554,738 research outputs found
On the Identification of Data-Related Compliance Problems in Business Processes
Ensuring the compliance of business processes with regulations is becoming increasingly important to organizations. in this scenario, data play an important role. Little work has been done on data checking in business processes and no standard definitions have been given to describe data-related compliance problems. The goal of this paper is three-fold: (i) to identify and organise the data-related compliance problems that may arise in a business process model and thus to introduce a common vocabulary for these problems, (ii) to analyse the capabilities of BPMN 2.0 for defining business process models with sufficient information about data to enable the checking of data-related compliance problems, and (iii) to describe the current situation of data-related compliance in terms of the existing automated support and envisage future work to deal with data-aware business process compliance checking
An Operational Semantics for the Extended Compliance Rule Graph Language
A challenge for any enterprise is to ensure conformance of its business processes with imposed compliance rules. Usually, the latter may constrain multiple perspectives of a business process, including control flow, data, time, resources, and interactions with business partners. Like for process modeling, intuitive visual languages have been proposed for specifying compliance rules. However, business process compliance cannot completely be decided at design time, but needs to be monitored during run time as well. In previous work we introduced the extended Compliance Rule Graph (eCRG) language that enables the visual monitoring of business process compliance regarding the control flow, data, time, and resource perspectives as well as the interactions a process has with business partners. This technical report introduces an operational semantics of the eCRG language. In particular, the state of a visual compliance rule is reflected through markings and annotations of an eCRG. The proposed operational semantics not only allows detecting compliance violations at run-time, but visually highlights their causes as well. Finally, it allows providing recommendations to users in order to proactively ensure for a compliant continuation of a running business process
Towards Visually Monitoring Multiple Perspectives of Business Process Compliance
A challenge for enterprises is to ensure conformance of their business processes with imposed compliance rules. Usually, the latter may constrain multiple perspectives of a business process, including control flow, data, time, resources, and interactions with business partners. Like in process modeling, visual languages for specifying compliance rules have been proposed. However, business process compliance cannot be completely decided at design time, but needs to be monitored during run time as well. This paper introduces an approach for visually monitoring business process compliance. In particular, this approach covers all relevant process perspectives. Furthermore, compliance violations cannot only be detected, but also be visually highlighted emphasizing their causes. Finally, the approach assists users in ensuring compliant continuations of a running business process
Visually Monitoring Multiple Perspectives of Business Process Compliance
A challenge for any enterprise is to ensure conformance of its business processes with imposed compliance rules. The latter may constrain multiple perspectives of a business process, including control flow, data, time, resources, and interactions with business partners. However, business process compliance cannot completely be decided at design
time, but needs to be monitored during run time as well. This paper introduces a comprehensive framework for visually monitoring business process compliance. As opposed to existing approaches, the framework supports the visual monitoring of all relevant process perspectives based
on the extended Compliance Rule Graph (eCRG) language. Furthermore, it not only allows detecting compliance violations, but visually highlights their causes as well. Finally, the framework assists users in monitoring business process compliance and ensuring a compliant continuation of
their running business processes
Enabling Multi-Perspective Business Process Compliance
A particular challenge for any enterprise is to ensure that its business processes conform with compliance rules, i.e., semantic constraints on the multiple perspectives of the business processes. Compliance rules stem, for example, from legal regulations, corporate best practices, domain-specific guidelines, and industrial standards. In general, compliance rules are multi-perspective, i.e., they not only restrict the process behavior (i.e. control flow), but may refer to other process perspectives (e.g. time, data, and resources) and the interactions (i.e. message exchanges) of a business process with other processes as well.
The aim of this thesis is to improve the specification and verification of multi-perspective process compliance based on three contributions:
1. The extended Compliance Rule Graph (eCRG) language, which enables the visual modeling of multi-perspective compliance rules. Besides control flow, the latter may refer to the time, data, resource, and interaction perspectives of a business process.
2. A framework for multi-perspective monitoring of the compliance of running processes with a given set of eCRG compliance rules.
3. Techniques for verifying business process compliance with respect to the interaction perspective. In particular, we consider compliance verification for cross-organizational
business processes, for which solely incomplete process knowledge is available.
