Advertisement

Compliance Management in Business Processes

  • Sridevi Saralaya
  • Vishwas Saralaya
  • Rio D’Souza
Chapter
Part of the Lecture Notes on Data Engineering and Communications Technologies book series (LNDECT, volume 21)

Abstract

Business Process Compliance refers to the act of conformance of a business process with policies, regulations and rules that govern the organization. An imperative requirement of business processes in various fields such as Health care, Insurance, Finance and Online Trade is adherence to a large number of compliance requirements, constraints and quality policies from various sources. Lack of compliance may result in huge compensations and loss of customers and reputation. Compliance issues can be handled either retrospectively i.e. after non-complaint situations are observed or they can be handled proactively i.e. anticipation of possibilities leading to non-compliant circumstances during process execution which may prevent occurrence of deviations and thus save upon compensation effects. Hence compliance management tasks need to be incorporated into each phase of the life-cycle of a business process. In this article we discuss contemporary activities related to lifecycle of compliance management in business processes which involve compliance elicitation, compliance formalization, compliance implementation, compliance verification and compliance improvement based on existing literature. Compliance Monitoring Functionalities (CMFs) which may be used to categorize and also assess existing compliance management approaches and frameworks are also discussed.

References

  1. 1.
    Governatori G (2005) Representing business contracts in RuleML. Int J Coop Inf Syst 14(02n03):181–216CrossRefGoogle Scholar
  2. 2.
    Bianco P, Lewis GA, Merson P (2008) Service level agreements in service-oriented architecture environments (No. CMU/SEI-2008-TN-021). Carnegie-Mellon University, Pittsburgh Pa Software Engineering InstituteGoogle Scholar
  3. 3.
    Sadiq S, Governatori G (2010) Managing regulatory compliance in business processes. In: Handbook on business process management, vol 2. Springer, Berlin, Heidelberg, pp 159–175CrossRefGoogle Scholar
  4. 4.
    Hagerty J, Hackbush J, Gaughan D, Jacobson S (2008) The governance, risk management, and compliance spending report, 2008–2009: inside the $32 B GRC Market. AMR Research, Boston, USA, 25 MarGoogle Scholar
  5. 5.
    Becker J, Delfmann P, Eggert M, Schwittay S (2012) Generalizability and applicability of model-based business process compliance-checking approaches—a state-of-the-art analysis and research roadmap. Bus Res 5(2):221–247CrossRefGoogle Scholar
  6. 6.
    Fellmann M, Zasada A (2014) State-of-the-art of business process compliance approaches. In 22st European conference on information systems (ECIS 2014), Tel Aviv, Israel, June 9–11. http://aisel.aisnet.org/ecis2014/proceedings/track06/8
  7. 7.
    Silveira P, Rodríguez C, Birukou A, Casati F, Daniel F, D’Andrea V, Worledge C, Taheri Z (2012) Aiding compliance governance in service-based business processes. In: Handbook of research on service-oriented systems and non-functional properties: future directions. IGI Global, pp 524–548Google Scholar
  8. 8.
    World Health Organization, Special Programme for Research, Training in Tropical Diseases, World Health Organization. Department of Control of Neglected Tropical Diseases, World Health Organization. Epidemic and Pandemic Alert, 2009. Dengue: guidelines for diagnosis, treatment, prevention and control. World Health OrganizationGoogle Scholar
  9. 9.
    Cabanillas Macías C, Resinas Arias de Reyna M, Ruiz Cortés A (2010) Hints on how to face business process compliance. III Taller De Procesos De Negocio E Ingeniería De Servicios, PNIS2010, Valencia, EspañaGoogle Scholar
  10. 10.
    Ramezani E, Fahland D, van der Aalst W (2012) Where did i misbehave? Diagnostic information in compliance checking. Bus Process Manag 262–278Google Scholar
  11. 11.
    Van der Aalst W, Van Hee K, Van der Werf JM, Kumar A, Verdonk M (2011) Conceptual model for online auditing. Decis Support Syst 50(3):636–647CrossRefGoogle Scholar
  12. 12.
