In the past recent years, business process compliance has become an area of significant concern to many organizations. Despite an increasing number of methods and tools, organizations are still facing difficulties in finding effective support to ensure that their business processes comply with the requirements set forth by regulations, laws, standards, etc. While manual solutions offer limited assurance for compliance, there is a lack of a comprehensive framework for semi-automatically managing compliance requirements and ensuring compliance throughout all the phases of business process lifecycle. One of the foundational building blocks of such a framework is a generic conceptual model that supports factoring compliance and its relation to business processes. This paper introduces a compliance conceptual model to capture and manage compliance requirements and to relate them to business processes in a transparent and verifiable manner. The model also incorporates a set of patterns to facilitate the specification of formal compliance rules to be used for automated compliance verification and monitoring. We have developed a set of integrated tools that supports our framework and partially validated the framework in two case studies involving industry companies.
|Title of host publication||Proceedings of the 19th European Conference on Information Systems (ECIS 2011)|
|Subtitle of host publication||ICT and Sustainable Service Development, paper no. 5|
|Place of Publication||Helsinki|
|Publisher||Association for Information Systems|
|Publication status||Published - 2011|