Skip to main content
SpringerLink
Log in

Using Business Process Compliance Approaches for Compliance Management with Regard to Digitization: Evidence from a Systematic Literature Review

  • Conference paper
  • First Online:
Book cover Business Process Management (BPM 2018)

Part of the book series: Lecture Notes in Computer Science ((LNISA,volume 11080))

Included in the following conference series:

  • The original version of this chapter was revised: The total values of table 2 and the text on page 417 were initially published with errors. The correction to this chapter is available at https://doi.org/10.1007/978-3-319-98648-7_30

Abstract

Business Process Compliance (BPC) means ensuring that business processes are in accordance with relevant compliance requirements. Thus, BPC is an essential part of both business process management (BPM) and compliance management (CM). Digitization has also been referred to as a “digital revolution” that describes a technological change that has extended to many organizational areas and tasks, including compliance. Current efforts to digitize, e.g., by realizing cyber-physical systems, rely on the automation and interoperability of systems. In order for CM not to hamper these efforts, it becomes an increasingly relevant issue to digitize compliance as well.

The managerial perspective of compliance comprises several phases, which together represent a CM life-cycle. Efforts to digitize compliance require bundling interoperable BPC technologies, methods, and tools supporting this life-cycle in a consolidated manner. Several approaches addressing the field of BPC have already been developed and explored. Based on a systematic literature review, we examined these approaches in terms of their suitability for supporting the CM life-cycle phases in support of the digitization of compliance.

The results of our literature review show which CM life-cycle phases are supported by BPC approaches and which phases are the focus of research. Moreover, the results show that a purely sequential clustering, as specified in a CM life-cycle, is not always suitable for the bundling of BPC approaches in support of the digitization of compliance. Consequently, we propose a novel, task-oriented clustering of BPC approaches that is particularly oriented toward interoperability.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Change history

  • 05 June 2019

    In the originally published version of chapter 24, the total values of table 2 and the text on page 417 were initially published with errors. This has been corrected and the supplementary material has been updated.

Notes

  1. 1.

    The supplement is accessible via goo.gl/HPpoCK.

References

  1. Schaefer, T., Fettke, P., Loos, P.: Control patterns. Bridging the gap between is controls and BPM. In: ECIS (2013)

    Google Scholar 

  2. El Kharbili, M., Stein, S., Markovic, I., Pulvermüller, E.: Towards a framework for semantic business process compliance management. In: Proceedings of GRCIS 2008 (2008)

    Google Scholar 

  3. Bamberger, K.A.: Technologies of compliance. Risk and regulation in a digital age. Texas Law Rev. 88, 669 (2010)

    Google Scholar 

  4. Legner, C., et al.: Digitalization. Opportunity and challenge for the business and information systems engineering community. BISE 59, 301–308 (2017)

    Google Scholar 

  5. Imgrund, F., Fischer, M., Janiesch, C., Winkelmann, A.: Approaching digitalization with business process management. In: Proceedings of the MKWI, pp. 1725–1736 (2018)

    Google Scholar 

  6. BarNir, A., Gallaugher, J.M., Auger, P.: Business process digitization, strategy, and the impact of firm age and size. The case of the magazine publishing industry. J. Bus. Ventur. 18, 789–814 (2003)

    Google Scholar 

  7. Reichert, M., Weber, B.: Enabling Flexibility in Process-Aware Information Systems. Springer, Heidelberg (2012). https://doi.org/10.1007/978-3-642-30409-5

    Book  MATH  Google Scholar 

  8. Weber, I., Xu, X., Riveret, R., Governatori, G., Ponomarev, A., Mendling, J.: Untrusted business process monitoring and execution using blockchain. In: La Rosa, M., Loos, P., Pastor, O. (eds.) BPM 2016. LNCS, vol. 9850, pp. 329–347. Springer, Cham (2016). https://doi.org/10.1007/978-3-319-45348-4_19

    Chapter  Google Scholar 

  9. Fridgen, G., Radszuwill, S., Urbach, N., Utz, L.: Cross-organizational workflow management using blockchain technology. Towards applicability, auditability, and automation. In: 51st Annual Hawaii International Conference on System Sciences (HICSS-51) (2018)