    Ramezani E, Fahland D, van der Werf JM, Mattheis P (2011) Separating compliance management and business process management. In: International conference on business process management. Springer, Berlin, Heidelberg, pp 459–464CrossRefGoogle Scholar
  13. 13.
    Saeki M, Kaiya H (2008) Supporting the elicitation of requirements compliant with regulations. In: Advanced information systems engineering. Springer, Berlin, Heidelberg, pp 228–242Google Scholar
  14. 14.
    Davis J (2009) Open source SOA. Manning Publications CoGoogle Scholar
  15. 15.
    Steinke G, Nickolette C (2003) Business rules as the basis of an organization’s information systems. Ind Manag Data Syst 103(1):52–63CrossRefGoogle Scholar
  16. 16.
    Graham I (2007) Business rules management and service oriented architecture: a pattern language. WileyGoogle Scholar
  17. 17.
    Alberti M, Chesani F, Gavanelli M, Lamma E, Mello P, Montali M, Torroni P (2008) Expressing and verifying business contracts with abductive logic programming. Int J Electron Commer 12(4):9–38CrossRefGoogle Scholar
  18. 18.
    Awad A, Decker G, Weske M (2008) Efficient compliance checking using BPMN-Q and temporal logic. In: BPM, vol 8, pp 326–341Google Scholar
  19. 19.
    Ghose A, Koliadis G (2007) Auditing business process compliance. In: Service-oriented computing (ICSOC 2007), pp 169–180Google Scholar
  20. 20.
    Governatori G, Sadiq S (2008) The journey to business process complianceGoogle Scholar
  21. 21.
    Hashmi M, Governatori G, Wynn MT (2016) Normative requirements for regulatory compliance: an abstract formal framework. Inf Syst Front 18(3):429–455CrossRefGoogle Scholar
  22. 22.
    Mulo E, Zdun U, Dustdar S (2009) Monitoring web service event trails for business compliance. In: 2009 IEEE international conference on service-oriented computing and applications (SOCA). IEEE, pp 1–8Google Scholar
  23. 23.
    Zhang P, Leung H, Li W, Li X (2013) Web services property sequence chart monitor: a tool chain for monitoring BPEL-based web service composition with scenario-based specifications. IET Softw 7(4):222–248CrossRefGoogle Scholar
  24. 24.
    Zur Muehlen M, Indulska M, Kamp G (2007) Business process and business rule modeling languages for compliance management: a representational analysis. In: Tutorials, posters, panels and industrial contributions at the 26th international conference on conceptual modeling, vol 83. Australian Computer Society, Inc, pp 127–132Google Scholar
  25. 25.
    Wagner G (2005) Rule modeling and markup. In: Reasoning web. Springer, Berlin, Heidelberg, pp 251–274CrossRefGoogle Scholar
  26. 26.
    Elgammal A, Turetken O, van den Heuvel WJ, Papazoglou M (2016) Formalizing and appling compliance patterns for business process compliance. Softw Syst Model 15(1):119–146CrossRefGoogle Scholar
  27. 27.
    Saralaya S, D’Souza R, Saralaya V (in press) An event-driven dynamic cross-layer business process compliance monitoring and analysis framework. Int J Bus Inf Syst. http://www.inderscience.com/info/ingeneral/forthcoming.php?jcode=ijbis
  28. 28.
    Dwyer MB, Avrunin GS, Corbett JC (1998) Property specification patterns for finite-state verification. In: Proceedings of the second workshop on formal methods in software practice. ACM, pp 7–15Google Scholar
  29. 29.
    Turetken O, Elgammal A, Van den Heuvel W, Papazoglou M (2012) Capturing compliance requirements: a pattern-based approach. IEEE Softw 29(3):28–36CrossRefGoogle Scholar
  30. 30.
    Cabanillas Macías C, Resinas Arias de Reyna M, Ruiz Cortés A (2010) On the identification of data-related compliance problems in business processes. Vi Jornadas Científico-Técnicas En Servicios Web Y Soa, JSWEB 2010, Valencia, SpainGoogle Scholar
  31. 31.
