The Need for Compliance Verification in Collaborative Business Processes

Compliance constrains processes to adhere to rules, standards, laws and regulations. Non-compliance subjects enterprises to litigation and financial fines. Collaborative business processes cross organizational and regional borders implying that internal and cross regional regulations must be complied with. To protect customs’ data, European enterprises must comply with the EU data privacy regulation (general data protection regulation - GDPR) and each member state’s data protection laws. An example of non-compliance with GDPR is Facebook, it is accused for breaching subscriber trust. Compliance verification is thus essential to deploy and implement collaborative business process systems. It ensures that processes are checked for conformance to compliance requirements throughout their life cycle. In this paper we take a proactive approach aiming to discuss the need for design time preventative compliance verification as opposed to after effect runtime detective approach. We use a real-world case to show how compliance needs to be analyzed and show the benefits of applying compliance check at the process design stag

The Need for Compliance Verification in Collaborative Business Processes

Compliance constrains processes to adhere to rules, standards, laws and regulations. Non-compliance subjects enterprises to litigation and financial fines. Collaborative business processes cross organizational and regional borders implying that internal and cross regional regulations must be complied with. To protect customs’ data, European enterprises must comply with the EU data privacy regulation (general data protection regulation - GDPR) and each member state’s data protection laws. An example of non-compliance with GDPR is Facebook, it is accused for breaching subscriber trust. Compliance verification is thus essential to deploy and implement collaborative business process systems. It ensures that processes are checked for conformance to compliance requirements throughout their life cycle. In this paper we take a proactive approach aiming to discuss the need for design time preventative compliance verification as opposed to after effect runtime detective approach. We use a real-world case to show how compliance needs to be analyzed and show the benefits of applying compliance check at the process design stag

D7.5 FIRST consolidated project results

The FIRST project commenced in January 2017 and concluded in December 2022, including a 24-month suspension period due to the COVID-19 pandemic. Throughout the project, we successfully delivered seven technical reports, conducted three workshops on Key Enabling Technologies for Digital Factories in conjunction with CAiSE (in 2019, 2020, and 2022), produced a number of PhD theses, and published over 56 papers (and numbers of summitted journal papers). The purpose of this deliverable is to provide an updated account of the findings from our previous deliverables and publications. It involves compiling the original deliverables with necessary revisions to accurately reflect the final scientific outcomes of the project

Information Systems Development through an Integrated Framework

Information systems are essential entities for several organizations who strive to successfully run their business operations. One of the major problems faced by the organizations is that many of these information systems fail, and thus the organizations do not achieve their required targets in time. Many of the reasons for the information system failures documented in the literature are related to development methodologies or frameworks that are unable to handle both ‘hard’ and ‘soft’ system aspects. In general, the hard issues of the system are considered more significant than the soft issues, however, all the methodologies must be able to deal with all the system and business aspects. This thesis investigates the possibility of developing and evaluating a multimethodology framework that can be used for information systems development in an academic and business environment. The research explores the applicability of such a framework that comprehends both ‘soft’ and ‘hard’ system aspects in order to eliminate information system failures. Different software development approaches are investigated, including the dominant ‘domain-driven design’ (DDD) approach. A new multimethodological framework entitled ‘Systemic Soft Domain Driven Design’ (SSDDDF) has been developed by combining ‘soft system methodology’ as a guiding methodology, ‘unified modelling language’ as a business domain modelling approach, and a domain-driven design implementation pattern. This framework is intended as an improvement of the DDD approach. Soft and hard techniques are integrated through mapping from the ‘consensus primary task model’ of the soft approach to the ‘use cases’ of the hard approach. In addition, ‘soft language’ is introduced as a complement to DDD’s ‘ubiquitous language’, for facilitating the communication between the different stakeholders of a project. The implementation pattern (e.g., Naked Objects) is included for generating code from domain models. The framework has been evaluated as an information systems development approach through different undergraduate and postgraduate projects. Feedback from the developers has been positive and encouraging for further improvements in the future. The SSDDD framework has also been compared to different ISD methodologies and frameworks among of these DDD as an approach to ISD. The results of this comparison show that SSDDDF has advantages over DDD and significant improvements to DDD have been achieved. Finally, the research suggests an agenda for further improvements of the framework, while suggesting the development of different pattern languages