Abstract
Business Process Compliance (BPC) denotes the execution of business processes in accordance with applicable compliance requirements. BPC can be satisfied through compliance processes that are integrated into the business process. In addition, compliance requirements place demands against IT components that are sometimes necessary to execute business or compliance processes. Various factors, such as outsourcing or business process reengineering can lead to a change of processes or IT components and thus to a violation of BPC. Consequently, our goal is to provide proposals for a business process adaptation to further ensure BPC. Following the design science research methodology, we developed two artifacts to reach our goal. First, we developed a meta-model that represents the interrelations between alternative compliance process patterns and compliance processes that satisfy the same compliance requirement. Second, we developed a method to automatically put forward proposals for a business process adaptation through the integration of alternative compliance processes to further ensure BPC.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsReferences
Governatori, G., Sadiq, S.: The Journey to Business Process Compliance. Handbook of Research on Business Process Modeling, pp. 426–454 (2009)
Turetken, O., Elgammal, A., van den Heuvel, W.-J., Papazoglou, M.: Enforcing compliance on business processes through the use of patterns. In: 19th ECIS 2011 (2011)
Knackstedt, R., Eggert, M., Heddier, M., Chasin, F., Becker, J.: The Relationship of is and Law - The Perspective of and Implications For IS Research. ECIS 2013 Completed Research (2013)
Rudzajs, P., Buksa, I.: Business process and regulations: approach to linkage and change management. In: Grabis, J., Kirikova, M. (eds.) BIR 2011. LNBIP, vol. 90, pp. 96–109. Springer, Heidelberg (2011). https://doi.org/10.1007/978-3-642-24511-4_8
Fdhila, W., Indiono, C., Rinderle-Ma, S., Reichert, M.: Dealing with change in process choreographies design and implementation of propagation algorithms. Inf. Syst. 49, 1–24 (2015)
Rinderle, S., Reichert, M., Dadam, P.: Correctness criteria for dynamic changes in workflow systems—a survey. Data Knowl. Eng. 50, 9–34 (2004)
Kittel, K.: Agilität von Geschäftsprozessen trotz Compliance. Tagungsband der 11. Internationale Tagung Wirtschaftsinformatik, pp. 967–981 (2013)
Elgammal, A., Turetken, O., van den Heuvel, W.-J., Papazoglou, M.: Root-cause analysis of design-time compliance violations on the basis of property patterns. Serv. Oriented Comput. 6470, 17–31 (2010)
Becker, J., Heddier, M., Braeuer, S., Knackstedt, R.: Integrating regulatory requirements into information systems design and implementation. In: Proceedings ICIS 2014 (2014)
Seyffarth, T., Kühnel, S., Sackmann, S.: Business Process Compliance and Business Process Change. An Approach to Analyze the Interactions. Business Information Systems. BIS 2018, Lecture Notes in Business Information Processing, pp. 176–189 (2018)
Kittel, K., Sackmann, S., Betke, H., Hofmann, M.: Achieving flexible and compliant processes in disaster management. In: 46th Hawaii International Conference on System Sciences (HICSS 2013), pp. 4687–4696 (2013)
Schumm, D., Leymann, F., Ma, Z., Scheibler, T., Strauch, S.: Integrating compliance into business processes. process fragments as reusable compliance controls. In: Proceedings of the MKWI 2010 (2010)
Hevner, A.R., March, S.T., Park, J., Ram, S.: Design science in information systems research. MIS Quart. 28, 75–105 (2004)
Sackmann, S., Kuehnel, S., Seyffarth, T.: Using business process compliance approaches for compliance management with regard to digitization: evidence from a systematic literature review. In: Weske, M., Montali, M., Weber, I., vom Brocke, J. (eds.) BPM 2018. LNCS, vol. 11080, pp. 409–425. Springer, Cham (2018). https://doi.org/10.1007/978-3-319-98648-7_24
Hammer, M., Champy, J.: Reengineering the corporation. a manifesto for business revolution. Harper Business, New York (1993)
Kittel, K., Sackmann, S.: Gaining Flexibility and Compliance in Rescue Processes with BPM. Workshops Resilience and IT-Risk in Social Infrastructures (RISI) im Rahmen der 6th International Conference on Availability, Reliability, and Security (2011)
Betke, H., Kittel, K., Sackmann, S.: Modeling Controls for Compliance. An Analysis of Business Process Modeling Languages. In: The 27th IEEE International Conference on Advanced Information Networking and Applications Workshops (WAINA-2013), pp. 866–871 (2013)
