Skip to main content
Springer Nature Link
Log in

Modeling Control Objectives for Business Process Compliance

  • Conference paper
Business Process Management (BPM 2007)

Part of the book series: Lecture Notes in Computer Science ((LNISA,volume 4714))

Included in the following conference series:

Abstract

Business process design is primarily driven by process improvement objectives. However, the role of control objectives stemming from regulations and standards is becoming increasingly important for businesses in light of recent events that led to some of the largest scandals in corporate history. As organizations strive to meet compliance agendas, there is an evident need to provide systematic approaches that assist in the understanding of the interplay between (often conflicting) business and control objectives during business process design. In this paper, our objective is twofold. We will firstly present a research agenda in the space of business process compliance, identifying major technical and organizational challenges. We then tackle a part of the overall problem space, which deals with the effective modeling of control objectives and subsequently their propagation onto business process models. Control objective modeling is proposed through a specialized modal logic based on normative systems theory, and the visualization of control objectives on business process models is achieved procedurally. The proposed approach is demonstrated in the context of a purchase-to-pay scenario.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

Similar content being viewed by others

References

  1. van der Aalst, W.M.P., van Dongen, B.F., Herbst, J., Maruster, L., Schimm, G., Weijters, A.J.M.M.: Workflow Mining: A Survey of Issues and Approaches. Data & Knowledge Engineering 47, 237–267 (2003)

    Article  Google Scholar 

  2. Alberti, M., Chesani, F., Gavanelli, M., Lamma, E., Mello, P., Torroni, P.: Compliance verification of agent interaction: A logic based tool. Applied Artificial Intelligence 20(2-4), 133–157 (2006)

    Article  Google Scholar 

  3. Antoniou, G., Billington, D., Governatori, G., Maher, M.J.: Representation results for defeasible logic. ACM Transactions on Computational Logic 2(2), 255–287 (2001)

    Article  Google Scholar 

  4. BPM Forum CEE: The Future. Building the Compliance Enabled Enterprise. Report produced by GlobalFluency in partnership with: AXS-One, Chief Executive Magazine and IT Compliance Institute (2006)

    Google Scholar 

  5. Carmo, J., Jones, A.J.I.: Deontic Logic and Contrary-to-Duties. In: Handbook of Philosophical Logic, 2nd edn., vol. 8, pp. 265–344. Kluwer, Dordrecht (2002)

    Google Scholar 

  6. COSO - The Committee of Sponsoring Organizations of the Treadway Commission Internal Control – Integrated Framework (May 1994)

    Google Scholar 

  7. Desai, N., Mallya, A.U., Chopra, A.K., Singh, M.P.: Interaction Protocols as Design Abstractions for Business Processes. IEEE Transaction on Software Engineering 31(12), 1015–1027 (2005)

    Article  Google Scholar 

  8. Dignum, V., Vázquez-Salceda, J., Dignum, F.: OMNI: Introducing Social Structure, Norms and Ontologies into Agent Organizations. In: Bordini, R.H., Dastani, M., Dix, J., Seghrouchni, A.E.F. (eds.) Programming Multi-Agent Systems. LNCS (LNAI), vol. 3346, pp. 181–198. Springer, Heidelberg (2005)

    Google Scholar 

  9. Farrell, D.H., Sergot, M.J., Sallé, M., Bartolini, C.: Using the event calculus for tracking the normative state in contracts. International Journal of Cooperative Information Systems 14(2-3), 99–129 (2005)

    Article  Google Scholar 

  10. Giblin, C., Muller, S., Pfitzmann, B.: From regulatory policies to event monitoring rules: Towards model driven compliance automation. IBM Research Report. Zurich Research Laboratory (October 2006)

    Google Scholar 

  11. Goedertier, S., Vanthienen, J.: Designing Compliant Business Processes with Obligations and Permissions. In: Eder, J., Dustdar, S. (eds.) Business Process Management Workshops. LNCS, vol. 4103, pp. 5–14. Springer, Heidelberg (2006)

    Chapter  Google Scholar 

  12. Governatori, G., Milosevic, Z., Sadiq, S.: Compliance checking between business processes and business contracts. In: Proceedings of the 10th IEEE Conference on Enterprise Distributed Object Computing, Hong Kong, October 16-20, 2006, pp. 16–20. IEEE Computer Society Press, Los Alamitos (2006)

    Google Scholar 

  13. Governatori, G.: Representing Business Contracts in RuleML. International Journal of Cooperative Information Systems 14(2-3), 181–216 (2005)

    Article  Google Scholar 

  14. Governatori, G., Rotolo, A.: Logic of Violations: A Gentzen System for Reasoning on Contrary-To-Duty Obligations. Australasian Journal of Logic 4, 193–215 (2006)

    MATH  Google Scholar 

  15. Governatori, G., Milosevic, Z.: A Formal Analysis of a Business Contract Language. International Journal of Cooperative Information Systems 15(4), 659–685 (2006)

    Article  Google Scholar 

  16. Governatori, G., Rotolo, A., Sartor, G.: Temporalised normative positions in defeasible logic. In: Gardner, A. (ed.) Procedings of the 10th International Conference on Artificial Intelligence and Law, pp. 25–34. ACM Press, New York (2005)

    Chapter  Google Scholar 

  17. Hagerty, J.: SOX Spending for 2006. AMR Research, Boston USA. (November 29, 2007)

    Google Scholar 

  18. Pesic, M., van der Aalst, W.M.P.: A Declarative Approach for Flexible Business Processes. In: Eder, J., Dustdar, S. (eds.) Business Process Management Workshops. LNCS, vol. 4103, pp. 169–180. Springer, Heidelberg (2006)

    Chapter  Google Scholar 

  19. Sartor, G.: Legal Reasoning: A Cognitive Approach to the Law. Springer, Heidelberg (2005)

    Google Scholar 

  20. Sadiq, S., Sadiq, W., Orlowska, M.: A Framework for Constraint Specification and Validation in Flexible Workflows. Information Systems 30(5), 349–378 (2005)

    Article  Google Scholar 

  21. Padmanabhan, V., Governatori, G., Sadiq, S., Colomb, R., Rotolo, A.: Process Modeling: The Deontic Way. In: Stumptner, M., Hartmann, S., Kiyoki, Y. (eds.) Australia-Pacific Conference on Conceptual Modeling 2006, CRPIT, vol. 53, pp. 75–84 (2006)

    Google Scholar 

  22. zur Muehlen, M., Rosemann, M.: Integrating Risks in Business Process Models. In: 16th Australasian Conference on Information Systems. November 29 – December 2, Sydney, Australia (2005)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. School of Information Technology and Electrical Engineering, The University of Queensland, St Lucia QLD 4072., Brisbane, Australia

    Shazia Sadiq & Guido Governatori

  2. SAP Research Centre CEC Karlsruhe, SAP AG, Vincenz-Prießnitz-Str.1, 76131 Karlsruhe, Germany

    Kioumars Namiri

Authors
  1. Shazia Sadiq
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Guido Governatori
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Kioumars Namiri
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Gustavo Alonso Peter Dadam Michael Rosemann

Rights and permissions

Reprints and permissions

Copyright information

© 2007 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Sadiq, S., Governatori, G., Namiri, K. (2007). Modeling Control Objectives for Business Process Compliance. In: Alonso, G., Dadam, P., Rosemann, M. (eds) Business Process Management. BPM 2007. Lecture Notes in Computer Science, vol 4714. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-75183-0_12

Download citation

  • DOI: https://doi.org/10.1007/978-3-540-75183-0_12

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-75182-3

  • Online ISBN: 978-3-540-75183-0

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics