International Conference on Conceptual Modeling

Conceptual Modeling pp 94-107 | Cite as

Detecting the Effects of Changes on the Compliance of Cross-Organizational Business Processes

  • David Knuplesch
  • Walid Fdhila
  • Manfred Reichert
  • Stefanie Rinderle-Ma
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 9381)


An emerging challenge for collaborating business partners is to properly define and evolve their cross-organizational processes with respect to imposed global compliance rules. Since compliance verification is known to be very costly, reducing the number of compliance rules to be rechecked in the context of process changes will be crucial. Opposed to intra-organizational processes, however, change effects cannot be easily assessed in such distributed scenarios, where partners only provide restricted public views and assertions on their private processes. Even if local process changes are invisible to partners, they might affect the compliance of the cross-organizational process with the mentioned rules. This paper provides an approach for ensuring compliance when evolving a cross-organizational process. For this purpose, we construct qualified dependency graphs expressing relationships between process activities, process assertions, and compliance rules. Based on such graphs, we are able to determine the subset of compliance rules that might be affected by a particular change. Altogether, our approach increases the efficiency of compliance checking in cross-organizational settings.


Process Compliance Process Change Cross-organizational Process 


  1. 1.
    Governatori, G., Sadiq, S.: The journey to business process compliance. In: Cardoso, J., van der Aalst, W. (eds.) Handbook of Research on BPM, pp. 426–454. IGI Global, Hershey (2009)Google Scholar
  2. 2.
    Awad, A., Decker, G., Weske, M.: Efficient compliance checking using BPMN-Q and temporal logic. In: Dumas, M., Reichert, M., Shan, M.-C. (eds.) BPM 2008. LNCS, vol. 5240, pp. 326–341. Springer, Heidelberg (2008) CrossRefGoogle Scholar
  3. 3.
    Ly, L.T., et al.: Integration and verification of semantic constraints in adaptive process management systems. Data Knowl. Eng. 64(1), 3–23 (2008)CrossRefGoogle Scholar
  4. 4.
    Ramezani Taghiabadi, E., Fahland, D., van Dongen, B.F., van der Aalst, W.M.P.: Diagnostic Information for compliance checking of temporal compliance requirements. In: Salinesi, C., Norrie, M.C., Pastor, Ó. (eds.) CAiSE 2013. LNCS, vol. 7908, pp. 304–320. Springer, Heidelberg (2013) CrossRefGoogle Scholar
  5. 5.
    Maggi, F.M., Di Francescomarino, C., Dumas, M., Ghidini, C.: Predictive monitoring of business processes. In: Jarke, M., Mylopoulos, J., Quix, C., Rolland, C., Manolopoulos, Y., Mouratidis, H., Horkoff, J. (eds.) CAiSE 2014. LNCS, vol. 8484, pp. 457–472. Springer, Heidelberg (2014) Google Scholar
  6. 6.
    Knuplesch, D., et al.: Towards compliance of cross-organizational processes and their changes. In: BPM 2012 Workshops, pp. 649–661 (2013)Google Scholar
  7. 7.
    Fdhila, W., Knuplesch, D., Rinderle-Ma, S., Reichert, M.: Change and compliance in collaborative processes. In: SCC 2015 (2015)Google Scholar
  8. 8.
    Knuplesch, D., et al.: Ensuring compliance of distributed and collaborative workflows. In: CollaborateCom 2013, pp. 133–142. IEEE (2013)Google Scholar
  9. 9.
    Fdhila, W., et al.: Dealing with change in process choreographies: design and implementation of propagation algorithms. Inf. Syst. 49, 1–24 (2015)CrossRefGoogle Scholar
  10. 10.
    van der Aalst, W.M.P.: Inheritance of interorganizational workflows to enable Business-to-Business E-Commerce. Electron. Commer. Res. 2(3), 195–231 (2002)CrossRefMATHGoogle Scholar
  11. 11.
    Rinderle, S., Wombacher, A., Reichert, M.: Evolution of process choreographies in DYCHOR. In: CoopIS 2006, pp. 273–290 (2006)Google Scholar
  12. 12.
    Mafazi, S., Grossmann, G., Mayer, W., Stumptner, M.: On-the-fly change propagation for the co-evolution of business processes. In: OTM 2013, pp. 75–93 (2013)Google Scholar
  13. 13.