Eberle, H., Unger, T., Leymann, F.: Process fragments. In: Meersman, R., Dillon, T., Herrero, P. (eds.) OTM 2009. LNCS, vol. 5870, pp. 398–405. Springer, Heidelberg (2009). https://doi.org/10.1007/978-3-642-05148-7_29
Schumm, D., Turetken, O., Kokash, N., Elgammal, A., Leymann, F., van den Heuvel, W.-J.: Business process compliance through reusable units of compliant processes. In: Daniel, F., Facca, F.M. (eds.) ICWE 2010. LNCS, vol. 6385, pp. 325–337. Springer, Heidelberg (2010). https://doi.org/10.1007/978-3-642-16985-4_29
Rastrepkina, M.: Managing variability in process models by structural decomposition. In: Mendling, J., Weidlich, M., Weske, M. (eds.) BPMN 2010. LNBIP, vol. 67, pp. 106–113. Springer, Heidelberg (2010). https://doi.org/10.1007/978-3-642-16298-5_10
Kittel, K., Sackmann, S., Göser, K.: Flexibility and Compliance in Workflow Systems. The KitCom Prototype. Tagungsband CAiSE Forum - 25th International Conference on Advanced Information Systems Engineering, 154–160 (2013)
Seyffarth, T., Kühnel, S., Sackmann, S.: A Taxonomy of Compliance Processes for Business Process Compliance. 15th International Conference on Business Process Management, Business Process Management Forum (2017)
TOGAF (ed.): Content Metamodel. Content Metamodel Vision and Concepts. http://pubs.opengroup.org/architecture/togaf9-doc/arch/
Winter, R., Fischer, R.: Essential Layers, Artifacts, and Dependencies of Enterprise Architecture. In: 2006 10th IEEE International Enterprise Distributed Object Computing Conference Workshops (EDOCW 2006), p. 30 (2006)
Principles of Proper Accounting When Using Information Technology. IDW AcP FAIT 1 (2002)
Seyffarth, T., Raschke, K.: BCIT. A tool for analyzing the interactions between business process compliance and business process change. In: Proceedings of the Dissertation Award and Demonstration, Industrial Track at BPM 2018, pp. 81–85 (2018)
Sackmann, S., Kittel, K.: Flexible Workflows and Compliance: A Solvable Contradiction?! In: vom Brocke, J., Schmiedel, T. (eds.) BPM - Driving Innovation in a Digital World. MP, pp. 247–258. Springer, Cham (2015). https://doi.org/10.1007/978-3-319-14430-6_16
Kittel, K., Sackmann, S., Göser, K.: Flexibility and Compliance in Workflow Systems. The KitCom Prototype. Tagungsband CAiSE Forum - 25th International Conference on Advanced Information Systems Engineering, pp. 154–160 (2013)
Namiri, K., Stojanovic, N.: Using Control Patterns in Business Processes Compliance. WISE 2007 Workshops, pp. 178–190 (2007)
Schultz, M.: Enriching Process Models for Business Process Compliance Checking in ERP Environments. Design Science at the Intersection of Physical and Virtual Design 7939, pp. 120–135 (2013)
Elgammal, A., Turetken, O., van den Heuvel, W.-J., Papazoglou, M.: Formalizing and appling compliance patterns for business process compliance. Software System Modeling (2014)
Awad, A., Smirnov, S., Weske, M.: Resolution of compliance violation in business process models: a planning-based approach. In: Meersman, R., Dillon, T., Herrero, P. (eds.) OTM 2009. LNCS, vol. 5870, pp. 6–23. Springer, Heidelberg (2009). https://doi.org/10.1007/978-3-642-05148-7_4
Kopp, O., Leymann, F., Schumm, D., Unger, T.: On BPMN process fragment auto-completion. In: 3rd Central-European Workshop on Services and their Composition, pp. 58–64 (2011)
Höhn, S.: Model-based reasoning on the achievement of business goals. In: Proceedings of the 2009 ACM symposium on Applied Computing, pp. 1589–1593 (2009)
Kuehnel, S., Zasada, A.: An approach toward the economic assessment of business process compliance. In: Woo, C., Lu, J., Li, Z., Ling, T.W., Li, Guoliang, Lee, MLi (eds.) ER 2018. LNCS, vol. 11158, pp. 228–238. Springer, Cham (2018). https://doi.org/10.1007/978-3-030-01391-2_28
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2019 Springer Nature Switzerland AG
About this paper
Cite this paper
Seyffarth, T., Kuehnel, S., Sackmann, S. (2019). Business Process Compliance Despite Change: Towards Proposals for a Business Process Adaptation. In: Cappiello, C., Ruiz, M. (eds) Information Systems Engineering in Responsible Information Systems. CAiSE 2019. Lecture Notes in Business Information Processing, vol 350. Springer, Cham. https://doi.org/10.1007/978-3-030-21297-1_20
Download citation
DOI: https://doi.org/10.1007/978-3-030-21297-1_20
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-21296-4
Online ISBN: 978-3-030-21297-1
eBook Packages: Computer ScienceComputer Science (R0)