Detecting regulatory compliance for business process models through semantic annotations

Abstract

A given business process may face a large number of regulatory obligations the process may or comply with. Providing tools and techniques to evaluate the compliance degree of a given process is a key objective in emerging business process platforms. We propose a diagnostic framework to assess the compliance gaps present in a given process. Checking whether a process is compliant with the rules involves enumerating all reachable states and is hence, in general, a hard search problem. The approach taken here allows to provide useful diagnostic information in polynomial time based on two underlying techniques. A conceptually faithful representation for regulatory obligations is firstly provided by a formal rule language based on a non-monotonic deontic logic of violations. Secondly, processes are formalized through semantic annotations that allow a logical state space to be created. The intersection of the two allows us to devise an efficient method to detect compliance gaps. © 2009 Springer Berlin Heidelberg.