Business Process Models for Risk Analysis: Expert View

The recent financial turbulences raise questions on how risk analysis is conducted. Regulatory requirements and professional standards have been introduced in the last decade in order to obtain a more reliable internal control on financial reporting process with a new emphasis on business processes. However, there are no standards yet available on how business processes should be captured for facilitating risk analysis in audit assignments. Representations of business processes have been investigated in the field of business process modeling. There exists a broad spectrum of notations and formalisms with relative strengths and weaknesses. Many of the popular notations build on a graph-based representation where activities of a process are connected with directed arcs defining the control flow. Such notations have been widely adopted for redesigning business processes. But also text-based formats have been defined. Corresponding process specifications define the activities of a process as lists with additional free text information. This raises the question whether the tools and methods for analyzing business process risks in auditing practice is appropriate for its objective. This paper reveals the benefits of adopting business process models for auditors toward understanding a companies business processes and the issues need to be considered for further development. The analysis also shows that practitioners use process models rather for risk elicitation and less in risk assessment

Implementation of a healthcare process in four different workflow systems

Currently, many hospitals are investigating the use of a work-flow management system in order to provide support for care processes. However, today's workflow management systems fall short in supporting care processes as exibility is required for its execution. In this paper, we investigate the exibility requirements that need to be satisfied in orderto support healthcare processes having various characteristics. An evaluation shows that different systems need to be used in conjunction with each other in order to fully support the various types of care processes

Towards a taxonomy of process flexibility (extended version)

Effective business processes must be able to accommodate changes to the environment in which they operate, e.g., new laws, changes in business strategy. The ability to encompass such changes is termed process flexibility. In this paper, we take a deeper look into the various ways in which flexibility can be achieved and propose a comprehensive taxonomy of these methods which identifies both the manner in which each of them is facilitated, and also the various configuration options and alternatives that exist in each case. This taxonomy is subsequently used to evaluate a selection of process-aware information systems and identify their potential to deploy flexible business processes

Safety, Liveness and Run-time Refinement for Modular Process-Aware Information Systems with Dynamic Sub Processes

We study modularity, run-time adaptation and refinement under safety and liveness constraints in event-based process models with dynamic sub-process instantiation. The study is part of a larger pro-gramme to provide semantically well-founded technologies for modelling, implementation and verification of flexible, run-time adaptable process-aware information systems, moved into practice via the Dynamic Condi-tion Response (DCR) Graphs notation co-developed with our industrial partner. Our key contributions are: (1) A formal theory of dynamic sub-process instantiation for declarative, event-based processes under safety and liveness constraints, given as the DCR * process language, equipped with a compositional operational semantics and conservatively extending the DCR Graphs notation; (2) an expressiveness analysis revealing that the DCR * process language is Turing-complete, while the fragment cor-responding to DCR Graphs (without dynamic sub-process instantiation) characterises exactly the languages that are the union of a regular and an omega-regular language; (3) a formalisation of run-time refinement and adaptation by composition for DCR * processes and a proof that such re-finement is undecidable in general; and finally (4) a decidable and practi-cally useful sub-class of run-time refinements. Our results are illustrated by a running example inspired by a recent Electronic Case Management solution based on DCR Graphs and delivered by our industrial partner. An online prototype implementation of the DCR * language (including examples from the paper) and its visualisation as DCR Graphs can be found a

Multi-criteria decision analysis for non-conformance diagnosis: A priority-based strategy combining data and business rules

Business process analytics and verification have become a major challenge for companies, especially when process data is stored across different systems. It is important to ensure Business Process Compliance in both data-flow perspectives and business rules that govern the organisation. In the verification of data-flow accuracy, the conformance of data to business rules is a key element, since essential to fulfil policies and statements that govern corporate behaviour. The inclusion of business rules in an existing and already deployed process, which therefore already counts on stored data, requires the checking of business rules against data to guarantee compliance. If inconsistency is detected then the source of the problem should be determined, by discerning whether it is due to an erroneous rule or to erroneous data. To automate this, a diagnosis methodology following the incorporation of business rules is proposed, which simultaneously combines business rules and data produced during the execution of the company processes. Due to the high number of possible explanations of faults (data and/or business rules), the likelihood of faults has been included to propose an ordered list. In order to reduce these possibilities, we rely on the ranking calculated by means of an AHP (Analytic Hierarchy Process) and incorporate the experience described by users and/or experts. The methodology proposed is based on the Constraint Programming paradigm which is evaluated using a real example. .Ministerio de Ciencia y Tecnología RTI2018–094283-B-C3

Conceptualising IT Consulting Services: An Approach from IT-Business Alignment Models and Design Sciences

The constant integration of business and manufacturing processes is a difficult task that can be facilitated through IT consulting services. However, if these services do not adequately address the problems of alignment between IT and business, efficiency in integration can be seriously compromised. This article presents a methodology that systematises IT consulting services for the acquisition, incorporation, and integration of IT elements in an organisation in such a way that is aligned with the business and by contemplating its contribution to the value chain. The proposal is based on a set of rules, methods, guidelines, patterns, and artefacts that define a flow of action and implement a strategy that provides a consulting solution as a final result. Likewise, a method is proposed to evaluate the applied methodology and the solution obtained. For validation of the method, a set of business processes based on a case study applied in several Cuban companies related to the food sector has been defined to help adjust the parameters and corroborate the generalisation of the proposal. This research allows to ensure the alignment of business and IT to avoid the failure in the incorporation of IT to companies. It also analyzes and establishes the ideal artefacts for IT consulting and generates an IT consulting methodology that makes the analysis of consultants more robust in order to guarantee the success of incorporating IT into companies.This work has been supported by grant TIN2016-78103-C2-2-R and University of Alicante [GRE14-02 and SmartUniversity2017]

Partial-order-based process mining: a survey and outlook

The field of process mining focuses on distilling knowledge of the (historical) execution of a process based on the operational event data generated and stored during its execution. Most existing process mining techniques assume that the event data describe activity executions as degenerate time intervals, i.e., intervals of the form [t, t], yielding a strict total order on the observed activity instances. However, for various practical use cases, e.g., the logging of activity executions with a nonzero duration and uncertainty on the correctness of the recorded timestamps of the activity executions, assuming a partial order on the observed activity instances is more appropriate. Using partial orders to represent process executions, i.e., based on recorded event data, allows for new classes of process mining algorithms, i.e., aware of parallelism and robust to uncertainty. Yet, interestingly, only a limited number of studies consider using intermediate data abstractions that explicitly assume a partial order over a collection of observed activity instances. Considering recent developments in process mining, e.g., the prevalence of high-quality event data and techniques for event data abstraction, the need for algorithms designed to handle partially ordered event data is expected to grow in the upcoming years. Therefore, this paper presents a survey of process mining techniques that explicitly use partial orders to represent recorded process behavior. We performed a keyword search, followed by a snowball sampling strategy, yielding 68 relevant articles in the field. We observe a recent uptake in works covering partial-order-based process mining, e.g., due to the current trend of process mining based on uncertain event data. Furthermore, we outline promising novel research directions for the use of partial orders in the context of process mining algorithms