Skip to main content
SpringerLink
Log in
Book cover

Workshop on Enterprise and Organizational Modeling and Simulation

EOMAS 2010: Enterprise and Organizational Modeling and Simulation pp 164–178Cite as

Mal-processes: Explicitly Modelling the Deviant

  • Conference paper

Part of the book series: Lecture Notes in Business Information Processing ((LNBIP,volume 63))

Abstract

Definitions of business processes for the most part suggest that they are a set of interrelated activities with the goal of accomplishing a given task to provide value to the customer of the process. This positive orientation has been reflected in business process modelling methodologies, tools, techniques and even in the reference models and implementation approaches suggested by vendors and implementation partners. Research and industry does not explicitly consider the negative business process scenarios that could result in the accomplishment of undesirable outcomes to the customer and/or owner of the process. In this paper we first motivate the need for explicit consideration of such undesirable processes. We define such processes as mal-processes and proceed to identify some of the key causes of mal-processes in organisational contexts. This discussion is motivated through the identification of potential mal-processes and means through which we could prevent them. We propose extensions to existing business process modelling conventions (ARIS) that would enable us to model mal-processes. The interplay between best practice processes as defined by reference models (e.g. SAP Reference Model) and mal-processes as well as their impact on the implementation of Enterprise Systems (e.g. SAP, Oracle) is discussed in some detail. We conclude the paper by identifying the application and benefits that could accrue from the explicit identification of mal-processes.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. DeMarco, E.: Fraud and Misconduct Expected to Rise. RMA Journal 92 (2009)

    Google Scholar 

  2. Dale, S.: Holistic BPM: From Theory to Reality. In: Alonso, G., Dadam, P., Rosemann, M. (eds.) BPM 2007. LNCS, vol. 4714. Springer, Heidelberg (2007)

    Google Scholar 

  3. Albrecht, S., Albrecht, C., Albrecht, C.: Current Trends in Fraud and its Detection. Information Security Journal: A Global Perspective 17, 2–12 (2008)

    Article  Google Scholar 

  4. Reason, J.: Human Error: Models and Management. BMJ: British Medical Journal 320, 768–770 (2000)

    Article  Google Scholar 

  5. Sindre, G., Opdahl, A.: Eliciting security requirements with misuse cases. Requirements Engineering 10, 34–44 (2005)

    Article  Google Scholar 

  6. Sindre, G.: Mal-Activity Diagrams for Capturing Attacks on Business Processes. In: Sawyer, P., Paech, B., Heymans, P. (eds.) REFSQ 2007. LNCS, vol. 4542, pp. 355–366. Springer, Heidelberg (2007)

    Chapter  Google Scholar 

  7. Neubauer, T., Pehn, M.: Workshop-Based Risk Assessment for the Definition of Secure Business Processes. In: Second International Conference on Information, Process, and Knowledge Management, 2010. eKNOW 2010 (2010)

    Google Scholar 

  8. Backes, M., Pfitzmann, B., Waidner, M.: Security in Business Process Engineering. In: van der Aalst, W.M.P., ter Hofstede, A.H.M., Weske, M. (eds.) BPM 2003. LNCS, vol. 2678, pp. 168–183. Springer, Heidelberg (2003)

    Chapter  Google Scholar 

  9. Krishnan, R., Chari, K.: Model Management: Survey, Future Research Directions and a Bibliography. The Interactive Transactions of OR/MS 3 (2000)

    Google Scholar 

  10. Wright, G., Chaturvedi, A., Mookerjee, R., Garrod, S.: Integrated Modeling Environments in Organizations: An Empirical Study. Info. Sys. Research 9, 64–84 (1998)

    Article  Google Scholar 

  11. Scheer, A.: Business Process Engineering: Reference Models for Industrial Enterprises. Springer, Telos (1998)

    Google Scholar 

  12. Ferstl, O., Sinz, E.: Modeling of Business Systems Using SOM. In: Handbook on Architectures of Information Systems, pp. 347–367 (1998)

    Google Scholar 

  13. Scheer, A.-W., Nüttgens, M.: ARIS Architecture and Reference Models for Business Process Management. In: Business Process Management, pp. 301–304 (2000)

    Google Scholar 

  14. Heidasch, R.: Get ready for the next generation of SAP business applications based on the Enterprise Service-Oriented Architecture (Enterprise SOA). SAP Professional Journal (2007)

    Google Scholar 

  15. Lyytinen, K., Mathiassen, L., Ropponen, J.: Attention Shaping and Software Risk-A Categorical Analysis of Four Classical Risk Management Approaches. Info. Sys. Research 9, 233–255 (1998)

    Article  Google Scholar 

  16. Boehm, B., DeMarco, T.: Software Risk Management. IEEE Software 14, 17–19 (1997)

    Article  Google Scholar 

  17. Bessis, J.: Risk Management in Banking. Wiley, Chichester

    Google Scholar 

  18. Chapman, C., Ward, S.: Project Risk Management: Processes, Techniques and Insights. Wiley, Chichester (2003)

    Google Scholar 

  19. Rosemann, M., zur Muehlen, M.: Integrating Risks in Business Process Models. In: ACIS 2005 Proceedings (2005)

    Google Scholar 

  20. Lambert, J., Jennings, R., Joshi, N.: Integration of risk identification with business process models. Syst. Eng. 9, 187–198 (2006)

    Article  Google Scholar 

  21. Alexander, I.: Modelling the interplay of conflicting goals with use and misuse cases. In: Proceedings of the HCI*2002 Workshop on Goal-Oriented Business Process Modeling. Memory of Dr. Maxim Khomyakov, GBMP 2002 (2002)

    Google Scholar 

  22. McDermott, J., Fox, C.: Using Abuse Case Models for Security Requirements Analysis. In: 15th Annual Computer Security Applications Conference, pp. 55–66. IEEE Computer Society, Los Alamitos (1999)

    Google Scholar 

  23. Sharp, A., McDermott, P.: Workflow Modeling: Tools for Process Improvement and Application Development. Artech House Publishers, Norwood (2001)

    Google Scholar 

  24. Weick, K.E., Sutcliffe, K.M., Obstfeld, D.: Organizing for high reliability: Processes of collective mindfulness. Research in Organizational Behavior 21, 23–81 (1999)

    Google Scholar 

  25. Feldman, M., Pentland, B.: Reconceptualizing Organizational Routines as a Source of Flexibility and Change. Administrative Science Quarterly 48, 94–118 (2003)

    Article  Google Scholar 

  26. Orlikowski, W.: Knowing in Practice: Enacting a Collective Capability in Distributed Organizing. Organization Science 13, 249–273 (2002)

    Article  Google Scholar 

  27. Davis, R.: Business Process Modelling with ARIS: A Practical Guide. Springer, Heidelberg (2001)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Department of Information Systems and Operations Management, The University of Auckland, Private Bag 92019, Auckland, 1142, New Zealand

    David Sundaram & Max Erik Rohde

Authors
  1. David Sundaram
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Max Erik Rohde
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Delft Unitersity of Technology, Jaffalaan 5, 2628, Delft, BX, The Netherlands

    Joseph Barjis

Rights and permissions

Reprints and permissions

Copyright information

© 2010 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Sundaram, D., Erik Rohde, M. (2010). Mal-processes: Explicitly Modelling the Deviant. In: Barjis, J. (eds) Enterprise and Organizational Modeling and Simulation. EOMAS 2010. Lecture Notes in Business Information Processing, vol 63. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-15723-3_11

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-15723-3_11

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-15722-6

  • Online ISBN: 978-3-642-15723-3

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation