Abstract
The adherence of business process compliance (BPC) is crucial for many companies. In addition, business processes may be supported by IT components, which can also be affected by compliance requirements. Due to business process change and the avoidance of compliance violations, companies must analyze, among other things, the interactions between business process change and BPC. Following the design science research paradigm, we developed and prototypically implemented a method that is able to analyze interactions between BPC and business process change considering supporting IT components and compliance processes. The method takes the business process change patterns “replace” and “delete” into account.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Schumm, D., Turetken, O., Kokash, N., Elgammal, A., Leymann, F., van den Heuvel, W.-J.: Business process compliance through reusable units of compliant processes. In: Daniel, F., Facca, F.M. (eds.) ICWE 2010. LNCS, vol. 6385, pp. 325–337. Springer, Heidelberg (2010). https://doi.org/10.1007/978-3-642-16985-4_29
Turetken, O., Elgammal, A., van den Heuvel, W.-J., Papazoglou, M.: Enforcing compliance on business processes through the use of patterns. In: 19th ECIS 2011 (2011)
Schäfer, T., Fettke, P., Loos, P.: Towards an integration of GRC and BPM – requirements changes for compliance management caused by externally induced complexity drivers. In: Daniel, F., Barkaoui, K., Dustdar, S. (eds.) BPM 2011. LNBIP, vol. 100, pp. 344–355. Springer, Heidelberg (2012). https://doi.org/10.1007/978-3-642-28115-0_33
Sadiq, S., Governatori, G., Namiri, K.: Modeling control objectives for business process compliance. In: Alonso, G., Dadam, P., Rosemann, M. (eds.) BPM 2007. LNCS, vol. 4714, pp. 149–164. Springer, Heidelberg (2007). https://doi.org/10.1007/978-3-540-75183-0_12
Knackstedt, R., Eggert, M., Heddier, M., Chasin, F., Becker, J.: The relationship of is and law - the perspective of and implications for IS research. In: ECIS 2013 Completed Research (2013)
The Audit of Financial Statements in an Information Technology Environment. IDW AuS 330 (2002)
Committee of Sponsoring Organizations of the Treadway Commission (COSO): Internal Control - Integrated Framework. Framework and Appendices (2012)
Rudzajs, P., Buksa, I.: Business process and regulations: approach to linkage and change management. In: Grabis, J., Kirikova, M. (eds.) BIR 2011. LNBIP, vol. 90, pp. 96–109. Springer, Heidelberg (2011). https://doi.org/10.1007/978-3-642-24511-4_8
Fdhila, W., Indiono, C., Rinderle-Ma, S., Reichert, M.: Dealing with change in process choreographies: design and implementation of propagation algorithms. Inf. Syst. 49, 1–24 (2015)
Rinderle, S., Reichert, M., Dadam, P.: Correctness criteria for dynamic changes in workflow systems—a survey. Data Knowl. Eng. 50, 9–34 (2004)
Awad, A.: BPMN-Q: a language to query business processes. In: Proceedings of EMISA 2007, pp. 115–128 (2007)
Koetter, F., Kochanowski, M., Weisbecker, A., Fehling, C., Leymann, F.: Integrating compliance requirements across business and IT. In: 2014 IEEE 18th International Enterprise Distributed Object Computing Conference (2014)
Hevner, A.R., Gregor, S.: Positioning and presenting design science research for maximum impact. MIS Q. 37 (2013)
Yu, P.S., Han, J., Faloutsos, C. (eds.): Link Mining: Models, Algorithms, and Applications. Springer Science + Business Media LLC, New York (2010). https://doi.org/10.1007/978-1-4419-6515-8
Camunda: Camunda BPMN model API. https://github.com/camunda/camunda-bpmn-model
Naveh, B.: JGraphT. http://jgrapht.org/
OMG (Hg): Business Process Model and Notation (BPMN). http://www.omg.org/spec/BPMN/2.0/PDF/
Jonkers, H., Lankhorst, M., van Buuren, R., Hoppenbrouwers, S., Bonsangue, M., van der Torre, L.: Concepts for modeling enterprise architectures. Int. J. Coop. Inf. Syst. 13, 257–287 (2004)
Juris (ed.): Gesetze im Internet. http://www.gesetze-im-internet.de
Seyffarth, T., Kühnel, S., Sackmann, S.: ConFlex: an ontology-based approach for the flexible integration of controls into business processes. Multikonferenz Wirtschaftsinformatik (MKWI) 2016, 1341–1352 (2016)
Kharbili, M., Medeiros, A.K.A.d., Stein, S., van der Aalst, W.M.P.: Business process compliance checking: current state and future challenges. MobIS 141, 107–113 (2008)
Sackmann, S., Kittel, K.: Flexible workflows and compliance: a solvable contradiction?! In: Vom Brocke, J., Schmiedel, T. (eds.) BPM - Driving Innovation in a Digital World, pp. 247–258. Springer, Cham (2015). https://doi.org/10.1007/978-3-319-14430-6_16
Seyffarth, T., Kühnel, S., Sackmann, S.: A taxonomy of compliance processes for business process compliance. In: Carmona, J., Engels, G., Kumar, A. (eds.) BPM 2017. LNBIP, vol. 297, pp. 71–87. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-65015-9_5
IEEE: IEEE Recommended Practice for Architectural Description of Software Intensive Systems, (IEEE Std 1 1471–2000). IEEE Computer Society, New York (2000)
TOGAF (ed.): Content Metamodel. Content Metamodel Vision and Concepts. http://pubs.opengroup.org/architecture/togaf9-doc/arch/
