Skip to main content
SpringerLink
Log in

Business Process Compliance and Business Process Change: An Approach to Analyze the Interactions

  • Conference paper
  • First Online:
Business Information Systems (BIS 2018)

Part of the book series: Lecture Notes in Business Information Processing ((LNBIP,volume 320))

Included in the following conference series:

Abstract

The adherence of business process compliance (BPC) is crucial for many companies. In addition, business processes may be supported by IT components, which can also be affected by compliance requirements. Due to business process change and the avoidance of compliance violations, companies must analyze, among other things, the interactions between business process change and BPC. Following the design science research paradigm, we developed and prototypically implemented a method that is able to analyze interactions between BPC and business process change considering supporting IT components and compliance processes. The method takes the business process change patterns “replace” and “delete” into account.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Schumm, D., Turetken, O., Kokash, N., Elgammal, A., Leymann, F., van den Heuvel, W.-J.: Business process compliance through reusable units of compliant processes. In: Daniel, F., Facca, F.M. (eds.) ICWE 2010. LNCS, vol. 6385, pp. 325–337. Springer, Heidelberg (2010). https://doi.org/10.1007/978-3-642-16985-4_29

    Chapter  Google Scholar 

  2. Turetken, O., Elgammal, A., van den Heuvel, W.-J., Papazoglou, M.: Enforcing compliance on business processes through the use of patterns. In: 19th ECIS 2011 (2011)

    Google Scholar 

  3. Schäfer, T., Fettke, P., Loos, P.: Towards an integration of GRC and BPM – requirements changes for compliance management caused by externally induced complexity drivers. In: Daniel, F., Barkaoui, K., Dustdar, S. (eds.) BPM 2011. LNBIP, vol. 100, pp. 344–355. Springer, Heidelberg (2012). https://doi.org/10.1007/978-3-642-28115-0_33

    Chapter  Google Scholar 

  4. Sadiq, S., Governatori, G., Namiri, K.: Modeling control objectives for business process compliance. In: Alonso, G., Dadam, P., Rosemann, M. (eds.) BPM 2007. LNCS, vol. 4714, pp. 149–164. Springer, Heidelberg (2007). https://doi.org/10.1007/978-3-540-75183-0_12

    Chapter  Google Scholar 

  5. Knackstedt, R., Eggert, M., Heddier, M., Chasin, F., Becker, J.: The relationship of is and law - the perspective of and implications for IS research. In: ECIS 2013 Completed Research (2013)

    Google Scholar 

  6. The Audit of Financial Statements in an Information Technology Environment. IDW AuS 330 (2002)

    Google Scholar 

  7. Committee of Sponsoring Organizations of the Treadway Commission (COSO): Internal Control - Integrated Framework. Framework and Appendices (2012)

    Google Scholar 

  8. Rudzajs, P., Buksa, I.: Business process and regulations: approach to linkage and change management. In: Grabis, J., Kirikova, M. (eds.) BIR 2011. LNBIP, vol. 90, pp. 96–109. Springer, Heidelberg (2011). https://doi.org/10.1007/978-3-642-24511-4_8

    Chapter  Google Scholar 

  9. Fdhila, W., Indiono, C., Rinderle-Ma, S., Reichert, M.: Dealing with change in process choreographies: design and implementation of propagation algorithms. Inf. Syst. 49, 1–24 (2015)

    Article  Google Scholar 

  10. Rinderle, S., Reichert, M., Dadam, P.: Correctness criteria for dynamic changes in workflow systems—a survey. Data Knowl. Eng. 50, 9–34 (2004)

    Article  Google Scholar 

  11. Awad, A.: BPMN-Q: a language to query business processes. In: Proceedings of EMISA 2007, pp. 115–128 (2007)

    Google Scholar 

  12. Koetter, F., Kochanowski, M., Weisbecker, A., Fehling, C., Leymann, F.: Integrating compliance requirements across business and IT. In: 2014 IEEE 18th International Enterprise Distributed Object Computing Conference (2014)

    Google Scholar 

  13. Hevner, A.R., Gregor, S.: Positioning and presenting design science research for maximum impact. MIS Q. 37 (2013)

    Google Scholar 

  14. Yu, P.S., Han, J., Faloutsos, C. (eds.): Link Mining: Models, Algorithms, and Applications. Springer Science + Business Media LLC, New York (2010). https://doi.org/10.1007/978-1-4419-6515-8

