IDEAS home Printed from https://ideas.repec.org/a/spr/ijsaem/v11y2020i3d10.1007_s13198-020-00985-w.html
   My bibliography  Save this article

A systematic literature review on compliance requirements management of business processes

Author

Listed:
  • A. M. Mustapha

    (Federal University of Agriculture)

  • O. T. Arogundade

    (Federal University of Agriculture)

  • Sanjay Misra

    (Covenant University
    Atilim University)

  • Robertas Damasevicius

    (Kaunas University of Technology)

  • Rytis Maskeliunas

    (Kaunas University of Technology)

Abstract

One crucial aspect that had cost business organizations so much is management of compliance requirements from various regulatory sources. In a bid to avoid being penalized, some organizations have adopted various techniques to accomplish this task. However, literature revealed that few thorough reviews have been centered on this subject in a systematic way. This implies that a review that systematically captured the entire crucial elements such as implementation environment, constraints types addressed, main contributions and strengths of the existing techniques is missing. This has led to the lack of sufficiently good context of operation. A systematic review on existing literatures is presented in this paper, which focuses on the management of business process compliance requirements in order to present summarized evidences and provide a lead-up for appropriately positioning new research activities. The guideline for conducting systematic literature review in software engineering by Kitchenham was employed in carrying out the systematic review as well as a review planning template to execute the review. Results showed that control flow and data flow requirements have been addressed most in recent time. The temporal and resource allocation requirements have been under researched. The approaches that have been employed in business process compliance requirements management are model checking, patterns, semantic, formal, ontology, goal-based requirements analysis and network analysis. The traditional business environment has been put into consideration more than the cloud environment. The summary of research contributions revealed that the approaches have been more of formal techniques compared to model checking and semantics. This shows that there is a need for more research on business process compliance that will be centered on the cloud environment. Researchers will be able to suggest the technique to be adopted based on the combined importance of each criterion that was defined in this work.

Suggested Citation

  • A. M. Mustapha & O. T. Arogundade & Sanjay Misra & Robertas Damasevicius & Rytis Maskeliunas, 2020. "A systematic literature review on compliance requirements management of business processes," International Journal of System Assurance Engineering and Management, Springer;The Society for Reliability, Engineering Quality and Operations Management (SREQOM),India, and Division of Operation and Maintenance, Lulea University of Technology, Sweden, vol. 11(3), pages 561-576, June.
  • Handle: RePEc:spr:ijsaem:v:11:y:2020:i:3:d:10.1007_s13198-020-00985-w
    DOI: 10.1007/s13198-020-00985-w
    as

    Download full text from publisher

    File URL: http://link.springer.com/10.1007/s13198-020-00985-w
    File Function: Abstract
    Download Restriction: Access to the full text of the articles in this series is restricted.

    File URL: https://libkey.io/10.1007/s13198-020-00985-w?utm_source=ideas
    LibKey link: if access is restricted and if your library uses this service, LibKey will redirect you to where you can use your library subscription to access this item
    ---><---

    As the access to this document is restricted, you may want to search for a different version of it.

    References listed on IDEAS

    as
    1. Schumm, D. & Turetken, O. & Kokash, N. & El Gammal, A. & Leymann, F. & van den Heuvel, W.J.A.M., 2010. "Business process compliance through reusable units of compliant processes," Other publications TiSEM b144a6cd-25d4-4c75-bf5a-7, Tilburg University, School of Economics and Management.
    2. Linh Thao Ly & Stefanie Rinderle-Ma & Kevin Göser & Peter Dadam, 2012. "On enabling integrated process compliance with semantic constraints in process management systems," Information Systems Frontiers, Springer, vol. 14(2), pages 195-219, April.
    3. Shazia Sadiq & Guido Governatori, 2015. "Managing Regulatory Compliance in Business Processes," International Handbooks on Information Systems, in: Jan vom Brocke & Michael Rosemann (ed.), Handbook on Business Process Management 2, edition 2, pages 265-288, Springer.
    4. Rafael Accorsi & Lutz Lowis & Yoshinori Sato, 2011. "Automated Certification for Compliant Cloud-based Business Processes," Business & Information Systems Engineering: The International Journal of WIRTSCHAFTSINFORMATIK, Springer;Gesellschaft für Informatik e.V. (GI), vol. 3(3), pages 145-154, June.
    Full references (including those not matched with items on IDEAS)

    Citations

    Citations are extracted by the CitEc Project, subscribe to its RSS feed for this item.
    as


    Cited by:

    1. JohnBosco Agbaegbu & Oluwasefunmi Tale Arogundade & Sanjay Misra & Robertas Damaševičius, 2021. "Ontologies in Cloud Computing—Review and Future Directions," Future Internet, MDPI, vol. 13(12), pages 1-22, November.
    2. Abiodun Muyideen Mustapha & Oluwasefunmi ‘Tale Arogundade & Adebayo Abayomi-Alli & A. Kayode Adesemowo & Olusola John Adeniran, 2024. "An improved cloud-based business process compliance management system using a user-centered approach," International Journal of System Assurance Engineering and Management, Springer;The Society for Reliability, Engineering Quality and Operations Management (SREQOM),India, and Division of Operation and Maintenance, Lulea University of Technology, Sweden, vol. 15(11), pages 5111-5138, November.

