skip to main content
research-article

Compliance Checking of Organizational Interactions

Published: 29 December 2014 Publication History

Abstract

In business environments, different sorts of regulations are imposed to restrict the behavior of both public and private organizations, ranging from legal regulations to internal policies. Regulatory compliance is important for the safety of individual actors as well as the overall business environment. However, complexity derives from not only the contents of the regulations but also their interdependencies. As such, the verification of whether actors are able to comply with the combined regulations cannot be done by checking each regulation separately.
To these ends, we introduce a normative structure Norm Nets (NNs) for modeling sets of interrelated regulations and setting a basis for compliance checking of organizational interactions against interrelated regulations. NNs support a modular design by providing the constructs to represent regulations and the relationships between them. Additionally, we propose a computational mechanism to reason about regulatory compliance by mapping NNs to Colored Petri Nets (CPNs). We show that compliance checking of both individual actors’ behavior and the collective behavior of the business environment can be achieved automatically using state space analysis techniques of CPNs. The approach is illustrated with a case study from the domain of international trade.

References

[1]
Huib Aldewereld, Javier Vázquez-Salceda, Frank Dignum, and John-Jules Ch. Meyer. 2005. Norm compliance of protocols in electronic institutions. In Proceedings of International Conference on Autonomous Agents and Multiagent Systems. 1291--1292.
[2]
Giulia Andrighetto, Guido Governatori, Pablo Noriega, and Leendert W. N. van der Torre. 2012. Normative Multi-Agent Systems. Schloss Dagstuhl.
[3]
Ahmed Awad, Rajeev Goré, Zhe Hou, James Thomson, and Matthias Weidlich. 2012. An iterative approach to synthesize business process templates from compliance rules. Information Systems 37, 8 (2012), 714--736.
[4]
Aliaksandr Birukou, Vincenzo D’Andrea, Frank Leymann, Jacek Serafinski, Patricia Silveira, Steve Strauch, and Marek Tluczek. 2010. An integrated solution for runtime compliance governance in SOA. In Proceedings of International Conference on Service-Oriented Computing. 122--136.
[5]
Filip Caron, Jan Vanthienen, and Bart Baesens. 2013. Comprehensive rule-based compliance checking and risk management with process mining. Decision Support Systems 54, 3 (2013), 1357--1369.
[6]
Davide D’Aprile, Laura Giordano, Valentina Gliozzi, Alberto Martelli, Gian L. Pozzato, and Daniele T. Dupré. 2010. Verifying business process compliance by reasoning about actions. In Proceedings of International Workshop on Computational Logic in Multi-Agent Systems XI. 99--116.
[7]
Stijn Goedertier and Jan Vanthienen. 2006. Designing compliant business processes with obligations and permissions. In Proceedings of Business Process Management Workshops. 5--14.
[8]
Guido Governatori and Zoran Milosevic. 2006. A formal analysis of a business contract language. International Journal of Cooperative Information Systems 15, 4 (2006), 659--685.
[9]
Guido Governatori and Antonino Rotolo. 2008. An algorithm for business process compliance. In Proceedings of International Conference on Legal Knowledge and Information Systems. 186--191.
[10]
Guido Governatori and Antonino Rotolo. 2009. How do agents comply with norms? In Proceedings of International Joint Conferences on Web Intelligence and Intelligent Agent Technologies. 488--491.
[11]
Guido Governatori and Antonino Rotolo. 2010a. A conceptually rich model of business process compliance. In Proceedings of Asia-Pacific Conference on Conceptual Modelling, Vol. 110. 3--12.
[12]
Guido Governatori and Antonino Rotolo. 2010b. Norm compliance in business process modeling. In Proceedings of the 4th International Web Rule Symposium. 194--209.
[13]
Michel H. T. Hack. 1976. Decidability Questions for Petri Nets. Ph.D. Dissertation, Massachusetts Institute of Technology.
[14]
Andreas Herzig, Emiliano Lorini, Frédéric Moisan, and Nicolas Troquard. 2011. A dynamic logic of normative systems. In Proceedings of International Joint Conference on Artificial Intelligence. 228--233.
[15]
Kurt Jensen. 1997. Coloured Petri Nets: Basic Concepts, Analysis Methods and Practical Uses. Springer.
[16]
Kurt Jensen, Lars M. Kristensen, and Lisa Wells. 2007. Coloured Petri nets and CPN tools for modelling and validation of concurrent systems. International Journal on Software Tools for Technology Transfer 9, 3--4 (2007), 213--254.
[17]
Piotr Kaźmierczak, Truls Pedersen, and Thomas Ågotnes. 2012. NORMC: A norm compliance temporal logic model checker. In Proceedings of the 6th Starting AI Researchers’ Symposium. 168--179.
[18]
Marwane El Kharbili, Ana Karla A. de Medeiros, Sebastian Stein, and Wil M. P. van der Aalst. 2008. Business process compliance checking: Current state and future challenges. In Proceedings of Conference on Modellierung Betrieblicher Informationssysteme: Modellierung zwischen SOA und Compliance Management. 107--113.
[19]
Ying Liu, Samuel Müller, and Ke Xu. 2007. A static compliance-checking framework for business process models. IBM System Journal 46, 2 (2007), 335--361.
[20]
Niels Lohmann. 2013. Compliance by design for artifact-centric business processes. Information Systems 38, 4 (2013), 606--618.
[21]
John-Jules Ch Meyer and Roel Wieringa (Eds.). 1993. Deontic Logic in Computer Science: Normative System Specification. John Wiley & Sons Ltd.
[22]
Marco Montali. 2010. Declarative process mining. In Proceedings of Specification and Verification of Declarative Open Interaction Models. 343--365.
[23]
Tadao Murata. 1989. Petri nets: Properties, analysis and applications. In Proceedings of the IEEE. 541--580.
[24]
Elham Ramezani, Dirk Fahland, and Wil M. P. van der Aalst. 2012a. Where did I misbehave? Diagnostic information in compliance checking. In Proceedings of International Conference on Business Process Management. 262--278.
[25]
Elham Ramezani, Dirk Fahland, Boudewijn F. van Dongen, and Wil M. P. van der Aalst. 2012b. Diagnostic information in temporal compliance checking. Technical Report. BPM Center.
[26]
Anne Rozinat and Wil M. P. van der Aalst. 2008. Conformance checking of processes based on monitoring real behavior. Information Systems 33, 1 (2008), 64--95.
[27]
Nick Russell, Arthur H. M. ter Hofstede, Wil M. P. van der Aalst, and Nataliya Mulyar. 2006. Workflow Control-Flow Patterns: A Revised View. Technical Report BPM-06-22. BPM Center.
[28]
Shazia Sadiq, Guido Governatori, and Kioumars Namiri. 2007. Modeling control objectives for business process compliance. In Proceedings of International Conference on Business Process Management. 149--164.
[29]
Wil M. P. van der Aalst. 2011. Process Mining: Discovery, Conformance and Enhancement of Business Processes. Springer.
[30]
Wil M. P. van der Aalst. 2012. Process mining: Overview and opportunities. ACM Transaction on Management Information Systems 3, 2 (2012), 1--17.
[31]
Wil M. P. van der Aalst, Arya Adriansyah, and Boudewijn F. van Dongen. 2012. Replaying history on process models for conformance checking and performance analysis. Data Mining and Knowledge Discovery 2, 2 (2012), 182--192.
[32]
Wil M. P. van der Aalst, H. T. de Beer, and Boudewijn F. van Dongen. 2005. Process mining and verification of properties: An approach based on temporal logic. In Proceedings of OTM Confederated International Conferences, CoopIS, DOA, and ODBASE 2005. 130--147.
[33]
Wil M. P. van der Aalst, Kees M. van Hee, Jan Martijn E. M. van der Werf, Akhil Kumar, and Marc Verdonk. 2011. Conceptual model for online auditing. Decision Support Systems 50, 3 (2011), 636--647.
[34]
Georg H. von Wright. 1983. Norms, truth and logic. Practical Reason I (1983), 130--209.
[35]
Mathias Weske. 2007. Business Process Management: Concepts, Languages, Architecture. Springer, Berlin.
[36]
Fabiola López y López, Michael Luck, and Mark d’Inverno. 2006. A normative framework for agent-based systems. Computational and Mathematical Organization Theory 12, 2--3 (2006), 227--250.