    Knuplesch D, Ly LT, Rinderle-Ma S, Pfeifer H, Dadam P (2010) On enabling data-aware compliance checking of business process models. ER 10:332–346Google Scholar
  32. 32.
    Hashmi M, Governatori G, Wynn MT (2012) Business process data compliance. In: International workshop on rules and rule markup languages for the semantic web. Springer, Berlin, Heidelberg, pp 32–46CrossRefGoogle Scholar
  33. 33.
    Gómez-López MT, Gasca RM, Pérez-Álvarez JM (2015) Compliance validation and diagnosis of business data constraints in business processes at runtime. Inf Syst 48:26–43CrossRefGoogle Scholar
  34. 34.
    Schleicher D, Fehling C, Grohe S, Leymann F, Nowak A, Schneider P, Schumm D (2011) Compliance domains: a means to model data-restrictions in cloud environments. In: 2011 15th IEEE international enterprise distributed object computing conference (EDOC). IEEE, pp 257–266Google Scholar
  35. 35.
    Palmirani M, Governatori G, Contissa G (2011) Modelling temporal legal rules. In: Proceedings of the 13th international conference on artificial intelligence and law. ACM, pp 131–135Google Scholar
  36. 36.
    Barbon F, Traverso P, Pistore M, Trainotti M (2006) Run-time monitoring of instances and classes of web service compositions. In: International conference on web services, 2006 (ICWS’06). IEEE, pp 63–71Google Scholar
  37. 37.
    Li B, Ji S, Liao L, Qiu D, Sun M (2013) Monitoring web services for conformance. In: 2013 IEEE 7th international symposium on service oriented system engineering (SOSE). IEEE, pp 92–102Google Scholar
  38. 38.
    Governatori G, Hulstijn J, Riveret R, Rotolo A (2007) Characterising deadlines in temporal modal defeasible logicGoogle Scholar
  39. 39.
    Kumar A, Barton RR (2017) Controlled violation of temporal process constraints–models, algorithms and results. Inf Syst 64:410–424CrossRefGoogle Scholar
  40. 40.
    Cabanillas C, Resinas M, Ruiz-Cortés A (2011) Defining and analysing resource assignments in business processes with ral. In: International conference on service-oriented computing. Springer, Berlin, Heidelberg, pp 477–486CrossRefGoogle Scholar
  41. 41.
    Nakatumba J (2013) Resource-aware business process management: analysis and support. PhD thesis, Eindhoven University of Technology.  https://doi.org/10.6100/ir760115
  42. 42.
    Weidlich M, Ziekow H, Mendling J, Günther O, Weske M, Desai N (2011) Event-based monitoring of process execution violations. In: BPM, vol 11, pp 182–198Google Scholar
  43. 43.
    Popova V, Sharpanskykh A (2010) Modeling organizational performance indicators. Inf Syst 35(4):505–527CrossRefGoogle Scholar
  44. 44.
    Shahin A, Mahbod MA (2007) Prioritization of key performance indicators: an integration of analytical hierarchy process and goal setting. Int J Product Perform Manag 56(3):226–240CrossRefGoogle Scholar
  45. 45.
    Frankland J (2008) IT security metrics: implementation and standards compliance. Netw Secur 2008(6):6–9CrossRefGoogle Scholar
  46. 46.
    Chen C, Li L, Wei J (2007) AOP based trustable SLA compliance monitoring for web services. In  Seventh international conference on quality software, 2007 (QSIC’07). IEEE, pp 225–230Google Scholar
  47. 47.
    Mayerl C, Huner KM, Gaspar JU, Momm C, Abeck S (2007) Definition of metric dependencies for monitoring the impact of quality of services on quality of processes. In: 2nd IEEE/IFIP international workshop on  business-driven IT management, 2007 (BDIM’07). IEEE, pp 1–10Google Scholar
  48. 48.
    Hershey P, Runyon D, Wang Y (2007) Metrics for end-to-end monitoring and management of enterprise systems. In: Military communications conference, 2007 (MILCOM 2007). IEEE, pp 1–7Google Scholar
  49. 49.