    Most related items

    These are the items that most often cite the same works as this one and are cited by the same works as this one.
    1. A. M. Mustapha & O. T. Arogundade & Sanjay Misra & Robertas Damasevicius & Rytis Maskeliunas, 0. "A systematic literature review on compliance requirements management of business processes," International Journal of System Assurance Engineering and Management, Springer;The Society for Reliability, Engineering Quality and Operations Management (SREQOM),India, and Division of Operation and Maintenance, Lulea University of Technology, Sweden, vol. 0, pages 1-16.
    2. Jörg Becker & Patrick Delfmann & Hanns-Alexander Dietrich & Matthias Steinhorst & Mathias Eggert, 2016. "Business process compliance checking – applying and evaluating a generic pattern matching approach for conceptual models in the financial sector," Information Systems Frontiers, Springer, vol. 18(2), pages 359-405, April.
    3. Mustafa Hashmi & Guido Governatori & Moe Thandar Wynn, 2016. "Normative requirements for regulatory compliance: An abstract formal framework," Information Systems Frontiers, Springer, vol. 18(3), pages 429-455, June.
    4. El Gammal, A. & Turetken, O. & van den Heuvel, W.J.A.M. & Papazoglou, M., 2011. "On the formal specification of regulatory compliance : A comprehensive analysis," Other publications TiSEM f02249d8-47ee-4382-9db2-6, Tilburg University, School of Economics and Management.
    5. Shazia Sadiq & Michael Muehlen & Marta Indulska, 2012. "Preface," Information Systems Frontiers, Springer, vol. 14(2), pages 119-121, April.
    6. Shaio Yan Huang & Chao-Hsiung Lee & An-An Chiu & David C. Yen, 2015. "How business process reengineering affects information technology investment and employee performance under different performance measurement," Information Systems Frontiers, Springer, vol. 17(5), pages 1133-1144, October.
    7. Severin Oesterle & Jan Jöhnk & Robert Keller & Nils Urbach & Xin Yu, 2020. "A contingency lens on cloud provider management processes," Business Research, Springer;German Academic Association for Business Research, vol. 13(3), pages 1451-1489, November.
    8. Adriana Caione & Anna Lisa Guido & Angelo Martella & Roberto Paiano & Andrea Pandurino, 2016. "Knowledge base support for dynamic information system management," Information Systems and e-Business Management, Springer, vol. 14(3), pages 533-576, August.
    9. El Gammal, A. & Turetken, O. & van den Heuvel, W.J.A.M. & Papazoglou, M., 2010. "Towards a comprehensive design-time compliance management : A roadmap," Other publications TiSEM e8ee336e-e493-4b82-b95a-3, Tilburg University, School of Economics and Management.
    10. Akhil Kumar & Wen Yao & Chao-Hsien Chu, 2013. "Flexible Process Compliance with Semantic Constraints Using Mixed-Integer Programming," INFORMS Journal on Computing, INFORMS, vol. 25(3), pages 543-559, August.
    11. Thomas Voglhofer & Stefanie Rinderle-Ma, 2020. "Collection and Elicitation of Business Process Compliance Patterns with Focus on Data Aspects," Business & Information Systems Engineering: The International Journal of WIRTSCHAFTSINFORMATIK, Springer;Gesellschaft für Informatik e.V. (GI), vol. 62(4), pages 361-377, August.
    12. Chulhwan Chris Bang, 2015. "Information systems frontiers: Keyword analysis and classification," Information Systems Frontiers, Springer, vol. 17(1), pages 217-237, February.
    13. Anastasia Papazafeiropoulou & Konstantina Spanaki, 2016. "Understanding governance, risk and compliance information systems (GRC IS): The experts view," Information Systems Frontiers, Springer, vol. 18(6), pages 1251-1263, December.
    14. A. M. Mustapha & O. T. Arogundade & O. R. Vincent & O. J. Adeniran, 2018. "Towards a compliance requirement management for SMSEs: a model and architecture," Information Systems and e-Business Management, Springer, vol. 16(1), pages 155-185, February.

    Corrections

    All material on this site has been provided by the respective publishers and authors. You can help correct errors and omissions. When requesting a correction, please mention this item's handle: RePEc:spr:ijsaem:v:11:y:2020:i:3:d:10.1007_s13198-020-00985-w. See general information about how to correct material in RePEc.

    If you have authored this item and are not yet registered with RePEc, we encourage you to do it here. This allows to link your profile to this item. It also allows you to accept potential citations to this item that we are uncertain about.

    If CitEc recognized a bibliographic reference but did not link an item in RePEc to it, you can help with this form .

    If you know of missing items citing this one, you can help us creating those links by adding the relevant references in the same way as above, for each refering item. If you are a registered author of this item, you may also want to check the "citations" tab in your RePEc Author Service profile, as there may be some citations waiting for confirmation.

    For technical questions regarding this item, or to correct its authors, title, abstract, bibliographic or download information, contact: Sonal Shukla or Springer Nature Abstracting and Indexing (email available below). General contact details of provider: http://www.springer.com .

    Please note that corrections may take a couple of weeks to filter through the various RePEc services.

    IDEAS is a RePEc service. RePEc uses bibliographic data supplied by the respective publishers.