Modeling the Organizational Regulatory Space: A Joint Design Approach

  • João Barata
  • Paulo Rupino da Cunha
Part of the Lecture Notes in Business Information Processing book series (LNBIP, volume 165)

Abstract

We present an approach for the joint design of organizational regulatory spaces (ORS). The approach was validated through action research, integrating the components of context, people, process, information, and IT. The design of the ORS is usually performed by distinct teams, with unconnected viewpoints, using different vocabularies and tools. Similarly to information systems, there are business experts that define the regulatory goals and rules. The ORS modeling is problematic, and is fragmented. We have adopted the O2 framework to provide a common level of abstraction for the design. The result is a comprehensive and layered map of the ORS. This approach has proved to offer an effective representation of the ORS for external auditors and business associations. Internally, we provide organizations with new ways to model, communicate, and improve the regulatory space.

Keywords

Information system design regulation compliance organizational regulatory space O2 framework 

References

  1. 1.
    Hancher, L., Moran, M.: Organizing regulatory space. In: Hancher, L., Moran, M. (eds.) Capitalism, Culture and Regulation, p. 299. Clarendon Press (1989)Google Scholar
  2. 2.
    Parker, C.: Reinventing Regulation within the Corporation: Compliance-Oriented Regulatory Innovation. Administration & Society 32, 529–565 (2000)CrossRefGoogle Scholar
  3. 3.
    Curtis, B., Krasner, H., Iscoe, N.: A field study of the software design process for large systems. Communications of the ACM 31, 1268–1287 (1988)CrossRefGoogle Scholar
  4. 4.
    Baxter, G., Sommerville, I.: Socio-technical systems: From design methods to systems engineering. Interacting with Computers 23, 4–17 (2011)CrossRefGoogle Scholar
  5. 5.
    Zairi, M.: Business process management: a boundaryless approach to modern competitiveness. Business Process Management Journal 3, 64–80 (1997)CrossRefGoogle Scholar
  6. 6.
    Iden, J.: Investigating process management in firms with quality systems: a multi-case study. Business Process Management Journal 18, 104–121 (2012)CrossRefGoogle Scholar
  7. 7.
    Syed Abdullah, N., Sadiq, S., Indulska, M.: A Compliance Management Ontology: Developing Shared Understanding through Models. In: Ralyté, J., Franch, X., Brinkkemper, S., Wrycza, S. (eds.) CAiSE 2012. LNCS, vol. 7328, pp. 429–444. Springer, Heidelberg (2012)CrossRefGoogle Scholar
  8. 8.
    Abdullah, N.S., Sadiq, S., Indulska, M.: Information systems research: Aligning to industry challenges in management of regulatory compliance. In: Proc. PACIS (2010)Google Scholar
  9. 9.
    Syed Abdullah, N., Sadiq, S., Indulska, M.: Emerging Challenges in Information Systems Research for Regulatory Compliance Management. In: Pernici, B. (ed.) CAiSE 2010. LNCS, vol. 6051, pp. 251–265. Springer, Heidelberg (2010)CrossRefGoogle Scholar
  10. 10.
    Kharbili, M.: Business process regulatory compliance management solution frameworks: A comparative evaluation. In: Proc. APCCM (2012)Google Scholar
  11. 11.
    Shearing, C.: A Constitutive Conception of Regulation. In: Grabosky, P., Braithwaite, J. (eds.) Business Regulation and Australia’s Future, pp. 67–79. A. Inst. Criminology (1993)Google Scholar
  12. 12.
    Jørgensen, T.H., Remmen, A., Mellado, M.D.: Integrated management systems – three different levels of integration. Journal of Cleaner Production 14, 713–722 (2006)CrossRefGoogle Scholar
  13. 13.
    Laudon, J., Laudon, K.: Management Information Systems: Managing the Digital Firm, 10th edn. Prentice Hall (2007)Google Scholar
  14. 14.
    Araujo, B., Schmitz, E., Correa, A., Alencar, A.: A method for validating the compliance of business processes to business rules. In: Proc. ACM Symposium on Applied Computing (2010)Google Scholar
  15. 15.
    Sadiq, S., Governatori, G.: Managing Regulatory Compliance in Business Processes. In: Vom Brocke, J., Rosemann, M. (eds.) Handbook of Business Process Management 2, pp. 157–173. Springer (2010)Google Scholar
  16. 16.
