Gesellschaft für Informatik e.V.

Lecture Notes in Informatics


INFORMATIK 2010 Business Process and Service Science - Proceedings of ISSS and BPSC P-177, 127-138 (2010).

Gesellschaft für Informatik, Bonn
2010


Copyright © Gesellschaft für Informatik, Bonn

Contents

Essential aspects of compliance management with focus on business process automation

David Schumm , Tobias Anstett , Frank Leymann , Daniel Schleicher and Steve Strauch

Abstract


Compliance requirements coming from laws, regulations and internal policies constrain how a company may carry out its business. A company must take various different actions for preventing compliance violations and for detecting them. Business processes have to be changed accordingly in order to adhere to these requirements. Manual controls need to be installed in order to affect the work which is done outside of IT systems. Technical controls are required for assuring compliance within IT systems. In this paper, we present a compliance management model that captures the compliance problem from a holistic point of view. We elaborate on a technical control which is called compliance fragment and we position it in the compliance management model. A compliance fragment is a connected, possibly incomplete process graph that can be used as a reusable building block for ensuring a consistent specification and integration of compliance into a workflow. In particular, we propose language extensions to BPEL for representing compliance fragments. Furthermore, we


Full Text: PDF

Gesellschaft für Informatik, Bonn
ISBN 978-3-88579-271-0


Last changed 04.10.2013 18:34:51