Effect of Using Automated Auditing Tools on Detecting Compliance Failures in Unmanaged Processes
The effect of using automated auditing tools to detect compliance failures in unmanaged business processes is investigated. In the absence of a process execution engine, compliance of an unmanaged business process is tracked by using an auditing tool developed based on business provenance technology or employing auditors. Since budget constraints limit employing auditors to evaluate all process instances, a methodology is devised to use both expert opinion on a limited set of process instances and the results produced by fallible automated audit machines on all process instances. An improvement factor is defined based on the average number of non-compliant process instances detected and it is shown that the improvement depends on the prevalence of non-compliance in the process as well as the sensitivity and the specificity of the audit machine.
Topics coveredBPM Governance and Compliance Management Issues and Empirical Studies Non-traditional BPM Scenarios
Unable to display preview. Download preview PDF.
- 1.Curbera, F., Doganata, Y., Martens, A., Mukhi, M., Slominski, A.: Business Provenance - A Technology to Increase Traceability of End-to-End Operations. In: OTM Conferences vol (1) , pp. 100–119 (2008)Google Scholar
- 2.Greengard, S.: Compliance Software’s Bonus Benefits. Business Finance Magazine (February 2004)Google Scholar
- 3.Gartner.: Simplifying Compliance: Best Practices and Technology, French Caldwell, (Business Process Management Summit (June 6, 2005)Google Scholar
- 4.Hagerty, J., Hackbush, J., Gaughan, D., Jacaobson, S.: The Governance, Risk Management, and Compliance Spending Report, 2008-2009, AMR Research Report, March 25 (2008)Google Scholar
- 5.Corfield, B.: Managing the cost of compliance, http://justin-taylor.net/webdocs/tip_of_the_iceberg.pdf
- 7.Christopher, G., Müller, S., Pfitzmann, B.: From Regulatory Policies to Event Monitoring Rules: Towards Model-Driven Compliance Automation. IBM Research Report RZ 3662, IBM Zurich Research Laboratory (2006)Google Scholar
- 9.Milosevic, Z., Gibson, S., Linington, J.C., Kulkarni, S.: On Design and implementation of a contract monitoring facility. In: Benatallah, B. (ed.) First IEEE International Workshop on Electronic Contracts, pp. 62–70. IEEE Press, Los Alamitos (2004)Google Scholar
- 11.Governatori, G., Milosevic, Z., Sadiq, S.: Compliance checking between business processes and business contracts. In: Proceedings of the 10th IEEE Conference on Enterprise Distributed Object Computing (2006)Google Scholar
- 16.Egizi, C.: High cost of compliance, http://www.cioupdate.com/career/article.php/3489431/The-High-Cost-of-Compliance.htm
- 17.Joseph, L., Gyorkos, T.W., Coupal, L.: Bayesian estimation of disease prevalence and the parameters of diagnostic tests in the absence of a gold standard. Am. J. Epidemiol (1995)Google Scholar
- 22.Pooled Prevalence Calculator, http://www.ausvet.com.au/pprev/