Abstract
AbstractWith a steady increase of regulatory requirements for business processes, automation support of compliance management is a field garnering increasing attention in Information Systems research. Several approaches have been developed to support compliance checking of process models. One major challenge for such approaches is their ability to handle different modeling techniques and compliance rules in order to enable widespread adoption and application. Applying a structured literature search strategy, we reflect and discuss compliance-checking approaches in order to provide an insight into their generalizability and evaluation. The results imply that current approaches mainly focus on special modeling techniques and/or a restricted set of types of compliance rules. Most approaches abstain from real-world evaluation which raises the question of their practical applicability. Referring to the search results, we propose a roadmap for further research in model-based business process compliance checking.
Highlights
Since the passing of the Sarbanes-Oxley Act (SOX) (Sarbanes-Oxley Act 2002) the world’s regulation environment has changed significantly
The compliance management of firms is faced with a challenging task: On the one hand, the audit of business processes in order to comply with regulations, such as SOX, the minimum requirements for risk management (BaFin 2010) or money laundry laws (i.e., U.S Money Laundering Suppression Act of 1994), becomes more and more sophisticated
Existing compliance-checking approaches have rarely been applied far. We assume that this is due to a very close focus of existing approaches – either on specific modeling techniques or on a very restricted set of possible rules to be checked. We argue that such a close focus could hinder companies from applying these approaches, when the modeling technique applied by the company does not fit the business process compliance-checking approach or the rules to be checked by a company cannot be addressed by the approach
Summary
Since the passing of the Sarbanes-Oxley Act (SOX) (Sarbanes-Oxley Act 2002) the world’s regulation environment has changed significantly. This has seen companies confronted with a steady increase of rules that have serious effects on internal business processes. Tan, Jayaganesh, Bandara, zur Muehlen, and Lippe (2006), for example, reported on landscapes of over 1,800 business processes. Considering this environment, compliance experts, who are responsible for the legal checking of new and changed business processes, need automation support for compliance-checking.
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