Winter, R., Fischer, R.: Essential layers, artifacts, and dependencies of enterprise architecture. In: 2006 10th IEEE International Enterprise Distributed Object Computing Conference Workshops (EDOCW 2006), p. 30 (2006)
The Open Group (ed.): TOGAF 9.1. Content Meta Model. http://pubs.opengroup.org/architecture/togaf9-doc/arch/chap34.html
Weber, B., Reichert, M., Rinderle-Ma, S.: Change patterns and change support features – enhancing flexibility in process-aware information systems. Data Knowl. Eng. 66, 438–466 (2008)
Rinderle-Ma, S., Reichert, M., Weber, B.: On the formal semantics of change patterns in process-aware information systems. In: Li, Q., Spaccapietra, S., Yu, E., Olivé, A. (eds.) ER 2008. LNCS, vol. 5231, pp. 279–293. Springer, Heidelberg (2008). https://doi.org/10.1007/978-3-540-87877-3_21
Fdhila, W., Rinderle-Ma, S., Reichert, M.: Change propagation in collaborative processes scenarios. In: 8th International Conference on Collaborative Computing: Networking, Applications and Worksharing (CollaborateCom) (2012)
Namiri, K.: Model-Driven Management of Internal Controls for Business Process Compliance. Karlsruhe (2008)
Frank, U., Heise, D., Ulrich, Kattenstroth, H., Ferguson, D.F., Hadar, E., Waschke, M.G.: ITML: a domain-specific modeling language for supporting business driven IT management. In: Proceedings of the 9th OOPSLA Workshop on Domain-Specific Modeling (2009)
Principles of Proper Accounting When Using Information Technology. IDW AcP FAIT 1 (2002)
Kirikova, M., Penicina, L., Gaidukovs, A.: Ontology based linkage between enterprise architecture, processes, and time. Commun. Comput. Inf. Sci. 539, 382–391 (2015)
Vom Brocke, J., Simons, A., Niehaves, B., Riemer, K., Plattfaut, R., Cleven, A.: Reconstructing the giant: on the importance of rigour in documenting the literature search process. In: 17th European Conference on Information Systems, pp. 2206–2217 (2009)
Webster, J., Watson, R.T.: Analyzing the past to prepare for the future: writing a literature review. MIS Q. 26, xiii–xxiii (2002)
Delfmann, P., Steinhorst, M., Dietrich, H.-A., Becker, J.: The generic model query language GMQL – conceptual specification, implementation, and runtime evaluation. Inf. Syst. 47, 129–177 (2015)
Gacitua-Decar, V., Pahl, C.: Automatic business process pattern matching for enterprise services design. In: 2009 World Conference on Services - II (2009)
Fellmann, M., Thomas, O., Busch, B.: A query-driven approach for checking the semantic correctness of ontology-based process representations. In: Abramowicz, W. (ed.) BIS 2011. LNBIP, vol. 87, pp. 62–73. Springer, Heidelberg (2011). https://doi.org/10.1007/978-3-642-21863-7_6
Ghanavati, S., Amyot, D., Peyton, L.: Compliance analysis based on a goal-oriented requirement language evaluation methodology. In: 2009 17th IEEE International Requirements Engineering Conference (2009)
Fdhila, W., Rinderle-Ma, S., Knuplesch, D., Reichert, M.: Change and compliance in collaborative processes. In: 2015 IEEE International Conference on Services Computing (2015)
Knuplesch, D., Fdhila, W., Reichert, M., Rinderle-Ma, S.: Detecting the effects of changes on the compliance of cross-organizational business processes. In: Johannesson, P., Lee, M.L., Liddle, Stephen W., Opdahl, Andreas L., López, Ó.P. (eds.) ER 2015. LNCS, vol. 9381, pp. 94–107. Springer, Cham (2015). https://doi.org/10.1007/978-3-319-25264-3_7
Knackstedt, R., Braeuer, S., Heddier, M., Becker, J.: Integrating regulatory requirements into information systems design and implementation. In: ICIS 2014 Proceedings (2014)
Elgammal, A., Turetken, O., van den Heuvel, W.-J., Papazoglou, M.: Root-cause analysis of design-time compliance violations on the basis of property patterns. In: Maglio, Paul P., Weske, M., Yang, J., Fantinato, M. (eds.) ICSOC 2010. LNCS, vol. 6470, pp. 17–31. Springer, Heidelberg (2010). https://doi.org/10.1007/978-3-642-17358-5_2
Halle, S.: Causality in message-based contract violations. a temporal logic “Whodunit”. In: 2011 IEEE 15th International Enterprise Distributed Object Computing Conference (2011)
Koetter, F., et al.: An universal approach for compliance management using compliance descriptors. In: Helfert, M., Ferguson, D., Méndez Muñoz, V., Cardoso, J. (eds.) CLOSER 2016. CCIS, vol. 740, pp. 209–231. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-62594-2_11
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2018 Springer International Publishing AG, part of Springer Nature
About this paper
Cite this paper
Seyffarth, T., Kuehnel, S., Sackmann, S. (2018). Business Process Compliance and Business Process Change: An Approach to Analyze the Interactions. In: Abramowicz, W., Paschke, A. (eds) Business Information Systems. BIS 2018. Lecture Notes in Business Information Processing, vol 320. Springer, Cham. https://doi.org/10.1007/978-3-319-93931-5_13
Download citation
DOI: https://doi.org/10.1007/978-3-319-93931-5_13
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-93930-8
Online ISBN: 978-3-319-93931-5
eBook Packages: Computer ScienceComputer Science (R0)