Abstract
An increasing number of concurrent standards and regulations is being imposed on organizations operating in various domains. From healthcare to automotive to food, demands from national legislation, directives of each target market, and edicts from specific clients are creating a patchwork of requirements for compliance and audit. Managing these disconnected frameworks involves considerable overhead, duplications, and conflicts. But integrating and harmonizing these requirements needs the collaboration of varied stakeholders, with different trainings and backgrounds, capable of translating the impacts of the various norms in the different sectors of the organization. We propose a participative goal-oriented approach, consisting of four steps, to assist in this process. It brings together the requirements from the various regulations, the organizational goals, and measurement indicators. We describe its use in a company operating in the food industry, one of the most regulated in the world, where audits are very frequent, to integrate ISO 22000, IFS Food, and BRC Global Standards. Our findings show that an effective integration of the multiple regulations was possible and that the resulting goal diagrams are an effective tool for communicating with various stakeholders, such as employees, clients, auditors, consultants, and representatives of industry initiatives.
Similar content being viewed by others
References
Albersmeier F, Schulze H, Jahn G, Spiller A (2009) The reliability of third-party certification in the food chain: From checklists to risk-oriented auditing. Food Control 20:927–935
Amyot D, Mussbacher G (2011) User requirements notation: the first ten years, the next ten years. J Softw 6:747–768
Amyot D, Shamsaei A, Kealey J, Tremblay E, Miga A, Mussbacher G, Alhaj M, Tawhid R, Braun E, Cartwright N (2012) Towards advanced goal model analysis with jUCMNav. In: Lecture notes in computer science, vol 7518. LNCS, pp 201–210
Amyot D, Rashidi-Tabrizi R, Mussbacher G (2013) Improved GRL modeling and analysis with jUCMNav 5. In: Proceedings of the 6th international i* work. (iStar 2013), CEUR vol 978. pp 137–139
Barata J, Cunha PR (2013) Modeling the organizational regulatory space: a joint design approach. In: Grabis J, Kirikova M, Zdravkovic J, Stirna J (eds) Sixth IFIP WG 8.1, practice of enterprise modeling (PoEM 2013), LNBIP 165. Springer, pp 206–220
Barone D, Peyton L, Rizzolo F, Amyot D, Mylopoulos J, Badreddin O (2014) Model-based management of strategic initiatives. J Data Semant 4:149–165
Baskerville R, Wood-Harper AT (1996) A critical perspective on action research as a method for information systems research. J Inf Technol 11:235–246
BRC (2015) BRC global standard. British Retail Consortium, London
Chen E, Flint S, Perry P, Perry M, Lau R (2015) Implementation of non-regulatory food safety management schemes in New Zealand: a survey of the food and beverage industry. Food Control 47:569–576
Cunha PR, Figueiredo AD (2002) Action research and critical rationalisationism: a virtuous marriage. In: Proceedings of the 10th European conference on information systems. Gdańsk, Poland, pp 19–27
Davison R, Martinsons MG, Kock N (2004) Principles of canonical action research. Inf Syst J 14:65–86
Davison R, Martinsons MG, Ou CXJ (2012) The roles of theory in canonical action research. MIS Q 36:763–786
Easterbrook S, Yu E, Aranda J, Fan Y, Horkoff J, Leica M, Qadir RA (2005) Do viewpoints lead to better conceptual models? An exploratory case study. In: 13th IEEE international conference requirements engineering RE05. pp 199–208
Foster M (1972) An introduction to the theory and practice of action research in work organizations. Hum Relat 25:529–556
Frank U, Winter R, Mertens P, König W, Scheer A-W, Buhl HU, Buxmann P, Legner C, Suhl L (2015) Impact engineering or social responsibility? Bus Inf Syst Eng 57:279–292
French JRP (1950) Field experiments: changing group productivity. In: Miller JG (ed) Experiments in social process: a symposium on social psychology. McGraw-Hill, pp 81–96
Garg R, Naudts B, Verbrugge S, Stiller B (2015) Modeling legal and regulative requirements for ranking alternatives of cloud-based services. In: Proceedings of the 8th international work, Requirements Engineering and Law, RELAW 2015, pp 25–32
Ghanavati S, Amyot D, Peyton L (2007) Towards a framework for tracking legal compliance in healthcare. In: Advanced information systems engineering CAiSE, LNCS 4495, pp 218–232
Ghanavati S, Amyot D, Peyton L, Siena A, Perini A, Susi A (2010) Integrating business strategies with requirement models of legal compliance. Int J Electron Bus 8:260–280
Ghanavati S, Rifaut A, Dubois E, Tudor CRPH, Amyot D (2014) Goal-oriented compliance with multiple regulations. In: 22nd International requirements engineering conference, pp 73–82