Cited By

View all
  • (2024)How Institutional Pressures Drive Learning and Memory in OrganizationsImpacts of Innovation and Cognition in Management10.4018/979-8-3693-5777-4.ch010(231-262)Online publication date: 18-Oct-2024
  • (2019)Automated reasoning in normative detachment structures with ideal conditionsProceedings of the Seventeenth International Conference on Artificial Intelligence and Law10.1145/3322640.3326707(63-72)Online publication date: 17-Jun-2019
  • (2017)Alignment of process compliance and monitoring requirements in dynamic business collaborationsEnterprise Information Systems10.1080/17517575.2015.113548211:6(884-908)Online publication date: 1-Jul-2017
  • Show More Cited By

Recommendations

Comments

Information & Contributors

Information

Published In

cover image ACM Transactions on Management Information Systems
ACM Transactions on Management Information Systems  Volume 5, Issue 4
Special Issue on Business Process Intelligence
March 2015
236 pages
ISSN:2158-656X
EISSN:2158-6578
DOI:10.1145/2677016
Issue’s Table of Contents
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 29 December 2014
Accepted: 01 April 2014
Revised: 01 March 2014
Received: 01 May 2013
Published in TMIS Volume 5, Issue 4

Permissions

Request permissions for this article.

Check for updates

Author Tags

  1. Colored Petri Nets
  2. Norm compliance
  3. regulated business environments

Qualifiers

  • Research-article
  • Research
  • Refereed

Contributors

Other Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

  • Downloads (Last 12 months)20
  • Downloads (Last 6 weeks)0
Reflects downloads up to 12 Feb 2025

Other Metrics

Citations

Cited By

View all
  • (2024)How Institutional Pressures Drive Learning and Memory in OrganizationsImpacts of Innovation and Cognition in Management10.4018/979-8-3693-5777-4.ch010(231-262)Online publication date: 18-Oct-2024
  • (2019)Automated reasoning in normative detachment structures with ideal conditionsProceedings of the Seventeenth International Conference on Artificial Intelligence and Law10.1145/3322640.3326707(63-72)Online publication date: 17-Jun-2019
  • (2017)Alignment of process compliance and monitoring requirements in dynamic business collaborationsEnterprise Information Systems10.1080/17517575.2015.113548211:6(884-908)Online publication date: 1-Jul-2017
  • (2017)Reading agendas between the lines, an exerciseArtificial Intelligence and Law10.1007/s10506-017-9196-725:1(89-106)Online publication date: 1-Mar-2017
  • (2016)Application DomainsSocial Coordination Frameworks for Social Technical Systems10.1007/978-3-319-33570-4_12(231-263)Online publication date: 17-Aug-2016
  • (2015)Modeling and detecting norm conflicts in regulated organizationsProceedings of the 2015 International Conference on Coordination, Organizations, Institutions, and Norms in Agent Systems XI10.1007/978-3-319-42691-4_10(173-190)Online publication date: 4-May-2015

View Options

Login options

Full Access

View options

PDF

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

Figures

Tables

Media

Share

Share

Share this Publication link

Share on social media