Regulatory Agencies Inventory and Attributes

The Regulatory Agencies Inventory is the authoritative enterprise record of every regulatory body whose requirements create formal compliance obligations for the enterprise — governmental, quasi-governmental, supranational, self-regulatory, or standards-setting. Each Noun Instance in this inventory is a single, uniquely identified Regulatory Agency: a governed record capturing who the body is, what it regulates, where it has jurisdiction, what type of authority it exercises, and how the enterprise monitors and manages its compliance relationship with that body. The inventory is the foundation of the enterprise’s compliance governance hierarchy: from regulatory agencies flow the regulations those agencies publish, from regulations flow the specific compliance obligations the enterprise must fulfill, and from compliance obligations flow the controls, evidence requirements, and audit responses that constitute the enterprise’s compliance program. Without a governed Regulatory Agencies Inventory, the enterprise cannot systematically answer which bodies have jurisdiction over its operations, in which countries and domains, with what enforcement authority, and at what risk of penalty. The Regulatory Agencies Inventory is a foundational governance artifact for Enterprise Architecture, Application Portfolio Management (APM), the Enterprise Model, and every compliance-intensive IT discipline. Enterprise Architecture uses it to understand the regulatory constraints shaping technology strategy and market entry decisions. APM uses it to identify which applications and data types are subject to which regulatory requirements, enabling portfolio rationalization decisions that account for regulatory compliance obligations. The Enterprise Model depends on it as the regulatory governance layer — the layer that connects regulatory authority to regulated data types, regulated data flows, and regulated technology assets through typed relationships that AI agents can traverse. As the first of three inventories in the IF4IT compliance governance hierarchy (Regulatory Agencies → Regulations → Regulatory Obligations), this inventory is the root from which all enterprise compliance governance derives. This document is part of the IF4IT Enterprise Inventory Management taxonomy — the master catalog of all Noun Types the enterprise recognizes and tracks. The general principles that govern inventory design, schema definition, data quality standards, federated ownership, lifecycle management, and AI-assisted population apply to this inventory and every other inventory in the enterprise and are addressed in the IF4IT Enterprise Inventory Management Best Practices document. Practitioners should read that document alongside this one. The attribute taxonomy presented in this document is a suggested baseline — not a mandatory schema and not a complete enumeration of every possible attribute. Enterprises are explicitly encouraged to add attributes specific to their context, adapt what is here to their needs, and define what IF4IT has not yet identified.