Querying a regulatory model for compliant building design audit

The ingredients for an effective automated audit of a building design include a BIM model containing the design information, an electronic regulatory knowledge model, and a practical method of processing these computerised representations. There have been numerous approaches to computer-aided compliance audit in the AEC/FM domain over the last four decades, but none has yet evolved into a practical solution. One reason is that they have all been isolated attempts that lack any form of standardisation. The current research project therefore focuses on using an open standard regulatory knowledge and BIM representations in conjunction with open standard executable compliant design workflows to automate the compliance audit process. This paper provides an overview of different approaches to access information from a regulatory model representation. The paper then describes the use of a purpose-built high-level domain specific query language to extract regulatory information as part of the effort to automate manual design procedures for compliance audit

The Need for Compliance Verification in Collaborative Business Processes

Compliance constrains processes to adhere to rules, standards, laws and regulations. Non-compliance subjects enterprises to litigation and financial fines. Collaborative business processes cross organizational and regional borders implying that internal and cross regional regulations must be complied with. To protect customs’ data, European enterprises must comply with the EU data privacy regulation (general data protection regulation - GDPR) and each member state’s data protection laws. An example of non-compliance with GDPR is Facebook, it is accused for breaching subscriber trust. Compliance verification is thus essential to deploy and implement collaborative business process systems. It ensures that processes are checked for conformance to compliance requirements throughout their life cycle. In this paper we take a proactive approach aiming to discuss the need for design time preventative compliance verification as opposed to after effect runtime detective approach. We use a real-world case to show how compliance needs to be analyzed and show the benefits of applying compliance check at the process design stag

The Need for Compliance Verification in Collaborative Business Processes

Compliance constrains processes to adhere to rules, standards, laws and regulations. Non-compliance subjects enterprises to litigation and financial fines. Collaborative business processes cross organizational and regional borders implying that internal and cross regional regulations must be complied with. To protect customs’ data, European enterprises must comply with the EU data privacy regulation (general data protection regulation - GDPR) and each member state’s data protection laws. An example of non-compliance with GDPR is Facebook, it is accused for breaching subscriber trust. Compliance verification is thus essential to deploy and implement collaborative business process systems. It ensures that processes are checked for conformance to compliance requirements throughout their life cycle. In this paper we take a proactive approach aiming to discuss the need for design time preventative compliance verification as opposed to after effect runtime detective approach. We use a real-world case to show how compliance needs to be analyzed and show the benefits of applying compliance check at the process design stag

Compliance to data protection and purpose control using process mining technique

The business processes of an organisation are executed incertain boundaries. Some of the restrictions are raised from the environment of the organisations such as regulatory and supervisory constraints. One of the regulations that is imposed on organisations is theEuropean General Data Protection Regulation (GDPR). The most important aspect of the GDPR rules is how organisations handle personaldata of their customers. In this research, we focus on this aspect of theGDPR. Our goal is to develop a solution that enables organisations todeal with the challenges of becoming compliant with GDPR. We plan touse and improve process mining techniques to tackle the problems suchas discovering data-flow and control-flow of business processes that haveinteraction with personal data of customers. Our approach consists offour phases: (1) discover process model based on purpose, (2) translateregulatory rules to technical rules, (3) develop privacy policy model baseon the GDPR, (4) conformance analysisThe business processes of an organisation are executed in certain boundaries. Some of the restrictions are raised from the environment of the organisations such as regulatory and supervisory constraints. One of the regulations that is imposed on organisations is the European General Data Protection Regulation (GDPR). The most important aspect of the GDPR rules is how organisations handle personal data of their customers. In this research, we focus on this aspect of the GDPR. Our goal is to develop a solution that enables organisations to deal with the challenges of becoming compliant with GDPR. We plan to use and improve process mining techniques to tackle the problems such as discovering data-flow and control-flow of business processes that have interaction with personal data of customers. Our approach consists of four phases: (1) discover process model based on purpose, (2) translate regulatory rules to technical rules, (3) develop privacy policy model base on the GDPR, (4) conformance analysis

