Abstract
In this paper we present a novel approach for the modeling and implementation of Internal Controls in Business Processes. The approach is based on the formal modeling of Internal Controls in the validation process under the usage of frequently recurring control patterns. The main idea is the introduction of a semantic layer in which the process instances are interpreted according to an independently designed set of controls. This ensures separation of business and control objectives in a Business Process. A prototypical implementation of the approach is presented.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Pub. L. 107-204. 116 Stat. 754, Sarbanes Oxley Act (2002)
Committee of Sponsoring Organizations of the Treadway Commission (COSO), Internal Control - Integrated Framework (1992)
Hartman, T.: The Cost of Being Public in the Era of Sarbanes-Oxley (June 2005)
zur Muehlen, M., Rosemann, M.: Integrating Risks in Business Process Models. In: ACIS 2005. Proceedings of the 2005 Australasian Conference on Information Systems, Manly, Sydney, Australia, November 30-December 2 (2005)
Dwyer, M., Avrunin, G., Corbett, J.: Patterns in Property Specification for Finite-State Verification. In: Proceedings of the 21st International Conference on Software Engineering, pp. 411–420 (May 1999)
Gamma, E., Helm, R., Johnson, R., Vlissides, J.: Design Patterns: Element of Reusable Object Oriented Software. Addison-Wesley, Reading (1995)
Davenport, T., Short, J.: The New Industrial Engineering: Information Technology and Business Process Redesign. Sloan Management Review 31, 11–27 (1990)
Goedertier, S., Vanthienen, J.: Designing Compliant Business Processes from Obligations and Permissions. In: BPD 2006. 2nd Workshop on Business Processes Design Proceedings (2006)
Public Company Accounting Oversight Board (PCAOB), PCAOB Accounting Standard No.2, Paragraph 12
Namiri, K., Stojanovic, N.: A Formal Approach for Internal Controls Compliance in Business Processes. In: BPMDS 2007. 8th Workshop on Business Process Modeling, Development, and Support conjunction with CAiSE 2007 (2007)
Sadiq, S., Governatori, G., Kioumars, N.: Modeling Control Objectives for Business Processes. In: BPM 2007. 5th International Conference on Business Process Management (2007)
Robinson, W.: Implementing Rule-based Monitors within a Framework for Continuous Requirements Monitoring, HICSS 2005, Hawaii, USA (2005)
Giblin, C., Muller, S., Pfitzmann, B.: From regulatory policies to event monitoring rules: Towards model driven compliance automation. IBM Research Report. Zurich Research Laboratory (October 2006)
Casati, F., Castano, S., Fugini, M., Mirbel, I., Pernici, B.: Using Patterns to Design Rules in Workflows. IEEE Transactions on Software Engineering 26(8) (August 2000)
Author information
Authors and Affiliations
Editor information
Rights and permissions
Copyright information
© 2007 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Namiri, K., Stojanovic, N. (2007). Pattern-Based Design and Validation of Business Process Compliance. In: Meersman, R., Tari, Z. (eds) On the Move to Meaningful Internet Systems 2007: CoopIS, DOA, ODBASE, GADA, and IS. OTM 2007. Lecture Notes in Computer Science, vol 4803. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-76848-7_6
Download citation
DOI: https://doi.org/10.1007/978-3-540-76848-7_6
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-76846-3
Online ISBN: 978-3-540-76848-7
eBook Packages: Computer ScienceComputer Science (R0)