The ever growing set of regulations and laws organizations have to comply to, introduces many new challenges. Current approaches that check for compliance by implementing controls in an existing information system (IS) decrease the maintainability of both the set of compliance rules and the IS. In this position paper, we advocate the separation of the compliance process from the organization’s business processes. We introduce a life cycle for the management of compliance rules. A separate compliance engine is used to define and check compliance rules independent from the existing IS within an organization.
|Title of host publication||Business Process Management Workshops (BPM 2011 International Workshops, Clermont-Ferrand, France, August 29, 2011, Revised Selected Papers, Part II)|
|Editors||F. Daniel, K. Barkaoui, S. Dustdar|
|Place of Publication||Berlin|
|Publication status||Published - 2012|
|Name||Lecture Notes in Business Information Processing|