Skip to main content
SpringerLink
Log in
Book cover

Digital Business pp 53–91Cite as

Compliance Management in Business Processes

  • Chapter
  • First Online:

Part of the book series: Lecture Notes on Data Engineering and Communications Technologies ((LNDECT,volume 21))

Abstract

Business Process Compliance refers to the act of conformance of a business process with policies, regulations and rules that govern the organization. An imperative requirement of business processes in various fields such as Health care, Insurance, Finance and Online Trade is adherence to a large number of compliance requirements, constraints and quality policies from various sources. Lack of compliance may result in huge compensations and loss of customers and reputation. Compliance issues can be handled either retrospectively i.e. after non-complaint situations are observed or they can be handled proactively i.e. anticipation of possibilities leading to non-compliant circumstances during process execution which may prevent occurrence of deviations and thus save upon compensation effects. Hence compliance management tasks need to be incorporated into each phase of the life-cycle of a business process. In this article we discuss contemporary activities related to lifecycle of compliance management in business processes which involve compliance elicitation, compliance formalization, compliance implementation, compliance verification and compliance improvement based on existing literature. Compliance Monitoring Functionalities (CMFs) which may be used to categorize and also assess existing compliance management approaches and frameworks are also discussed.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   119.00
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   159.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

Notes

  1. 1.

    http://www.iso.org/iso/home/standards/management-standards/iso9000.htm.

  2. 2.

    https://www.iso.org/obp/ui/#iso:std:iso-iec:27000:ed-4:v1:en.

  3. 3.

    https://www.sec.gov/about/laws/soa2002.pdf.

  4. 4.

    https://www.hhs.gov/sites/default/files/privacysummary.pdf.

  5. 5.

    http://www.icmr.nic.in/AboutUs/AboutICMR.html.

  6. 6.

    http://www.bis.org/bcbs/publ/d295.pdf.

  7. 7.

    http://www.itinfo.am/eng/business-process-management/.

  8. 8.

    http://www.spinroot.com.

  9. 9.

    http://www.spinroot.com.

References

  1. Governatori G (2005) Representing business contracts in RuleML. Int J Coop Inf Syst 14(02n03):181–216

    Article  Google Scholar 

  2. Bianco P, Lewis GA, Merson P (2008) Service level agreements in service-oriented architecture environments (No. CMU/SEI-2008-TN-021). Carnegie-Mellon University, Pittsburgh Pa Software Engineering Institute

    Google Scholar 

  3. Sadiq S, Governatori G (2010) Managing regulatory compliance in business processes. In: Handbook on business process management, vol 2. Springer, Berlin, Heidelberg, pp 159–175

    Chapter  Google Scholar 

  4. Hagerty J, Hackbush J, Gaughan D, Jacobson S (2008) The governance, risk management, and compliance spending report, 2008–2009: inside the $32 B GRC Market. AMR Research, Boston, USA, 25 Mar

    Google Scholar 

  5. Becker J, Delfmann P, Eggert M, Schwittay S (2012) Generalizability and applicability of model-based business process compliance-checking approaches—a state-of-the-art analysis and research roadmap. Bus Res 5(2):221–247

    Article  Google Scholar 

  6. Fellmann M, Zasada A (2014) State-of-the-art of business process compliance approaches. In 22st European conference on information systems (ECIS 2014), Tel Aviv, Israel, June 9–11. http://aisel.aisnet.org/ecis2014/proceedings/track06/8

  7. Silveira P, Rodríguez C, Birukou A, Casati F, Daniel F, D’Andrea V, Worledge C, Taheri Z (2012) Aiding compliance governance in service-based business processes. In: Handbook of research on service-oriented systems and non-functional properties: future directions. IGI Global, pp 524–548

    Google Scholar 

  8. World Health Organization, Special Programme for Research, Training in Tropical Diseases, World Health Organization. Department of Control of Neglected Tropical Diseases, World Health Organization. Epidemic and Pandemic Alert, 2009. Dengue: guidelines for diagnosis, treatment, prevention and control. World Health Organization

    Google Scholar 

  9. Cabanillas Macías C, Resinas Arias de Reyna M, Ruiz Cortés A (2010) Hints on how to face business process compliance. III Taller De Procesos De Negocio E Ingeniería De Servicios, PNIS2010, Valencia, España

