Publications on Business Process Modelling
- Guido Governatori, Jörg Hoffmann, Shazia Sadiq, and Ingo
Weber.
-
Detecting
regulatory compliance for business process models through semantic
annotations.
In 4th International Workshop on Business Process Design,
Milan, 1 September 2008 2008.
Abstract: A given business process may face a large number of
regulatory obligations the process may or comply with. Providing tools and
techniques through which an evaluation of the compliance degree of a given
process can be undertaken is seen as a key objective in emerging business
process platforms. We address this problem through a diagnostic framework
that provides the ability to assess the compliance gaps present in a given
process. Checking whether a process is compliant with the rules involves
enumerating all reachable states and is hence, in general, a hard search
problem. The approach taken here allows to provide useful diagnostic
information in polynomial time. The approach is based on two underlying
techniques. A conceptually faithful representation for regulatory obligations
is firstly provided by a formal rule language based on a non-monotonic
deontic logic of violations. Secondly, processes are formalized through
semantic annotations that allow a logical state space to be created. The
intersection of the two allows us to devise an efficient method to detect
compliance gaps; the method guarantees to detect all obligations that will
necessarily arise during execution, but that will not necessarily be
fulfilled.
 
-
Guido Governatori, Zoran Milosevic and Shazia Sadiq.
-
Compliance checking between business processes and business contracts.
In Patrick C. K. Hung, editor,
10th International Enterprise Distributed Object Computing
Conference (EDOC 2006),
Hong Kong, 16-20 October.
pages 221-232. IEEE Computing Society, 2006.
Copyright © IEEE
Abstract: It is a typical scenario that many organisations have
their business processes specified independently of their business
contracts. This is because of the lack of guidelines and tools that
facilitate derivation of processes from contracts but also because of
the traditional mindset of treating contracts separately from business
processes. This paper provides a solution to one specific problem that
arises from this situation, namely the lack of mechanisms to check
whether business processes are compliant with business contracts. The
central part of the paper are logic based formalism for describing
both the semantics of contract and the semantics of compliance
checking procedures.
- Guido Governatori, Zoran Milosevic, Shazia Sadiq and Maria Orlowska.
- On Compliance of business processes with business
contracts
Technical Report, School of Information Technology and
Electrical Engineering, The University of Queensland.
2006.
Abstract:
This paper addresses the problem of ensuring compliance of business
processes, implemented within and across organisational boundaries,
with the constraints stated in related business contracts. In order
to deal with the complexity of this problem we propose two solutions
that allow for a systematic and increasingly automated support for
addressing two specific compliance issues. One solution provides a
set of guidelines for progressively transforming contract conditions
into business processes that are consistent with contract conditions
thus avoiding violation of the rules in contract. Another solution
compares rules in business contracts and rules in business processes
to check for possible inconsistencies. Both approaches rely on a
computer interpretable representation of contract conditions that
embodies contract semantics. This semantics is described in terms of
a logic based formalism allowing for the description of obligations,
prohibitions, permissions and violations conditions in
contracts. This semantics was based on an analysis of typical
building blocks of many commercial, financial and government
contracts. The study proved that our contract formalism
provides a good foundation for describing key types of conditions in
contracts, and has also given several insights into valuable
transformation techniques and formalisms needed to establish better
alignment between these two, traditionally separate areas of
research and endeavour. The study also revealed a number of new
areas of research, some of which we intend to address in near
future.
-
Guido Governatori, Antonino Rotolo and Shazia Sadiq.
-
A Model of Dynamic Resource Allocation in Workflow Systems.
In Klaus-Dieter Schewe and Hugh E. Williams, editors,
Database Technology 2004,
Dunedin, New Zealand, 19-21 January.
pages 197-206.
Conference Research and Practice of Information Technology 27. ACS, 2004.
Copyright © ACS
Abstract: Current collaborative work environments are
characterized by dynamically changing organizational
structures. Although there have been several efforts to refine work
distribution, especially in workflow management, most literature
assumes a static database approach which captures organizational
roles, groups and hierarchies and implements a dynamic roles based
agent assignment protocol. However, in practice only partial
information may be available for organizational models, and in turn a
large number of exceptions may emerge at the time of work
assignment. In this paper we present an organizational model based on
a policy based normative system. The model is based on a combination
of an intensional logic of agency and a flexible, but computationally
feasible, non-monotonic formalism (Defeasible Logic). Although this
paper focuses on the model specification, the proposed approach to
modelling agent societies provides a means of reasoning with partial
and unpredictable information as is typical of organizational agents
in workflow systems.
