Towards Compliance of Cross-Organizational Processes and Their Changes

Research Challenges and State of Research
  • David Knuplesch
  • Manfred Reichert
  • Jürgen Mangler
  • Stefanie Rinderle-Ma
  • Walid Fdhila
Part of the Lecture Notes in Business Information Processing book series (LNBIP, volume 132)


Businesses require the ability to rapidly implement new processes and to quickly adapt existing ones to environmental changes including the optimization of their interactions with partners and customers. However, changes of either intra- or cross-organizational processes must not be done in an uncontrolled manner. In particular, processes are increasingly subject to compliance rules that usually stem from security constraints, corporate guidelines, standards, and laws. These compliance rules have to be considered when modeling business processes and changing existing ones. While change and compliance have been extensively discussed for intra-organizational business processes, albeit only in an isolated manner, their combination in the context of cross-organizational processes remains an open issue. In this paper, we discuss requirements and challenges to be tackled in order to ensure that changes of cross-organizational business processes preserve compliance with imposed regulations, standards and laws.


Business Process Process Instance Public Process Compliance Check Private Process 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Mutschler, B., Reichert, M., Bumiller, J.: Unleashing the effectiveness of process-oriented information systems: Problem analysis, critical success factors, and implications. IEEE Trans on Sys. Man and Cybernetics, Part C 38(3), 280–291 (2008)CrossRefGoogle Scholar
  2. 2.
    Weske, M.: Workflow management systems: Formal foundation, conceptual design, implementation aspects. Springer (2007)Google Scholar
  3. 3.
    Reichert, M., Weber, B.: Enabling Flexibility in Process-Aware Information Systems. Springer (2012)Google Scholar
  4. 4.
    Alonso, G., et al.: Web Services. Springer (2004)Google Scholar
  5. 5.
    Dustdar, S.: Caramba - a process-aware collaboration system supporting ad hoc and collaborative processes in virtual teams. Dist. & Parall Datab. 15(1), 45–66 (2004)zbMATHCrossRefGoogle Scholar
  6. 6.
    Ghose, A.K., Koliadis, G.: Auditing Business Process Compliance. In: Krämer, B.J., Lin, K.-J., Narasimhan, P. (eds.) ICSOC 2007. LNCS, vol. 4749, pp. 169–180. Springer, Heidelberg (2007)CrossRefGoogle Scholar
  7. 7.
    Liu, Y., Müller, S., Xu, K.: A static compliance-checking framework for business process models. IBM Systems Journal 46(2), 261–335 (2007)CrossRefGoogle Scholar
  8. 8.
    Awad, A., Decker, G., Weske, M.: Efficient Compliance Checking Using BPMN-Q and Temporal Logic. In: Dumas, M., Reichert, M., Shan, M.-C. (eds.) BPM 2008. LNCS, vol. 5240, pp. 326–341. Springer, Heidelberg (2008)CrossRefGoogle Scholar
  9. 9.
    Kokash, N., Krause, C., de Vink, E.: Time and data aware analysis of graphical service models. In: SEFM 2010 (2010)Google Scholar
  10. 10.
    Zaha, J.M., Barros, A., Dumas, M., ter Hofstede, A.: Let’s Dance: A Language for Service Behavior Modeling. In: Meersman, R., Tari, Z. (eds.) OTM 2006. LNCS, vol. 4275, pp. 145–162. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  11. 11.
    Decker, G., Weske, M.: Interaction-centric modeling of process choreographies. Inf. Sys. 35(8) (2010)Google Scholar
  12. 12.
    Barros, A., Dumas, M., ter Hofstede, A.: Service Interaction Patterns. In: van der Aalst, W.M.P., Benatallah, B., Casati, F., Curbera, F. (eds.) BPM 2005. LNCS, vol. 3649, pp. 302–318. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  13. 13.
