Approximate Compliance Checking for Annotated Process Models

Weber, Ingo, Governatori, Guido and Hoffmann, Joerg (2008). Approximate Compliance Checking for Annotated Process Models. In: Sadiq, Shazia, Indulska, Marta and Zur Muehlen, Michael, 1st International Workshop on Governance, Risk and Compliance - Applications in Information Systems (GRCIS'08). GRCIS'08: International Workshop on Governance, Risk and Compliance in Information Systems, Montpellier, (46-60). 17 June, 2008.

Attached Files (Some files may be inaccessible until you login with your UQ eSpace credentials)
Name Description MIMEType Size Downloads
UQ138886_OA.pdf Full text application/pdf 228.35KB 491

Author Weber, Ingo
Governatori, Guido
Hoffmann, Joerg
Title of paper Approximate Compliance Checking for Annotated Process Models
Conference name GRCIS'08: International Workshop on Governance, Risk and Compliance in Information Systems
Conference location Montpellier
Conference dates 17 June, 2008
Proceedings title 1st International Workshop on Governance, Risk and Compliance - Applications in Information Systems (GRCIS'08)   Check publisher's open access policy
Place of Publication Europe
Publisher Rheinisch-Westfaelische Technische Hochschule Aachen
Publication Year 2008
Year available 2008
Sub-type Fully published paper
Open Access Status File (Author Post-print)
ISSN 1613-0073
Editor Sadiq, Shazia
Indulska, Marta
Zur Muehlen, Michael
Start page 46
End page 60
Total pages 15
Language eng
Abstract/Summary We describe a method for validating whether the states reached by a process are compliant with a set of constraints. This serves to (i) check the compliance of a new or altered process against the constraints base, and (ii) check the whole process repository against a changed constraints base, e.g., when new regulations come into being. For these purposes we formalize a particular class of compliance rules as well as annotated process models, the latter by combining a notion from the workflow literature with a notion from the AI actions and change literature. The compliance rules in turn pose restrictions on the desirable states. Each rule takes the form of a clausal constraint, i.e., a disjunction of literals. If for a given state there is a grounded clause none of whose literals are true, then the constraint is violated and indicates non-compliance. Checking whether a process is compliant with the rules involves enumerating all reachable states and is in general a hard search problem. Since long waiting times during process modelling are undesirable, it is important to explore restricted classes and approximate methods. We present a polynomial-time algorithm that, for a particular class of processes, computes the sets of literals that are necessarily true at particular points during process execution. Based on this information, we devise two approximate compliance checking methods. One of these is sound but not complete (it guarantees to find only non-compliance instances, but not to find all non-compliance instances); the other method is complete but not sound. We sketch how one can trace the state evolution back to the process activities which caused the (potential) non-compliance, and hence provide the user with some error diagnosis.
Subjects 280000 Information, Computing and Communication Sciences
Keyword regulatory compliance
business process modelling
Q-Index Code E1
Q-Index Status Provisional Code
Institutional Status UQ

 
Versions
Version Filter Type
Citation counts: Scopus Citation Count Cited 0 times in Scopus Article
Google Scholar Search Google Scholar
Created: Sun, 25 May 2008, 08:27:03 EST by Guido Governatori on behalf of School of Information Technol and Elec Engineering