    Google Scholar 

  10. Ramezani E, Fahland D, van der Aalst W (2012) Where did i misbehave? Diagnostic information in compliance checking. Bus Process Manag 262–278

    Google Scholar 

  11. Van der Aalst W, Van Hee K, Van der Werf JM, Kumar A, Verdonk M (2011) Conceptual model for online auditing. Decis Support Syst 50(3):636–647

    Article  Google Scholar 

  12. Ramezani E, Fahland D, van der Werf JM, Mattheis P (2011) Separating compliance management and business process management. In: International conference on business process management. Springer, Berlin, Heidelberg, pp 459–464

    Chapter  Google Scholar 

  13. Saeki M, Kaiya H (2008) Supporting the elicitation of requirements compliant with regulations. In: Advanced information systems engineering. Springer, Berlin, Heidelberg, pp 228–242

    Google Scholar 

  14. Davis J (2009) Open source SOA. Manning Publications Co

    Google Scholar 

  15. Steinke G, Nickolette C (2003) Business rules as the basis of an organization’s information systems. Ind Manag Data Syst 103(1):52–63

    Article  Google Scholar 

  16. Graham I (2007) Business rules management and service oriented architecture: a pattern language. Wiley

    Google Scholar 

  17. Alberti M, Chesani F, Gavanelli M, Lamma E, Mello P, Montali M, Torroni P (2008) Expressing and verifying business contracts with abductive logic programming. Int J Electron Commer 12(4):9–38

    Article  Google Scholar 

  18. Awad A, Decker G, Weske M (2008) Efficient compliance checking using BPMN-Q and temporal logic. In: BPM, vol 8, pp 326–341

    Google Scholar 

  19. Ghose A, Koliadis G (2007) Auditing business process compliance. In: Service-oriented computing (ICSOC 2007), pp 169–180

    Google Scholar 

  20. Governatori G, Sadiq S (2008) The journey to business process compliance

    Google Scholar 

  21. Hashmi M, Governatori G, Wynn MT (2016) Normative requirements for regulatory compliance: an abstract formal framework. Inf Syst Front 18(3):429–455

    Article  Google Scholar 

  22. Mulo E, Zdun U, Dustdar S (2009) Monitoring web service event trails for business compliance. In: 2009 IEEE international conference on service-oriented computing and applications (SOCA). IEEE, pp 1–8

    Google Scholar 

  23. Zhang P, Leung H, Li W, Li X (2013) Web services property sequence chart monitor: a tool chain for monitoring BPEL-based web service composition with scenario-based specifications. IET Softw 7(4):222–248

    Article  Google Scholar 

  24. Zur Muehlen M, Indulska M, Kamp G (2007) Business process and business rule modeling languages for compliance management: a representational analysis. In: Tutorials, posters, panels and industrial contributions at the 26th international conference on conceptual modeling, vol 83. Australian Computer Society, Inc, pp 127–132

    Google Scholar 

  25. Wagner G (2005) Rule modeling and markup. In: Reasoning web. Springer, Berlin, Heidelberg, pp 251–274

    Chapter  Google Scholar 

  26. Elgammal A, Turetken O, van den Heuvel WJ, Papazoglou M (2016) Formalizing and appling compliance patterns for business process compliance. Softw Syst Model 15(1):119–146

    Article  Google Scholar 

  27. Saralaya S, D’Souza R, Saralaya V (in press) An event-driven dynamic cross-layer business process compliance monitoring and analysis framework. Int J Bus Inf Syst. http://www.inderscience.com/info/ingeneral/forthcoming.php?jcode=ijbis

  28. Dwyer MB, Avrunin GS, Corbett JC (1998) Property specification patterns for finite-state verification. In: Proceedings of the second workshop on formal methods in software practice. ACM, pp 7–15

    Google Scholar 

  29. Turetken O, Elgammal A, Van den Heuvel W, Papazoglou M (2012) Capturing compliance requirements: a pattern-based approach. IEEE Softw 29(3):28–36