    Liu, D.R., Shen, M.: Business-to-business workflow interoperation based on process-views. Decision Support Sys. 38(3), 399–419 (2004)CrossRefGoogle Scholar
  14. 14.
    Maamar, Z., Benslimane, D., Ghedira, C., Mrissa, M.: Views in composite web services. IEEE Internet Comp. 9(4), 52–57 (2005)Google Scholar
  15. 15.
    van der Aalst, W.M.P.: Inheritance of interorganizational workflows to enable Business-to-Business E-Commerce. Elec. Com. Research 2(3), 195–231 (2002)zbMATHCrossRefGoogle Scholar
  16. 16.
    Martens, A.: Consistency between executable and abstract processes. In: EEE 2005, pp. 60–67 (2005)Google Scholar
  17. 17.
    Decker, G., Weske, M.: Behavioral Consistency for B2B Process Integration. In: Krogstie, J., Opdahl, A.L., Sindre, G. (eds.) CAiSE 2007. LNCS, vol. 4495, pp. 81–95. Springer, Heidelberg (2007)CrossRefGoogle Scholar
  18. 18.
    van der Aalst, W.M.P., et al.: Multiparty contracts: Agreeing and implementing interorganizational processes. The Comp. Journal 53(1), 90–106 (2010)CrossRefGoogle Scholar
  19. 19.
    Tata, S., et al.: CoopFlow: A Bottom-Up Approach to Workflow Cooperation for Short-Term Virtual Enterprises. IEEE Trans. on Serv. Comp. 1(4), 214–228 (2008)CrossRefGoogle Scholar
  20. 20.
    Governatori, G., Milosevic, Z., Sadiq, S.: Compliance checking between business processes and business contracts. In: EDOC 2006, pp. 221–232 (2006)Google Scholar
  21. 21.
    Rinderle, S., Reichert, M., Dadam, P.: Correctness criteria for dynamic changes in workflow systems – a survey. Data & Knowl. Eng. 50(1), 9–34 (2004)CrossRefGoogle Scholar
  22. 22.
    Weber, B., Sadiq, S., Reichert, M.: Beyond rigidity–dynamic process lifecycle support. Comp. Science-Research and Dev. 23(2), 47–65 (2009)CrossRefGoogle Scholar
  23. 23.
    Reichert, M., Dadam, P.: ADEPTflex – supporting dynamic changes of workflows without losing control. Intelligent Inf. Sys. 10(2), 93–129 (1998)CrossRefGoogle Scholar
  24. 24.
    Sadiq, S., Sadiq, W., Orlowska, M.: A framework for constraint specification and validation in flexible workflows. Inf. Sys. 30(5), 349–378 (2005)CrossRefGoogle Scholar
  25. 25.
    Adams, M., ter Hofstede, A.H.M., Edmond, D., van der Aalst, W.M.P.: Worklets: A Service-Oriented Implementation of Dynamic Flexibility in Workflows. In: Meersman, R., Tari, Z. (eds.) OTM 2006. LNCS, vol. 4275, pp. 291–308. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  26. 26.
    Pesic, M., Schonenberg, H., van der Aalst, W.M.P.: DECLARE: full support for loosely-structured processes. In: EDOC 2007, pp. 287–300 (2007)Google Scholar
  27. 27.
    Reichert, M., Dadam, P., Bauer, T.: Dealing with forward and backward jumps in workflow management systems. Software and Systems Modeling 2(1), 37–58 (2003)CrossRefGoogle Scholar
  28. 28.
    Weber, B., Reichert, M., Rinderle-Ma, S.: Change patterns and change support features - Enhancing flexibility in process-aware information systems. Data & Knowl. Eng. 66(3), 438–466 (2008)CrossRefGoogle Scholar
  29. 29.
    Reichert, M., Rinderle, S., Kreher, U., Dadam, P.: Adaptive process management with ADEPT2. In: ICDE 2005, pp. 1113–1114 (2005)Google Scholar
  30. 30.