    Google Scholar 

  10. Fdhila, W., Rinderle-Ma, S., Knuplesch, D., Reichert, M.: Change and compliance in collaborative processes. In: 12th IEEE International Conference on Services Computing (SCC 2015), pp. 162–169 (2015)

    Google Scholar 

  11. Zaplata, S., Haman, K., Kottke, K., Lamersdorf, W.: Flexible execution of distributed business processes based on process instance migration. J. Syst. Integr. 1(3), 3–16 (2010)

    Google Scholar 

  12. Hashmi, M., Governatori, G., Lam, H.-P., Wynn, M.T.: Are we done with business process compliance. State-of-the-art and challenges ahead. Knowl. Inf. Syst. 1–55 (2018). https://doi.org/10.1007/s10115-017-1142-1

    Google Scholar 

  13. Fellmann, M., Zasada, A.: State-of-the-art of business process compliance approaches. In: ECIS (2014)

    Google Scholar 

  14. El Kharbili, M.: Business process regulatory compliance management solution frameworks. A comparative evaluation. In: Proceedings of the Eighth Asia-Pacific Conference on Conceptual Modelling, vol. 130, pp. 23–32 (2012)

    Google Scholar 

  15. Becker, J., Delfmann, P., Eggert, M., Schwittay, S.: Generalizability and applicability of model-based business process compliance-checking approaches. A state-of-the-art analysis and research roadmap. Bus. Res. 5, 221–247 (2012)

    Google Scholar 

  16. vom Brocke, J., Simons, A., Niehaves, B., Riemer, K., Plattfaut, R., Cleven, A.: Reconstructing the giant. On the importance of rigour in documenting the literature search process. In: ECIS, pp. 2206–2217 (2009)

    Google Scholar 

  17. Cooper, H.M.: Organizing knowledge syntheses: a taxonomy of literature reviews. Knowl. Soc. 1, 104–126 (1988)

    Google Scholar 

  18. Knuplesch, D., Ly, L.T., Rinderle-Ma, S., Pfeifer, H., Dadam, P.: On enabling data-aware compliance checking of business process models. In: Parsons, J., Saeki, M., Shoval, P., Woo, C., Wand, Y. (eds.) ER 2010. LNCS, vol. 6412, pp. 332–346. Springer, Heidelberg (2010). https://doi.org/10.1007/978-3-642-16373-9_24

    Chapter  Google Scholar 

  19. Liu, Y., Müller, S., Xu, K.: A static compliance-checking framework for business process models. IBM Syst. J. 46, 335–361 (2007)

    Google Scholar 

  20. Governatori, G., Sadiq, S.: The Journey to Business Process Compliance (2009)

    Google Scholar 

  21. Gong, Y., Janssen, M.: From policy implementation to business process management. Principles for creating flexibility and agility. Gov. Inf. Q. 29, S61–S71 (2012)

    Google Scholar 

  22. Ghanavati, S., Hulstijn, J.: Impact of legal interpretation on business process compliance. In: Proceedings of the First International Workshop on TEchnical and LEgal Aspects of Data pRIvacy, pp. 26–31 (2015)

    Google Scholar 

  23. King, W.R., Cleland, D.I.: Life-cycle management. In: Cleland, D.I., King, W.R. (eds.) Project Management Handbook, pp. 191–205. Wiley, New York (1988)

    Google Scholar 

  24. Hermanson, R.H., Edwards, J.D., Maher, M.: Accounting Principles. A Business Perspective, Financial Accounting (2015, 2011). (Chaps. 1–8)

    Google Scholar 

  25. Roughton, J., Crutchfield, N.: Safety Culture. An Innovative Leadership Approach. Elsevier Science, New York (2013)

    Google Scholar 

  26. Heldman, K.: Project Manager’s Spotlight on Risk Management. Wiley, New York (2010)

    Google Scholar 

  27. Ramezani, E., Fahland, D., van der Werf, J.M., Mattheis, P.: Separating compliance management and business process management. In: Daniel, F., Barkaoui, K., Dustdar, S. (eds.) BPM 2011. LNBIP, vol. 100, pp. 459–464. Springer, Heidelberg (2012). https://doi.org/10.1007/978-3-642-28115-0_43

    Chapter  Google Scholar 

  28. Elgammal, A., Turetken, O.: Lifecycle Business Process Compliance Management: A Semantically-Enabled Framework (2015)