    Book  Google Scholar 

  15. Camunda: Camunda BPMN model API. https://github.com/camunda/camunda-bpmn-model

  16. Naveh, B.: JGraphT. http://jgrapht.org/

  17. OMG (Hg): Business Process Model and Notation (BPMN). http://www.omg.org/spec/BPMN/2.0/PDF/

  18. Jonkers, H., Lankhorst, M., van Buuren, R., Hoppenbrouwers, S., Bonsangue, M., van der Torre, L.: Concepts for modeling enterprise architectures. Int. J. Coop. Inf. Syst. 13, 257–287 (2004)

    Article  Google Scholar 

  19. Juris (ed.): Gesetze im Internet. http://www.gesetze-im-internet.de

  20. Seyffarth, T., Kühnel, S., Sackmann, S.: ConFlex: an ontology-based approach for the flexible integration of controls into business processes. Multikonferenz Wirtschaftsinformatik (MKWI) 2016, 1341–1352 (2016)

    Google Scholar 

  21. Kharbili, M., Medeiros, A.K.A.d., Stein, S., van der Aalst, W.M.P.: Business process compliance checking: current state and future challenges. MobIS 141, 107–113 (2008)

    Google Scholar 

  22. Sackmann, S., Kittel, K.: Flexible workflows and compliance: a solvable contradiction?! In: Vom Brocke, J., Schmiedel, T. (eds.) BPM - Driving Innovation in a Digital World, pp. 247–258. Springer, Cham (2015). https://doi.org/10.1007/978-3-319-14430-6_16

    Chapter  Google Scholar 

  23. Seyffarth, T., Kühnel, S., Sackmann, S.: A taxonomy of compliance processes for business process compliance. In: Carmona, J., Engels, G., Kumar, A. (eds.) BPM 2017. LNBIP, vol. 297, pp. 71–87. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-65015-9_5

    Chapter  Google Scholar 

  24. IEEE: IEEE Recommended Practice for Architectural Description of Software Intensive Systems, (IEEE Std 1 1471–2000). IEEE Computer Society, New York (2000)

    Google Scholar 

  25. TOGAF (ed.): Content Metamodel. Content Metamodel Vision and Concepts. http://pubs.opengroup.org/architecture/togaf9-doc/arch/

  26. Winter, R., Fischer, R.: Essential layers, artifacts, and dependencies of enterprise architecture. In: 2006 10th IEEE International Enterprise Distributed Object Computing Conference Workshops (EDOCW 2006), p. 30 (2006)

    Google Scholar 

  27. The Open Group (ed.): TOGAF 9.1. Content Meta Model. http://pubs.opengroup.org/architecture/togaf9-doc/arch/chap34.html

  28. Weber, B., Reichert, M., Rinderle-Ma, S.: Change patterns and change support features – enhancing flexibility in process-aware information systems. Data Knowl. Eng. 66, 438–466 (2008)

    Article  Google Scholar 

  29. Rinderle-Ma, S., Reichert, M., Weber, B.: On the formal semantics of change patterns in process-aware information systems. In: Li, Q., Spaccapietra, S., Yu, E., Olivé, A. (eds.) ER 2008. LNCS, vol. 5231, pp. 279–293. Springer, Heidelberg (2008). https://doi.org/10.1007/978-3-540-87877-3_21

    Chapter  Google Scholar 

  30. Fdhila, W., Rinderle-Ma, S., Reichert, M.: Change propagation in collaborative processes scenarios. In: 8th International Conference on Collaborative Computing: Networking, Applications and Worksharing (CollaborateCom) (2012)

    Google Scholar 

  31. Namiri, K.: Model-Driven Management of Internal Controls for Business Process Compliance. Karlsruhe (2008)

    Google Scholar 

  32. Frank, U., Heise, D., Ulrich, Kattenstroth, H., Ferguson, D.F., Hadar, E., Waschke, M.G.: ITML: a domain-specific modeling language for supporting business driven IT management. In: Proceedings of the 9th OOPSLA Workshop on Domain-Specific Modeling (2009)

    Google Scholar 

  33. Principles of Proper Accounting When Using Information Technology. IDW AcP FAIT 1 (2002)

    Google Scholar 

  34. Kirikova, M., Penicina, L., Gaidukovs, A.: Ontology based linkage between enterprise architecture, processes, and time. Commun. Comput. Inf. Sci. 539, 382–391 (2015)