    Weber, B., et al.: Providing integrated life cycle support in process-aware information systems. Int. J. Coop. Inf. Sys. 18(1), 115–165 (2009)CrossRefGoogle Scholar
  31. 31.
    Weber, B., Reichert, M., Wild, W., Rinderle, S.: Balancing Flexibility and Security in Adaptive Process Management Systems. In: Meersman, R. (ed.) OTM 2005. LNCS, vol. 3760, pp. 59–76. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  32. 32.
    Casati, F., et al.: Workflow evolution. Data & Knowl. Eng. 24(3), 211–238 (1998)MathSciNetzbMATHCrossRefGoogle Scholar
  33. 33.
    Rinderle, S., Reichert, M., Dadam, P.: Flexible support of team processes by adaptive workflow systems. Dist. & Parall. Datab. 16(1), 91–116 (2004)CrossRefGoogle Scholar
  34. 34.
    Li, C., et al.: The MinAdept clustering approach for discovering reference process models out of process variants. Coop. Inf. Sys. 19(3) (2010)Google Scholar
  35. 35.
    Günther, C.W., Rinderle, S., Reichert, M., van der Aalst, W.: Change Mining in Adaptive Process Management Systems. In: Meersman, R., Tari, Z. (eds.) OTM 2006. LNCS, vol. 4275, pp. 309–326. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  36. 36.
    Reichert, M., Bauer, T.: Supporting Ad-Hoc Changes in Distributed Workflow Management Systems. In: Meersman, R., Tari, Z. (eds.) OTM 2007, Part I. LNCS, vol. 4803, pp. 150–168. Springer, Heidelberg (2007)CrossRefGoogle Scholar
  37. 37.
    Papazoglou, M.: The Challenges of Service Evolution. In: Bellahsène, Z., Léonard, M. (eds.) CAiSE 2008. LNCS, vol. 5074, pp. 1–15. Springer, Heidelberg (2008)CrossRefGoogle Scholar
  38. 38.
    Liske, N., Lohmann, N., Stahl, C., Wolf, K.: Another approach to service instance migration. Service Oriented Computing, 607–621 (2009)Google Scholar
  39. 39.
    Mooij, A., et al.: Constructing replaceable services using operating guidelines and maximal controllers. In: Web Services and Formal Methods, pp. 116–130 (2011)Google Scholar
  40. 40.
    Sadiq, W., Governatori, G., Namiri, K.: Modeling Control Objectives for Business Process Compliance. In: Alonso, G., Dadam, P., Rosemann, M. (eds.) BPM 2007. LNCS, vol. 4714, pp. 149–164. Springer, Heidelberg (2007)CrossRefGoogle Scholar
  41. 41.
    El Kharbili, M., et al.: Business process compliance checking: Current state and future challenges. In: MobIS 2008, pp. 107–113 (2008)Google Scholar
  42. 42.
    Alberti, M., et al.: Expressing and verifying business contracts with abductive logic programming. In: NorMAS 2007, Dagstuhl Seminar Proceedings (2007)Google Scholar
  43. 43.
    Goedertier, S., Vanthienen, J.: Designing Compliant Business Processes with Obligations and Permissions. In: Eder, J., Dustdar, S. (eds.) BPM Workshops 2006. LNCS, vol. 4103, pp. 5–14. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  44. 44.
    Dwyer, M.B., Avrunin, G.S., Corbett, J.C.: Property specification patterns for finite-state verification. In: FMSP 1998 (1998)Google Scholar
  45. 45.
    Ly, L.T., Rinderle-Ma, S., Dadam, P.: Design and Verification of Instantiable Compliance Rule Graphs in Process-Aware Information Systems. In: Pernici, B. (ed.) CAiSE 2010. LNCS, vol. 6051, pp. 9–23. Springer, Heidelberg (2010)CrossRefGoogle Scholar
  46. 46.
