11 |
Indicator-based Policy Compliance of Business ProcessesShamsaei, Azalia 01 November 2012 (has links)
Background: Business process compliance management has recently attracted a lot of attention in both business and academia as it enables organizations to not only control and monitor their business processes from a legal point of view but also to avoid financial penalties and undesirable consequences to their reputation.
Objective: This thesis aims to provide a framework that would enable organizations to:
1- Discover business processes that violate regulations, laws and policies;
2- Discover the importance level of business processes based on the organization’s goals;
3- Determine the impact of compliance-related process modifications on business goals, including conflicting goals between stakeholders, and on policies; and
4- Enable organizations to measure the level of business process compliance for one or multiple policies.
Methodology: A systematic literature review in the area of goal-oriented business process compliance management and measurement has been conducted, which showed that balancing legal compliance obligations with business objectives remains a difficult challenge. A new Indicator-based Policy Compliance Framework (IPCF), which combines policy and rule models together with models capturing business goals (with their relative importance to the organization) and business processes, has been proposed. This framework builds on the User Requirements Notation (URN), which is the first international standard to combine goal modeling with scenario modeling. The intents and objectives of policies have been modeled, as well as the goals and business processes of organizations, and indicators are used to measure the compliance level of policies. This enables the detection of non-compliant business processes and the evaluation of the impact of compliance-related process modifications on business goals. Human resource policies and business processes are used as an example to illustrate the method. Aerodrome security regulations and business processes are then used to validate the method in a real-life environment. Comparisons to related work, evaluation against different sets of criteria, and tool support complement the framework validation.
Results: The Indicator-based Policy Compliance Framework enables organizations to discover business processes that violate policies as well as other types of rules, regulations, and laws. Guidelines for modeling legal text with URN’s Goal-oriented Requirement Language (GRL) are proposed. Furthermore, IPCF helps determine the impact of compliance-related process modifications on business goals, including conflicting goals between stakeholders, and on policies. In addition, as policies sometimes apply differently to different types of organizations, a new profile for GRL, with suitable stereotypes, well-formedness constraints, and a modified analysis algorithm defined for GRL model families is used to evaluate the satisfaction level of individual goal models that are members of a larger family model. Finally, the proposed IPCF enables organizations to measure the level of business process compliance for one or multiple policies, and such measures can be visualized directly in URN models but also through interactive Business Intelligence portals, for a wider diffusion.
|
12 |
Development of a new service-oriented modelling method for information systems analysis and designGustiené, Prima January 2010 (has links)
This thesis presents a new modelling method for information systems analysis and design, where the concept of service and the principles of service orientation are used for integrated modelling and reasoning about information systems architectures across organisational and technical systems boundaries. The concept of service enables cohesion of the intersubjective and objective modelling traditions by using a single type of diagram that facilitates detection of semantic inconsistency, incompleteness, ambiguity and discontinuity between the static and dynamic aspects of information systems specifications. The thesis is focused on three research topics, which are fundamental to the development of a new service-oriented modelling method. The first research topic concerns a pragmatic-driven specification of information systems. It clarifies answers to the research question: How can a conceptual modelling process be driven by pragmatic considerations? The second research topic provides a service-oriented modelling foundation for information systems analysis and design. It answers the research questions: How can the concept of service be used explicitly for the analysis and design of information systems and how can the static and dynamic aspects of information systems specifications be integrated at the conceptual level? The third research topic presents transition principles to implementation-specific design and answers the research question: How can service-oriented conceptual representations be aligned with implementation-specific design? The thesis contributes with a new knowledge to the area of conceptual modelling of information systems. The service-oriented modelling method consists of the modelling process, modelling language and techniques for the analysis and design of information systems on three levels of abstraction: pragmatic, semantic and syntactic. These three levels are necessary for a holistic understanding of enterprise architecture by stakeholders. The advantage of the service-oriented modelling method is that it can help to control traceability from information system design to original requirements. The method facilitates the semantic integration of the structural, behavioural and interactive aspects of information systems conceptual representations by using a single diagram type. The modelling language provides service-oriented constructs that are fundamental to building the major systems analysis patterns. The service-oriented modelling process contributes with seven steps of incremental design, which justifies various information systems components. The method provides the basis for a gradual and systematic way of modelling and an understanding of how pragmatic, semantic and logical information system requirements are linked together. The possibility to detect and eliminate undesirable characteristics of service-oriented diagrams can help to improve communication among stakeholders. Service-oriented specifications are computation-neutral and therefore they are more comprehensible for business analysis experts in comparison to implementation specific graphical representations of information systems. Finally, this thesis presents the challenges for future research, one of which is the development of the automated tools for the alignment of business models with implementation-specific information systems specifications.