- Ruopeng Lu, Shazia Sadiq, and Guido
Governatori.
-
A framework for utilizing preferred work practice for business process
evolution.
In Witold Abramowicz and Heinrich C. Mayr, editors, Technologies for
Business Information Systems, pages 39-50. Springer, Dordrecht, 2007, Copyrigth © 2007 Springer.
Abstract: Many Business Process Management (BPM) systems provide
best practice process models, both generic as well as for specific industry
sectors. However, it is often the variance from template solutions that
provide organizations with intellectual capital and competitive
differentiation. Although variance must comply with various contractual,
regulatory and operational constraints, it is still an important information
resource, representing preferred work practices. In this paper, we present a
framework that utilizes desired work practice to support business process
evolution. The framework on one hand provides the ability to use domain
expert knowledge and experience to tailor individual process instances
according to case specific requirements; and on the other, provides a means
of using this knowledge through learning techniques to guide subsequent
process refinements.
 
- Ruopeng Lu, Shazia Sadiq, and Guido Governatori.
-
Compliance aware business process design.
In Arthur H.M. ter Hofstede, Boualem Benatallah, and Hye-Young Paik,
editors, 3rd International Workshop on Business Process Design
(BPD'07), LNCS 4928,
pages 120-131. Springer, 2007.
Copyrigth © 2007 Springer.
Abstract: Historically, business process design has been driven
by business objectives, specifically process improvement. However this cannot
come at the price of control objectives which stem from various legislative,
standard and business partnership sources. Ensuring the compliance to
regulations and industrial standards is an increasingly important issue in
the design of business processes. In this paper, we advocate that control
objectives should be addressed at an early stage, i.e., design time, so as to
minimize the problems of runtime compliance checking and consequent
violations and penalties. To this aim, we propose supporting mechanisms for
business process designers. This paper specifically presents a support method
which allows the process designer to quantitatively measure the compliance
degree of a given process model against a set of control objectives. This
will allow process designers to comparatively assess the compliance degree of
their design as well as be better informed on the cost of non-compliance.
-
Ruopeng Lu, Shazia Sadiq and Guido Governatori.
-
Utilizing Successful Work Practice for Business Process Evolution.
In Witold Abramowicz and Heinrich C. Mayr, editors,
Business Information Systems (BIS 2006),
Klagenfurt, Austria, May 31-June 2. pages 58-76.
LNI 85. Bonner Köllen Verlag, Berlin, 2006.
Copyright © GI.
Abstract: Business process management (BPM) has emerged as a
dominant technology in current enterprise systems and business
solutions. However, business processes are always evolving in current
dynamic business environments where requirements and goals are
constantly changing. Whereas literature reports on the importance of
domain experts in process modelling and adaptations, current solutions
have not addressed this issue effectively. In this paper, we present a
framework that utilizes successful work practice to support business
process evolution. The framework on one hand provides the ability to
use domain expert knowledge and experience to tailor individual
process instances according to case specific requirements; and on the
other, provides a means of using this knowledge through learning
techniques to guide subsequent process changes.
-
Ruopeng Lu, Shazia Sadiq, Vineet Padmanabhan and Guido Governatori.
-
Using a Temporal Constraint Network for Business Process Execution.
In Gillian Dobbie and James Bailey, editors,
Seventeenth Australasian Database Conference (ADC2006),
Hobart, Australia, 16-19 January. pages 157-166.
CRPIT 49. ACS, Sydney, 2006.
Copyright © ACS
Abstract: Business process management (BPM) has emerged as a
dominant technology in current enterprise systems and business
solutions. However, the technology continues to face challenges in
coping with dynamic business environments where requirements and goals
are constantly changing. In this paper, we present a modelling
framework for business processes that is conducive to dynamic change
and the need for flexibility in execution. This framework is based on
the notion of process constraints. Process constraints may be
specified for any aspect of the process, such as task selection,
control flow, resource allocation, etc. Our focus in this paper is on
a set of scheduling constraints that are specified through a temporal
constraint network. We will demonstrate how this specification can
lead to increased flexibility in process execution, while maintaining
a desired level of control. A key feature and strength of the approach
is to use the power of constraints, while still preserving the
intuition and visual appeal of graphical languages for process
modelling.
