Automated risk mitigation in business processes

R. Conforti, A.H.M. Hofstede, ter, M. La Rosa, M. Adams

Research output: Chapter in Book/Report/Conference proceedingChapterAcademic

6 Citations (Scopus)


This paper proposes a concrete approach for the automatic mitigation of risks that are detected during process enactment. Given a process model affected by risks, e.g. a financial process exposed to the risk of approval fraud, we enact this process and as soon as the likelihood of the associated risk(s) is no longer tolerable, we generate a set of possible mitigation actions to reduce the risks’ likelihood, ideally annulling the risks altogether. A mitigation action is a sequence of controlled changes applied to the running process instance, taking into account a snapshot of the process resources and data, and the current status of the system in which the process is executed. These actions are proposed as recommendations to help process administrators mitigate process-related risks as soon as they arise. The approach has been implemented in the YAWL environment and its performance evaluated. The results show that it is possible to mitigate process-related risks
Original languageEnglish
Title of host publicationProceedings of the 20th International Conference on Cooperative Information, 10-14 September 2012, Rome, Italy
EditorsR. Meersman
Place of PublicationBerlin
ISBN (Print)978-3-642-33605-8
Publication statusPublished - 2012
Event20th International Conference on Cooperative Information Systems, CoopIS 2012 - Rome, Italy
Duration: 12 Sep 201214 Sep 2012
Conference number: 20

Publication series

NameLecture Notes in Computer Science


Conference20th International Conference on Cooperative Information Systems, CoopIS 2012
Abbreviated titleCoopIs 2012
OtherCoopIS 2012


Dive into the research topics of 'Automated risk mitigation in business processes'. Together they form a unique fingerprint.

Cite this