    Google Scholar 

  29. Giblin, C., Liu, A.Y., Müller, S., Pfitzmann, B., Zhou, X.: Regulations expressed as logical models (REALM). In: Proceedings of the 2005 Conference on Legal Knowledge and Information Systems (JURIX 2005), pp. 37–48 (2005)

    Google Scholar 

  30. Deming, W.E.: Out of the Crisis. Massachusetts Institute of Technology Center for Advanced Engineering Study, Cambridge (1986)

    Google Scholar 

  31. Moen, R., Norman, C.: Evolution of the PDCA Cycle (2006)

    Google Scholar 

  32. Baker, M.J.: Writing a literature review. Mark. Rev. 1, 219–247 (2000)

    Google Scholar 

  33. Webster, J., Watson, R.T.: Analyzing the past to prepare for the future. Writing a literature review. MIS Q. 26, xiii–xxiii (2002)

    Google Scholar 

  34. Accorsi, R., Lowis, L., Sato, Y.: Automated certification for compliant cloud-based business processes. Bus. Inf. Syst. Eng. 3, 145 (2011)

    Google Scholar 

  35. Governatori, G., Rotolo, A.: How do agents comply with norms? In: Web Intelligence and Intelligent Agent Technologies, pp. 488–491 (2009)

    Google Scholar 

  36. Schultz, M.: Enriching process models for business process compliance checking in ERP environments. In: vom Brocke, J., Hekkala, R., Ram, S., Rossi, M. (eds.) DESRIST 2013. LNCS, vol. 7939, pp. 120–135. Springer, Heidelberg (2013). https://doi.org/10.1007/978-3-642-38827-9_9

    Chapter  Google Scholar 

  37. Accorsi, R., Stocker, T., Müller, G.: On the exploitation of process mining for security audits. The process discovery case. In: Proceedings of the 27th Annual ACM Symposium on Applied Computing, pp. 1462–1468 (2012)

    Google Scholar 

  38. He, Q.: Detecting runtime business process compliance with artifact lifecycles. In: Ghose, A., et al. (eds.) ICSOC 2012. LNCS, vol. 7759, pp. 426–432. Springer, Heidelberg (2013). https://doi.org/10.1007/978-3-642-37804-1_45

    Chapter  Google Scholar 

  39. Seeliger, A., Nolle, T., Schmidt, B., Mühlhäuser, M.: Process compliance checking using taint flow analysis. In: Proceedings of the International Conference on Information Systems (2016)

    Google Scholar 

  40. Accorsi, R., Wonnemann, C.: Strong non-leak guarantees for workflow models. In: Proceedings of the 2011 ACM Symposium on Applied Computing, pp. 308–314 (2011)

    Google Scholar 

  41. Höhenberger, S., Riehle, D., Delfmann, P.: From legislation to potential compliance violations in business processes. Simplicity matters. In: ECIS (2016)

    Google Scholar 

  42. Seeliger, A., Nolle, T., Mühlhäuser, M.: Detecting concept drift in processes using graph metrics on process graphs. In: Proceedings of the 9th Conference on Subject-Oriented Business Process Management, p. 6:1 (2017)

    Google Scholar 

  43. Kumar, A., Liu, R.: A rule-based framework using role patterns for business process compliance. In: Bassiliades, N., Governatori, G., Paschke, A. (eds.) RuleML 2008. LNCS, vol. 5321, pp. 58–72. Springer, Heidelberg (2008). https://doi.org/10.1007/978-3-540-88808-6_9

    Chapter  Google Scholar 

  44. Höhn, S.: Model-based reasoning on the achievement of business goals. In: Proceedings of the 2009 ACM Symposium on Applied Computing, pp. 1589–1593 (2009)

    Google Scholar 

  45. Song, L., Wang, J., Wen, L., Kong, H.: Efficient semantics-based compliance checking using LTL formulae and unfolding. J. Appl. Math. 2013(1), 1–24 (2013)

    MATH  Google Scholar 

  46. Shamsaei, A., Pourshahid, A., Amyot, D.: Business process compliance tracking using key performance indicators. In: zur Muehlen, M., Su, J. (eds.) BPM 2010. LNBIP, vol. 66, pp. 73–84. Springer, Heidelberg (2011). https://doi.org/10.1007/978-3-642-20511-8_7