|
13 |
Indicator-based Policy Compliance of Business ProcessesShamsaei, Azalia January 2012 (has links)
Background: Business process compliance management has recently attracted a lot of attention in both business and academia as it enables organizations to not only control and monitor their business processes from a legal point of view but also to avoid financial penalties and undesirable consequences to their reputation.
Objective: This thesis aims to provide a framework that would enable organizations to:
1- Discover business processes that violate regulations, laws and policies;
2- Discover the importance level of business processes based on the organization’s goals;
3- Determine the impact of compliance-related process modifications on business goals, including conflicting goals between stakeholders, and on policies; and
4- Enable organizations to measure the level of business process compliance for one or multiple policies.
Methodology: A systematic literature review in the area of goal-oriented business process compliance management and measurement has been conducted, which showed that balancing legal compliance obligations with business objectives remains a difficult challenge. A new Indicator-based Policy Compliance Framework (IPCF), which combines policy and rule models together with models capturing business goals (with their relative importance to the organization) and business processes, has been proposed. This framework builds on the User Requirements Notation (URN), which is the first international standard to combine goal modeling with scenario modeling. The intents and objectives of policies have been modeled, as well as the goals and business processes of organizations, and indicators are used to measure the compliance level of policies. This enables the detection of non-compliant business processes and the evaluation of the impact of compliance-related process modifications on business goals. Human resource policies and business processes are used as an example to illustrate the method. Aerodrome security regulations and business processes are then used to validate the method in a real-life environment. Comparisons to related work, evaluation against different sets of criteria, and tool support complement the framework validation.
Results: The Indicator-based Policy Compliance Framework enables organizations to discover business processes that violate policies as well as other types of rules, regulations, and laws. Guidelines for modeling legal text with URN’s Goal-oriented Requirement Language (GRL) are proposed. Furthermore, IPCF helps determine the impact of compliance-related process modifications on business goals, including conflicting goals between stakeholders, and on policies. In addition, as policies sometimes apply differently to different types of organizations, a new profile for GRL, with suitable stereotypes, well-formedness constraints, and a modified analysis algorithm defined for GRL model families is used to evaluate the satisfaction level of individual goal models that are members of a larger family model. Finally, the proposed IPCF enables organizations to measure the level of business process compliance for one or multiple policies, and such measures can be visualized directly in URN models but also through interactive Business Intelligence portals, for a wider diffusion.
|
14 |
A Framework for User-Centered Declarative ETLTheodorou, Vasileios, Abelló, Alberto, Thiele, Maik, Lehner, Wolfgang 30 May 2022 (has links)
As business requirements evolve with increasing information density and velocity, there is a growing need for efficiency and automation of Extract-Transform-Load (ETL) processes. Current approaches for the modeling and optimization of ETL processes provide platform-independent optimization solutions for the (semi-)automated transition among different abstraction levels, focusing on cost and performance. However, the suggested representations are not abstract enough to communicate business requirements and the role of the process quality in a user-centered perspective has not yet been adequately examined. In this paper, we introduce a novel methodology for the end-to-end design of ETL processes that takes under consideration both functional and non-functional requirements. Based on existing work, we raise the level of abstraction for the conceptual representation of ETL operations and we show how process quality characteristics can generate specific patterns on the process design.
