Business Process Data Compliance

  • Mustafa Hashmi
  • Guido Governatori
  • Moe Thandar Wynn
Part of the Lecture Notes in Computer Science book series (LNCS, volume 7438)


Most approaches to business process compliance are restricted to the analysis of the structure of processes. It has been argued that full regulatory compliance requires information on not only the structure of processes but also on what the tasks in a process do. To this end Governatori and Sadiq [2007] proposed to extend business processes with semantic annotations. We propose a methodology to automatically extract one kind of such annotations; in particular the annotations related to the data schema and templates linked to the various tasks in a business process.


Business process business process compliance database schema compliance by design 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Australia AIGD. The Australian Industry Group National CEO Survey: Business Regulations (September 2011)Google Scholar
  2. 2.
    Sadiq, S., Governatori, G., Namiri, K.: Modeling Control Objectives for Business Process Compliance. In: Alonso, G., Dadam, P., Rosemann, M. (eds.) BPM 2007. LNCS, vol. 4714, pp. 149–164. Springer, Heidelberg (2007)CrossRefGoogle Scholar
  3. 3.
    Liu, Y., Müller, S., Xu, K.: A Static Compliance-Checking Framework for Business Process Models. IBM Systems Journal 46, 335–361 (2007)CrossRefGoogle Scholar
  4. 4.
    Schmidt, R., Bartsch, C., Oberhauser, R.: Ontology-based Representation of Compliance Requirements for Service Processes. In: SBPM 2007. CEUR, vol. 251, pp. 28–39 (2007)Google Scholar
  5. 5.
    El Kharbili, M., Stein, S., Markovic, I., Pulvermüller, E.: Towards a Framework for Semantic Business Process Compliance Management. In: GRCIS 2008 Workshop at CAiSE 2008. CEUR, vol. 339, pp. 1–15 (2007)Google Scholar
  6. 6.
    Hagerty, J.: Sox spending for 2006. ARM Research, Boston, USA (November 2006), JH 2006Google Scholar
  7. 7.
    Ly, L.T., Knuplesch, D., Rinderle-Ma, S., Göser, K., Pfeifer, H., Reichert, M., Dadam, P.: SeaFlows Toolset – Compliance Verification Made Easy for Process-Aware Information Systems. In: Soffer, P., Proper, E. (eds.) CAiSE Forum 2010. LNBIP, vol. 72, pp. 76–91. Springer, Heidelberg (2011)CrossRefGoogle Scholar
  8. 8.
    Ly, L.T., Rinderle, S., Dadam, P.: Semantic Correctness in Adaptive Process Management Systems. In: Dustdar, S., Fiadeiro, J.L., Sheth, A.P. (eds.) BPM 2006. LNCS, vol. 4102, pp. 193–208. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  9. 9.
    Governatori, G., Sadiq, S.: The Journey to Business Process Compliance. In: Handbook of Research on Business Process Management, pp. 426–454. IGI Global (2009)Google Scholar
  10. 10.
    Sadiq, S., Governatori, G.: A Methodological Framework for Aligning Business Processes and Regulatory Compliance. In: Handbook of Business Process Management: 2. Strategic Alignment, Governance, People and Culture, pp. 159–176. Springer, Berlin (2010)Google Scholar
  11. 11.
    Ghose, A.K., Koliadis, G.: Auditing Business Process Compliance. In: Krämer, B.J., Lin, K.-J., Narasimhan, P. (eds.) ICSOC 2007. LNCS, vol. 4749, pp. 169–180. Springer, Heidelberg (2007)CrossRefGoogle Scholar
  12. 12.
    Governatori, G., Hoffmann, J., Sadiq, S., Weber, I.: Detecting Regulatory Compliance for Business Process Models through Semantic Annotations. In: Ardagna, D., Mecella, M., Yang, J. (eds.) BPM Workshops 2008. LNBIP, vol. 17, pp. 5–17. Springer, Heidelberg (2009)Google Scholar
  13. 13.
    Governatori, G., Rotolo, A.: An Algorithm for Business Process Compliance. In: Legal Knowledge and Information Systems, pp. 186–191. IOS Press (2008)Google Scholar
  14. 14.
    Governatori, G., Rotolo, A.: A Conceptually Rich Model of Business Process Compliance. In: APCCM 2010. CRPIT, vol. 110, pp. 3–12. Australian Computer Society (2010)Google Scholar
  15. 15.