    Chapter  Google Scholar 

  47. Hummer, W., Gaubatz, P., Strembeck, M., Zdun, U., Dustdar, S.: An integrated approach for identity and access management in a SOA context. In: Proceedings of the 16th ACM Symposium on Access Control Models and Technologies, pp. 21–30 (2011)

    Google Scholar 

  48. Thi, T.T.P., Helfert, M., Hossain, F., Le Dinh, T.: Discovering business rules from business process models. In: Proceedings of the 12th International Conference on Computer Systems and Technologies, pp. 259–265 (2011)

    Google Scholar 

  49. Awad, A., Barnawi, A., Elgammal, A., Elshawi, R., Almalaise, A., Sakr, S.: Runtime detection of business process compliance violations. An approach based on anti patterns. In: Proceedings of the 30th Annual ACM Symposium on Applied Computing, pp. 1203–1210 (2015)

    Google Scholar 

  50. Namiri, K., Stojanovic, N.: Pattern-based design and validation of business process compliance. In: Meersman, R., Tari, Z. (eds.) OTM 2007. LNCS, vol. 4803, pp. 59–76. Springer, Heidelberg (2007). https://doi.org/10.1007/978-3-540-76848-7_6

    Chapter  Google Scholar 

  51. Turetken, O., Elgammal, A., van den Heuvel, W.-J., Papazoglou, M.: Enforcing compliance on business processes through the use of patterns. In: ECIS (2011)

    Google Scholar 

  52. Awad, A., Goré, R., Hou, Z., Thomson, J., Weidlich, M.: An iterative approach to synthesize business process templates from compliance rules. Inf. Syst. 37, 714–736 (2012)

    Google Scholar 

  53. Turetken, O., Elgammal, A., van den Heuvel, W.-J., Papazoglou, M.P.: Capturing compliance requirements. A pattern-based approach. IEEE Softw. 29, 28–36 (2012)

    Google Scholar 

  54. Awad, A., Weidlich, M., Weske, M.: Visually specifying compliance rules and explaining their violations for business processes. J. Vis. Lang. Comput. 22, 30–55 (2011)

    Google Scholar 

  55. Knuplesch, D., Reichert, M., Kumar, A.: A framework for visually monitoring business process compliance. Inf. Syst. 64, 381–409 (2017)

    Google Scholar 

  56. Schumm, D., Turetken, O., Kokash, N., Elgammal, A., Leymann, F., van den Heuvel, W.-J.: Business process compliance through reusable units of compliant processes. In: Daniel, F., Facca, F.M. (eds.) ICWE 2010. LNCS, vol. 6385, pp. 325–337. Springer, Heidelberg (2010). https://doi.org/10.1007/978-3-642-16985-4_29

    Chapter  Google Scholar 

  57. Barnawi, A., Awad, A., Elgammal, A., El Shawi, R., Almalaise, A., Sakr, S.: Runtime self-monitoring approach of business process compliance in cloud environments. Cluster Comput. 18, 1503–1526 (2015)

    Google Scholar 

  58. Ghose, A., Koliadis, G.: Auditing business process compliance. In: Krämer, B.J., Lin, K.-J., Narasimhan, P. (eds.) ICSOC 2007. LNCS, vol. 4749, pp. 169–180. Springer, Heidelberg (2007). https://doi.org/10.1007/978-3-540-74974-5_14

    Chapter  Google Scholar 

  59. Wang, Y., Kelly, T., Lafortune, S.: Discrete control for safe execution of IT automation workflows. In: Proceedings of the 2nd ACM SIGOPS/EuroSys European Conference on Computer Systems 2007, vol. 41, pp. 305–314 (2007)

    Google Scholar 

  60. Basin, D., Klaedtke, F., Müller, S., Zalinescu, E.: Monitoring metric first-order temporal properties. J. ACM (JACM) 62, 15:1 (2015)

    MathSciNet  MATH  Google Scholar 

  61. Knuplesch, D., Reichert, M., Kumar, A.: Visually monitoring multiple perspectives of business process compliance. In: Motahari-Nezhad, H.R., Recker, J., Weidlich, M. (eds.) BPM 2015. LNCS, vol. 9253, pp. 263–279. Springer, Cham (2015). https://doi.org/10.1007/978-3-319-23063-4_19

