Business process compliance management: An integrated proactive approach

A.F.S.A. Elgammal, S. Sebahi, O. Türetken, M.S. Hacid, M. Papazoglou, W.J.A.M. van den Heuvel

Research output: Chapter in Book/Report/Conference proceedingConference contributionScientificpeer-review

Abstract

Today’s enterprises demand a high degree of compliance of business processes to meet regulations, such as Sarbanes-Oxley and Basel I-III. To ensure continuous guaranteed compliance, compliance management should be considered during all phases of the business process lifecycle; from the analysis and design to deployment, monitoring and evaluation. This paper introduces an
integrated business process compliance management framework that
incorporates design-time verification and runtime monitoring approaches. The nutshell of the approach is the Compliance Request Language (CRL), which is a high-level pattern-based language for the abstract specification of compliance requirements. From CRL expressions, formal compliance rules can be
automatically generated, thereby eliminating the need for business and
compliance experts to learn and use complex low-level formal languages. Formalized compliance rules enable automated approaches to be used for the static verification and dynamic monitoring of business processes. An integrated prototypical tool-suite is developed as a proof-of-concept to help validating the
applicability of the approaches, and validated by experiment with two real-life case studies.
Original languageEnglish
Title of host publicationProceedings of the 24th IBIMA Conference (IBIMA 2014)
Place of PublicationMilan (Italy)
PublisherIBIMA Publishing
ISBN (Print)9780986041938
Publication statusPublished - 2014
EventInternational Business Information Management Conference 2014 - Milan, Italy
Duration: 6 Nov 20147 Nov 2014

Conference

ConferenceInternational Business Information Management Conference 2014
Abbreviated titleIBIMA 2014
CountryItaly
CityMilan
Period6/11/147/11/14

Fingerprint

Industry
Monitoring
Compliance
Formal languages
Specifications
Experiments

Cite this

Elgammal, A. F. S. A., Sebahi, S., Türetken, O., Hacid, M. S., Papazoglou, M., & van den Heuvel, W. J. A. M. (2014). Business process compliance management: An integrated proactive approach. In Proceedings of the 24th IBIMA Conference (IBIMA 2014) Milan (Italy): IBIMA Publishing.
Elgammal, A.F.S.A. ; Sebahi, S. ; Türetken, O. ; Hacid, M.S. ; Papazoglou, M. ; van den Heuvel, W.J.A.M. / Business process compliance management : An integrated proactive approach. Proceedings of the 24th IBIMA Conference (IBIMA 2014). Milan (Italy) : IBIMA Publishing, 2014.
@inproceedings{77ed6d7c7cbf4325828ac9f7648746fb,
title = "Business process compliance management: An integrated proactive approach",
abstract = "Today’s enterprises demand a high degree of compliance of business processes to meet regulations, such as Sarbanes-Oxley and Basel I-III. To ensure continuous guaranteed compliance, compliance management should be considered during all phases of the business process lifecycle; from the analysis and design to deployment, monitoring and evaluation. This paper introduces anintegrated business process compliance management framework that incorporates design-time verification and runtime monitoring approaches. The nutshell of the approach is the Compliance Request Language (CRL), which is a high-level pattern-based language for the abstract specification of compliance requirements. From CRL expressions, formal compliance rules can beautomatically generated, thereby eliminating the need for business and compliance experts to learn and use complex low-level formal languages. Formalized compliance rules enable automated approaches to be used for the static verification and dynamic monitoring of business processes. An integrated prototypical tool-suite is developed as a proof-of-concept to help validating theapplicability of the approaches, and validated by experiment with two real-life case studies.",
author = "A.F.S.A. Elgammal and S. Sebahi and O. T{\"u}retken and M.S. Hacid and M. Papazoglou and {van den Heuvel}, W.J.A.M.",
year = "2014",
language = "English",
isbn = "9780986041938",
booktitle = "Proceedings of the 24th IBIMA Conference (IBIMA 2014)",
publisher = "IBIMA Publishing",

}

Elgammal, AFSA, Sebahi, S, Türetken, O, Hacid, MS, Papazoglou, M & van den Heuvel, WJAM 2014, Business process compliance management: An integrated proactive approach. in Proceedings of the 24th IBIMA Conference (IBIMA 2014). IBIMA Publishing, Milan (Italy), International Business Information Management Conference 2014, Milan, Italy, 6/11/14.

Business process compliance management : An integrated proactive approach. / Elgammal, A.F.S.A.; Sebahi, S.; Türetken, O.; Hacid, M.S.; Papazoglou, M.; van den Heuvel, W.J.A.M.

Proceedings of the 24th IBIMA Conference (IBIMA 2014). Milan (Italy) : IBIMA Publishing, 2014.

Research output: Chapter in Book/Report/Conference proceedingConference contributionScientificpeer-review

TY - GEN

T1 - Business process compliance management

T2 - An integrated proactive approach

AU - Elgammal, A.F.S.A.

AU - Sebahi, S.

AU - Türetken, O.

AU - Hacid, M.S.

AU - Papazoglou, M.

AU - van den Heuvel, W.J.A.M.

PY - 2014

Y1 - 2014

N2 - Today’s enterprises demand a high degree of compliance of business processes to meet regulations, such as Sarbanes-Oxley and Basel I-III. To ensure continuous guaranteed compliance, compliance management should be considered during all phases of the business process lifecycle; from the analysis and design to deployment, monitoring and evaluation. This paper introduces anintegrated business process compliance management framework that incorporates design-time verification and runtime monitoring approaches. The nutshell of the approach is the Compliance Request Language (CRL), which is a high-level pattern-based language for the abstract specification of compliance requirements. From CRL expressions, formal compliance rules can beautomatically generated, thereby eliminating the need for business and compliance experts to learn and use complex low-level formal languages. Formalized compliance rules enable automated approaches to be used for the static verification and dynamic monitoring of business processes. An integrated prototypical tool-suite is developed as a proof-of-concept to help validating theapplicability of the approaches, and validated by experiment with two real-life case studies.

AB - Today’s enterprises demand a high degree of compliance of business processes to meet regulations, such as Sarbanes-Oxley and Basel I-III. To ensure continuous guaranteed compliance, compliance management should be considered during all phases of the business process lifecycle; from the analysis and design to deployment, monitoring and evaluation. This paper introduces anintegrated business process compliance management framework that incorporates design-time verification and runtime monitoring approaches. The nutshell of the approach is the Compliance Request Language (CRL), which is a high-level pattern-based language for the abstract specification of compliance requirements. From CRL expressions, formal compliance rules can beautomatically generated, thereby eliminating the need for business and compliance experts to learn and use complex low-level formal languages. Formalized compliance rules enable automated approaches to be used for the static verification and dynamic monitoring of business processes. An integrated prototypical tool-suite is developed as a proof-of-concept to help validating theapplicability of the approaches, and validated by experiment with two real-life case studies.

M3 - Conference contribution

SN - 9780986041938

BT - Proceedings of the 24th IBIMA Conference (IBIMA 2014)

PB - IBIMA Publishing

CY - Milan (Italy)

ER -

Elgammal AFSA, Sebahi S, Türetken O, Hacid MS, Papazoglou M, van den Heuvel WJAM. Business process compliance management: An integrated proactive approach. In Proceedings of the 24th IBIMA Conference (IBIMA 2014). Milan (Italy): IBIMA Publishing. 2014