Evaluating Business Process Improvement Patterns by Simulation

Existing approaches for business process improvement often lack systematic guidelines to transform a business process into an enhanced state, which we refer to as the “act of improvement”. To close this gap, a pattern-based approach has been designed and developed in previous works. In this paper, the usefulness of “Business Process Improvement Patterns” (BPI-Patterns) as a means of improving business processes is analyzed. For this purpose, a simulation experiment is performed in which several BPI-Patterns are applied to evaluate whether their anticipated effects can be confirmed for real-life business processes. From the analysis of the simulation results, i.e. how the application of BPI-Patterns affects the business processes, we investigate enabling as well as hindering factors that influence the implementation of BPI-Patterns. These factors may serve as a means to further specify instances of BPI-Patterns and also contribute to the overall evaluation of the BPI-Pattern approach

Collaborative Process Modelling and Evaluation in E-health

Published version of a paper from the conference:Scandinavian Conference on Health Informatics; August 22; 2014; Grimstad; NorwayThere is a gap in Design Science Research literature regarding context and methodologies for Evaluation. The Evaluation stage is the bridge between Design (or procurement); and Benefit management. Taking a constructive approach to the many challenges this poses; we propose a framework for e-health design science research evaluation. We also perform a systematic literature review for the use of process modelling notation in e-health; as a prerequisite for process and service co-creation and evaluation; and assess these; as they are applied in the literature; for cognitive efficiency in communication between receiver and sender

A Dynamic Risk-Based Access Control Approach: Model and Implementation

Access control (AC) refers to mechanisms and policies that restrict access to resources, thus regulating access to physical or virtual resources of an information system. AC approaches are used to represent these mechanisms and policies by which users are granted access and specific access privileges to the resources or information of the system for which AC is provided. Traditional AC approaches encompass a variety of widely used approaches, including attribute-based access control (ABAC), mandatory access control (MAC), discretionary access control (DAC) and role-based access control (RBAC). Emerging AC approaches include risk adaptive access control (RAdAC), an approach that suggests that AC can adapt depending on specific situations. However, traditional and emerging AC approaches rely on static pre-defined risk mitigation tasks and do not support the adaptation of an AC risk mitigation process (RMP). There are no provided mechanisms and automated support that allow AC approaches to construct RMPs and to adapt to provide more flexible, custom-tailored responses to specific situations in order to minimize risks. Further, although existing AC approaches can operate in several knowledge domains at once, they do not explicitly take into account the relationships among risks related to different dimensions, e.g., security, productivity. In addition, although in the real world, risks accumulate over time, existing AC approaches do not appropriately provide means for risk resolution in situations in which risks accumulate as different, dangerous tasks impact risk measures. This thesis presents the definition, the implementation, and the application through two case studies of a novel AC risk-mitigation approach that combines dynamic RMP construction and risk assessment extended to include forecasting based on multiple risk-related utilities and events; provides support for a dynamic risk assessment that depends on one or multiple risk dimensions (e.g., security and productivity); offers cumulative risk assessment in which each action of interest can impact the risk-related utilities in a dynamic way; and presents an implementation of an adaptive simulation method based on risk-related utilities and events

Potentiale von Enterprise Social Networks und Business Process Management zur Gestaltung effizienter Unternehmen

In dieser Dissertation werden ausgewählte Fragestellungen aus den Bereichen Business Process Management (BPM) und Enterprise Social Networks (ESN) beantwortet. Im Kontext des BPM werden drei Forschungsfragen erarbeitet: (1) In welchem Ausmaß sind BPM-Maßnahmen in klein- und mittelständischen Unternehmen umgesetzt? Welche Faktoren können identifiziert werden, die sich fördernd oder hindernd auf die Umsetzung von BPM-Maßnahmen auswirken? (2) Welche Auswirkungen (z.B. Zeit, Kosten) haben BPI-Pattern in verschiedenen Szenarien? Was sind fördernde und hindernde Faktoren für die Anwendung von einzelnen BPI-Pattern? (3) Wie können kulturelle Eigenschaften anhand von Geschäftsprozessen gemessen werden und wie lassen sich die gewonnen Erkenntnisse in Prozessverbesserungsinitiativen nutzen? Im Kontext des ESN werden ebenfalls drei Forschungsfragen erarbeitet: (1) Was ist der aktuelle Stand der Literatur im Themenbereich ESN und welcher Forschungsbedarf besteht weiterhin? (2) Welche Benefits lassen sich durch den Einsatz von ESN erzielen? Können alle Benefits den traditionellen IT Capabilities zugeordnet werden oder schaffen ESN neue IT Capabilities? (3) Wie kann der Erfolg von ESN im Kontext von "Social Capital" gemessen werden und welchen Nutzen bringt ein entsprechender Messansatz? Zur Beantwortung der Forschungsfragen werden unterschiedliche Forschungsmethodiken angewendet, im Speziellen Literature Review, Survey, Case Study, Design Science, Content Analysis und Experiment. Die Forschungsergebnisse werden in wissenschaftlichen Beiträgen aufgearbeitet, wobei je Forschungsfrage ein Beitrag erarbeitet wird