Abstract
Assessing whether a company’s business practices conform to laws and regulations and follow standards, i.e., compliance governance, is a complex and costly task. Few software tools aiding compliance governance exist; however, they typically do not address the needs of who is in charge of assessing and controlling compliance, that is, compliance experts and auditors. We advocate the use of compliance governance dashboards, whose design and implementation is however challenging for these reasons: (i) it is fundamental to identify the right level of abstraction for the information to be shown; (ii) it is not trivial to visualize distinct analysis perspectives; and (iii) it is difficult to manage the large amount of involved concepts, instruments, and data. This paper shows how to address these issues, which concepts and models underlie the problem, and, how IT can effectively support compliance analysis in SOAs.
Chapter PDF
Similar content being viewed by others
Keywords
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.
References
Bellamy, R., Erickson, T., Fuller, B., Kellogg, W., Rosenbaum, R., Thomas, J., Vetting Wolf, T.: Seeing is believing: Designing visualizations for managing risk and compliance. IBM Systems Journal 46(2), 205–218 (2007)
Ceri, S., Fraternali, P., Bongio, A., Brambilla, M., Comai, S., Matera, M.: Designing Data-Intensive Web Applications. Morgan Kaufmann Publishers Inc., USA (2002)
Chowdhary, P., Palpanas, T., Pinel, F., Chen, S.-K., Wu, F.Y.: Model-driven Dashboards for Business Performance Reporting. In: Proceedings of the 10th IEEE EDOC, pp. 374–386 (2006)
Few, S.: Information Dashboard Design: The Effective Visual Communication of Data, p. 223. O’Reilly Media, Inc., Sebastopol (2006)
Hagerty, J., Hackbush, J., Gaughan, D., Jacobson, S.: The Governance, Risk Management, and Compliance Spending Report, 2008-2009: Inside the $32B GRC Market. AMR Research (2008)
Saqid, S., Governatori, G., Naimiri, K.: Modeling Control Objectives for Business Process Compliance. In: Alonso, G., Dadam, P., Rosemann, M. (eds.) BPM 2007. LNCS, vol. 4714, pp. 149–164. Springer, Heidelberg (2007)
Giblin, C., Müller, S., Pfitzmann, B.: From Regulatory Policies to Event Monitoring Rules: Towards Model-Driven Compliance Automation. IBM Research Report (October 2006)
Namiri, K., Stojanovic, N.: A Semantic-based Approach for Compliance Management of Internal Controls in Business Processes. In: CAiSE 2007, pp. 61–64 (2007)
Trent, H.: Products for Managing Governance, Risk, and Compliance: Market Fluff or Relevant Stuff? In-Depth Research Report, Burton Group (2008)
Lam, J.: Operational Risk Management – Beyond Compliance to Value Creation. White Paper, Open Pages (2007)
Imrey, L.: CIO Dashboards: Flying by Instrumentation. Journal of Information Technology Management 19(4), 31–35 (2006)
Evans, G., Benton, S.: The BT Risk Cockpit – a visual approach to ORM. BT Technology Journal 25(1) (2007)
Papazoglou, M.P.: Compliance Requirements for Business-process-driven SOAs. E-Gov. Ict Professionalism and Competences Service Science 280, 183–194 (2008)
Read, A., Tarrel, A., Fruhling, A.: Exploring User Preference for the Dashboard Menu Design. In: Proceedings of the 42nd Hawaii Intern. Conf. on System Sciences, pp. 1–10 (2009)
Allman, E.: Complying with Compliance. ACM Queue 4(7), 18–21 (2006)
Cannon, J., Byers, M.: Compliance deconstructed. ACM Queue 4(7), 30–37 (2006)
Oberortner, E., Zdun, U., Dustdar, S.: Tailoring a Model-Driven Quality-of-Service DSL for Various Stakeholders. In: Workshop on Modeling in Software Engineering, MiSE (2009)
Daniel, F., Casati, F., D’Andrea, V., Strauch, S., Schumm, D., Leymann, F., Mulo, E., Zdun, U., Dustdar, S., Sebahi, S., de Marchi, F., Hacid, M.: Business Compliance Governance in Service-Oriented Architectures. In: Proceedings of AINA 2009. IEEE Press, Los Alamitos (May 2009)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2010 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Silveira, P. et al. (2010). On the Design of Compliance Governance Dashboards for Effective Compliance and Audit Management. In: Dan, A., Gittler, F., Toumani, F. (eds) Service-Oriented Computing. ICSOC/ServiceWave 2009 Workshops. ServiceWave ICSOC 2009 2009. Lecture Notes in Computer Science, vol 6275. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-16132-2_20
Download citation
DOI: https://doi.org/10.1007/978-3-642-16132-2_20
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-16131-5
Online ISBN: 978-3-642-16132-2
eBook Packages: Computer ScienceComputer Science (R0)