Compliance Algorithms in dynamic service oriented systems

Autor: Šabatová, Ivana
Přispěvatelé: Doucek, Petr, Ivánek, Jiří, Kreslíková, Jitka, Gregor, Jiří
Jazyk: čeština
Rok vydání: 2009
Předmět:
Popis: Compliance achievement and assurance of processes and services with regulatory requirements, standards, and business requirements becomes an actual task that should be resolved already in the stage of information systems design and implementation. If the particular business process or business service is supported with an IT system, then the compliance assurance relates also to this supporting system. This dissertation thesis presents the concept of continual compliance management in service oriented systems with a special focus on application of advanced process automation tools. The aim of this thesis was design of methods and procedures for reliability and credibility of business processes both internally in single domain, and in case of business process outsourcing including iterated and/or dynamic outsourcing i.e. in multi-domain environment with a special emphasis on automation level maximization. Particular process and/or service is considered to be reliable and credible if we are able to prove its compliance with the defined requirements in a trusted way. The first part of this thesis is dedicated to traditional methods for compliance achievement and assurance as a basis and inspiration for methods based on high level of automation. The second part of this thesis presents the concept of design, implementation and verification of compliance in service oriented systems. It introduces the terms of ideal target process, Key Assurance Indicator (KAI) and Key Security Indicator (KSA). For multi-domain environment there is the concept of Protection Level Agreement (PLA). This part also covers a new method of business process analysis designed for their automation as well as a concept of business rules design, testing and automation integration. The third part named Conceptual Model of Compliance Assurance in BPMS and Service Oriented Systems Environment brings a method inspired by well-known Deming Cycle (Plan, Do, Check, Act), description of the notations selected for compliance algorithm and target process modelling, and first of all the compliance algorithm design. This concept is demonstrated on two case studies of real business processes analyzed in Hospital San Raffaele in Milan, Italy. First of them is an internal business process regulated by regional law, the second study is an example of compliance with business requirement achievement and assurance in multi-domain environment of iterated dynamic outsourcing. These case studies were verified by simulation with subject matter experts and business process activities performers of the hospital personnel.
Databáze: OpenAIRE