Business Process Compliance through Reusable Units of Compliant Processes
نویسندگان
چکیده
Compliance management is essential for ensuring that organizational business processes and supporting information systems are in accordance with a set of prescribed requirements originating from laws, regulations, and various legislative or technical documents such as Sarbanes-Oxley Act or ISO 17799. As the violation of such requirements may lead to significant punishment for an organization, compliance management should be supported at the very early stages of business process development. In this paper, we present an integrated approach to compliance management that helps process designers to adhere to compliance requirements relevant for their processes. Firstly, we introduce a conceptual model for specifying compliance requirements originating from various compliance sources. Secondly, we propose a framework for augmenting business processes with reusable fragments to ensure process compliance to certain requirements by design. Furthermore, we discuss the formalization of compliance requirements using mathematical logics and integrate the framework for process reuse with automated software verification tools.
منابع مشابه
Process-oriented Production of Learning Units for sustainable E-Learning Offerings
During the federal funding program ‘New Media in Education’, a project group was established, which produces learning contents for two E-Learning offerings of an international virtual university: Process Modeling and Knowledge Management. The continuous improvement and development of the required production processes with the objective of creating professional and competitive learning units lea...
متن کاملCompliance by Design for Artifact-Centric Business Processes
Compliance to legal regulations, internal policies, or best practices is becoming a more and more important aspect in business processes management. Compliance requirements are usually formulated in a set of rules that can be checked during or after the execution of the business process, called compliance by detection. If noncompliant behavior is detected, the business process needs to be redes...
متن کاملControl Patterns - Bridging The Gap Between Is Controls And BPM
While playing an increasingly important role across various industries, the efficient management of legal and regulatory compliance requirements remains a challenge in modern organizations. Commonly, compliance is handled by separate organizational units and not well integrated with core business processes. Based on the area of information systems (IS) controls as mechanism to fulfil given requ...
متن کاملEnabling flexibility of business processes by compliance rules - a case study from the insurance industry
The Swiss insurance company Die Mobiliar creates insurance documents with a wizard application utilizing the Papyrus Communication and Process Platform. Based on predefined processes, wizards guide business users through document generation processes. Although wizards can be amended by business administrators to respond to changing requirements, a high degree of process automation restricts ada...
متن کاملThe Journey to Business Process Compliance
It is a typical scenario that many organisations have their business processes specified independently of their business obligations (which includes contractual obligations to business partners, as well as obligations a business has to fulfil against regulations and industry standards). This is because of the lack of guidelines and tools that facilitate derivation of processes from contracts bu...
متن کامل