    Ly, L.T., et al.: Integration and verification of semantic constraints in adaptive process management systems. Data & Knowl. Eng. 64(1), 3–23 (2008)CrossRefGoogle Scholar
  47. 47.
    Ly, L.T., Rinderle-Ma, S., Göser, K., Dadam, P.: On enabling integrated process compliance with semantic constraints in process management systems - requirements, challenges, solutions. Inf. Sys. Frontiers (2009)Google Scholar
  48. 48.
    Knuplesch, D., Reichert, M.: Ensuring business process compliance along the process life cycle. Technical Report 2011-06, University of Ulm (2011)Google Scholar
  49. 49.
    Knuplesch, D., Ly, L.T., Rinderle-Ma, S., Pfeifer, H., Dadam, P.: On Enabling Data-Aware Compliance Checking of Business Process Models. In: Parsons, J., Saeki, M., Shoval, P., Woo, C., Wand, Y. (eds.) ER 2010. LNCS, vol. 6412, pp. 332–346. Springer, Heidelberg (2010)CrossRefGoogle Scholar
  50. 50.
    Awad, A., Weidlich, M., Weske, M.: Specification, Verification and Explanation of Violation for Data Aware Compliance Rules. In: Baresi, L., Chi, C.-H., Suzuki, J. (eds.) ICSOC-ServiceWave 2009. LNCS, vol. 5900, pp. 500–515. Springer, Heidelberg (2009)CrossRefGoogle Scholar
  51. 51.
    Weber, I., Hoffmann, J., Mendling, J.: Semantic business process validation. In: SBPM 2008 (2008)Google Scholar
  52. 52.
    Alles, M., Kogan, A., Vasarhelyi, M.: Putting continuous auditing theory into practice: Lessons from two pilot implementations. Inf. Sys. 22(2), 195–214 (2008)Google Scholar
  53. 53.
    Namiri, K., Stojanovic, N.: Pattern-Based Design and Validation of Business Process Compliance. In: Meersman, R., Tari, Z. (eds.) OTM 2007, Part I. LNCS, vol. 4803, pp. 59–76. Springer, Heidelberg (2007)CrossRefGoogle Scholar
  54. 54.
    Giblin, C., et al.: From regulatory policies to event monitoring rules: Towards model-driven compliance automation. Technical Report RZ-3662, IBM (2006)Google Scholar
  55. 55.
    Berry, A., Milosevic, Z.: Extending choreography with business contract constraints. Coop. Inf. Sys. 14(2-3), 131–179 (2005)CrossRefGoogle Scholar
  56. 56.
    Ly, L.T., Rinderle-Ma, S., Knuplesch, D., Dadam, P.: Monitoring business process compliance using compliance rule graphs. In: CoopIS 2011, pp. 82–99 (2011)Google Scholar
  57. 57.
    Maggi, F.M., Montali, M., Westergaard, M., van der Aalst, W.M.P.: Monitoring Business Constraints with Linear Temporal Logic: An Approach Based on Colored Automata. In: Rinderle-Ma, S., Toumani, F., Wolf, K. (eds.) BPM 2011. LNCS, vol. 6896, pp. 132–147. Springer, Heidelberg (2011)CrossRefGoogle Scholar
  58. 58.
    van der Aalst, W.M.P., de Beer, H.T., van Dongen, B.F.: Process Mining and Verification of Properties: An Approach Based on Temporal Logic. In: Meersman, R. (ed.) OTM 2005. LNCS, vol. 3760, pp. 130–147. Springer, Heidelberg (2005)CrossRefGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2013

Authors and Affiliations

  • David Knuplesch
    • 1
  • Manfred Reichert
    • 1
  • Jürgen Mangler
    • 2
  • Stefanie Rinderle-Ma
    • 2
  • Walid Fdhila
    • 2
  1. 1.Institute of Databases and Information SystemsUlm UniversityGermany
  2. 2.Faculty of Computer ScienceUniversity of ViennaAustria

Personalised recommendations