried in long legal texts.

Approach

I built an automated pipeline that:

  1. Ingests RSS feeds from major regulatory bodies (ENISA, NIST, EU Law).
  2. Filters content based on keywords using Python.
  3. Uses an LLM (GPT-4) to summarize the update and assess its relevance to our organization.
  4. Translates the summary if necessary.
  5. Posts a structured alert to a dedicated Slack channel.

Tools

  • Python: Core logic and data processing.
  • Feedparser: For handling RSS feeds.
  • OpenAI API: For summarization and relevance scoring.
  • Slack Webhook: For delivery.
  • GitHub Actions: Scheduled cron job to run daily.

Output & Impact

  • Reduced monitoring time by 90%.
  • Ensured the compliance team is notified of critical changes within 24 hours.
  • Created a searchable archive of regulatory updates in Slack.

What I Learned

  • Prompt engineering is crucial for getting consistent, structured JSON outputs from LLMs.
  • Handling RSS feed inconsistencies requires robust error handling.
  • Stateless serverless functions (or GitHub Actions) are perfect for low-frequency cron jobs.