    Carmo, J., Jones, J.: Deontic Logic and Contrary to duties. In: Handbook of Philosophical Logic, 2nd edn., pp. 265–343. Kulwer, Dordrech (2002)CrossRefGoogle Scholar
  16. 16.
    Governatori, G.: Representing Business Contracts in RuleML. International Journal of Cooperative Information Systems 14, 181–216 (2005)CrossRefGoogle Scholar
  17. 17.
    Antoniou, G., Billington, D., Governatori, G., Maher, M.J.: Representation results for defeasible logic. ACM Transactions on Computational Logic 2, 255–287 (2001)MathSciNetzbMATHCrossRefGoogle Scholar
  18. 18.
    Antoniou, G., Billington, D., Governatori, G., Maher, M.J.: Embedding defeasible logic into logic programming. Theory and Practice of Logic Programming 6, 703–735 (2006)MathSciNetzbMATHCrossRefGoogle Scholar
  19. 19.
    Governatori, G., Rotolo, A.: Logic of Violations:A Gentzen System for Reasoning with Contrary-To-Duty Obligation. Australasian Journal of Logic 4, 193–215 (2006)MathSciNetzbMATHGoogle Scholar
  20. 20.
    Bonazzi, R., Pigneur, Y.: Compliance Management in Multi-actor Contexts. In: GRCIS 2009. CEUR, vol. 459, article 7 (2009)Google Scholar
  21. 21.
    COMPAS: Compliance Driven Models, Languages, and Architectures for Services. In: 7th Framework Programme Information and Communication Technologies (2008)Google Scholar
  22. 22.
    el Kharbili, M., Stein, S.: Policy-Based Semantic Compliance Checking for Business Process Management. In: MobIS Workshops 2008. CEUR, vol. 420, pp. 178–192 (2008)Google Scholar
  23. 23.
    Ly, L., Rinderle-Ma, S., Göser, K., Dadam, P.: On Enabling Integrated Process Compliance with Semantic Constraints in Process Management Systems. Information Systems Frontiers 14, 195–219 (2012)CrossRefGoogle Scholar
  24. 24.
    Lu, R., Sadiq, S.K., Governatori, G.: Compliance Aware Business Process Design. In: ter Hofstede, A.H.M., Benatallah, B., Paik, H.-Y. (eds.) BPM Workshops 2007. LNCS, vol. 4928, pp. 120–131. Springer, Heidelberg (2008)CrossRefGoogle Scholar
  25. 25.
    Goedertier, S., Vanthienen, J.: Designing Compliant Business Processes with Obligations and Permissions. In: Eder, J., Dustdar, S. (eds.) BPM Workshops 2006. LNCS, vol. 4103, pp. 5–14. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  26. 26.
    Governatori, G., Milosevic, Z., Sadiq, S.: Translating business contract into compliant business processes. In: 10th IEEE International Enterprise Distributed Object Computing Conference, pp. 221–232. IEEE Press (2006)Google Scholar
  27. 27.
    Goedertier, S., Vanthienen, J.: Compliant and flexible business processes with business rules. In: BPMDS 2006. CEUR, vol. 236 (2006)Google Scholar
  28. 28.
    Lohmann, N.: Compliance by Design for Artifact-Centric Business Processes. In: Rinderle-Ma, S., Toumani, F., Wolf, K. (eds.) BPM 2011. LNCS, vol. 6896, pp. 99–115. Springer, Heidelberg (2011)CrossRefGoogle Scholar
  29. 29.
    Awad, A., Weidlich, M., Weske, M.: Specification, Verification and Explanation of Violation for Data Aware Compliance Rules. In: Baresi, L., Chi, C.-H., Suzuki, J. (eds.) ICSOC-ServiceWave 2009. LNCS, vol. 5900, pp. 500–515. Springer, Heidelberg (2009)CrossRefGoogle Scholar
  30. 30.
    Awad, A., Decker, G., Weske, M.: Efficient Compliance Checking Using BPMN-Q and Temporal Logic. In: Dumas, M., Reichert, M., Shan, M.-C. (eds.) BPM 2008. LNCS, vol. 5240, pp. 326–341. Springer, Heidelberg (2008)CrossRefGoogle Scholar
  31. 31.
    Lu, R., Sadiq, S., Governatori, G.: Measurement of compliance distance in business processes. Information Systems Management 25, 344–355 (2008)CrossRefGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2012

Authors and Affiliations

  • Mustafa Hashmi
    • 1
    • 2
  • Guido Governatori
    • 1
    • 2
  • Moe Thandar Wynn
    • 1
    • 2
  1. 1.Queensland Research LaboratoryNICTASt. LuciaAustralia
  2. 2.Queensland University of Technology (QUT)BrisbaneAustralia

Personalised recommendations