Giorgini P, Perini A, Mylopoulos J, Giunchiglia F, Bresciani P (2001) Agent-oriented software development: a case study. In: Proceedings of the 13th international conference on software engineering, pp 283–290
Hancher L, Moran M (1989) Organizing regulatory space. In: Hancher L, Moran M (eds) Capitalism, culture and economic regulation. Oxford University Press, New york, pp 271–299
Havinga T (2015) Retail driven food safety regulation. In: Hammoudi A, Grazia C, Surry Y, Traversac J-B (eds) Food safety, market organization, trade and development. Springer, Berlin, pp 59–76
Heidari F, Loucopoulos P (2014) Quality evaluation framework (QEF): modeling and evaluating quality of business processes. Int J Acc Inf Syst 15:193–223
Horkoff J, Ba F, Cardoso E, Li T, Maté A, Paja E, Salnitri M, Mylopoulos J, Giorgini P (2016) Goal-oriented requirements engineering: a systematic literature map. In: 2016 IEEE 24th international requirements engineering conference, pp 106–115
Hult M, Lennung S-Å (1980) Towards a definition of action research: a note and bibliography. J Manag Stud 17:241–250
IFS (2012) IFS food (version 6) - standard for auditing quality and food safety of food products. IFS Management GmbH
Ingolfo S, Siena A, Mylopoulos J (2014) Nòmos 3: legal compliance of roles and requirements. In: Advances in conceptual modeling, LNCS 8823. Springer, pp 127–132
ISO (2005) ISO 22000 food safety management systems: requirements for any organization in the food chain. International Organization for Standardization, Geneva
ISO (2015) ISO 9001:2015 Quality management system: requirements. International Organization for Standardization, Geneva
ITU-T (2012) User requirements notation (URN): language definition (Z.151, 10/2012). International Telecommunication Union
Jørgensen T, Remmen A, Mellado M (2006) Integrated management systems: three different levels of integration. J Clean Prod 14:713–722
Kavakli E, Loucopoulos P (2006) Experiences with goal-oriented modeling of organizational change. IEEE Trans Syst Man Cybern Part C Appl Rev 36:221–235
Leite JC, Cappelli C (2010) Software transparency. Bus Inf Syst Eng 2:127–139
Luning PA, Marcelis WJ, Rovira J, Van der Spiegel M, Uyttendaele M, Jacxsens L (2009) Systematic assessment of core assurance activities in a company specific food safety management system. Trends Food Sci Technol 20:300–312
Massey AK, Otto PN, Hayward LJ, Antón AI (2010) Evaluating existing security and privacy requirements for legal compliance. Requir Eng 15:119–137
Maxwell JC, Anton AI, Earp JB (2013) An empirical investigation of software engineers’ ability to classify legal cross-references. In: 21st IEEE international requirements engineering conference, RE 2013. pp 24–31
Meijboom F, Visak T, Brom F (2006) From trust to trustworthiness: why information is not enough in the food sector. J Agric Environ Ethics 19:427–442
Nekvi MRI, Madhavji NH (2015) Impediments to regulatory compliance of requirements in contractual systems engineering projects: a case study. ACM Trans Manag Inf Syst 5:15:1–15:35
Niehaves B, Stirna J (2006) Participative enterprise modelling for balanced scorecard implementation. In: Proceedings of the European conference on information systems
Otto PN, Antón AI (2007) Addressing legal requirements in requirements engineering. In: Proceedings of the 15th IEEE international requirements engineering conference, RE 2007. pp 379–380
Palmieri A, Collet P, Amyot D (2015) Handling regulatory goal model families as software product lines. In: International conference on advanced information systems engineering, CAiSE. LNCS 9097
Panesar-Walawege RK, Sabetzadeh M, Briand L (2011) A model-driven engineering approach to support the verification of compliance to safety standards. In: IEEE 22nd international symposium on software reliability engineering, pp 30–39
Paulk M (2004) Surviving the quagmire of process models, integrated models, and standards. In: ASQ annual quality congress proceedings, pp 1–8
Popper K (1982) Unended quest: an intellectual autobiography. Open Court Publishing Company, La Salle
Rifaut A, Dubois E (2008) Using goal-oriented requirements engineering for improving the quality of ISO/IEC 15504 based compliance assessment frameworks. In: 16th IEEE international requirements engineering conference, pp 33–42
Samavi R, Yu E, Topaloglou T (2009) Strategic reasoning about business models: a conceptual modeling approach. Inf Syst E Bus Manag 7:171–198
Sampaio P, Saraiva P, Domingues P (2013) Management systems: integration or addition? Int J Qual Reliab Manag 29:402–424
Sansawat S, Muliyil V (2012) Comparing global food safety initiative (GFSI) recognized standards. A discussion about the similarities and differences between the requirements of the GFSI benchmarked food safety standards. SGS White Paper. http://www.sgs.com/~/media/Global/Documents/White%20Papers/SGS_GFSI_WP_October%202012%20Update_Web.ashx