-
Vineet Padmanabhan, Guido Governatori, Shazia Sadiq, Robert M. Colomb
and Antonino Rotolo.
-
Process Modelling: The Deontic Way.
In Markus Stumptner, Sven Hartmann and Yasushi Kiyoki, editors,
Conceptual Modelling 2006. Proceedings of the Thirds
Asia-Pacific Conference on Conceptual Modelling (APCCM2006),
Hobart, 16-19 January. pages 75-84.
CRPIT 53. Australian Computer Science Communications,
Sydney, 2006.
Copyright © ACS
Abstract: Current enterprise systems rely heavily on the
modelling and enactment of business processes. One of the key criteria
for a business process is to represent not just the behaviours of the
participants but also how the contractual relationships among them
evolve over the course of an interaction. In this paper we provide a
framework in which one can define policies/business rules using
deontic assignments to represent the contractual relationships. To
achieve this end we use a combination of deontic/normative concepts
like proclamation, directed obligation and
direct action to account for a deontic theory of commitment
which in turn can be used to model business processes in their
organisational settings. In this way we view a business process as a
social interaction process for the purpose of doing
business. Further, we show how to extend the $i*$ framework, a well
known organisational modelling technique, so as to accommodate our
notion of deontic dependency.
-
Shazia Sadiq, Guido Governatori and Kioumars Niamiri.
-
Modeling Control Objectives for Business Process Compliance.
In 4th International Conference on Business Process Management. LNCS. Springer-Verlag, Berlin 2007.
Copyrihgt © Springer-Verlag 2007.
Abstract: Business process design is primarily driven by process
improvement objectives. However, the role of control objectives stemming
from regulations and standards is becoming increasingly important for
businesses in light of recent events that led to some of the largest
scandals in corporate history. As organizations strive to meet compliance
agendas, there is an evident need to provide systematic approaches that
assist in the understanding of the interplay between (often conflicting)
business and control objectives during business process design. In this
paper, our objective is twofold. We will firstly present a research agenda
in the space of business process compliance, identifying major technical and
organizational challenges. We then tackle a part of the overall problem
space, which deals with the effective modeling of control objectives and
subsequently their propagation onto business process models. Control
objective modeling is proposed through a specialized modal logic based on
normative systems theory, and the visualization of control objectives on
business process models is achieved procedurally. The proposed approach is
demonstrated in the context of a purchase-to-pay scenario.
- Ingo Weber, Guido Governatori, and Jörg Hoffmann.
-
Approximate compliance checking for annotated process models.
In Marta Indulska, Shazia Sadiq, and Michael zur Muehlen, editors,
Proceedings of CAiSE 2008 Workshop on Governance, Risk and Compliance in
Information Systems (GRCIS 2008), Montpellier, 17 June 2008.
Abstract: We describe a method for validating whether the states
reached by a process are compliant with a set of constraints. This serves to
(i) check the compliance of a new or altered process against the constraints
base, and (ii) check the whole process repository against a changed
constraints base, e.g., when new regulations come into being. For these
purposes we formalize a particular class of compliance rules as well as
annotated process models, the latter by combining a notion from the workflow
literature with a notion from the AI actions and change literature. The
compliance rules in turn pose restrictions on the desirable states. Each rule
takes the form of a clausal constraint, i.e., a disjunction of literals. If
for a given state there is a grounded clause none of whose literals are true,
then the constraint is violated and indicates non-compliance. Checking
whether a process is compliant with the rules involves enumerating all
reachable states and is in general a hard search problem. Since long waiting
times undesirable, it is important to explore restricted classes and
approximate methods. We present a polynomial-time algorithm that, for a
particular class of processes, computes the sets of literals that are
necessarily true at particular points during process execution. Based on this
information, we devise two approximate compliance checking methods. One of
these is sound but not complete (it guarantees to find only non-compliance
instances, but not to find all non-compliance instances); the other method is
complete but not sound. We sketch how one can trace the state evolution back
to the process activities which caused the (potential) non-compliance, and
hence provide the user with some error diagnosis.