Comprehensive rule-based compliance checking and risk management with process mining

Process mining researchers have primarily focused on developing and improving process discovery techniques, while attention for the applicability of process mining has been below par. As a result, there only exists a partial fit with the traditional requirements for compliance checking and risk management. This paper proposes a comprehensive rule-based process mining approach for a timely investigation of a complete set of enriched process event data. Additionally, the contribution elaborates a two-dimensional business rule taxonomy that serves as a source of business rules for the comprehensive rule-based compliance checking approach. Finally, the study provides a formal grounding for and an evaluation of the comprehensive rule-based compliance checking approach.

[1]  Jon Espen Ingvaldsen,et al.  Preprocessing Support for Large Scale Process Mining of SAP Transactions , 2007, Business Process Management Workshops.

[2]  Vijayalakshmi Atluri,et al.  Role-based Access Control , 1992 .

[3]  David C. Yen,et al.  A business process gap detecting mechanism between information system process flow and internal control flow , 2009, Decis. Support Syst..

[4]  Boudewijn F. van Dongen,et al.  Process Mining and Verification of Properties: An Approach Based on Temporal Logic , 2005, OTM Conferences.

[5]  Munindar P. Singh,et al.  Reasoning about Commitments in the Event Calculus: An Approach for Specifying and Executing Protocols , 2004, Annals of Mathematics and Artificial Intelligence.

[6]  Dimitra Giannakopoulou,et al.  Automata-based verification of temporal properties on running programs , 2001, Proceedings 16th Annual International Conference on Automated Software Engineering (ASE 2001).

[7]  Boudewijn F. van Dongen,et al.  ProM 4.0: Comprehensive Support for Real Process Analysis , 2007, ICATPN.

[8]  Remco M. Dijkman,et al.  Similarity of business process models: Metrics and evaluation , 2011, Inf. Syst..

[9]  Kees M. van Hee,et al.  Auditing 2.0: Using Process Mining to Support Tomorrow's Auditor , 2010, Computer.

[10]  Bill Curtis,et al.  Process modeling , 1992, CACM.

[11]  Karin Venter The Delegation Authorization Model: A Model For The Dynamic Delegation Of Authorization Rights In A Secure Workflow Management System , 2002, ISSA.

[12]  Paola Mello,et al.  Checking Compliance of Execution Traces to Business Rules , 2008, Business Process Management Workshops.

[13]  Wil M. P. van der Aalst,et al.  Constraint-Based Workflow Models: Change Made Easy , 2007, OTM Conferences.

[14]  Wil M. P. van der Aalst,et al.  Conformance Testing: Measuring the Fit and Appropriateness of Event Logs and Process Models , 2005, Business Process Management Workshops.

[15]  Wil M. P. van der Aalst,et al.  Conformance checking of processes based on monitoring real behavior , 2008, Inf. Syst..

[16]  BaesensBart,et al.  Comprehensive rule-based compliance checking and risk management with process mining , 2013, DSS 2013.

[17]  San-Yih Hwang,et al.  On the discovery of process models from their instances , 2002, Decis. Support Syst..

[18]  Bart Baesens,et al.  Robust Process Discovery with Artificial Negative Events , 2009, J. Mach. Learn. Res..

[19]  Marco Montali,et al.  Specification and Verification of Declarative Open Interaction Models - A Logic-Based Approach , 2010, Lecture Notes in Business Information Processing.

[20]  Alasdair Urquhart,et al.  Temporal Logic , 1971 .

[21]  Wil M. P. van der Aalst,et al.  Semantic Process Mining Tools: Core Building Blocks , 2008, ECIS.

[22]  Boudewijn F. van Dongen,et al.  Business process mining: An industrial application , 2007, Inf. Syst..

[23]  Diogo R. Ferreira,et al.  Applied Sequence Clustering Techniques for Process Mining , 2009, Handbook of Research on Business Process Modeling.