Compliance to data protection and purpose control using process mining technique

The business processes of an organisation are executed incertain boundaries. Some of the restrictions are raised from the environment of the organisations such as regulatory and supervisory constraints. One of the regulations that is imposed on organisations is theEuropean General Data Protection Regulation (GDPR). The most important aspect of the GDPR rules is how organisations handle personaldata of their customers. In this research, we focus on this aspect of theGDPR. Our goal is to develop a solution that enables organisations todeal with the challenges of becoming compliant with GDPR. We plan touse and improve process mining techniques to tackle the problems suchas discovering data-flow and control-flow of business processes that haveinteraction with personal data of customers. Our approach consists offour phases: (1) discover process model based on purpose, (2) translateregulatory rules to technical rules, (3) develop privacy policy model baseon the GDPR, (4) conformance analysisThe business processes of an organisation are executed in certain boundaries. Some of the restrictions are raised from the environment of the organisations such as regulatory and supervisory constraints. One of the regulations that is imposed on organisations is the European General Data Protection Regulation (GDPR). The most important aspect of the GDPR rules is how organisations handle personal data of their customers. In this research, we focus on this aspect of the GDPR. Our goal is to develop a solution that enables organisations to deal with the challenges of becoming compliant with GDPR. We plan to use and improve process mining techniques to tackle the problems such as discovering data-flow and control-flow of business processes that have interaction with personal data of customers. Our approach consists of four phases: (1) discover process model based on purpose, (2) translate regulatory rules to technical rules, (3) develop privacy policy model base on the GDPR, (4) conformance analysis

Business Rules Management and Decision Mining - Filling in the Gaps

Proper decision-making is one of the most important capabilities of an organization. Adequately managing these decisions is therefore of high importance. Business Rules Management (BRM) is an approach that helps in managing decisions and underlying business logic. However, questions still arise if the decisions are properly improved based on decision data. Decision Mining (DM) could complement BRM capabilities in order to improve towards effective and efficient decision-making. In this study, we propose the integration of BRM and DM through a simulation using a government and a healthcare case. During this simulation, three entry points are presented that describe how decision-related data should be utilized between BRM capabilities and DM phases to be able to integrate them. The presented results provide a basis from which more technical research on the three DM phases can be further explored

Towards a Semantic-based Approach for Modeling Regulatory Documents in Building Industry

Regulations in the Building Industry are becoming increasingly complex and involve more than one technical area. They cover products, components and project implementation. They also play an important role to ensure the quality of a building, and to minimize its environmental impact. In this paper, we are particularly interested in the modeling of the regulatory constraints derived from the Technical Guides issued by CSTB and used to validate Technical Assessments. We first describe our approach for modeling regulatory constraints in the SBVR language, and formalizing them in the SPARQL language. Second, we describe how we model the processes of compliance checking described in the CSTB Technical Guides. Third, we show how we implement these processes to assist industrials in drafting Technical Documents in order to acquire a Technical Assessment; a compliance report is automatically generated to explain the compliance or noncompliance of this Technical Documents

Automated compliance checking in healthcare building design

Regulatory frameworks associated to building design are usually complex, representing extensive sets of requirements. For healthcare projects in the UK, this includes statutory and guidance documents. Existing research indicates that they contain subjective requirements, which challenge the practical adoption of automated compliance checking, leading to limited outcomes. This paper aims to propose recommendations for the adoption of automated compliance checking in the design of healthcare buildings. Design Science Research was used to gain a detailed understanding of how information from existing regulatory requirements affects automation, through an empirical study in the design of a primary healthcare facility. In this study, a previously proposed taxonomy was implemented and refined, resulting in the identification of different types of subjective requirements. Based on empirical data emerging from the research, a set of recommendations was proposed focusing on the revision of regulatory documents, as well as to aid designers implementing automated compliance in practice

Monitoring Business Process Compliance Using Compliance Rule Graphs

Driven by recent trends, effective compliance control has become a crucial success factor for companies nowadays. In this context, compliance monitoring is considered an important building block to support business process compliance. Key to the practical application of a monitoring framework will be its ability to reveal and pinpoint violations of imposed compliance rules that occur during process execution. In this context, we propose a compliance monitoring framework that tackles three major challenges. As a compliance rule can become activated multiple times within a process execution, monitoring only its overall enforcement can be insufficient to assess and deal with compliance violations. Therefore, our approach enables to monitor each activation of a compliance rule individually. In case of violations, we are able to derive the particular root cause, which is helpful to apply specific remedy strategies. Even if a rule activation is not yet violated, the framework can provide assistance in proactively enforcing compliance by deriving measures to render the rule activation satisfied