    Article  Google Scholar 

  30. Cabanillas Macías C, Resinas Arias de Reyna M, Ruiz Cortés A (2010) On the identification of data-related compliance problems in business processes. Vi Jornadas Científico-Técnicas En Servicios Web Y Soa, JSWEB 2010, Valencia, Spain

    Google Scholar 

  31. Knuplesch D, Ly LT, Rinderle-Ma S, Pfeifer H, Dadam P (2010) On enabling data-aware compliance checking of business process models. ER 10:332–346

    Google Scholar 

  32. Hashmi M, Governatori G, Wynn MT (2012) Business process data compliance. In: International workshop on rules and rule markup languages for the semantic web. Springer, Berlin, Heidelberg, pp 32–46

    Chapter  Google Scholar 

  33. Gómez-López MT, Gasca RM, Pérez-Álvarez JM (2015) Compliance validation and diagnosis of business data constraints in business processes at runtime. Inf Syst 48:26–43

    Article  Google Scholar 

  34. Schleicher D, Fehling C, Grohe S, Leymann F, Nowak A, Schneider P, Schumm D (2011) Compliance domains: a means to model data-restrictions in cloud environments. In: 2011 15th IEEE international enterprise distributed object computing conference (EDOC). IEEE, pp 257–266

    Google Scholar 

  35. Palmirani M, Governatori G, Contissa G (2011) Modelling temporal legal rules. In: Proceedings of the 13th international conference on artificial intelligence and law. ACM, pp 131–135

    Google Scholar 

  36. Barbon F, Traverso P, Pistore M, Trainotti M (2006) Run-time monitoring of instances and classes of web service compositions. In: International conference on web services, 2006 (ICWS’06). IEEE, pp 63–71

    Google Scholar 

  37. Li B, Ji S, Liao L, Qiu D, Sun M (2013) Monitoring web services for conformance. In: 2013 IEEE 7th international symposium on service oriented system engineering (SOSE). IEEE, pp 92–102

    Google Scholar 

  38. Governatori G, Hulstijn J, Riveret R, Rotolo A (2007) Characterising deadlines in temporal modal defeasible logic

    Google Scholar 

  39. Kumar A, Barton RR (2017) Controlled violation of temporal process constraints–models, algorithms and results. Inf Syst 64:410–424

    Article  Google Scholar 

  40. Cabanillas C, Resinas M, Ruiz-Cortés A (2011) Defining and analysing resource assignments in business processes with ral. In: International conference on service-oriented computing. Springer, Berlin, Heidelberg, pp 477–486

    Chapter  Google Scholar 

  41. Nakatumba J (2013) Resource-aware business process management: analysis and support. PhD thesis, Eindhoven University of Technology. https://doi.org/10.6100/ir760115

  42. Weidlich M, Ziekow H, Mendling J, Günther O, Weske M, Desai N (2011) Event-based monitoring of process execution violations. In: BPM, vol 11, pp 182–198

    Google Scholar 

  43. Popova V, Sharpanskykh A (2010) Modeling organizational performance indicators. Inf Syst 35(4):505–527

    Article  Google Scholar 

  44. Shahin A, Mahbod MA (2007) Prioritization of key performance indicators: an integration of analytical hierarchy process and goal setting. Int J Product Perform Manag 56(3):226–240

    Article  Google Scholar 

  45. Frankland J (2008) IT security metrics: implementation and standards compliance. Netw Secur 2008(6):6–9

    Article  Google Scholar 

  46. Chen C, Li L, Wei J (2007) AOP based trustable SLA compliance monitoring for web services. In  Seventh international conference on quality software, 2007 (QSIC’07). IEEE, pp 225–230

    Google Scholar 

  47. Mayerl C, Huner KM, Gaspar JU, Momm C, Abeck S (2007) Definition of metric dependencies for monitoring the impact of quality of services on quality of processes. In: 2nd IEEE/IFIP international workshop on  business-driven IT management, 2007 (BDIM’07). IEEE, pp 1–10

    Google Scholar 

  48. Hershey P, Runyon D, Wang Y (2007) Metrics for end-to-end monitoring and management of enterprise systems. In: Military communications conference, 2007 (MILCOM 2007). IEEE, pp 1–7

    Google Scholar 

  49. Pedrinaci C, Domingue J (2009) Ontology-based metrics computation for business process analysis. In: Proceedings of the 4th international workshop on semantic business process management. ACM, pp 43–50

