This Article 
   
 Share 
   
 Bibliographic References 
   
 Add to: 
 
Digg
Furl
Spurl
Blink
Simpy
Google
Del.icio.us
Y!MyWeb
 
 Search 
   
Capturing Compliance Requirements: A Pattern-Based Approach
May-June 2012 (vol. 29 no. 3)
pp. 28-36
Oktay Turetken, Tilburg University
Amal Elgammal, Tilburg University
Willem-Jan van den Heuvel, Tilburg University
Michael P. Papazoglou, Tilburg University
Ensuring compliance to laws, regulations, and standards in a constantly changing business environment is a major challenge for companies. So, organizations have an increasing need for systematic approaches to manage compliance throughout the business process (BP) life cycle. A new pattern-based approach, including a toolset, captures and manages BP compliance requirements. This approach is a first step toward comprehensive management of BP compliance and acts as a springboard to fully automate and continuously audit BPs.

1. Internal Control—Integrated Framework, Committee of Sponsoring Organizations of the Treadway Commission (COSO), 1994.
2. T. Meservy et al., “The Business Rules Approach and Its Impact on Software Testing: A Case Study,” IEEE Software, preprint, 29 Sept. 2011; doi:10.1109/MS.2011.120.
3. G. Governatori and S. Sadiq, “The Journey to Business Process Compliance,” Handbook of Research on Business Process Modeling, J. Cardoso, and W. van der Aalst eds., IGI Global, 2009, pp. 426–454.
4. O. Turetken et al., “Enforcing Compliance on Business Processes through the Use of Patterns,” Proc. 19th European Conf. Information Systems (ECIS 11), Assoc. Information Systems, 2011, paper 5.
5. Red Book 2.1 (GRC Capability Model),, Open Compliance and Ethics Group, 2012.
1. G. Governatori and S. Sadiq, “The Journey to Business Process Compliance,” Handbook of Research on Business Process Modeling, J. Cardoso, and W. van der Aalst eds., IGI Global, 2009, pp. 426–454.
2. K. Namiri, and N. Stojanovic, “Pattern-Based Design and Validation of Business Process Compliance,” Proc. Confederated Int'l Conf. On the Move to Meaningful Internet Systems (OTM 07), LNCS 4803, Springer, 2007, pp. 59–76.
3. Y. Liu, S. Muller, and K. Xu, “A Static Compliance-Checking Framework for Business Process Models,” IBM Systems J., vol. 46, no. 2, 2007, 335–361.
4. L.T. Ly et al., “Monitoring Business Process Compliance Using Compliance Rule Graphs,” Proc. Confederated Int'l Conf. On the Move to Meaningful Internet Systems (OTM 11), LNCS 7044, Springer, 2011, pp. 82–99.
5. W.M.P. van der Aalst, H. Beer, and B.F. van Dongen, “Process Mining and Verification of Properties: An Approach Based on Temporal Logic,” Proc. Confederated Int'l Conf. On the Move to Meaningful Internet Systems: CoopIS, DOA,and ODBASE, Part 1, LNCS 3760, Springer, 2005, pp. 130–147.
6. J. Yu et al., “Pattern Based Property Specification and Verification for Service Composition,” Proc. 7th Int'l Conf. Web Information Systems Eng. (WISE 06), LNCS 4255, Springer, 2006, pp. 156–168.
7. M. Dwyer, G. Avrunin, and J. Corbett, “Patterns in Property Specifications for Finite State Verification,” Proc. 21st Int'l Conf. Software Eng. (ICSE 99), ACM, 1999, pp. 411–420.
8. V. Gruhn and R. Laue, “Specification Patterns for Time-Related Properties,” Proc. 12th Int'l Symp. Temporal Representation and Reasoning (TIME 05), IEEE CS, 2005, pp. 189–191.
9. A. Awad, M. Weidlich, and M. Weske, “Visually Specifying Compliance Rules and Explaining their Violations for Business Processes,” J. Visual Languages and Computing, vol. 22, no. 1, 2011, pp. 30–55.
10. A. Speck et al., “Formalizing Business Process Specifications,” Computer Science and Information Systems, vol. 8, no. 2, 2011, pp. 427–446.
11. C. Wolter and A. Schaad, “Modeling of Task-Based Authorization Constraints in BPMN,” Proc. 5th Int'l Conf. Business Process Management (BPM 07), LNCS 4714, Springer, 2007, pp. 64–79.

Index Terms:
business process management, representations, business process compliance, business process, software engineering
Citation:
Oktay Turetken, Amal Elgammal, Willem-Jan van den Heuvel, Michael P. Papazoglou, "Capturing Compliance Requirements: A Pattern-Based Approach," IEEE Software, vol. 29, no. 3, pp. 28-36, May-June 2012, doi:10.1109/MS.2012.45
Usage of this product signifies your acceptance of the Terms of Use.