|
15 |
Usando contextos e requisitos não-funcionais para configurar modelos de objetivos, modelos de features e cenários para linhas de produtos de softwareVARELA, Jean Poul 23 February 2015 (has links)
Submitted by Fabio Sobreira Campos da Costa (fabio.sobreira@ufpe.br) on 2016-04-05T15:42:49Z
No. of bitstreams: 2
license_rdf: 1232 bytes, checksum: 66e71c371cc565284e70f40736c94386 (MD5)
Dissertação - Jean Poul Varela.pdf: 3797900 bytes, checksum: fa011df68d9bf4b963c64b5a5b22c945 (MD5) / Made available in DSpace on 2016-04-05T15:42:49Z (GMT). No. of bitstreams: 2
license_rdf: 1232 bytes, checksum: 66e71c371cc565284e70f40736c94386 (MD5)
Dissertação - Jean Poul Varela.pdf: 3797900 bytes, checksum: fa011df68d9bf4b963c64b5a5b22c945 (MD5)
Previous issue date: 2015-02-23 / FACEPE / O processo GS2SPL (Goals and Scenarios to Software Product Lines) visa obter, de
maneira sistemática, o modelo de features e a especificação de cenários de caso de
uso, a partir de modelos de objetivos de uma linha de produto de software (LPS).
Além disso, esse processo permite realizar a configuração desses artefatos de
requisitos para um produto da LPS, com base no atendimento de requisitos nãofuncionais
(RNFs). Contudo, essa configuração é realizada sem considerar o estado
do contexto do ambiente no qual a aplicação gerada será implantada. Isso é uma
limitação, pois uma configuração pode não atender as necessidades do
stakeholders. Por outro lado, o processo E-SPL (Early Software Product Line)
permite configurar o modelo de objetivos de um produto visando maximizar o
atendimento de RNFs e levando em consideração o estado do contexto. Para
superar a limitação do processo GS2SPL, o presente trabalho propõe uma extensão
do processo GS2SPL para incorporar a atividade de configuração do E-SPL. O novo
processo é chamado de GSC2SPL (Goals, Scenarios and Contexts to Software
Product Lines), o qual possibilita a obtenção do modelo de features e cenários de
caso de uso, a partir de modelos de objetivos contextuais. O processo também
permite realizar a configuração desses artefatos de requisitos com base nas
informações sobre o contexto e visando aumentar o atendimento dos requisitos nãofuncionais.
O processo é apoiado pela ferramenta GCL-Tool (Goal and Context for
Product Line - Tool). O processo foi aplicado à especificação de duas LPS: o
Media@ e o Smart Home. / GS2SPL (Goals and Scenarios to Software Product Lines) is a process aimed at
systematically obtaining a feature model and the specification of use case scenarios
from goal models of a Software Product Line (SPL). Moreover, this process allows
configuring specific applications of an SPL based on the fulfillment of non-functional
requirements (NFRs). However, this configuration is performed without considering
the context state in which the system will be deployed. This is a limitation because a
configuration may not meet the needs of stakeholders. On the other hand, E-SPL
(Early Software Product Line) is a process that allows configuring a product aimed
maximizing the fulfillment of NFRs and taking into account the context state. To
overcome the limitation of the GS2SPL process, in this work we propose extension of
the GS2SPL process, to incorporate the configuration activity of the E-SPL. The new
process is called GSC2SPL (Goals, Scenarios and Contexts to Software Product
Lines), which allows obtaining a feature model and use case scenarios from
contextual goal models. The process will also allow the configuration of such
requirements artifacts based on the information about the context and aiming to
maximize the fulfillment of non-functional requirements. The process is supported by
the GCL-Tool (Goal and Context for Product Line - Tool). The process was applied to
the specification of two LPS: Media@ and the Smart Home.
|
16 |
Consent modeling and verification: privacy regulations compliance from business goals to business processesRobol, Marco 27 October 2020 (has links)
Privacy regulations impose on companies limitations about the collection, use, and disclosure of user data. One of the actions most companies undertake for this, consists in modifying their systems with processes for consent acquisition and management. Unfortunately, where systems are large and with many dependencies, they often also have little documentation, and knowledge on the system is distributed among different domain experts. These circumstances make the re-engineering of systems a tedious and complex, if not impossible, activity. This PhD Thesis proposes a model-based method with a top-down approach, for modeling consent requirements and analyzing compliance with regulations, by refinement of models from organizational structure down to business processes. The method is provided with guidelines in the form of a process and includes modeling languages and reasoning frameworks for the analysis of requirements with respect to a preset of privacy principles on consent. The Thesis includes validations with realistic scenarios and with domain practitioners from the healthcare domain.
|
Page generated in 0.1007 seconds