Monitoring Business Process Compliance Using Compliance Rule Graphs

Driven by recent trends, effective compliance control has become a crucial success factor for companies nowadays. In this context, compliance monitoring is considered an important building block to support business process compliance. Key to the practical application of a monitoring framework will be its ability to reveal and pinpoint violations of imposed compliance rules that occur during process execution. In this context, we propose a compliance monitoring framework that tackles three major challenges. As a compliance rule can become activated multiple times within a process execution, monitoring only its overall enforcement can be insufficient to assess and deal with compliance violations. Therefore, our approach enables to monitor each activation of a compliance rule individually. In case of violations, we are able to derive the particular root cause, which is helpful to apply specific remedy strategies. Even if a rule activation is not yet violated, the framework can provide assistance in proactively enforcing compliance by deriving measures to render the rule activation satisfied.

[1]  Wil M. P. van der Aalst,et al.  A Declarative Approach for Flexible Business Processes Management , 2006, Business Process Management Workshops.

[2]  Marco Montali,et al.  Monitoring Business Constraints with Linear Temporal Logic: An Approach Based on Colored Automata , 2011, BPM.

[3]  Schahram Dustdar,et al.  Model-aware Monitoring of SOAs for Compliance , 2011 .

[4]  Wil M. P. van der Aalst,et al.  Process Mining and Security: Detecting Anomalous Process Executions and Checking Process Conformance , 2005, WISP@ICATPN.

[5]  Antonio Bucchiarone,et al.  Service Engineering , 2010, S-CUBE Book.

[6]  Facoltá Di Ingegneria UNIVERSITA' DEGLI STUDI DI BOLOGNA , 2003 .

[7]  Wil M. P. van der Aalst,et al.  Conformance checking of processes based on monitoring real behavior , 2008, Inf. Syst..

[8]  Birgit Pfitzmann,et al.  From Regulatory Policies to Event Monitoring Rules: Towards Model-Driven Compliance Automation , 2006 .

[9]  Mathias Weske,et al.  Event-Based Monitoring of Process Execution Violations , 2011, BPM.

[10]  Hans-Arno Jacobsen,et al.  The PADRES Event Processing Network: Uniform Querying of Past and Future EventsDas PADRES Ereignisverarbeitungsnetzwerk: Einheitliche Anfragen auf Ereignisse der Vergangenheit und Zukunft , 2009, it Inf. Technol..

[11]  Mathias Weske,et al.  Visualization of Compliance Violation in Business Process Models , 2009, Business Process Management Workshops.

[12]  Frank Leymann,et al.  An Integrated Solution for Runtime Compliance Governance in SOA , 2010, ICSOC.

[13]  P. Soffer,et al.  Information Systems Evolution - CAiSE Forum 2010, Hammamet, Tunisia, June 7-9, 2010, Selected Extended Papers , 2011, CAiSE Forum.

[14]  Mathias Weske,et al.  Resolution of Compliance Violation in Business Process Models: A Planning-Based Approach , 2009, OTM Conferences.

[15]  Evelina Lamma,et al.  Expressing and Verifying Business Contracts with Abductive Logic Programming , 2008, Normative Multi-agent Systems.

[16]  Yael Edan,et al.  An Individual Feed Allocation Decision Support System for the Dairy Farm , 2001 .

[17]  George S. Avrunin,et al.  Patterns in property specifications for finite-state verification , 1999, Proceedings of the 1999 International Conference on Software Engineering (IEEE Cat. No.99CB37002).

[18]  Mike P. Papazoglou,et al.  On the Formal Specification of Regulatory Compliance: A Comparative Analysis , 2010, ICSOC Workshops.

[19]  Peter Dadam,et al.  SeaFlows Toolset - Compliance Verification Made Easy for Process-Aware Information Systems , 2010, CAiSE Forum.

[20]  Jetty Kleijn,et al.  Petri Nets and Other Models of Concurrency - ICATPN 2007, 28th International Conference on Applications and Theory of Petri Nets and Other Models of Concurrency, ICATPN 2007, Siedlce, Poland, June 25-29, 2007, Proceedings , 2007, ICATPN.

[21]  Peter Dadam,et al.  Design and Verification of Instantiable Compliance Rule Graphs in Process-Aware Information Systems , 2010, CAiSE.

[22]  Peter Dadam,et al.  Flexible Support of Team Processes by Adaptive Workflow Systems , 2004, Distributed and Parallel Databases.

[23]  Boudewijn F. van Dongen,et al.  ProM 4.0: Comprehensive Support for Real Process Analysis , 2007, ICATPN.

[24]  Guido Governatori,et al.  Compliance aware business process design , 2008 .