    Pedrinaci C, Domingue J (2009) Ontology-based metrics computation for business process analysis. In: Proceedings of the 4th international workshop on semantic business process management. ACM, pp 43–50Google Scholar
  50. 50.
    Leitner P, Inzinger C, Hummer W, Satzger B, Dustdar S (2012) Application-level performance monitoring of cloud services based on the complex event processing paradigm. In: 2012 5th IEEE international conference on service-oriented computing and applications (SOCA). IEEE, pp 1–8Google Scholar
  51. 51.
    Sarwar A, Boland G, Monks A, Kruskal JB (2015) Metrics for radiologists in the era of value-based health care delivery. Radiographics 35(3):866–876CrossRefGoogle Scholar
  52. 52.
    Saralaya S, D’Souza R, Saralaya V (2016) Metrics for monitoring a hierarchical service-based system. Int J Appl Eng Res 11(6):3897–3904Google Scholar
  53. 53.
    Giblin C, Liu AY, Müller S, Pfitzmann B, Zhou X (2005) Regulations expressed as logical models (REALM). In: JURIX, pp 37–48Google Scholar
  54. 54.
    Hashmi M, Governatori G, Wynn MT (2014) Modeling obligations with event-calculus. In: International workshop on rules and rule markup languages for the semantic web. Springer, Cham, pp 296–310CrossRefGoogle Scholar
  55. 55.
    Kowalski R, Sergot M (1989) A logic-based calculus of events. In: Foundations of knowledge base management. Springer, Berlin, Heidelberg, pp 23–55Google Scholar
  56. 56.
    Spanoudakis G, Mahbub K (2006) Non-intrusive monitoring of service-based systems. Int J Coop Inf Syst 15(03):325–358CrossRefGoogle Scholar
  57. 57.
    Elgammal A, Turetken O, van den Heuvel WJ, Papazoglou M (2010a) On the formal specification of regulatory compliance: a comparative analysis. In: International conference on service-oriented computing. Springer, Berlin, Heidelberg, pp 27–38CrossRefGoogle Scholar
  58. 58.
    Hinman PG (2007) Fundamentals of mathematical logicGoogle Scholar
  59. 59.
    Governatori G, Hashmi M (2015) No time for compliance. In: 2015 IEEE 19th international enterprise distributed object computing conference (EDOC). IEEE, pp 9–18Google Scholar
  60. 60.
    Governatori G, Shek S (2012) Rule based business process compliance. In: RuleML (2)Google Scholar
  61. 61.
    Awad A (2007) BPMN-Q: a language to query business processes. In: EMISA, vol 119, pp 115–128Google Scholar
  62. 62.
    Van Der Aalst WM, Pesic M (2006) DecSerFlow: towards a truly declarative service flow language. In: International workshop on web services and formal methods. Springer, Berlin, Heidelberg, pp 1–23Google Scholar
  63. 63.
    Chesani F, Mello P, Montali M, Storari S (2007) Testing careflow process execution conformance by translating a graphical language to computational logic. In: AIME, vol 4594, pp 479–488Google Scholar
  64. 64.
    Khaluf L, Gerth C, Engels G (2011) Pattern-based modeling and formalizing of business process quality constraints. In: Advanced information systems engineering. Springer, Berlin, Heidelberg, pp 521–535CrossRefGoogle Scholar
  65. 65.
    Governatori G, Milosevic Z, Sadiq S (2006) Compliance checking between business processes and business contracts. In: 10th IEEE international enterprise distributed object computing conference, 2006 (EDOC’06). IEEE, pp 221–232Google Scholar
  66. 66.
    Meidan A, García-García JA, Escalona MJ, Ramos I (2017) A survey on business processes management suites. Comput Stand Interfaces 51:71–86CrossRefGoogle Scholar
  67. 67.
    Dijkman RM, Dumas M, Ouyang C (2008) Semantics and analysis of business process models in BPMN. Inf Softw Technol 50(12):1281–1294CrossRefGoogle Scholar
  68. 68.
    Ouyang C, Dumas M, Breutel S, ter Hofstede A (2006) Translating standard process models to BPEL. In: International conference on advanced information systems engineering. Springer, Berlin, Heidelberg, pp 417–432CrossRefGoogle Scholar
  69. 69.