All contributions were thoroughly evaluated through proof-of-concept prototypes, case studies, empirical studies, and systematic comparisons with related works
Visual Modeling of Business Process Compliance Rules with the Support of Multiple Perspectives
A fundamental challenge for any process-aware information system is to ensure compliance of modeled and executed business processes with imposed compliance rules stemming from guidelines, standards and laws. Such compliance rules usually refer to multiple process perspectives including control flow, time, resources, data, and interactions with business partners. On one hand, compliance rules should be comprehensible for domain experts who must define and apply them. On the other, they should have a precise semantics such that they can be automatically processed. In this context, providing a visual compliance rule language seems promising as it allows hiding formal details and offers an
intuitive way of modeling. So far, visual compliance rule languages have focused on the control flow perspective, but lack adequate support for the other perspectives. To remedy this drawback, this paper provides an approach that extends visual compliance rule languages with the ability to consider data, time, resources, and partner interactions when modeling business process compliance rules. Overall, this extension will foster business process compliance support in practice
Compliance validation and diagnosis of business data constraints in business processes at runtime
Business processes involve data that can be modified and updated by various activities at any
time. The data involved in a business process can be associated with flow elements or data
stored. These data must satisfy the business compliance rules associated with the process,
where business compliance rules are policies or statements that govern the behaviour of
a company. To improve and automate the validation and diagnosis of compliance rules
based on the description of data semantics (called Business Data Constraints), we
propose a framework where dataflow variables and stored data are analyzed. The
validation and diagnosis process is automated using Constraint Program-ming, to permit
the detection and identification of possibly unsatisfiable Business Data Constraints, even if
the data involved in these constraints are not all instantiated. This implies that the
potential errors can be determined in advance. Furthermore, a language to describe Business
Data Constraints is proposed, for the improvement of user-oriented aspects of the business
process description. This language allows a business expert to write Business Data
Constraints that will be automatically validated in run-time, without the support of an
information technology expert.Junta de Andalucía P08-TIC-04095Ministerio de Ciencia y Tecnología TIN2009-1371
Predictive Monitoring of Business Processes
Modern information systems that support complex business processes generally
maintain significant amounts of process execution data, particularly records of
events corresponding to the execution of activities (event logs). In this
paper, we present an approach to analyze such event logs in order to
predictively monitor business goals during business process execution. At any
point during an execution of a process, the user can define business goals in
the form of linear temporal logic rules. When an activity is being executed,
the framework identifies input data values that are more (or less) likely to
lead to the achievement of each business goal. Unlike reactive compliance
monitoring approaches that detect violations only after they have occurred, our
predictive monitoring approach provides early advice so that users can steer
ongoing process executions towards the achievement of business goals. In other
words, violations are predicted (and potentially prevented) rather than merely
detected. The approach has been implemented in the ProM process mining toolset
and validated on a real-life log pertaining to the treatment of cancer patients
in a large hospital
On Enabling Data-Aware Compliance Checking of Business Process Models
In the light of an increasing demand on business process
compliance, the verication of process models against compliance rules has become essential in enterprise computing. To be broadly applicable compliance checking has to support data-aware compliance rules as well as to consider data conditions within a process model. Independently of the actual technique applied to accomplish compliance checking, dataawareness means that in addition to the control ow dimension, the data dimension has to be explored during compliance checking. However, naive exploration of the data dimension can lead to state explosion. We address this issue by introducing an abstraction approach in this paper. We show how state explosion can be avoided by conducting compliance
checking for an abstract process model and abstract compliance rules.
Our abstraction approach can serve as preprocessing step to the actual
compliance checking and provides the basis for more ecient application
of existing compliance checking algorithms
The Need for Compliance Verification in Collaborative Business Processes
Compliance constrains processes to adhere to rules, standards, laws
and regulations. Non-compliance subjects enterprises to litigation and financial
fines. Collaborative business processes cross organizational and regional
borders implying that internal and cross regional regulations must be complied
with. To protect customs’ data, European enterprises must comply with the EU
data privacy regulation (general data protection regulation - GDPR) and each
member state’s data protection laws. An example of non-compliance with
GDPR is Facebook, it is accused for breaching subscriber trust. Compliance
verification is thus essential to deploy and implement collaborative business
process systems. It ensures that processes are checked for conformance to
compliance requirements throughout their life cycle. In this paper we take a
proactive approach aiming to discuss the need for design time preventative
compliance verification as opposed to after effect runtime detective approach.
We use a real-world case to show how compliance needs to be analyzed and
show the benefits of applying compliance check at the process design stag
- …