Abstract
The effect of using automated auditing tools to detect compliance failures in unmanaged business processes is investigated. In the absence of a process execution engine, compliance of an unmanaged business process is tracked by using an auditing tool developed based on business provenance technology or employing auditors. Since budget constraints limit employing auditors to evaluate all process instances, a methodology is devised to use both expert opinion on a limited set of process instances and the results produced by fallible automated audit machines on all process instances. An improvement factor is defined based on the average number of non-compliant process instances detected and it is shown that the improvement depends on the prevalence of non-compliance in the process as well as the sensitivity and the specificity of the audit machine.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Curbera, F., Doganata, Y., Martens, A., Mukhi, M., Slominski, A.: Business Provenance - A Technology to Increase Traceability of End-to-End Operations. In: OTM Conferences vol (1) , pp. 100–119 (2008)
Greengard, S.: Compliance Software’s Bonus Benefits. Business Finance Magazine (February 2004)
Gartner.: Simplifying Compliance: Best Practices and Technology, French Caldwell, (Business Process Management Summit (June 6, 2005)
Hagerty, J., Hackbush, J., Gaughan, D., Jacaobson, S.: The Governance, Risk Management, and Compliance Spending Report, 2008-2009, AMR Research Report, March 25 (2008)
Corfield, B.: Managing the cost of compliance, http://justin-taylor.net/webdocs/tip_of_the_iceberg.pdf
Zur Muehlen, M., Ho, D.T.: Risk Management in the BPM Lifecycle. In: Bussler, C.J., Haller, A. (eds.) BPM 2005. LNCS, vol. 3812, pp. 454–466. Springer, Heidelberg (2006)
Christopher, G., Müller, S., Pfitzmann, B.: From Regulatory Policies to Event Monitoring Rules: Towards Model-Driven Compliance Automation. IBM Research Report RZ 3662, IBM Zurich Research Laboratory (2006)
Lu, R., Sadiq, S., Governatori, G.: Compliance aware business process design. In: ter Hofstede, A.H.M., Benatallah, B., Paik, H.-Y. (eds.) BPM Workshops 2007. LNCS, vol. 4928, pp. 120–131. Springer, Heidelberg (2008)
Milosevic, Z., Gibson, S., Linington, J.C., Kulkarni, S.: On Design and implementation of a contract monitoring facility. In: Benatallah, B. (ed.) First IEEE International Workshop on Electronic Contracts, pp. 62–70. IEEE Press, Los Alamitos (2004)
Governatori, G., Milosevic, Z.: A Formal Analysis of a Business Contract Language. International Journal of Cooperative Information Systems 15(4), 659–685 (2006)
Governatori, G., Milosevic, Z., Sadiq, S.: Compliance checking between business processes and business contracts. In: Proceedings of the 10th IEEE Conference on Enterprise Distributed Object Computing (2006)
Ly, L.T., Rinderle, S., Dadam, P.: Integration and verification of semantic constraints in adaptive process management systems. Data and Knowledge Engineering 64(1), 3–23 (2008)
Governatori, G.: Representing Business Contracts in RuleML. International Journal of Cooperative Information Systems 14(2–3), 181–216 (2005)
Goedertier, S., Vanthienen, J.: Designing compliant business processes with obligations and permissions. In: Eder, J., Dustdar, S. (eds.) BPM Workshops 2006. LNCS, vol. 4103, pp. 5–14. Springer, Heidelberg (2006)
Lee, J.K., Sohn, M.M.: The eXtensible Rule Markup Language. Communications of ACM 46(5), 59–64 (2003)
Egizi, C.: High cost of compliance, http://www.cioupdate.com/career/article.php/3489431/The-High-Cost-of-Compliance.htm
Joseph, L., Gyorkos, T.W., Coupal, L.: Bayesian estimation of disease prevalence and the parameters of diagnostic tests in the absence of a gold standard. Am. J. Epidemiol (1995)
Gelfand, A.E., Smith, A.F.M.: Sampling-based approaches to calculating marginal densities. Journal American Statistics Assoc. 85, 348–409 (1990)
Gelfand, A.E., Hills, S.E., Racine-Poon, A., et al.: Illustration of Bayesian Inference in normal data using Gibbs sampling. Journal of American Statistics Assoc. 85, 972–985 (1990)
Tanner, M.A.: Tools for statistical inference. Springer, New York (1991)
Katsis, A.: Sample size determination of binomial data with the presence of misclassification. Metrika 63, 323–329 (2005)
Pooled Prevalence Calculator, http://www.ausvet.com.au/pprev/
Geman, S., Geman, D.: Stochastic Relaxation, Gibbs Distributions, and the Bayesian Restoration of Images. IEEE Transactions on Pattern Analysis and Machine Intelligence 6, 721–741 (1984)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2009 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Doganata, Y., Curbera, F. (2009). Effect of Using Automated Auditing Tools on Detecting Compliance Failures in Unmanaged Processes. In: Dayal, U., Eder, J., Koehler, J., Reijers, H.A. (eds) Business Process Management. BPM 2009. Lecture Notes in Computer Science, vol 5701. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-03848-8_21
Download citation
DOI: https://doi.org/10.1007/978-3-642-03848-8_21
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-03847-1
Online ISBN: 978-3-642-03848-8
eBook Packages: Computer ScienceComputer Science (R0)