    Ramezani E (2017) Understanding non-compliance. PhD thesis, Eindhoven University of Technology. https://pure.tue.nl/ws/files/52365079/20170116_Ramezani_Taghiabadi.pdf
  70. 70.
    Koehler J (2011) The process-rule continuum-Can bpmn & sbvr cope with the challenge?. In 2011 IEEE 13th Conference on Commerce and Enterprise Computing (CEC), pp. 302–309. IEEE, 2011Google Scholar
  71. 71.
    Boella G, Janssen M, Hulstijn J, Humphreys L, Van Der Torre L (2013) Managing legal interpretation in regulatory compliance. In: Proceedings of the fourteenth international conference on artificial intelligence and law. ACM, pp 23–32Google Scholar
  72. 72.
    Holzmann GJ (1997) The model checker SPIN. IEEE Trans Softw Eng 23(5):279–295CrossRefGoogle Scholar
  73. 73.
    Holzmann G (2003) Spin model checker, the: primer and reference manual. Addison-Wesley ProfessionalGoogle Scholar
  74. 74.
    Halle S, Villemaire R, Cherkaoui O (2009) Specifying and validating data-aware temporal web service properties. IEEE Trans Softw Eng 35(5):669–683CrossRefGoogle Scholar
  75. 75.
    Eshuis R (2006) Symbolic model checking of UML activity diagrams. ACM Trans Softw Eng and Methodol (TOSEM) 15(1):1–38CrossRefGoogle Scholar
  76. 76.
    Wang HJ, Zhao JL (2011) Constraint-centric workflow change analytics. Decis Support Syst 51(3):562–575CrossRefGoogle Scholar
  77. 77.
    Abouzaid F, Mullins J (2008) A calculus for generation, verification and refinement of BPEL specifications. Electronic Notes in Theoretical Computer Science 200(3):43–65CrossRefGoogle Scholar
  78. 78.
    Awad A, Goré R, Thomson J, Weidlich M (2011) An iterative approach for business process template synthesis from compliance rules. In: Advanced information systems engineering. Springer, Berlin, Heidelberg, pp 406–421CrossRefGoogle Scholar
  79. 79.
    Yu J, Han YB, Han J, Jin Y, Falcarin P, Morisio M (2008) Synthesizing service composition models on the basis of temporal business rules. J Comput Sci Technol 23(6):885–894CrossRefGoogle Scholar
  80. 80.
    Luckham D (2002) The power of events, vol 204. Addison-Wesley, ReadingGoogle Scholar
  81. 81.
    Asim M, Llewellyn-Jones D, Lempereur B, Zhou B, Shi Q, Merabti M (2013) Event driven monitoring of composite services. In: 2013 international conference on social computing (SocialCom). IEEE, pp 550–557Google Scholar
  82. 82.
    Thullner R, Rozsnyai S, Schiefer J, Obweger H, Suntinger M (2011) Proactive business process compliance monitoring with event-based systems. In: 2011 15th IEEE international enterprise distributed object computing conference workshops (EDOCW). IEEE, pp 429–437Google Scholar
  83. 83.
    Barnawi A, Awad A, Elgammal A, Elshawi R, Almalaise A, Sakr S (2016) An anti-pattern-based runtime business process compliance monitoring framework. Int J Adv Comput Sci Appl 7(2)Google Scholar
  84. 84.
    Zahoor E, Perrin O, Godart C (2011) An event-based reasoning approach to web services monitoring. In: 2011 IEEE international conference on web services (ICWS). IEEE, pp 628–635Google Scholar
  85. 85.
    Baresi L, Guinea S (2011) Self-supervising BPEL processes. IEEE Trans Softw Eng 37(2):247–263CrossRefGoogle Scholar
  86. 86.
    Kallel S, Charfi A, Dinkelaker T, Mezini M, Jmaiel M (2009) Specifying and monitoring temporal properties in web services compositions. In: Seventh IEEE European conference on web services, 2009 (ECOWS’09). IEEE, pp 148–157Google Scholar
  87. 87.
