Optimal Control Point Selection for Continuous Business Process Compliance Monitoring
Service delivery organizations fulfill their business obligations by defining and implementing business processes.Such processes also need to adhere to several regulations such as security,confidentiality and data integrity.These regulations are typically defined as policies,each of which contains a list of clauses.Organizations typically conduct periodic audits of executed process instances to determine how well they have adhered to the stated policies.Since such auditing takes place after the processes have been implemented,their efficacy as a tool for preventing non-compliances against policies is doubtful.In this paper,we analyze the problem of continuous compliance monitoring at run time.This involves selecting a subset of policy clauses at process tasks,called control points,at which compliance can be checked.Selecting control points involves a tradeoff.Selecting too few control points would raise the risk of increased non-compliance; however,selecting too many may not be cost-effective.In this paper,we represent this as an optimization problem,and discuss it from the viewpoint of two key optimization criteria.We also demonstrate our optimization techniques on a simplified version of a real-life example drawn from our industry experience.
Business Process Monitoring Control Points
Nanjangud C.Narendra Virendra K.Varshney Shailabh Nagar Mitesh Vasa Anuradha Bhamidipaty
IBM India Research Lab,Bangalore,India
国际会议
北京
英文
2008-10-12(万方平台首次上网日期,不代表论文的发表时间)