Process compliance ensures that processes adhere to requirements imposed on them. Failure to comply with legal and industry regulations can result in substantial fines, legal consequences, and reputational damage. Compliance-by-design approaches thus aim to ensure that every process execution is compliant, which is essential in domains where violations are unacceptable. However, existing approaches fail to achieve the dream of compliance-by-design due to abstraction and implementation gaps between regulatory documents, designed process models, and executed processes. In particular, data, time, and resource requirements are often annotated to process models, but not enforced during execution. This work aims to achieve more substantial compliance-by-design assurances through an execution-level abstraction approach. To this end, we propose a structural verification approach based on executable process trees. The approach is prototypically implemented, applied to a data set, and evaluated regarding its usability through a qualitative survey.

错误:搜索内容不能为空,请输入英文关键词
错误:关键词超出字数限制,请精简
高级检索

Tree-Based Compliance Verification: Bridging the Gap Between Compliance Requirements and Process Execution

  • Johannes Loebbecke,
  • Juergen Mangler,
  • Stefanie Rinderle-Ma

摘要

Process compliance ensures that processes adhere to requirements imposed on them. Failure to comply with legal and industry regulations can result in substantial fines, legal consequences, and reputational damage. Compliance-by-design approaches thus aim to ensure that every process execution is compliant, which is essential in domains where violations are unacceptable. However, existing approaches fail to achieve the dream of compliance-by-design due to abstraction and implementation gaps between regulatory documents, designed process models, and executed processes. In particular, data, time, and resource requirements are often annotated to process models, but not enforced during execution. This work aims to achieve more substantial compliance-by-design assurances through an execution-level abstraction approach. To this end, we propose a structural verification approach based on executable process trees. The approach is prototypically implemented, applied to a data set, and evaluated regarding its usability through a qualitative survey.