Compliance management ontology: enabling shared understanding in compliance practice

Syed Abdullah, Syed Norris Hikmi (2013). Compliance management ontology: enabling shared understanding in compliance practice PhD Thesis, School of Information Technol and Elec Engineering, The University of Queensland.

Attached Files (Some files may be inaccessible until you login with your UQ eSpace credentials)
Name Description MIMEType Size Downloads
s41610055_phd_finalthesis.pdf Thesis full text application/pdf 3.62MB 12
Author Syed Abdullah, Syed Norris Hikmi
Thesis Title Compliance management ontology: enabling shared understanding in compliance practice
Formatted title
School, Centre or Institute School of Information Technol and Elec Engineering
Institution The University of Queensland
Publication date 2013
Thesis type PhD Thesis
Supervisor Sadiq, Shazia W.
Indulska, Marta K.
Total pages 171
Total black and white pages 171
Language eng
Subjects 0806 Information Systems
080603 Conceptual Modelling
080609 Information Systems Management
080608 Information Systems Development Methodologies
Formatted abstract
    Governance, Risk and Compliance (GRC) is an area of increasing importance for organisations world-wide due to the implications of non-compliance. GRC initiatives are often deeply rooted in Information Systems (IS) as they implicitly or explicitly hold the evidence for (non)compliance. However, the relevant information is not readily available due to the disparate nature of IS in current organisational settings. The diversity of the stakeholders (compliance professionals, risk managers, business function heads, auditors, regulators etc.) in GRC initiatives has further contributed to the challenges and, consequently, to the cost of compliance management. In particular, recent empirical research has identified the lack of a common/shared conceptualisation of compliance management concepts to be a barrier to compliance management practice. In addition, the lack of this shared conceptualisation also affects the extent to which leading research is seen as applicable by practitioners. Thus, taking an information-centric view to addressing the challenges in compliance management, the researcher posits that any effort towards providing compliance management solutions demands a common understanding of compliance management concepts and practice among the different stakeholders. This thesis presents research undertaken to develop an ontology to create a shared conceptualization of the compliance management domain: CoMOn (Compliance Management Ontology). The ontology is developed based on an industry-relevant ontology development framework specifically designed to meet the requirements for a multi-disciplinary area as compliance management. The framework is governed by the guidelines set out within the over-arching Design Science paradigm. The ontology concepts are extracted from interviews and surveys of compliance management experts and practitioners, and refined through synthesis with leading academic literature related to compliance management. A semiotic framework has been utilized to conduct an evaluation of CoMOn through a series of case studies spanning a number of industry sectors. An ontology realisation study was also conducted in a number of organisations to evaluate CoMOn’s usability. The consensus achieved through the evaluation has positioned CoMOn as a comprehensive domain ontology for Compliance Management.
Keyword Compliance management
Regulatory compliance
Ontology development

Citation counts: Google Scholar Search Google Scholar
Created: Wed, 11 Sep 2013, 16:37:35 EST by Mr Syed Norris Hikmi Syed Abdullah on behalf of Scholarly Communication and Digitisation Service