Business process compliance management: An integrated proactive approach
Elgammal,A.F.S.A. Sebahi,S. Türetken,O. Hacid,M.S. Papazoglou,M. van den Heuvel,W.J.A.M.
Elgammal,A.F.S.A.
Sebahi,S.
Türetken,O.
Hacid,M.S.
Papazoglou,M.
van den Heuvel,W.J.A.M.
Abstract
Today’s enterprises demand a high degree of compliance of business processes to meet regulations, such as Sarbanes-Oxley and Basel I-III. To ensure continuous guaranteed compliance, compliance management should be considered during all phases of the business process lifecycle; from the analysis and design to deployment, monitoring and evaluation. This paper introduces an integrated business process compliance management framework that incorporates design-time verification and runtime monitoring approaches. The nutshell of the approach is the Compliance Request Language (CRL), which is a high-level pattern-based language for the abstract specification of compliance requirements. From CRL expressions, formal compliance rules can be automatically generated, thereby eliminating the need for business and compliance experts to learn and use complex low-level formal languages. Formalized compliance rules enable automated approaches to be used for the static verification and dynamic monitoring of business processes. An integrated prototypical tool-suite is developed as a proof-of-concept to help validating the applicability of the approaches, and validated by experiment with two real-life case studies.
Description
Date
2014
Journal Title
Journal ISSN
Volume Title
Publisher
IBIMA Publishing
Research Projects
Organizational Units
Journal Issue
Keywords
SDG 10 - Reduced Inequalities
Citation
Elgammal, A F S A, Sebahi, S, Türetken, O, Hacid, M S, Papazoglou, M & van den Heuvel, W J A M 2014, Business process compliance management : An integrated proactive approach. in Proceedings of the 24th IBIMA Conference (IBIMA 2014). IBIMA Publishing, Milan (Italy), International Business Information Management Conference 2014, Milan, Italy, 6/11/14.