Compliance by Design: Synthesis of Business Processes by Declarative Specifications

Abstract

Business Process Compliance are three words which scholars use to describe what happens, or should happen, when two very di erent worlds collide. The first world is meant to represent enterprises and how they do what they do or, more simply, which procedures and processes they adopt to o er improved products to their customers. Scholars of the field refer to the Business Process Management as a “process optimisation process” and they study approaches, methodologies, and formal languages to describe and improve what they esteem as the heart of every organisation, the business process. A business process can be visualised as a self-contained, temporal, and logical order in which a set of activities ( tasks) are executed to achieve some business objectives. Within a business process, much information is available: The control flow describes what can be done and when, while the relevant data clarify what needs to be work on as well as which actors will do the work. The second world is the world of governments, of consortia, of all those entities which have enough power to create regulations, norms, and policies which directly impact organisations. Such entities state the boundaries of legality by imposing which actions can be considered legal to be performed within the aforementioned business processes, and which actions should be avoided in order not to incur severe sanctions.