    Moser O, Rosenberg F, Dustdar S (2008) Non-intrusive monitoring and service adaptation for WS-BPEL. In: Proceedings of the 17th international conference on world wide web. ACM, pp 815–824Google Scholar
  88. 88.
    Saralaya S, D’Souza R, Saralaya V (2015) Cross layer property verification with property sequence charts. In: 2015 international conference on soft-computing and networks security (ICSNS). IEEE, pp 1–7Google Scholar
  89. 89.
    Sadiq S, Governatori G, Namiri K (2007) Modeling control objectives for business process compliance. Bus Process Manag 149–164Google Scholar
  90. 90.
    Julisch K, Suter C, Woitalla T, Zimmermann O (2011) Compliance by design–bridging the chasm between auditors and IT architects. Comput Secur 30(6):410–426CrossRefGoogle Scholar
  91. 91.
    Sackmann S, Kähmer M, Gilliot M, Lowis L (2008) A classification model for automating compliance. In: 2008 10th IEEE conference on e-commerce technology and the fifth IEEE conference on enterprise computing, e-commerce and e-services. IEEE, pp 79–86Google Scholar
  92. 92.
    Schumm D, Turetken O, Kokash N, Elgammal A, Leymann F, Van Den Heuvel WJ (2010) Business process compliance through reusable units of compliant processes. In: International conference on web engineering. Springer, Berlin, Heidelberg, pp 325–337CrossRefGoogle Scholar
  93. 93.
    Goedertier S, Vanthienen J (2006) Designing compliant business processes with obligations and permissions. In: Business process management workshops. Springer, Berlin, Heidelberg, pp 5–14CrossRefGoogle Scholar
  94. 94.
    Rozinat A, Van der Aalst WM (2008) Conformance checking of processes based on monitoring real behavior. Inf Syst 33(1):64–95CrossRefGoogle Scholar
  95. 95.
    Van der Aalst WM, De Beer HT, van Dongen BF (2005) Process mining and verification of properties: an approach based on temporal logic. In OTM confederated international conferences on the move to meaningful internet systems. Springer, Berlin, Heidelberg, pp 130–147Google Scholar
  96. 96.
    Weber I, Governatori G, Hoffmann J (2008) Approximate compliance checking for annotated process modelsGoogle Scholar
  97. 97.
    Ly LT, Rinderle-Ma S, Göser K, Dadam P (2012) On enabling integrated process compliance with semantic constraints in process management systems. Inf Syst Front 14(2):195–219CrossRefGoogle Scholar
  98. 98.
    Ly LT, Rinderle-Ma S, Knuplesch D, Dadam P (2011) Monitoring business process compliance using compliance rule graphs. In: OTM confederated international conferences on the move to meaningful internet systems. Springer, Berlin, Heidelberg, pp 82–99CrossRefGoogle Scholar
  99. 99.
    Saralaya S, D’Souza R, Saralaya V (in press) Temporal impact analysis and adaptation for service-based systems. Int J Inf Commun Technol. http://www.inderscience.com/info/ingeneral/forthcoming.php?jcode=ijict
  100. 100.
    Rodríguez C, Schleicher D, Daniel F, Casati F, Leymann F, Wagner S (2013) SOA-enabled compliance management: instrumenting, assessing, and analyzing service-based business processes. SOCA 7(4):275–292CrossRefGoogle Scholar
  101. 101.
    Doggett AM (2005) Root cause analysis: a framework for tool selection. Qual Manag J 12(4):34–45CrossRefGoogle Scholar
  102. 102.
    Mdhaffar A, Halima RB, Jmaiel M, Freisleben B (2014) CEP4Cloud: complex event processing for self-healing clouds. In: 2014 IEEE 23rd international WETICE conference (WETICE). IEEE, pp 62–67Google Scholar
  103. 103.
    Mdhaffar A, Rodriguez IB, Charfi K, Abid L, Freisleben B (2017) CEP4HFP: complex event processing for heart failure prediction. IEEE Trans NanoBiosciCrossRefGoogle Scholar
  104. 104.