    Google Scholar 

  35. Vom Brocke, J., Simons, A., Niehaves, B., Riemer, K., Plattfaut, R., Cleven, A.: Reconstructing the giant: on the importance of rigour in documenting the literature search process. In: 17th European Conference on Information Systems, pp. 2206–2217 (2009)

    Google Scholar 

  36. Webster, J., Watson, R.T.: Analyzing the past to prepare for the future: writing a literature review. MIS Q. 26, xiii–xxiii (2002)

    Google Scholar 

  37. Delfmann, P., Steinhorst, M., Dietrich, H.-A., Becker, J.: The generic model query language GMQL – conceptual specification, implementation, and runtime evaluation. Inf. Syst. 47, 129–177 (2015)

    Article  Google Scholar 

  38. Gacitua-Decar, V., Pahl, C.: Automatic business process pattern matching for enterprise services design. In: 2009 World Conference on Services - II (2009)

    Google Scholar 

  39. Fellmann, M., Thomas, O., Busch, B.: A query-driven approach for checking the semantic correctness of ontology-based process representations. In: Abramowicz, W. (ed.) BIS 2011. LNBIP, vol. 87, pp. 62–73. Springer, Heidelberg (2011). https://doi.org/10.1007/978-3-642-21863-7_6

    Chapter  Google Scholar 

  40. Ghanavati, S., Amyot, D., Peyton, L.: Compliance analysis based on a goal-oriented requirement language evaluation methodology. In: 2009 17th IEEE International Requirements Engineering Conference (2009)

    Google Scholar 

  41. Fdhila, W., Rinderle-Ma, S., Knuplesch, D., Reichert, M.: Change and compliance in collaborative processes. In: 2015 IEEE International Conference on Services Computing (2015)

    Google Scholar 

  42. Knuplesch, D., Fdhila, W., Reichert, M., Rinderle-Ma, S.: Detecting the effects of changes on the compliance of cross-organizational business processes. In: Johannesson, P., Lee, M.L., Liddle, Stephen W., Opdahl, Andreas L., López, Ó.P. (eds.) ER 2015. LNCS, vol. 9381, pp. 94–107. Springer, Cham (2015). https://doi.org/10.1007/978-3-319-25264-3_7

    Chapter  Google Scholar 

  43. Knackstedt, R., Braeuer, S., Heddier, M., Becker, J.: Integrating regulatory requirements into information systems design and implementation. In: ICIS 2014 Proceedings (2014)

    Google Scholar 

  44. Elgammal, A., Turetken, O., van den Heuvel, W.-J., Papazoglou, M.: Root-cause analysis of design-time compliance violations on the basis of property patterns. In: Maglio, Paul P., Weske, M., Yang, J., Fantinato, M. (eds.) ICSOC 2010. LNCS, vol. 6470, pp. 17–31. Springer, Heidelberg (2010). https://doi.org/10.1007/978-3-642-17358-5_2

    Chapter  Google Scholar 

  45. Halle, S.: Causality in message-based contract violations. a temporal logic “Whodunit”. In: 2011 IEEE 15th International Enterprise Distributed Object Computing Conference (2011)

    Google Scholar 

  46. Koetter, F., et al.: An universal approach for compliance management using compliance descriptors. In: Helfert, M., Ferguson, D., Méndez Muñoz, V., Cardoso, J. (eds.) CLOSER 2016. CCIS, vol. 740, pp. 209–231. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-62594-2_11

    Chapter  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Martin Luther University Halle-Wittenberg, 06108, Halle (Saale), Germany

    Tobias Seyffarth, Stephan Kuehnel & Stefan Sackmann

Authors
  1. Tobias Seyffarth
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Stephan Kuehnel
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Stefan Sackmann
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Tobias Seyffarth .

Editor information

Editors and Affiliations

  1. Poznan University of Economics and Business, Poznan, Poland

    Witold Abramowicz

  2. Fraunhofer FOKUS, Berlin, Germany

    Adrian Paschke

Rights and permissions

Reprints and permissions

Copyright information

© 2018 Springer International Publishing AG, part of Springer Nature

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Seyffarth, T., Kuehnel, S., Sackmann, S. (2018). Business Process Compliance and Business Process Change: An Approach to Analyze the Interactions. In: Abramowicz, W., Paschke, A. (eds) Business Information Systems. BIS 2018. Lecture Notes in Business Information Processing, vol 320. Springer, Cham. https://doi.org/10.1007/978-3-319-93931-5_13

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-93931-5_13

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-93930-8

  • Online ISBN: 978-3-319-93931-5

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation