Compliance management is essential for ensuring that organizational business processes and supporting information systems are in accordance with a set of prescribed requirements originating from laws, regulations, and various legislative or technical documents such as Sarbanes-Oxley Act or ISO 17799. As the violation of such requirements may lead to significant punishment for an organization, compliance management should be supported at the very early stages of business process development. In this paper, we present an integrated approach to compliance management that helps process designers to adhere to compliance requirements relevant for their processes. Firstly, we introduce a conceptual model for specifying compliance requirements originating from various compliance sources. Secondly, we propose a framework for augmenting business processes with reusable fragments to ensure process compliance to certain requirements by design. Furthermore, we discuss the formalization of compliance requirements using mathematical logics and integrate the framework for process reuse with automated software verification tools.
Additional Metadata
ACM Requirements/Specifications (acm D.2.1), Elicitation methods (acm D.2.1.0)
THEME Software (theme 1)
Publisher Springer
Persistent URL dx.doi.org/10.1007/978-3-642-16985-4_29
Series Lecture Notes in Computer Science
Project Compliance-driven Models, Languages and Architectures for Services
Conference Workshop on Engineering SOA and the Web
Citation
Shumm, D, Turetken, O, Kokash, N, Elgammal, A, Leymann, F, & van den Heuvel, J. (2010). Business Process Compliance through Reusable Units of Compliant Processes. In Proceedings of Workshop on Engineering SOA and the Web 2010 (pp. 325–337). Springer. doi:10.1007/978-3-642-16985-4_29