Separating Compliance Management and Business Process Management

Elham Ramezani,Dirk Fahland,Jan Martijn van der Werf,Peter Mattheis
DOI: https://doi.org/10.1007/978-3-642-28115-0_43
2012-01-01
Abstract:The ever growing set of regulations and laws organizations have to comply to, introduces many new challenges. Current approaches that check for compliance by implementing controls in an existing information system (IS) decrease the maintainability of both the set of compliance rules and the IS. In this position paper, we advocate the separation of the compliance process from the organization’s business processes. We introduce a life cycle for the management of compliance rules. A separate compliance engine is used to define and check compliance rules independent from the existing IS within an organization.
What problem does this paper attempt to address?