Abstract
AbstractThe growing regulatory pressure on increasingly digitized businesses, for example to combat the growing number of corporate fraud cases, can have an obstructive effect on the execution of automated business processes. Such security-related obstructions occur when the implementation of regulations, that is, the enforcement of so-called safety properties, blocks the execution of business processes – in particular, the so-called liveness property of process completion. Those obstructions exemplify the conflicting goals between business processes and classic IT security.Automation is no panacea against regulation acting obstructive. Adequate and effective application of regulation builds the basis against fraud. However, there is no way to avoid automation when IT methods are used to generate competitive advantages. An obstruction results from introducing IT security on business processes, particularly authorization and further security policies such as separation of duties. This chapter leads to this problem and describes how to widen this restricted behavior of business processes resulting from security controls to the broader scope that compliance provides as part of corporate governance. By handling obstructions, security in business processes is supposed to be improved. For this purpose, an indicator-based view of security that extends the classic IT security controls will be introduced.
Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