    Chapter  Google Scholar 

  62. Witt, S., Feja, S., Speck, A., Prietz, C.: Integrated privacy modeling and validation for business process models. In: Proceedings of the 2012 Joint EDBT/ICDT Workshops, pp. 196–205 (2012)

    Google Scholar 

  63. Becker, J., Bergener, P., Delfmann, P., Eggert, M., Weiss, B.: Supporting business process compliance in financial institutions. A model-driven approach. In: WI Proceedings (2011)

    Google Scholar 

  64. Letia, I.A., Goron, A.: Model checking as support for inspecting compliance to rules in flexible processes. J. Vis. Lang. Comput. 28, 100–121 (2015)

    Google Scholar 

  65. Hashmi, M., Governatori, G., Wynn, M.T.: Normative requirements for business process compliance. In: Davis, J.G., Demirkan, H., Motahari-Nezhad, H.R. (eds.) ASSRI 2013. LNBIP, vol. 177, pp. 100–116. Springer, Cham (2014). https://doi.org/10.1007/978-3-319-07950-9_8

    Chapter  Google Scholar 

  66. Becker, J., Bergener, P., Delfmann, P., Weiss, B.: Modeling and checking business process compliance rules in the financial sector. In: ICIS Proceedings (2011)

    Google Scholar 

  67. Letia, I.A., Groza, A.: Compliance checking of integrated business processes. Data Knowl. Eng. 87, 1–18 (2013)

    Google Scholar 

  68. Zoet, M., Versendaal, J.: Business rules management solutions problem space: situational factors. In: PACIS 2013 Proceedings (2013)

    Google Scholar 

  69. Becker, J., Delfmann, P., Dietrich, H.-A., Steinhorst, M., Eggert, M.: Business process compliance checking. Applying and evaluating a generic pattern matching approach for conceptual models in the financial sector. Inf. Syst. Front. 18, 359–405 (2016)

    Google Scholar 

  70. Zur Muehlen, M., Indulska, M., Kamp, G.: Business process and business rule modeling languages for compliance management. A representational analysis. In: Proceeding ER 2007 Tutorials, Posters, Panels and Industrial Contributions, pp. 127–132 (2007)

    Google Scholar 

  71. Bhamidipaty, A., Narendra, N.C., Nagar, S., Varshneya, V.K., Vasa, M., Deshwal, C.: Indra. An integrated quantitative system for compliance management for IT service delivery. IBM J. Res. Dev. 53, 6:1–6:12 (2009)

    Google Scholar 

  72. Lohmann, N.: Compliance by design for artifact-centric business processes. Inf. Syst. 38, 606–618 (2013)

    Google Scholar 

  73. Becker, J., Bergener, P., Breuker, D., Delfmann, P., Eggert, M.: An efficient business process compliance checking approach. In: Nüttgens, M., Gadatsch, A., Kautz, K., Schirmer, I., Blinn, N. (eds.) TDIT 2011. IAICT, vol. 366, pp. 282–287. Springer, Heidelberg (2011). https://doi.org/10.1007/978-3-642-24148-2_19

    Chapter  Google Scholar 

  74. Boella, G., Janssen, M., Hulstijn, J., Humphreys, L., van der Torre, L.: Managing legal interpretation in regulatory compliance. In: Proceedings of the Fourteenth International Conference on Artificial Intelligence and Law, pp. 23–32 (2013)

    Google Scholar 

  75. Loreti, D., Chesani, F., Ciampolini, A., Mello, P.: Distributed compliance monitoring of business processes over MapReduce architectures. In: Proceedings of the 8th ACM/SPEC on International Conference on Performance Engineering Companion, pp. 79–84 (2017)

    Google Scholar 

  76. Riesner, M., Pernul, G.: Supporting compliance through enhancing internal control systems by conceptual business process security modeling. In: ACIS 2010 Proceedings (2010)

    Google Scholar 

  77. Bräuer, S., Delfmann, P., Dietrich, H.-A., Steinhorst, M.: Using a generic model query approach to allow for process model compliance checking. An algorithmic perspective. Wirtschaftsinformatik Proceedings 2013 (2013)

    Google Scholar 

  78. Lu, R., Sadiq, S., Governatori, G.: Measurement of compliance distance in business processes. Inf. Syst. Manag. 25, 344–355 (2008)