    Comuzzi, M.: Aligning monitoring and compliance requirements in evolving business networks. In: Meersman, R., Panetto, H., Dillon, T., Missikoff, M., Liu, L., Pastor, O., Cuzzocrea, A., Sellis, T. (eds.) OTM 2014. LNCS, vol. 8841, pp. 166–183. Springer, Heidelberg (2014) Google Scholar
  14. 14.
    Knuplesch, D., et al.: On enabling data-aware compliance checking of business process models. In: ER 2010, pp. 332–346 (2010)Google Scholar
  15. 15.
    van der Aalst, W.M.P., et al.: Multiparty contracts: agreeing and implementing interorganizational processes. Comp J. 53(1), 90–106 (2010)CrossRefGoogle Scholar
  16. 16.
    Decker, G., Weske, M.: Behavioral consistency for B2B process integration. In: Krogstie, J., Opdahl, A.L., Sindre, G. (eds.) CAiSE 2007 and WES 2007. LNCS, vol. 4495, pp. 81–95. Springer, Heidelberg (2007) CrossRefGoogle Scholar
  17. 17.
    Rouached, M., et al.: Web services compositions modelling and choreographies analysis. Int. J. Web Service Res. 7(2), 87–110 (2010)CrossRefGoogle Scholar
  18. 18.
    Knuplesch, D., Reichert, M., Fdhila, W., Rinderle-Ma, S.: On enabling compliance of cross-organizational business processes. In: Daniel, F., Wang, J., Weber, B. (eds.) BPM 2013. LNCS, vol. 8094, pp. 146–154. Springer, Heidelberg (2013) CrossRefGoogle Scholar
  19. 19.
    Knuplesch, D., et al.: Visual modeling of business process compliance rules with the support of multiple perspectives. In: ER 2013, pp. 106–120 (2013)Google Scholar
  20. 20.
    Semmelrodt, F., Knuplesch, D., Reichert, M.: Modeling the Resource perspective of business process compliance rules with the extended compliance rule graph. In: Bider, I., Gaaloul, K., Krogstie, J., Nurcan, S., Proper, H.A., Schmidt, R., Soffer, P. (eds.) BPMDS 2014 and EMMSAD 2014. LNBIP, vol. 175, pp. 48–63. Springer, Heidelberg (2014) Google Scholar
  21. 21.
    Governatori, G., et al.: Detecting regulatory compliance for business process models through semantic annotations. In: BPM 2008 Workshops, pp. 5–17. Springer (2009)Google Scholar
  22. 22.
    Knuplesch, D., Reichert, M.: Ensuring business process compliance along the process life cycle. Technical report 2011–06, Ulm University (2011)Google Scholar
  23. 23.
    Turetken, O., et al.: Capturing compliance requirements: a pattern-based approach. IEEE Softw. 29, 29–36 (2012)CrossRefGoogle Scholar
  24. 24.
    Ly, L.T., Rinderle-Ma, S., Dadam, P.: Design and verification of instantiable compliance rule graphs in process-aware information systems. In: Pernici, B. (ed.) CAiSE 2010. LNCS, vol. 6051, pp. 9–23. Springer, Heidelberg (2010) CrossRefGoogle Scholar
  25. 25.
    Koetter, F., et al.: Integrating compliance requirements across business and it. In: EDOC 2014 (2014)Google Scholar
  26. 26.
    Kumar, A., et al.: Flexible process compliance with semantic constraints using mixed-integer programming. INFORMS J. Comput. 25(3), 543–559 (2013)CrossRefGoogle Scholar
  27. 27.
    Berry, A., Milosevic, Z.: Extending choreography with business contract constraints. Coop. Inf. Syst. 14(2–3), 131–179 (2005)CrossRefGoogle Scholar
  28. 28.
    Ly, L.T., et al.: A framework for the systematic comparison and evaluation of compliance monitoring approaches. In: EDOC 2013, pp. 7–16. IEEE (2013)Google Scholar
  29. 29.
    Knuplesch, D., Reichert, M., Kumar, A.: Visually monitoring multiple perspectives of business process compliance. In: BPM 2015 (2015)Google Scholar
  30. 30.
    Alles, M., Kogan, A., Vasarhelyi, M.: Putting continuous auditing theory into practice: lessons from two pilot implementations. Inf. Syst. 22(2), 195–214 (2008)Google Scholar
  31. 31.
    Governatori, G., et al.: Compliance checking between business processes and business contracts. In: EDOC 2006, pp. 221–232 (2006)Google Scholar

Copyright information

© Springer International Publishing Switzerland 2015

Authors and Affiliations

  • David Knuplesch
    • 1
  • Walid Fdhila
    • 2
  • Manfred Reichert
    • 1
  • Stefanie Rinderle-Ma
    • 2
  1. 1.Institute of Databases and Information SystemsUlm UniversityUlmGermany
  2. 2.Faculty of Computer ScienceUniversity of ViennaViennaAustria

Personalised recommendations