    Tran, H., Zdun, U., Holmes, T., Oberortner, E., Mulo, E., Dustdar, S.: Compliance in service-oriented architectures: A model-driven and view-based approach. Information and Software Technology 54, 531–552 (2012)CrossRefGoogle Scholar
  17. 17.
    Ingolfo, S., Siena, A., Mylopoulos, J.: Establishing regulatory compliance for software requirements. In: Jeusfeld, M., Delcambre, L., Ling, T.-W. (eds.) ER 2011. LNCS, vol. 6998, pp. 47–61. Springer, Heidelberg (2011)CrossRefGoogle Scholar
  18. 18.
    Ghanavati, S., Amyot, D., Peyton, L., Siena, A., Perini, A., Susi, A.: Integrating business strategies with requirement models of legal compliance. International Journal of Electronic Business 8, 260–280 (2010)CrossRefGoogle Scholar
  19. 19.
    Sangkyun, K.: Auditing methodology on legal compliance of enterprise information systems. International Journal of Technology Management 54, 270–287 (2011)CrossRefGoogle Scholar
  20. 20.
    Julisch, K., Suter, C., Woitalla, T., Zimmermann, O.: Compliance by design – Bridging the chasm between auditors and IT architects. Computers & Security 30, 410–426 (2011)CrossRefGoogle Scholar
  21. 21.
    Bonazzi, R., Hussami, L., Pigneur, Y.: Compliance management is becoming a major issue in IS design. In: D’Atri, A., Saccà, D. (eds.) Information Systems: People, Organizations, Institutions, and Technologies, pp. 391–398. Springer (2010)Google Scholar
  22. 22.
    Handel, M.J., Poltrock, S.: Working around official applications. In: Proc. CSCW (2011)Google Scholar
  23. 23.
    Zhang, P., Scialdone, M., Ku, M.-C.: IT Artifacts and The State of IS Research. In: Proc. ICIS (2011)Google Scholar
  24. 24.
    Avison, D., Wood-Harper, A.T., Vidgen, R.T., Wood, J.R.G.: A further exploration into information systems development: the evolution of Multiview2. Information Technology People 11, 124–139 (1998)CrossRefGoogle Scholar
  25. 25.
    Kautz, K., Madsen, S., Nørbjerg, J.: Persistent problems and practices in information systems development. Information Systems Journal 17, 217–239 (2007)CrossRefGoogle Scholar
  26. 26.
    Sommerville, I., Sawyer, P.: Viewpoints: principles, problems and a practical approach to requirements engineering. Annals of Software Engineering 3, 101–130 (1997)CrossRefGoogle Scholar
  27. 27.
    Barata, J., Cunha, P.R.: ISO2: A New Breath for the Joint Development of IS and ISO 9001 Management Systems. In: Proc. ISD (2013)Google Scholar
  28. 28.
    Hult, M., Lennung, S.-Å.: Towards a definition of action research: a note and bibliography. Journal of Management Studies 17, 241–250 (1980)CrossRefGoogle Scholar
  29. 29.
    Susman, G.I., Evered, R.D.: An Assessment of the Scientific Merits of Action Research. Administrative Science Quarterly 23, 582–603 (1978)CrossRefGoogle Scholar
  30. 30.
    Davison, R., Martinsons, M.G., Kock, N.: Principles of canonical action research. Information Systems Journal 14, 65–86 (2004)CrossRefGoogle Scholar
  31. 31.
    Perry, M., Sanderson, D.: Coordinating joint design work: the role of communication and artefacts. Design Studies 19, 273–288 (1998)CrossRefGoogle Scholar
  32. 32.
    Myers, M.D., Newman, M.: The qualitative interview in IS research: Examining the craft. Information and Organization 17, 2–26 (2007)CrossRefGoogle Scholar
  33. 33.
    Van Fenema, P., Pentland, B., Kumar, K.: Paradigm Shifts in Coordination Theory Introduction. Academy of Management Annual Meeting (2004)Google Scholar
  34. 34.
    Businska, L., Kirikova, M., Penicina, L., Buksa, I., Rudzajs, P.: Enterprise Modeling for Respecting Regulations. In: Proc. PoEM (2012)Google Scholar
  35. 35.
    Branco, M.C., Xiong, Y., Czarnecki, K., Küster, J., Völzer, H.: A case study on consistency management of business and IT process models in banking. Software & Systems Modeling (in press, 2013)Google Scholar
  36. 36.
    Holmes, K.J., Graham, J.A., McKone, T., Whipple, C.: Regulatory models and the environment: practice, pitfalls, and prospects. Risk Analysis 29, 159–170 (2009)CrossRefGoogle Scholar

Copyright information

© IFIP International Federation for Information Processing 2013

Authors and Affiliations

  • João Barata
    • 1
    • 2
  • Paulo Rupino da Cunha
    • 2
  1. 1.CTCVCoimbraPortugal
  2. 2.CISUC, Department of Informatics EngineeringUniversity of CoimbraCoimbraPortugal

Personalised recommendations