Automated risk mitigation in business processes

R. Conforti; A.H.M. Hofstede, ter; M. La Rosa; M. Adams

doi:10.1007/978-3-642-33606-5_14

Automated risk mitigation in business processes

R. Conforti, A.H.M. Hofstede, ter, M. La Rosa, M. Adams

Information Systems IE&IS

Research output: Chapter in Book/Report/Conference proceeding › Chapter › Academic

5 Citations (Scopus)

Abstract

This paper proposes a concrete approach for the automatic mitigation of risks that are detected during process enactment. Given a process model affected by risks, e.g. a financial process exposed to the risk of approval fraud, we enact this process and as soon as the likelihood of the associated risk(s) is no longer tolerable, we generate a set of possible mitigation actions to reduce the risks’ likelihood, ideally annulling the risks altogether. A mitigation action is a sequence of controlled changes applied to the running process instance, taking into account a snapshot of the process resources and data, and the current status of the system in which the process is executed. These actions are proposed as recommendations to help process administrators mitigate process-related risks as soon as they arise. The approach has been implemented in the YAWL environment and its performance evaluated. The results show that it is possible to mitigate process-related risks

Original language	English
Title of host publication	Proceedings of the 20th International Conference on Cooperative Information, 10-14 September 2012, Rome, Italy
Editors	R. Meersman
Place of Publication	Berlin
Publisher	Springer
Pages	212-231
ISBN (Print)	978-3-642-33605-8
DOIs	https://doi.org/10.1007/978-3-642-33606-5_14
Publication status	Published - 2012
Event	conference; CoopIS 2012; 2012-09-10; 2012-09-14 - Duration: 10 Sep 2012 → 14 Sep 2012

Publication series

Name	Lecture Notes in Computer Science
Volume	7565

Conference

Conference	conference; CoopIS 2012; 2012-09-10; 2012-09-14
Period	10/09/12 → 14/09/12
Other	CoopIS 2012

Access to Document

10.1007/978-3-642-33606-5_14

Cite this

Conforti, R., Hofstede, ter, A. H. M., La Rosa, M., & Adams, M. (2012). Automated risk mitigation in business processes. In R. Meersman (Ed.), Proceedings of the 20th International Conference on Cooperative Information, 10-14 September 2012, Rome, Italy (pp. 212-231). (Lecture Notes in Computer Science; Vol. 7565). Springer. https://doi.org/10.1007/978-3-642-33606-5_14

@inbook{2dfbab88768249b6833f61e735e8d4fb,

title = "Automated risk mitigation in business processes",

abstract = "This paper proposes a concrete approach for the automatic mitigation of risks that are detected during process enactment. Given a process model affected by risks, e.g. a financial process exposed to the risk of approval fraud, we enact this process and as soon as the likelihood of the associated risk(s) is no longer tolerable, we generate a set of possible mitigation actions to reduce the risks{\textquoteright} likelihood, ideally annulling the risks altogether. A mitigation action is a sequence of controlled changes applied to the running process instance, taking into account a snapshot of the process resources and data, and the current status of the system in which the process is executed. These actions are proposed as recommendations to help process administrators mitigate process-related risks as soon as they arise. The approach has been implemented in the YAWL environment and its performance evaluated. The results show that it is possible to mitigate process-related risks",

author = "R. Conforti and {Hofstede, ter}, A.H.M. and {La Rosa}, M. and M. Adams",

year = "2012",

doi = "10.1007/978-3-642-33606-5_14",

language = "English",

isbn = "978-3-642-33605-8",

series = "Lecture Notes in Computer Science",

publisher = "Springer",

pages = "212--231",

editor = "R. Meersman",

booktitle = "Proceedings of the 20th International Conference on Cooperative Information, 10-14 September 2012, Rome, Italy",

address = "Germany",

note = "conference; CoopIS 2012; 2012-09-10; 2012-09-14 ; Conference date: 10-09-2012 Through 14-09-2012",

}

Conforti, R, Hofstede, ter, AHM, La Rosa, M & Adams, M 2012, Automated risk mitigation in business processes. in R Meersman (ed.), Proceedings of the 20th International Conference on Cooperative Information, 10-14 September 2012, Rome, Italy. Lecture Notes in Computer Science, vol. 7565, Springer, Berlin, pp. 212-231, conference; CoopIS 2012; 2012-09-10; 2012-09-14, 10/09/12. https://doi.org/10.1007/978-3-642-33606-5_14

Automated risk mitigation in business processes. / Conforti, R.; Hofstede, ter, A.H.M.; La Rosa, M.; Adams, M.

Proceedings of the 20th International Conference on Cooperative Information, 10-14 September 2012, Rome, Italy. ed. / R. Meersman. Berlin : Springer, 2012. p. 212-231 (Lecture Notes in Computer Science; Vol. 7565).

Research output: Chapter in Book/Report/Conference proceeding › Chapter › Academic

TY - CHAP

T1 - Automated risk mitigation in business processes

AU - Conforti, R.

AU - Hofstede, ter, A.H.M.

AU - La Rosa, M.

AU - Adams, M.

PY - 2012

Y1 - 2012

N2 - This paper proposes a concrete approach for the automatic mitigation of risks that are detected during process enactment. Given a process model affected by risks, e.g. a financial process exposed to the risk of approval fraud, we enact this process and as soon as the likelihood of the associated risk(s) is no longer tolerable, we generate a set of possible mitigation actions to reduce the risks’ likelihood, ideally annulling the risks altogether. A mitigation action is a sequence of controlled changes applied to the running process instance, taking into account a snapshot of the process resources and data, and the current status of the system in which the process is executed. These actions are proposed as recommendations to help process administrators mitigate process-related risks as soon as they arise. The approach has been implemented in the YAWL environment and its performance evaluated. The results show that it is possible to mitigate process-related risks

AB - This paper proposes a concrete approach for the automatic mitigation of risks that are detected during process enactment. Given a process model affected by risks, e.g. a financial process exposed to the risk of approval fraud, we enact this process and as soon as the likelihood of the associated risk(s) is no longer tolerable, we generate a set of possible mitigation actions to reduce the risks’ likelihood, ideally annulling the risks altogether. A mitigation action is a sequence of controlled changes applied to the running process instance, taking into account a snapshot of the process resources and data, and the current status of the system in which the process is executed. These actions are proposed as recommendations to help process administrators mitigate process-related risks as soon as they arise. The approach has been implemented in the YAWL environment and its performance evaluated. The results show that it is possible to mitigate process-related risks

U2 - 10.1007/978-3-642-33606-5_14

DO - 10.1007/978-3-642-33606-5_14

M3 - Chapter

SN - 978-3-642-33605-8

T3 - Lecture Notes in Computer Science

SP - 212

EP - 231

BT - Proceedings of the 20th International Conference on Cooperative Information, 10-14 September 2012, Rome, Italy

A2 - Meersman, R.

PB - Springer

CY - Berlin

T2 - conference; CoopIS 2012; 2012-09-10; 2012-09-14

Y2 - 10 September 2012 through 14 September 2012

ER -

Automated risk mitigation in business processes

Abstract

Publication series

Conference

Access to Document

Fingerprint

Cite this