    Google Scholar 

  50. Leitner P, Inzinger C, Hummer W, Satzger B, Dustdar S (2012) Application-level performance monitoring of cloud services based on the complex event processing paradigm. In: 2012 5th IEEE international conference on service-oriented computing and applications (SOCA). IEEE, pp 1–8

    Google Scholar 

  51. Sarwar A, Boland G, Monks A, Kruskal JB (2015) Metrics for radiologists in the era of value-based health care delivery. Radiographics 35(3):866–876

    Article  Google Scholar 

  52. Saralaya S, D’Souza R, Saralaya V (2016) Metrics for monitoring a hierarchical service-based system. Int J Appl Eng Res 11(6):3897–3904

    Google Scholar 

  53. Giblin C, Liu AY, Müller S, Pfitzmann B, Zhou X (2005) Regulations expressed as logical models (REALM). In: JURIX, pp 37–48

    Google Scholar 

  54. Hashmi M, Governatori G, Wynn MT (2014) Modeling obligations with event-calculus. In: International workshop on rules and rule markup languages for the semantic web. Springer, Cham, pp 296–310

    Chapter  Google Scholar 

  55. Kowalski R, Sergot M (1989) A logic-based calculus of events. In: Foundations of knowledge base management. Springer, Berlin, Heidelberg, pp 23–55

    Google Scholar 

  56. Spanoudakis G, Mahbub K (2006) Non-intrusive monitoring of service-based systems. Int J Coop Inf Syst 15(03):325–358

    Article  Google Scholar 

  57. Elgammal A, Turetken O, van den Heuvel WJ, Papazoglou M (2010a) On the formal specification of regulatory compliance: a comparative analysis. In: International conference on service-oriented computing. Springer, Berlin, Heidelberg, pp 27–38

    Chapter  Google Scholar 

  58. Hinman PG (2007) Fundamentals of mathematical logic

    Google Scholar 

  59. Governatori G, Hashmi M (2015) No time for compliance. In: 2015 IEEE 19th international enterprise distributed object computing conference (EDOC). IEEE, pp 9–18

    Google Scholar 

  60. Governatori G, Shek S (2012) Rule based business process compliance. In: RuleML (2)

    Google Scholar 

  61. Awad A (2007) BPMN-Q: a language to query business processes. In: EMISA, vol 119, pp 115–128

    Google Scholar 

  62. Van Der Aalst WM, Pesic M (2006) DecSerFlow: towards a truly declarative service flow language. In: International workshop on web services and formal methods. Springer, Berlin, Heidelberg, pp 1–23

    Google Scholar 

  63. Chesani F, Mello P, Montali M, Storari S (2007) Testing careflow process execution conformance by translating a graphical language to computational logic. In: AIME, vol 4594, pp 479–488

    Google Scholar 

  64. Khaluf L, Gerth C, Engels G (2011) Pattern-based modeling and formalizing of business process quality constraints. In: Advanced information systems engineering. Springer, Berlin, Heidelberg, pp 521–535

    Chapter  Google Scholar 

  65. Governatori G, Milosevic Z, Sadiq S (2006) Compliance checking between business processes and business contracts. In: 10th IEEE international enterprise distributed object computing conference, 2006 (EDOC’06). IEEE, pp 221–232

    Google Scholar 

  66. Meidan A, García-García JA, Escalona MJ, Ramos I (2017) A survey on business processes management suites. Comput Stand Interfaces 51:71–86

    Article  Google Scholar 

  67. Dijkman RM, Dumas M, Ouyang C (2008) Semantics and analysis of business process models in BPMN. Inf Softw Technol 50(12):1281–1294

    Article  Google Scholar 

  68. Ouyang C, Dumas M, Breutel S, ter Hofstede A (2006) Translating standard process models to BPEL. In: International conference on advanced information systems engineering. Springer, Berlin, Heidelberg, pp 417–432

    Chapter  Google Scholar 

  69. Ramezani E (2017) Understanding non-compliance. PhD thesis, Eindhoven University of Technology. https://pure.tue.nl/ws/files/52365079/20170116_Ramezani_Taghiabadi.pdf

