Formalization of Risks and Control Activities in Business Process

  • Yasuhito Arimoto
  • Shusaku Iida
  • Kokichi Futatsugi
Part of the Lecture Notes in Electrical Engineering book series (LNEE, volume 125)


It has been an important issue in society to evaluate effectiveness of control activities in business processes in order to ensure that control activities are dealing with risks as expected.

In this paper, we propose a method to model business processes with risks and control activities formally in order to verify effectiveness of control activities precisely. Formal descriptions gives us deeper understanding of risks and control activities, and by formal verification, we can evaluate control activities in a precise way. Our approach to formal modeling of business processes with risks and control activities is modeling business processes by focusing on activities related to documents which are handled during business activities.

The main contribution of this work is to show how we can solve problems in risk managements of business domain by application of a technology in Computer Science and Information Engineering.


Control Activity Business Process Formal Description Reachable State Model Business Process 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Pub. L. 107-204. 116 Stat. 754, Sarbanes Oxley Act (2002)Google Scholar
  2. 2.
    The Committee of Sponsoring Organizations of the Treadway Commision (COSO), Internal Control - Integrated Framework,
  3. 3.
    Financial Service Agency, Financial Instruments and Exchange Law,
  4. 4.
    van der Aalst, W.M.P.: Three Good Reasons for Using a Petri-net-based Workflow Management System. In: Navathe, S., Wakayama, T. (eds.) Proceedings of the International Working Conference on Information and Process Integration in Enterprises (IPIC 1996), Cambridge, Massachusetts (November 1996)Google Scholar
  5. 5.
    Clavel, M., Durán, F., Eker, S., Lincoln, P., Martí-Oliet, N., Meseguer, J., Talcott, C.: Introduction. In: Clavel, M., Durán, F., Eker, S., Lincoln, P., Martí-Oliet, N., Meseguer, J., Talcott, C. (eds.) All About Maude - A High-Performance Logical Framework. LNCS, vol. 4350, pp. 1–28. Springer, Heidelberg (2007)Google Scholar
  6. 6.
    Diaconescu, R., Futatsugi, K.: AMAST Series in Computing, vol. 6. Cafe OBJ Report, World Acientific (1998)Google Scholar
  7. 7.
    Governatori, G., Milosevic, Z., Sadiq, S.: Compliance Checking between Business Processes and Business Contracts. In: Proceedings of the 10th IEEE International Enterprise Destributed Object Computing Conference. IEEE (2006)Google Scholar
  8. 8.
    Iida, S., Denker, G., Talcott, C.: Document Logic: Risk Analysis of Business Processes Through Document Authenticity. In: Proceedings of 2nd International Workshop on Dynamic and Declarative Business Processes. IEEE (2009)Google Scholar
  9. 9.
    Namiri, K., Stojanovic, N.: Pattern-based Design and Validation of Business Process Compliance. In: Meersman, R., Tari, Z. (eds.) OTM 2007, Part I. LNCS, vol. 4803, pp. 59–76. Springer, Heidelberg (2007)Google Scholar
  10. 10.
    Futatsugi, K., Babu, C. S., Ogata, K.: Verifying Design with Proof Scores. In: Meyer, B., Woodcock, J. (eds.) VSTTE 2005. LNCS, vol. 4171, pp. 277–290. Springer, Heidelberg (2008)Google Scholar
  11. 11.
    Sasano, M.: Naibutousei no Nyuumon to Jissen (Introduction and Practice of Internal Control), 2nd edn., Chuuou Keizaisha (2007)Google Scholar

Copyright information

© Springer-Verlag GmbH Berlin Heidelberg 2012

Authors and Affiliations

  • Yasuhito Arimoto
    • 1
  • Shusaku Iida
    • 2
  • Kokichi Futatsugi
    • 1
  1. 1.Japan Advanced Intitute of Science and TechnologyNomiJapan
  2. 2.Senshu UniversityKawasakiJapan

Personalised recommendations