Towards an integration of GRC and BPM - Requirements changes for compliance management caused by externally induced complexity drivers

Abstract

The paper discusses a selection of business challenges faced by organizations in context of integration between governance, risk, compliance and business process management. The focus is set on three complexity drivers for compliance, which are externally imposed on organizations by a business environment which itself is characterized by recent supervision system failures leading to major market crises as well as ongoing globalization. The examined complexity drivers are 1. heightened complexity of business processes with an increased number of process interfaces, 2. rising frequency of process changes and 3. a continuously growing amount of compliance regulations. A selection of fundamental research works is discussed to assess the visibility of the three complexity drivers, i.e. whether the authors show awareness of the selected complexity drivers implicitly or explicitly. The paper highlights a combined view on those three complexity drivers and, in consequence, derives requirements changes originating thereof for compliance management and modeling. © 2012 Springer-Verlag.