  70. Koehler J (2011) The process-rule continuum-Can bpmn & sbvr cope with the challenge?. In 2011 IEEE 13th Conference on Commerce and Enterprise Computing (CEC), pp. 302–309. IEEE, 2011

    Google Scholar 

  71. Boella G, Janssen M, Hulstijn J, Humphreys L, Van Der Torre L (2013) Managing legal interpretation in regulatory compliance. In: Proceedings of the fourteenth international conference on artificial intelligence and law. ACM, pp 23–32

    Google Scholar 

  72. Holzmann GJ (1997) The model checker SPIN. IEEE Trans Softw Eng 23(5):279–295

    Article  Google Scholar 

  73. Holzmann G (2003) Spin model checker, the: primer and reference manual. Addison-Wesley Professional

    Google Scholar 

  74. Halle S, Villemaire R, Cherkaoui O (2009) Specifying and validating data-aware temporal web service properties. IEEE Trans Softw Eng 35(5):669–683

    Article  Google Scholar 

  75. Eshuis R (2006) Symbolic model checking of UML activity diagrams. ACM Trans Softw Eng and Methodol (TOSEM) 15(1):1–38

    Article  Google Scholar 

  76. Wang HJ, Zhao JL (2011) Constraint-centric workflow change analytics. Decis Support Syst 51(3):562–575

    Article  Google Scholar 

  77. Abouzaid F, Mullins J (2008) A calculus for generation, verification and refinement of BPEL specifications. Electronic Notes in Theoretical Computer Science 200(3):43–65

    Article  Google Scholar 

  78. Awad A, Goré R, Thomson J, Weidlich M (2011) An iterative approach for business process template synthesis from compliance rules. In: Advanced information systems engineering. Springer, Berlin, Heidelberg, pp 406–421

    Chapter  Google Scholar 

  79. Yu J, Han YB, Han J, Jin Y, Falcarin P, Morisio M (2008) Synthesizing service composition models on the basis of temporal business rules. J Comput Sci Technol 23(6):885–894

    Article  Google Scholar 

  80. Luckham D (2002) The power of events, vol 204. Addison-Wesley, Reading

    Google Scholar 

  81. Asim M, Llewellyn-Jones D, Lempereur B, Zhou B, Shi Q, Merabti M (2013) Event driven monitoring of composite services. In: 2013 international conference on social computing (SocialCom). IEEE, pp 550–557

    Google Scholar 

  82. Thullner R, Rozsnyai S, Schiefer J, Obweger H, Suntinger M (2011) Proactive business process compliance monitoring with event-based systems. In: 2011 15th IEEE international enterprise distributed object computing conference workshops (EDOCW). IEEE, pp 429–437

    Google Scholar 

  83. Barnawi A, Awad A, Elgammal A, Elshawi R, Almalaise A, Sakr S (2016) An anti-pattern-based runtime business process compliance monitoring framework. Int J Adv Comput Sci Appl 7(2)

    Google Scholar 

  84. Zahoor E, Perrin O, Godart C (2011) An event-based reasoning approach to web services monitoring. In: 2011 IEEE international conference on web services (ICWS). IEEE, pp 628–635

    Google Scholar 

  85. Baresi L, Guinea S (2011) Self-supervising BPEL processes. IEEE Trans Softw Eng 37(2):247–263

    Article  Google Scholar 

  86. Kallel S, Charfi A, Dinkelaker T, Mezini M, Jmaiel M (2009) Specifying and monitoring temporal properties in web services compositions. In: Seventh IEEE European conference on web services, 2009 (ECOWS’09). IEEE, pp 148–157

    Google Scholar 

  87. Moser O, Rosenberg F, Dustdar S (2008) Non-intrusive monitoring and service adaptation for WS-BPEL. In: Proceedings of the 17th international conference on world wide web. ACM, pp 815–824

    Google Scholar 

  88. Saralaya S, D’Souza R, Saralaya V (2015) Cross layer property verification with property sequence charts. In: 2015 international conference on soft-computing and networks security (ICSNS). IEEE, pp 1–7

    Google Scholar 

  89. Sadiq S, Governatori G, Namiri K (2007) Modeling control objectives for business process compliance. Bus Process Manag 149–164