Shvaiko P (2005) A survey of schema-based matching approaches. J Data Semant 3730:146–171
Shvaiko P, Euzenat J (2013) Ontology matching: state of the art and future challenges. Knowl Data Eng IEEE Trans 25:158–176
Sousa HP, do Prado Leite JCS (2014) Modeling organizational alignment. In: Yu E, Dobbie G, Jarke M, Purao S (eds) Conceptual modeling 33rd ER 2014, LNCS 8824. Springer, pp 407–414
Stirna J, Zdravkovic J (2015) Interview with Sladjan Maras on “Challenges and Needs in Enterprise Modeling”. Bus Inf Syst Eng 57:79–81
Stirna J, Persson A, Sandkuhl K (2007) Participative enterprise modeling: experiences and recommendations. In: International conference on advanced information systems engineering. Springer, pp 546–560
Strohmaier M, Horkoff J, Yu E, Aranda J, Easterbrook S (2008) Can patterns improve i* modeling? two exploratory studies. In: Requirements engineering foundation for software quality, LNCS 5025. Springer, Berlin, pp 153–167
Susman GI, Evered RD (1978) An assessment of the scientific merits of action research. Adm Sci Q 23:582–603
van der Meulen BMJ (2011) The anatomy of private food law. In: van der Meulen BMJ (ed) Private food law. Governing food chains through contract law, self-regulation, private standards, audits and certification schemes. Wageningen Academic Publishers, Wageningen, pp 75–109
van der Spiegel M, Luning P, Ziggers G, Jongen W (2005) Evaluation of performance measurement instruments on their use for food quality systems. Crit Rev Food Sci Nutr 44:501–512
Wieringa R, Daneva M (2015) Six strategies for generalizing software engineering theories. Sci Comput Program 101:136–152
Yu ESK (1995) Modelling strategic relationships for process reengineering. University of Toronto, Canada
Zeng S, Shi J, Lou G (2007) A synergetic model for implementing an integrated management system: an empirical study in China. J Clean Prod 15:1760–1767
Author information
Authors and Affiliations
Corresponding author
Appendix
Appendix
This appendix provides additional detail on how goal modelling was used for integrating and managing multiple standards in the food company. Figure 6 shows and excerpt of the traditional annual plan of the organizational goals.
The spreadsheet represented above includes the main goals for the integrated system (column 2), grouped by the context (column 1), the target and indicator (columns 3 and 4), and the relation to the adopted standards. The main problems with this existing approach are:
-
(6)
It links goals with individual clauses of each standard, but does not address cases of goals that may be associated with multiple interrelated clauses of the standards;
-
(7)
It does not provide a clear indication of missing clauses and the interrelations between goals or indicators;
-
(8)
The spreadsheet is created at the end of the previous year and usually assessed at the end of the following year, lacking support for daily use or guidance on how to comply with the standards requirements;
-
(9)
It does not trace to tasks involved in accomplishing the stated goals of the organization;
-
(10)
It lacks pedagogic support to understand the requirements of the standards and their practical adoption in the organization.
The model included in Fig. 7 replaces the tabular presentation of Fig. 6, with several advantages:
-
(11)
It increases rigour and traceability, revealing that goals may affect other goals and clauses of different standards, for example, “Implement electronic audit records in production lines (mobile system)” contributes to a company goal to reduce nonconformities and to a requirement of a standard for planning the food safety management system;
-
(12)
It includes the tasks involved in accomplishing the objectives, at different levels of abstraction; for example, for actor food company Line 4 (bottom right), it becomes clear that the improvements that will lead to increased production simultaneously play a part in reducing complaints (associated with response time) and increase income;
-
(13)
It improves the awareness of participants over the integrated system and the interconnections between goals, tasks, and compliance to standards.
Figure 7 presents an excerpt of the goal model for the food company Line 4 (sauce production), created using our proposal.
Rights and permissions
About this article
Cite this article
Barata, J., da Cunha, P.R. Mending the patchwork of requirements from multiple standards using participative goal modelling: a case in the food industry. Requirements Eng 23, 425–441 (2018). https://doi.org/10.1007/s00766-017-0268-8
Received:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s00766-017-0268-8