Exploring Features of a Full-Coverage Integrated Solution for Business Process Compliance

The last few years have seen the introduction of several techniques for automatically tackling some aspects of compliance checking between business processes and business rules. Some of them are quite robust and mature and are provided with software support that partially or fully implement them. However, as far as we know there is not yet a tool that provides for the complete management of business process compliance in the whole lifecycle of business processes. The goal of this paper is to move towards an integrated business process compliance management system (BPCMS) on the basis of current literature and existing support. For this purpose, we present a description of some compliance-related features such a system should have in order to provide full coverage of the business process lifecycle, from compliance aware business process design to the audit process. Hints about what existing approaches can fit in each feature and challenges for future work are also provided.

[1]  Fabio Casati,et al.  Analyzing Compliance of Service-Based Business Processes for Root-Cause Analysis and Prediction , 2010, ICWE Workshops.

[2]  Gregor Engels,et al.  Verification of Business Process Quality Constraints Based on Visual Process Patterns , 2007, First Joint IEEE/IFIP Symposium on Theoretical Aspects of Software Engineering (TASE '07).

[3]  Marta Indulska,et al.  Emerging Challenges in Information Systems Research for Regulatory Compliance Management , 2010, CAiSE.

[4]  Mathias Weske,et al.  Business Process Management: Concepts, Languages, Architectures , 2007 .

[5]  Wil M. P. van der Aalst,et al.  Conformance checking of processes based on monitoring real behavior , 2008, Inf. Syst..

[6]  Aditya K. Ghose,et al.  Auditing Business Process Compliance , 2007, ICSOC.

[7]  Eindhoven Ggd Eindhoven ProM Framework Tutorial , 2009 .

[8]  Ahmed Awad,et al.  Automatic Generation of a Data-Centered View of Business Processes , 2011, CAiSE.

[9]  Nenad Stojanovic,et al.  Using Control Patterns in Business Processes Compliance , 2007, WISE Workshops.

[10]  Guido Governatori,et al.  Compliance aware business process design , 2008 .

[11]  Guido Governatori,et al.  Approximate Compliance Checking for Annotated Process Models , 2008 .

[12]  Shazia Wasim Sadiq,et al.  Compliance checking between business processes and business contracts , 2006, 2006 10th IEEE International Enterprise Distributed Object Computing Conference (EDOC'06).

[13]  Ying Liu,et al.  A static compliance-checking framework for business process models , 2007, IBM Syst. J..

[14]  Marwane El Kharbili,et al.  Policy-Based Semantic Compliance Checking for Business Process Management , 2008, MobIS Workshops.

[15]  Frank Leymann,et al.  An Integrated Solution for Runtime Compliance Governance in SOA , 2010, ICSOC.

[16]  Maria E. Orlowska,et al.  Data Flow and Validation in Workflow Modelling , 2004, ADC.

[17]  Harald C. Gall,et al.  Consistency of business process models and object life cycles , 2006, MoDELS'06.

[18]  Mike P. Papazoglou,et al.  Root-Cause Analysis of Design-Time Compliance Violations on the Basis of Property Patterns , 2010, ICSOC.

[19]  Fabio Casati,et al.  On the Design of Compliance Governance Dashboards for Effective Compliance and Audit Management , 2009, ICSOC/ServiceWave Workshops.

[20]  Mathias Weske,et al.  Efficient Compliance Checking Using BPMN-Q and Temporal Logic , 2008, BPM.

[21]  Boudewijn F. van Dongen,et al.  Process Mining and Verification of Properties: An Approach Based on Temporal Logic , 2005, OTM Conferences.