[24]  Wil M. P. van der Aalst,et al.  Mining Social Networks: Uncovering Interaction Patterns in Business Processes , 2004, Business Process Management.

[25]  Boudewijn F. van Dongen,et al.  ProM: The Process Mining Toolkit , 2009, BPM.

[26]  Jos de Bruijn,et al.  Web Service Modeling Ontology , 2005, Appl. Ontology.

[27]  Wil M. P. van der Aalst,et al.  Trace Clustering in Process Mining , 2008, Business Process Management Workshops.

[28]  Henrik Stormer,et al.  Modeling and Analyzing Separation of Duties in Workflow Environments , 2001, SEC.

[29]  Wil M.P. van der Aalst,et al.  Process mining: discovering workflow models from event-based data , 2001 .

[30]  Jan Vanthienen,et al.  Rule-based business process modelling and enactment , 2008, Int. J. Bus. Process. Integr. Manag..

[31]  Boudewijn F. van Dongen,et al.  Process Mining Framework for Software Processes , 2007, ICSP.

[32]  Wil M. P. van der Aalst,et al.  Business alignment: using process mining as a tool for Delta analysis and conformance testing , 2005, Requirements Engineering.

[33]  Maria E. Orlowska,et al.  Specification and validation of process constraints for flexible workflows , 2005, Inf. Syst..

[34]  Marco Montali Declarative Process Mining , 2010 .

[35]  Miklos A. Vasarhelyi,et al.  Principles of Analytic Monitoring for Continuous Assurance , 2004 .

[36]  Wil M. P. van der Aalst,et al.  A Declarative Approach for Flexible Business Processes Management , 2006, Business Process Management Workshops.

[37]  Wil M. P. van der Aalst,et al.  Workflow mining: discovering process models from event logs , 2004, IEEE Transactions on Knowledge and Data Engineering.

[38]  Wil M. P. van der Aalst,et al.  Process mining: a research agenda , 2004, Comput. Ind..

[39]  Jason Crampton,et al.  The consistency of task-based authorization constraints in workflow , 2004, Proceedings. 17th IEEE Computer Security Foundations Workshop, 2004..

[40]  Alexander L. Wolf,et al.  Discovering models of software processes from event-based data , 1998, TSEM.

[41]  Wil M. P. van der Aalst,et al.  Application of Process Mining in Healthcare - A Case Study in a Dutch Hospital , 2008, BIOSTEC.

[42]  Alexander L. Wolf,et al.  Software process validation: quantitatively measuring the correspondence of a process to a model , 1999, TSEM.

[43]  Randal J. Elder Mark S. Beasley Alvin A. Arens Auditing and Assurance Services: An Integrated Approach , 2002 .

[44]  Terry Halpin,et al.  Object-Role Modeling (ORM/NIAM) , 2006, Handbook on Architectures of Information Systems.

[45]  Koen Vanhoof,et al.  A business process mining application for internal transaction fraud mitigation , 2011, Expert Syst. Appl..

[46]  Jason Crampton,et al.  The consistency of task-based authorization constraints in workflow , 2004 .

[47]  Jan Vanthienen,et al.  Information mining - Reflections on recent advancements and the road ahead in data, text, and media mining , 2011, Decis. Support Syst..

[48]  Kyoung Jun Lee,et al.  Analysis of Best Practice Policy and Benchmarking Behavior for Government Knowledge Management , 2004, KMGov.

[49]  van der Wmp Wil Aalst,et al.  Process Mining , 2005, Process-Aware Information Systems.

[50]  M Maja Pesic,et al.  Constraint-based workflow management systems : shifting control to users , 2008 .

[51]  Gregory Gutin,et al.  Digraphs - theory, algorithms and applications , 2002 .

[52]  Boudewijn F. van Dongen,et al.  Discovering Workflow Performance Models from Timed Logs , 2002, EDCIS.

[53]  S. Anand Enterprise Risk Management-Integrated Framework , 2012 .