    Ishikawa K (1982) Guide to quality control (No. TS156. I3713 1994.)Google Scholar
  105. 105.
    Dettmer HW (1997) Goldratt’s theory of constraints: a systems approach to continuous improvement. ASQ Quality PressGoogle Scholar
  106. 106.
    Elgammal A, Turetken O, Van Den Heuvel WJ (2012) Using patterns for the analysis and resolution of compliance violations. Int J Coop Inf Syst 21(01):31–54CrossRefGoogle Scholar
  107. 107.
    Elgammal A, Turetken O, van den Heuvel WJ, Papazoglou M (2010b) Root-cause analysis of design-time compliance violations on the basis of property patterns. In: Service-oriented computing, pp 17–31Google Scholar
  108. 108.
    Taghiabadi ER, Fahland D, van Dongen BF, van der Aalst WM (2013) Diagnostic information for compliance checking of temporal compliance requirements. In: International conference on advanced information systems engineering. Springer, Berlin, Heidelberg, pp 304–320Google Scholar
  109. 109.
    Awad A, Smirnov S, Weske M (2009) Towards resolving compliance violations in business process models. GRCIS. ceur-ws.org
  110. 110.
    Awad A, Weidlich M, Weske M (2009) Specification, verification and explanation of violation for data aware compliance rules. In: Service-oriented computing, pp 500–515CrossRefGoogle Scholar
  111. 111.
    Ismail A, Yan J, Shen J (2013) Incremental service level agreements violation handling with time impact analysis. J Syst Softw 86(6):1530–1544CrossRefGoogle Scholar
  112. 112.
    Angarita R, Cardinale Y, Rukoz M (2014) Reliable composite web services execution: towards a dynamic recovery decision. Electronic Notes in Theoretical Computer Science 302:5–28CrossRefGoogle Scholar
  113. 113.
    Aschoff RR, Zisman A (2012) Proactive adaptation of service composition. In: 2012 ICSE workshop on software engineering for adaptive and self-managing systems (SEAMS). IEEE, pp 1–10Google Scholar
  114. 114.
    Ly LT, Maggi FM, Montali M, Rinderle-Ma S, van der Aalst WM (2013) A framework for the systematic comparison and evaluation of compliance monitoring approaches. In: 2013 17th IEEE international enterprise distributed object computing conference (EDOC). IEEE, pp 7–16Google Scholar
  115. 115.
    Ly LT, Maggi FM, Montali M, Rinderle-Ma S, van der Aalst WM (2015) Compliance monitoring in business processes: functionalities, application, and tool-support. Inf Syst 54:209–234CrossRefGoogle Scholar
  116. 116.
    Maggi FM, Montali M, van der Aalst WM (2012) An operational decision support framework for monitoring business constraints. In: International conference on fundamental approaches to software engineering (FASE), vol 12, pp 146–162CrossRefGoogle Scholar
  117. 117.
    Awad A, Weske M (2009) Visualization of compliance violation in business process models. In: Business process management workshops. Springer, pp 182–193CrossRefGoogle Scholar
  118. 118.
    Abdullah NS, Sadiq S, Indulska M (2010) Information systems research: aligning to industry challenges in management of regulatory compliance. Inf Syst Res 1:1–2010Google Scholar
  119. 119.
    Hashmi M, Governatori G, Lam HP, Wynn MT (2017) Are we done with business process compliance: state of the art and challenges ahead. Knowl Inf Syst 1–55Google Scholar
  120. 120.
    Doughty K (2011) Guest editorial: the three lines of defence related to risk governance. ISACA J 5:6Google Scholar

Copyright information

© Springer International Publishing AG, part of Springer Nature 2019

Authors and Affiliations

  • Sridevi Saralaya
    • 1
  • Vishwas Saralaya
    • 2
  • Rio D’Souza
    • 1
  1. 1.Department of Computer Science & EngineeringSt. Joseph Engineering CollegeVamanjoor, MangaluruIndia
  2. 2.Department of MicrobiologyKasturba Medical College (Manipal Academy of Higher Education)MangaluruIndia

Personalised recommendations