    Google Scholar 

  90. Julisch K, Suter C, Woitalla T, Zimmermann O (2011) Compliance by design–bridging the chasm between auditors and IT architects. Comput Secur 30(6):410–426

    Article  Google Scholar 

  91. Sackmann S, Kähmer M, Gilliot M, Lowis L (2008) A classification model for automating compliance. In: 2008 10th IEEE conference on e-commerce technology and the fifth IEEE conference on enterprise computing, e-commerce and e-services. IEEE, pp 79–86

    Google Scholar 

  92. Schumm D, Turetken O, Kokash N, Elgammal A, Leymann F, Van Den Heuvel WJ (2010) Business process compliance through reusable units of compliant processes. In: International conference on web engineering. Springer, Berlin, Heidelberg, pp 325–337

    Chapter  Google Scholar 

  93. Goedertier S, Vanthienen J (2006) Designing compliant business processes with obligations and permissions. In: Business process management workshops. Springer, Berlin, Heidelberg, pp 5–14

    Chapter  Google Scholar 

  94. Rozinat A, Van der Aalst WM (2008) Conformance checking of processes based on monitoring real behavior. Inf Syst 33(1):64–95

    Article  Google Scholar 

  95. Van der Aalst WM, De Beer HT, van Dongen BF (2005) Process mining and verification of properties: an approach based on temporal logic. In OTM confederated international conferences on the move to meaningful internet systems. Springer, Berlin, Heidelberg, pp 130–147

    Google Scholar 

  96. Weber I, Governatori G, Hoffmann J (2008) Approximate compliance checking for annotated process models

    Google Scholar 

  97. Ly LT, Rinderle-Ma S, Göser K, Dadam P (2012) On enabling integrated process compliance with semantic constraints in process management systems. Inf Syst Front 14(2):195–219

    Article  Google Scholar 

  98. Ly LT, Rinderle-Ma S, Knuplesch D, Dadam P (2011) Monitoring business process compliance using compliance rule graphs. In: OTM confederated international conferences on the move to meaningful internet systems. Springer, Berlin, Heidelberg, pp 82–99

    Chapter  Google Scholar 

  99. Saralaya S, D’Souza R, Saralaya V (in press) Temporal impact analysis and adaptation for service-based systems. Int J Inf Commun Technol. http://www.inderscience.com/info/ingeneral/forthcoming.php?jcode=ijict

  100. Rodríguez C, Schleicher D, Daniel F, Casati F, Leymann F, Wagner S (2013) SOA-enabled compliance management: instrumenting, assessing, and analyzing service-based business processes. SOCA 7(4):275–292

    Article  Google Scholar 

  101. Doggett AM (2005) Root cause analysis: a framework for tool selection. Qual Manag J 12(4):34–45

    Article  Google Scholar 

  102. Mdhaffar A, Halima RB, Jmaiel M, Freisleben B (2014) CEP4Cloud: complex event processing for self-healing clouds. In: 2014 IEEE 23rd international WETICE conference (WETICE). IEEE, pp 62–67

    Google Scholar 

  103. Mdhaffar A, Rodriguez IB, Charfi K, Abid L, Freisleben B (2017) CEP4HFP: complex event processing for heart failure prediction. IEEE Trans NanoBiosci

    Article  Google Scholar 

  104. Ishikawa K (1982) Guide to quality control (No. TS156. I3713 1994.)

    Google Scholar 

  105. Dettmer HW (1997) Goldratt’s theory of constraints: a systems approach to continuous improvement. ASQ Quality Press

    Google Scholar 

  106. Elgammal A, Turetken O, Van Den Heuvel WJ (2012) Using patterns for the analysis and resolution of compliance violations. Int J Coop Inf Syst 21(01):31–54

    Article  Google Scholar 

  107. Elgammal A, Turetken O, van den Heuvel WJ, Papazoglou M (2010b) Root-cause analysis of design-time compliance violations on the basis of property patterns. In: Service-oriented computing, pp 17–31

    Google Scholar 

  108. Taghiabadi ER, Fahland D, van Dongen BF, van der Aalst WM (2013) Diagnostic information for compliance checking of temporal compliance requirements. In: International conference on advanced information systems engineering. Springer, Berlin, Heidelberg, pp 304–320