    Google Scholar 

  79. Knuplesch, D., Reichert, M., Ly, L.T., Kumar, A., Rinderle-Ma, S.: Visual modeling of business process compliance rules with the support of multiple perspectives. In: Ng, W., Storey, V.C., Trujillo, J.C. (eds.) ER 2013. LNCS, vol. 8217, pp. 106–120. Springer, Heidelberg (2013). https://doi.org/10.1007/978-3-642-41924-9_10

    Chapter  Google Scholar 

  80. Brucker, A.D., Hang, I., Lückemeyer, G., Ruparel, R.: SecureBPMN. Modeling and enforcing access control requirements in business processes. In: ACM Symposium on Access Control Models and Technologies (SACMAT), pp. 123–126 (2012)

    Google Scholar 

  81. de Masellis, R., Maggi, F.M., Montali, M.: Monitoring data-aware business constraints with finite state automata. In: Proceedings of the 2014 International Conference on Software and System Process, pp. 134–143 (2014)

    Google Scholar 

  82. Rosemann, M., Zur Muehlen, M.: Integrating risks in business process models. In: ACIS 2005 Proceedings (2005)

    Google Scholar 

  83. Corea, C., Delfmann, P.: Detecting compliance with business rules in ontology-based process modeling. Wirtschaftsinformatik Proceedings 2017 (2017)

    Google Scholar 

  84. Alaküla, M.-L., Matulevičius, R.: An experience report of improving business process compliance using security risk-oriented patterns. In: Ralyté, J., España, S., Pastor, Ó. (eds.) PoEM 2015. LNBIP, vol. 235, pp. 271–285. Springer, Cham (2015). https://doi.org/10.1007/978-3-319-25897-3_18

    Chapter  Google Scholar 

  85. Rozsnyai, S., Slominski, A., Lakshmanan, G.T.: Discovering event correlation rules for semi-structured business processes. In: Proceedings of the 5th ACM International Conference on Distributed Event-Based System, pp. 75–86 (2011)

    Google Scholar 

  86. Ly, L.T., Rinderle-Ma, S., Knuplesch, D., Dadam, P.: Monitoring business process compliance using compliance rule graphs. In: Meersman, R., et al. (eds.) OTM 2011. LNCS, vol. 7044, pp. 82–99. Springer, Heidelberg (2011). https://doi.org/10.1007/978-3-642-25109-2_7

    Chapter  Google Scholar 

  87. Mishra, S., Weistroffer, H.R.: A framework for integrating sarbanes-oxley compliance into the systems development process. CAIS 20, 44 (2007)

    Google Scholar 

  88. Sandner, T., Kehlenbeck, M., Breitner, M.H.: An implementation of a process-oriented cross-system compliance monitoring approach in a SAP ERP and BI environment. In: ECIS (2010)

    Google Scholar 

  89. D’Aprile, D., Giordano, L., Martelli, A., Pozzato, G.L., Rognone, D., Dupré, D.T.: Business process compliance verification: an annotation based approach with commitments. In: De Marco, M., Te’eni, D., Albano, V., Za, S. (eds.) Information Systems, pp. 563–570. Physica, Heidelberg (2012). https://doi.org/10.1007/978-3-7908-2789-7_61

    Chapter  Google Scholar 

  90. de Moura Araujo, B., Schmitz, E.A., Correa, A.L., Alencar, A.J.: A method for validating the compliance of business processes to business rules. In: Proceedings of the 2010 ACM Symposium on Applied Computing, pp. 145–149 (2010)

    Google Scholar 

  91. D’Aprile, D., Giordano, L., Gliozzi, V., Martelli, A., Pozzato, G.L., Theseider Dupré, D.: Verifying business process compliance by reasoning about actions. In: Dix, J., Leite, J., Governatori, G., Jamroga, W. (eds.) CLIMA 2010. LNCS (LNAI), vol. 6245, pp. 99–116. Springer, Heidelberg (2010). https://doi.org/10.1007/978-3-642-14977-1_10

    Chapter  Google Scholar 

  92. Sadiq, S., Governatori, G., Namiri, K.: Modeling control objectives for business process compliance. In: Alonso, G., Dadam, P., Rosemann, M. (eds.) BPM 2007. LNCS, vol. 4714, pp. 149–164. Springer, Heidelberg (2007). https://doi.org/10.1007/978-3-540-75183-0_12

