Conference System Approaches
cs_CZus
Conference System Approaches
University of Economics, Prague

COMPARISON OF COMPLIANCE REQUIREMENTS FORMALIZATION APPROACHES

AUTHOR: Ing. Ivana ŠABATOVÁ (University of Economics in Prague, Faculty of Informatics and Statistics, Department of Systems Analysis)

ABSTRACT:
Compliance with regulatory requirements is a crucial task for contemporary organizations operating in highly regulated and dynamically changing environments. Regulatory compliance achievement and assurance represent work intensive and expensive exercises. Therefore already a few endeavors to develop methodologies and deploy recent technologies to enable their automation have been initiated. In the most cases compliance management relates to business processes that have to conform to a set of certain quality, performance, security and other types of requirements. If we want to automate particular business process and at the same time to automate the compliance enforcement measures as well as the compliance assurance procedures, first of all we have to formulate the regulatory compliance requirements using modeling language that can be easily transformed to machine readable expressions. The measures for compliance achievement and assurance called controls are derived from risk analysis of threads of the non-compliance of particular business process, i.e. non-conformity with established control goals. Controls can be realized in the form of control processes; in simple cases control can be realized by single activity which is then called control activity. The business process enhanced with control process that is acknowledged as compliant with respective requirement is called ideal process. This paper focuses on comparison of two different possible approaches to model compliance requirements on business processes based on literature search and on experience resulting from compliance management systems’ design and verification. It brings the reasoning why formulation of set of constrains is preferable to set of compliant ideal process sequences limitation for this purpose.

KEY WORDS: Compliance Algorithm, Business Process Management, Business Rules Management, Control Process, Ideal Process, Compliance Management System, Busness Process Model and Notation (BPMN), Business Process Execution Language (BPEL), Petri net, Finite State Machine, Property Specification Language (PSL).

DOI: 10.18267/pr.2015.pav.2125.2

FULLTEXT: COMPARISON OF COMPLIANCE REQUIREMENTS FORMALIZATION APPROACHES – ING. IVANA ŠABATOVÁ

KSA