Business Process Compliance Despite Change: Towards Proposals for a Business Process Adaptation

Business Process Compliance (BPC) denotes the execution of business processes in accordance with applicable compliance requirements. BPC can be satisfied through compliance processes that are integrated into the business process. In addition, compliance requirements place demands against IT components that are sometimes necessary to execute business or compliance processes. Various factors, such as outsourcing or business process reengineering can lead to a change of processes or IT components and thus to a violation of BPC. Consequently, our goal is to provide proposals for a business process adaptation to further ensure BPC. Following the design science research methodology, we developed two artifacts to reach our goal. First, we developed a meta-model that represents the interrelations between alternative compliance process patterns and compliance processes that satisfy the same compliance requirement. Second, we developed a method to automatically put forward proposals for a business process adaptation through the integration of alternative compliance processes to further ensure BPC.

[1]  Peter Dadam,et al.  Correctness criteria for dynamic changes in workflow systems - a survey , 2004, Data Knowl. Eng..

[2]  Robert Winter,et al.  Essential Layers, Artifacts, and Dependencies of Enterprise Architecture , 2006, 2006 10th IEEE International Enterprise Distributed Object Computing Conference Workshops (EDOCW'06).

[3]  Stefanie Rinderle-Ma,et al.  Dealing with change in process choreographies: Design and implementation of propagation algorithms☆ , 2015, Inf. Syst..

[4]  Jörg Becker,et al.  Integrating Regulatory Requirements into Information Systems Design and Implementation , 2014, ICIS.

[5]  Stefan Sackmann,et al.  Business Process Compliance and Business Process Change: An Approach to Analyze the Interactions , 2018, BIS.

[6]  Mike P. Papazoglou,et al.  Enforcing compliance on business processes through the use of patterns , 2011, ECIS.

[7]  Ilze Buksa,et al.  Business Process and Regulations: Approach to Linkage and Change Management , 2011, BIR.

[8]  Stefan Sackmann,et al.  Flexible Workflows and Compliance: A Solvable Contradiction?! , 2015, BPM.

[9]  Maria Rastrepkina,et al.  Managing Variability in Process Models by Structural Decomposition , 2010, BPMN.

[10]  Frank Leymann,et al.  Process Fragments , 2009, OTM Conferences.

[11]  Jörg Becker,et al.  The Relationship Of Is And Law - The Perspective Of And Implications For IS Research , 2013, ECIS.

[12]  M. Hammer,et al.  REENGINEERING THE CORPORATION: A MANIFESTO FOR BUSINESS REVOLUTION , 1995 .

[13]  Stephan Kühnel,et al.  An Approach Toward the Economic Assessment of Business Process Compliance , 2018, ER Workshops.

[14]  Kevin Göser,et al.  Flexibility and Compliance in Workflow Systems - The KitCom Prototype , 2013, CAiSE Forum.

[15]  Mike P. Papazoglou,et al.  Root-Cause Analysis of Design-Time Compliance Violations on the Basis of Property Patterns , 2010, ICSOC.

[16]  Stefan Sackmann,et al.  Using Business Process Compliance Approaches for Compliance Management with Regard to Digitization: Evidence from a Systematic Literature Review , 2018, BPM.

[17]  Frank Leymann,et al.  Business Process Compliance through Reusable Units of Compliant Processes , 2010, ICWE Workshops.

[18]  Martin Schultz,et al.  Enriching Process Models for Business Process Compliance Checking in ERP Environments , 2013, DESRIST.

[19]  Stefan Sackmann,et al.  Gaining Flexibility and Compliance in Rescue Processes with BPM , 2011, 2011 Sixth International Conference on Availability, Reliability and Security.

[20]  Nenad Stojanovic,et al.  Using Control Patterns in Business Processes Compliance , 2007, WISE Workshops.

[21]  Stefan Sackmann,et al.  Modeling Controls for Compliance -- An Analysis of Business Process Modeling Languages , 2013, 2013 27th International Conference on Advanced Information Networking and Applications Workshops.

[22]  Frank Leymann,et al.  Integrating Compliance into Business Processes: Process Fragments as Reusable Compliance Controls , 2010 .

[23]  Marlen Hofmann,et al.  Achieving Flexible and Compliant Processes in Disaster Management , 2013, 2013 46th Hawaii International Conference on System Sciences.

[24]  Tobias Seyffarth,et al.  BCIT: A Tool for Analyzing the Interactions between Business Process Compliance and Business Process Change , 2018, BPM.

[25]  Sebastian Höhn,et al.  Model-based reasoning on the achievement of business goals , 2009, SAC '09.

[26]  Stefan Sackmann,et al.  A Taxonomy of Compliance Processes for Business Process Compliance , 2017, BPM.

[27]  Mathias Weske,et al.  Resolution of Compliance Violation in Business Process Models: A Planning-Based Approach , 2009, OTM Conferences.

[28]  Guido Governatori,et al.  The Journey to Business Process Compliance , 2009, Handbook of Research on Business Process Modeling.

[29]  Mike P. Papazoglou,et al.  Formalizing and appling compliance patterns for business process compliance , 2016, Software & Systems Modeling.

[30]  Oliver Kopp,et al.  On BPMN Process Fragment Auto-Completion , 2011, ZEUS.

[31]  Alan R. Hevner,et al.  Design Science in Information Systems Research , 2004, MIS Q..