    Chapter  Google Scholar 

  93. Gómez-López, M.T., Gasca, R.M., Pérez-Álvarez, J.M.: Compliance validation and diagnosis of business data constraints in business processes at runtime. Inf. Syst. 48, 26–43 (2015)

    Google Scholar 

  94. Doganata, Y.N., Curbera, F.: A method of calculating the cost of reducing the risk exposure of non-compliant process instances. In: Proceedings of the First ACM Workshop on Information Security Governance, pp. 7–12 (2009)

    Google Scholar 

  95. de Nicola, A., Missikoff, M., Smith, F.: Towards a method for business process and informal business rules compliance. J. Softw.: Evol. Process 24, 341–360 (2012)

    Google Scholar 

  96. Elgammal, A., Turetken, O., Heuvel, W.-J., Papazoglou, M.: Formalizing and appling compliance patterns for business process compliance. Softw. Syst. Model. 15, 119–146 (2016)

    Google Scholar 

  97. Pham, T.A., Le Thanh, N.: An ontology-based approach for business process compliance checking. In: Proceedings of the 10th International Conference on Ubiquitous Information Management and Communication, p. 56:1 (2016)

    Google Scholar 

  98. Gong, P., Knuplesch, D., Feng, Z., Jiang, J.: A rule-based monitoring framework for business processes compliance. Int. J. Web Serv. Res. 14, 81–103 (2017)

    Google Scholar 

  99. Semmelrodt, F., Knuplesch, D., Reichert, M.: Modeling the resource perspective of business process compliance rules with the extended compliance rule graph. In: Bider, I., et al. (eds.) BPMDS/EMMSAD -2014. LNBIP, vol. 175, pp. 48–63. Springer, Heidelberg (2014). https://doi.org/10.1007/978-3-662-43745-2_4

    Chapter  Google Scholar 

  100. Knuplesch, D., Reichert, M.: A visual language for modeling multiple perspectives of business process compliance rules. Softw. Syst. Model. 16, 715–736 (2016)

    Google Scholar 

  101. Gheorghe, G., Massacci, F., Neuhaus, S., Pretschner, A.: GoCoMM. A governance and compliance maturity model. In: WISG 2009, pp. 33–38 (2009)

    Google Scholar 

  102. Giordano, L., Martelli, A., Dupré, D.T.: Temporal deontic action logic for the verification of compliance to norms in ASP. In: Proceedings of the 14th International Conference on Artificial Intelligence and Law, pp. 53–62 (2013)

    Google Scholar 

  103. Cabanillas, C., Resinas, M., Ruiz-Cortés, A.: Hints on how to face business process compliance. Actas de los Talleres de las Jornadas de Ingeniería del Software y Bases de Datos (JISBD) 4, 26–32 (2010)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Martin Luther University Halle-Wittenberg, 06108, Halle (Saale), Germany

    Stefan Sackmann, Stephan Kuehnel & Tobias Seyffarth

Authors
  1. Stefan Sackmann
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Stephan Kuehnel
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Tobias Seyffarth
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding authors

Correspondence to Stefan Sackmann , Stephan Kuehnel or Tobias Seyffarth .

Editor information

Editors and Affiliations

  1. Hasso-Plattner-Institute, University of Potsdam, Potsdam, Germany

    Mathias Weske

  2. Free University of Bozen Bolzano, Bolzano, Italy

    Marco Montali

  3. Data61, CSIRO, Eveleigh, NSW, Australia

    Ingo Weber

  4. University of Liechtenstein, Vaduz, Liechtenstein

    Jan vom Brocke

1 Electronic Supplementary Material

Below is the link to the electronic supplementary material.

Supplementary material 1 (docx 139 KB)

Rights and permissions

Reprints and permissions

Copyright information

© 2018 Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Sackmann, S., Kuehnel, S., Seyffarth, T. (2018). Using Business Process Compliance Approaches for Compliance Management with Regard to Digitization: Evidence from a Systematic Literature Review. In: Weske, M., Montali, M., Weber, I., vom Brocke, J. (eds) Business Process Management. BPM 2018. Lecture Notes in Computer Science(), vol 11080. Springer, Cham. https://doi.org/10.1007/978-3-319-98648-7_24

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-98648-7_24

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-98647-0

  • Online ISBN: 978-3-319-98648-7

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation