Today's enterprises demand a high degree of compliance of business processes to meet laws and regulations, such as Sarbanes-Oxley and Basel II. Compliance should be enforced during all phases of business process lifecycle, from the phases of analysis and design to deployment, monitoring and evaluation. In this paper, a taxonomy of compliance constraints for business processes is introduced based on the notion of compliance patterns. Patterns facilitate the formal specification of compliance constraints that enable their verification and analysis against business process models. This taxonomy serves as the backbone of the root-cause analysis, which is conducted to reason about and eventually to resolve design-time compliance violations, by providing appropriate guidelines as remedies to alleviate design-time compliance deviations. We have developed and integrated a set of tools to observe and evaluate the applicability of our approach, and experiment with it in case studies.
|Journal||International Journal of Cooperative Information Systems, IJCIS|
|Publication status||Published - 2012|