Abstract
Managing regulatory compliance is increasingly challenging and costly for organizations world-wide. While such efforts are often supported by information technology (IT) and information systems (IS) tools, there is evidence that the current solutions are inadequate and do not fully address the needs of organizations. Often such discrepancy stems from a lack of alignment between the needs of the industry and the focus of academic research efforts. In this paper, we present the results of an empirical study that investigates challenges in managing regulatory compliance, derived from expert professionals in the Australian compliance industry. The results provide insights into problematic areas within the compliance management domain, as related to regulatees, regulations and IT compliance management solutions. By relating the identified challenges to existing activity in IS research, this exploratory paper highlights the inadequacy of current research and presents the first industry-relevant compliance management research agenda for IS researchers.
Chapter PDF
Similar content being viewed by others
References
Lu, R., Sadiq, S., Governatori, G.: Compliance Aware Business Process Design. In: ter Hofstede, A.H.M., Benatallah, B., Paik, H.-Y. (eds.) BPM Workshops 2007. LNCS, vol. 4928, pp. 120–131. Springer, Heidelberg (2008)
Anon, J.L., Filowitz, H., Kovatch, J.M.: Integrating Sarbanes-Oxley Controls into an Investment Firm Governance Framework. The Journal of Investment Compliance 8, 40–43 (2007)
Pershkow, B.I.: Sarbanes-Oxley: Investment Company Compliance. The Journal of Investment Compliance 3, 16–30 (2003)
Bace, J., Rozwell, C., Feiman, J., Kirwin, B.: Understanding the Costs of Compliance. Gartner Research. Gartner, Inc. (2006)
McGreevy, M.: AMR Research Finds Spending on Governance, Risk Management, and Compliance Will Exceed $32B in 2008. AMR Research, Inc. (2008)
Reilly, K.: AMR Research Finds Spending on Sarbanes-Oxley Compliance will Remain Steady at $6.0B in 2007. AMR Research (2007)
Robinson, K.T., Hawkins, R.W.: Investment Company and Investment Adviser Compliance Programs: New Requirements in a Changed Regulatory Environment. The Journal of Investment Compliance 4, 14–19 (2004)
Syed Abdullah, N., Indulska, M., Sadiq, S.: A Study of Compliance Management in Information Systems Research. In: The 17th European Conference on Information Systems (ECIS 2009), Verona, Italy (2009)
Turner, R., Florio, C.D.: Investment Management Compliance: The Dawn of A New Era? The Journal of Investment Compliance 4 (2005)
Kramp, M.K.: Exploring Life and Experience through Narrative Inquiry. In: Marrais, K.d., Lapan, S.D. (eds.) Foundations for Research: Methods in Education and the Social Sciences, pp. 103–121. Erlbaum, Mahwah (2004)
Australian Competition & Consumer Commission: Trade Practices Compliance Programs. Commonwealth of Australia (2008)
Morton, J.C.: The Development of A Compliance Culture. The Journal of Investment Compliance 6, 59–66 (2005)
KPMG: The Compliance Journey: Leveraging Information Technology to Reduce Costs and Improve Responsiveness. KPMG International (2006)
Kharbili, M.E., Stein, S., Markovic, I., Pulvermüller, E.: Towards a Framework for Semantic Business Process Compliance Management. In: GRCIS 2008, Montpellier, France (2008)
SAI Global Research: Risk and Compliance in Australia: The Issues and Trends as Seen by Practitioners (2008)
Sadiq, S., Indulska, M.: Driving Compliance through BPM. The University of Queensland (2008)
Abrams, C., Känel, J.v., Müller, S., Pfitzmann, B., Ruschka-Taylor, S.: Optimized Enterprise Risk Management. IBM Systems Journal 46, 219–234 (2007)
Governatori, G., Milosevic, Z., Sadiq, S., Orlowska, M.: On Compliance of Business Processes with Business Contracts. ITEE Technical Report. The University of Queensland, Brisbane (2007)
Karagiannis, D., Mylopoulos, J., Schwab, M.: Business Process-Based Regulation Compliance: The Case of the Sarbanes-Oxley Act. In: 15th IEEE International Requirements Engineering Conference (RE 2007), pp. 315–321 (2007)
Liu, Y., Müller, S., Xu, K.: A Static Compliance-checking Framework for Business Process Models. IBM Systems Journal 46, 335–361 (2007)
Wilkins, R.: The Problems of Duplication and Inconsistency of Regulation in a Federal System. In: Grabosky, P., Braithwaite, J. (eds.) Business Regulation and Australia’s Future. Australian Institute of Criminology, Canberra (1993)
Harmer, R.: Current Views on Compliance & Governance. Rob Harmer Consulting Services (2004)
Paul, S.: Demand for Governance, Risk and Compliance Products on The Rise. The Hindu Business Line (2008)
Caldwell, F., Eid, T.: Magic Quadrant for Enterprise Governance, Risk and Compliance Platforms. Gartner Research. Gartner, Inc. (2008)
Agrawal, R., Grandison, T., Johnson, C., Kiernan, J.: Enabling the 21st Century: Health Care Information Technology Revolution. Communications of the ACM 50, 35–42 (2007)
Sadiq, S., Governatori, G., Naimiri, K.: Modeling Control Objectives for Business Process Compliance. In: Alonso, G., Dadam, P., Rosemann, M. (eds.) BPM 2007. LNCS, vol. 4714, pp. 149–164. Springer, Heidelberg (2007)
Kim, H.M., Fox, M.S., Sengupta, A.: How to Build Enterprise Data Models to Achieve Compliance to Standards or Regulatory Requirements (and share data). Journal of the AIS 8, 105–128 (2007)
Davis, C.J., Hikmet, N.: Training as Regulation and Development: An Exploration of the Needs of Enterprise Systems Users. Information & Management 45, 341–348 (2008)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2010 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Syed Abdullah, N., Sadiq, S., Indulska, M. (2010). Emerging Challenges in Information Systems Research for Regulatory Compliance Management. In: Pernici, B. (eds) Advanced Information Systems Engineering. CAiSE 2010. Lecture Notes in Computer Science, vol 6051. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-13094-6_21
Download citation
DOI: https://doi.org/10.1007/978-3-642-13094-6_21
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-13093-9
Online ISBN: 978-3-642-13094-6
eBook Packages: Computer ScienceComputer Science (R0)