The eXtensible Rule Markup Language
Communications of the ACM - Wireless networking security
On Design and Implementation of a Contract Monitoring Facility
WEC '04 Proceedings of the First IEEE International Workshop on Electronic Contracting
Compliance checking between business processes and business contracts
EDOC '06 Proceedings of the 10th IEEE International Enterprise Distributed Object Computing Conference
Hi-index | 0.08 |
A method is introduced to measure the risk of being non-compliant and the cost of reducing the risk by performing internal audits with the help of automated audit tools. Risk exposure of a business process is defined in terms of the prevalence of non-compliant process instances that are subject to penalty. The risk exposure can be reduced by detecting the non-compliant process instances in advance with the help of manual audits and automated auditing tools. The cost of this hybrid approach, however, should be kept less than the reduction amount of risk exposure.