Effect of Using Automated Auditing Tools on Detecting Compliance Failures in Unmanaged Processes

Authors:
Yurdaer Doganata;Francisco Curbera
Affiliations:
IBM T J Watson Research Center, Hawthorne 10532;IBM T J Watson Research Center, Hawthorne 10532
Venue:
BPM '09 Proceedings of the 7th International Conference on Business Process Management
Year:
2009

Citing 8
Cited 3

The eXtensible Rule Markup Language

Communications of the ACM - Wireless networking security
On Design and Implementation of a Contract Monitoring Facility

WEC '04 Proceedings of the First IEEE International Workshop on Electronic Contracting
Compliance checking between business processes and business contracts

EDOC '06 Proceedings of the 10th IEEE International Enterprise Distributed Object Computing Conference
Integration and verification of semantic constraints in adaptive process management systems

Data & Knowledge Engineering
Business Provenance --- A Technology to Increase Traceability of End-to-End Operations

OTM '08 Proceedings of the OTM 2008 Confederated International Conferences, CoopIS, DOA, GADA, IS, and ODBASE 2008. Part I on On the Move to Meaningful Internet Systems:
Compliance aware business process design

BPM'07 Proceedings of the 2007 international conference on Business process management
Designing compliant business processes with obligations and permissions

BPM'06 Proceedings of the 2006 international conference on Business Process Management Workshops
Risk management in the BPM lifecycle

BPM'05 Proceedings of the Third international conference on Business Process Management

Monitoring unmanaged business processes

OTM'10 Proceedings of the 2010 international conference on On the move to meaningful internet systems - Volume Part I
A distributed framework for reliable and efficient service choreographies

Proceedings of the 20th international conference on World wide web
A systematic review on security in Process-Aware Information Systems - Constitution, challenges, and future directions

Information and Software Technology

Quantified Score

Hi-index	0.00

Visualization

Abstract

The effect of using automated auditing tools to detect compliance failures in unmanaged business processes is investigated. In the absence of a process execution engine, compliance of an unmanaged business process is tracked by using an auditing tool developed based on business provenance technology or employing auditors. Since budget constraints limit employing auditors to evaluate all process instances, a methodology is devised to use both expert opinion on a limited set of process instances and the results produced by fallible automated audit machines on all process instances. An improvement factor is defined based on the average number of non-compliant process instances detected and it is shown that the improvement depends on the prevalence of non-compliance in the process as well as the sensitivity and the specificity of the audit machine.