在业务流程建模中嵌入治理风险和遵从性(GRC)元素

2017 International Conference on Information Management and Technology (ICIMTech) Pub Date : 2017-11-01 DOI:10.1109/ICIMTECH.2017.8273519

H. Ritchi

{"title":"在业务流程建模中嵌入治理风险和遵从性(GRC)元素","authors":"H. Ritchi","doi":"10.1109/ICIMTECH.2017.8273519","DOIUrl":null,"url":null,"abstract":"An understanding of an entity's business processes preconditions the assessment of process-level's risks and control. Despite the importance, there has been little work in the integration of governance, risk and compliance issues with how the business process models are designed and deployed. This paper intends to look at and elaborate the available business process modeling grammars showcasing the integration between risks and controls aspects with business process models. Given that process models were among the artifacts generally found in many system developments, integrating risk and control consideration onto business process models is believed to help analysts and designers to better accommodate the governance dimensions of system development. Selected studies were discussed from a viewpoint of approach of integrating risk elements with business process models. Two streams of approach were identified: those that embed the risks and control elements as part of formal design, and those that embed the elements as part of user analytical purpose.","PeriodicalId":439941,"journal":{"name":"2017 International Conference on Information Management and Technology (ICIMTech)","volume":"36 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2017-11-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"1","resultStr":"{\"title\":\"Embedding governance risk and compliance (GRC) elements in business process modeling\",\"authors\":\"H. Ritchi\",\"doi\":\"10.1109/ICIMTECH.2017.8273519\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"An understanding of an entity's business processes preconditions the assessment of process-level's risks and control. Despite the importance, there has been little work in the integration of governance, risk and compliance issues with how the business process models are designed and deployed. This paper intends to look at and elaborate the available business process modeling grammars showcasing the integration between risks and controls aspects with business process models. Given that process models were among the artifacts generally found in many system developments, integrating risk and control consideration onto business process models is believed to help analysts and designers to better accommodate the governance dimensions of system development. Selected studies were discussed from a viewpoint of approach of integrating risk elements with business process models. Two streams of approach were identified: those that embed the risks and control elements as part of formal design, and those that embed the elements as part of user analytical purpose.\",\"PeriodicalId\":439941,\"journal\":{\"name\":\"2017 International Conference on Information Management and Technology (ICIMTech)\",\"volume\":\"36 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2017-11-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"1\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2017 International Conference on Information Management and Technology (ICIMTech)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/ICIMTECH.2017.8273519\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2017 International Conference on Information Management and Technology (ICIMTech)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ICIMTECH.2017.8273519","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 1

摘要

了解实体的业务流程是评估流程级风险和控制的先决条件。尽管很重要，但是在如何设计和部署业务流程模型的治理、风险和遵从性问题的集成方面几乎没有工作。本文旨在研究并详细说明可用的业务流程建模语法，以展示风险和控制方面与业务流程模型之间的集成。假设过程模型是在许多系统开发中通常发现的工件之一，那么将风险和控制考虑集成到业务过程模型中被认为可以帮助分析人员和设计人员更好地适应系统开发的治理维度。从风险要素与业务流程模型集成方法的角度对所选研究进行了讨论。确定了两种方法流:将风险和控制元素作为正式设计的一部分嵌入的方法，以及将这些元素作为用户分析目的的一部分嵌入的方法。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

Embedding governance risk and compliance (GRC) elements in business process modeling

An understanding of an entity's business processes preconditions the assessment of process-level's risks and control. Despite the importance, there has been little work in the integration of governance, risk and compliance issues with how the business process models are designed and deployed. This paper intends to look at and elaborate the available business process modeling grammars showcasing the integration between risks and controls aspects with business process models. Given that process models were among the artifacts generally found in many system developments, integrating risk and control consideration onto business process models is believed to help analysts and designers to better accommodate the governance dimensions of system development. Selected studies were discussed from a viewpoint of approach of integrating risk elements with business process models. Two streams of approach were identified: those that embed the risks and control elements as part of formal design, and those that embed the elements as part of user analytical purpose.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

2017 International Conference on Information Management and Technology (ICIMTech)

自引率

0.00%

发文量