    Google Scholar 

  109. Awad A, Smirnov S, Weske M (2009) Towards resolving compliance violations in business process models. GRCIS. ceur-ws.org

  110. Awad A, Weidlich M, Weske M (2009) Specification, verification and explanation of violation for data aware compliance rules. In: Service-oriented computing, pp 500–515

    Chapter  Google Scholar 

  111. Ismail A, Yan J, Shen J (2013) Incremental service level agreements violation handling with time impact analysis. J Syst Softw 86(6):1530–1544

    Article  Google Scholar 

  112. Angarita R, Cardinale Y, Rukoz M (2014) Reliable composite web services execution: towards a dynamic recovery decision. Electronic Notes in Theoretical Computer Science 302:5–28

    Article  Google Scholar 

  113. Aschoff RR, Zisman A (2012) Proactive adaptation of service composition. In: 2012 ICSE workshop on software engineering for adaptive and self-managing systems (SEAMS). IEEE, pp 1–10

    Google Scholar 

  114. Ly LT, Maggi FM, Montali M, Rinderle-Ma S, van der Aalst WM (2013) A framework for the systematic comparison and evaluation of compliance monitoring approaches. In: 2013 17th IEEE international enterprise distributed object computing conference (EDOC). IEEE, pp 7–16

    Google Scholar 

  115. Ly LT, Maggi FM, Montali M, Rinderle-Ma S, van der Aalst WM (2015) Compliance monitoring in business processes: functionalities, application, and tool-support. Inf Syst 54:209–234

    Article  Google Scholar 

  116. Maggi FM, Montali M, van der Aalst WM (2012) An operational decision support framework for monitoring business constraints. In: International conference on fundamental approaches to software engineering (FASE), vol 12, pp 146–162

    Chapter  Google Scholar 

  117. Awad A, Weske M (2009) Visualization of compliance violation in business process models. In: Business process management workshops. Springer, pp 182–193

    Chapter  Google Scholar 

  118. Abdullah NS, Sadiq S, Indulska M (2010) Information systems research: aligning to industry challenges in management of regulatory compliance. Inf Syst Res 1:1–2010

    Google Scholar 

  119. Hashmi M, Governatori G, Lam HP, Wynn MT (2017) Are we done with business process compliance: state of the art and challenges ahead. Knowl Inf Syst 1–55

    Google Scholar 

  120. Doughty K (2011) Guest editorial: the three lines of defence related to risk governance. ISACA J 5:6

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Department of Computer Science & Engineering, St. Joseph Engineering College, Vamanjoor, Mangaluru, India

    Sridevi Saralaya & Rio D’Souza

  2. Department of Microbiology, Kasturba Medical College (Manipal Academy of Higher Education), Mangaluru, India

    Vishwas Saralaya

Authors
  1. Sridevi Saralaya
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Vishwas Saralaya
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Rio D’Souza
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Sridevi Saralaya .

Editor information

Editors and Affiliations

  1. Department of Computer Science and Engineering, Faculty of Engineering and Technology, SOA University, Bhubaneswar, Odisha, India

    Srikanta Patnaik

  2. School of Science and Technology, Middlesex University, London, United Kingdom

    Xin-She Yang

  3. Business Systems and Analytics Department, La Salle University, Philadelphia, Pennsylvania, USA

    Madjid Tavana

  4. University Politehnica of Bucharest, Bucharest, Romania

    Florin Popentiu-Vlădicescu

  5. Shenyang Jianzhu University, Shenyang, China

    Feng Qiao

Rights and permissions

Reprints and permissions

Copyright information

© 2019 Springer International Publishing AG, part of Springer Nature

About this chapter

Check for updates. Verify currency and authenticity via CrossMark

Cite this chapter

Saralaya, S., Saralaya, V., D’Souza, R. (2019). Compliance Management in Business Processes. In: Patnaik, S., Yang, XS., Tavana, M., Popentiu-Vlădicescu, F., Qiao, F. (eds) Digital Business. Lecture Notes on Data Engineering and Communications Technologies, vol 21. Springer, Cham. https://doi.org/10.1007/978-3-319-93940-7_3

Download citation

Publish with us

Policies and ethics

Search

Navigation