On Improving the Maintainability of Compliance Rules for Business Processes

  • Sven Niemand
  • Sven Feja
  • Sören Witt
  • Andreas Speck
Conference paper
Part of the Lecture Notes in Business Information Processing book series (LNBIP, volume 208)


Business process regulatory compliance management (RCM) is ensuring that the business processes of an organization are in accordance with laws and other domain-specific regulations. In order to achieve compliance, various approaches advocate checking process models using formal compliance rules that are derived from regulations. However, this shifts the problem of ensuring compliance to the rules - for example, the derived rules have to be updated in the case that regulations are changed. In this paper we show how existing RCM solutions can be extended with traceability between compliance rules and regulations. Traceability supports the alignment of regulations and rules and thus helps improving the overall maintainability of compliance rules.


Compliance management Business process management Compliance checking Regulations 


  1. 1.
    El Kharbili, M.: Business process regulatory compliance management solution frameworks: a comparative evaluation. In: APCCM 2012, CRPIT, vol. 130, pp. 23–32. ACS (2012)Google Scholar
  2. 2.
    El Kharbili, M., Stein, S., Markovic, I., Pulvermüller, E.: Towards a framework for semantic business process compliance management. In: GRCIS 2008, pp. 1–15 (2008)Google Scholar
  3. 3.
    van der Aalst, W.M.P.: Business process management: a comprehensive survey. ISRN Softw. Eng. 2013, 1–37 (2013)CrossRefGoogle Scholar
  4. 4.
    Sadiq, S., Governatori, G., Namiri, K.: Modeling control objectives for business process compliance. In: Alonso, G., Dadam, P., Rosemann, M. (eds.) BPM 2007. LNCS, vol. 4714, pp. 149–164. Springer, Heidelberg (2007) CrossRefGoogle Scholar
  5. 5.
    Feja, S., Witt, S., Speck, A.: BAM: A requirements validation and verification framework for business process models. In: QSIC 2011, pp. 186–191. IEEE (2011)Google Scholar
  6. 6.
    Elgammal, A., Turetken, O., van den Heuvel, W., Papazoglou, M.: Formalizing and Appling [SIC] Compliance Patterns For Business Process Compliance. Software & Systems Modeling. Springer, Berlin (2014) Google Scholar
  7. 7.
    Awad, A., Decker, G., Weske, M.: Efficient compliance checking using BPMN-Q and temporal logic. In: Dumas, M., Reichert, M., Shan, M.-C. (eds.) BPM 2008. LNCS, vol. 5240, pp. 326–341. Springer, Heidelberg (2008) CrossRefGoogle Scholar
  8. 8.
    Sadiq, S., Governatori, G.: Managing regulatory compliance in business processes. In: vom Brocke, J., Rosemann, M. (eds.) Handbook on Business Process Management 2, pp. 265–288. Springer, Berlin (2015)Google Scholar
  9. 9.
    Ly, L.T., Knuplesch, D., Rinderle-Ma, S., Göser, K., Pfeifer, H., Reichert, M., Dadam, P.: SeaFlows toolset – compliance verification made easy for process-aware information systems. In: Soffer, P., Proper, E. (eds.) CAiSE Forum 2010. LNBIP, vol. 72, pp. 76–91. Springer, Heidelberg (2011) CrossRefGoogle Scholar
  10. 10.
    Schimikowski, P.: Versicherungsvertragsrecht. C.H. Beck, München (2014) Google Scholar
  11. 11.
    Chinosi, M., Trombetta, A.: BPMN: an introduction to the standard. In: Computer Standards & Interfaces, pp. 124–134 (2012)Google Scholar
  12. 12.
    Feja, S., Fötsch, D.: Model checking with graphical validation rules. In: ECBS 2008, pp. 117–125. IEEE Computer Society Press, Washington (2008)Google Scholar
  13. 13.
    Ramezani, E., Fahland, D., van der Werf, J.M., Mattheis, P.: Separating compliance management and business process management. In: Daniel, F., Barkaoui, K., Dustdar, S. (eds.) BPM Workshops 2011, Part II. LNBIP, vol. 100, pp. 459–464. Springer, Heidelberg (2012) CrossRefGoogle Scholar
  14. 14.
    Syed Abdullah, N., Sadiq, S., Indulska, M.: Emerging challenges in information systems research for regulatory compliance management. In: Pernici, B. (ed.) CAiSE 2010. LNCS, vol. 6051, pp. 251–265. Springer, Heidelberg (2010) CrossRefGoogle Scholar
  15. 15.
    Fellmann, M., Zasada, A.: State-of-the-art of business process compliance approaches: a survey. In: ECIS 2014 (2014)Google Scholar
  16. 16.
    Rudzajs, P., Buksa, I.: Business process and regulations: approach to linkage and change management. In: Grabis, J., Kirikova, M. (eds.) BIR 2011. LNBIP, vol. 90, pp. 96–109. Springer, Heidelberg (2011) CrossRefGoogle Scholar
  17. 17.
    Olbrich, S., Simon, C.: Process modelling towards e-Government – visualisation and semantic modelling of legal regulations as executable process sets. Electron. J. e-Gov. 6, 43–54 (2008)Google Scholar
  18. 18.
    Ciaghi, A., Mattioli, A., Villafiorita, A.: A tool supported methodology for BPR in public administrations. Int. J. Electron. Gov. 3–2, 148–169 (2010)CrossRefGoogle Scholar

Copyright information

© Springer International Publishing Switzerland 2015

Authors and Affiliations

  • Sven Niemand
    • 1
  • Sven Feja
    • 2
  • Sören Witt
    • 2
  • Andreas Speck
    • 2
  1. 1.Provinzial Nord Brandkasse AGKielGermany
  2. 2.Institut für InformatikChristian-Albrechts-Universität zu KielKielGermany

Personalised recommendations