Analyzing Risks in Business Process Models using a Deviational Technique

Hanane Lhannaoui, Mohammed Issam Kabbaj, Zohra Bakkoury

Abstract

In a business environment, many processes are performing ineffectively due to different risks. Several methods and techniques for the identification and management of risks in business processes have been proposed. Some of them originate from other domains and have been adapted to the business environment such as deviational approaches. Nevertheless, there are few examples for potential applications of those methods in business process redesign. This paper addresses this gap through proposing an approach that adapts HAZOP (HA-Zard OP-erability), a systematic deviational technique, to business process environment. We discuss how this method can contribute to the improvement of business process models.

References

  1. Conforti, R., Fortino, G., Rosa, M. L., ter Hofstede, A., 2011. History-aware real-time risk detection in business processes. In OTM 2011 Conferences.
  2. Fenz, S., Neubauer, T., 2009. How to determine threat probabilities using ontologies and bayesian networks. In Proceedings of the 5th Annual Workshop on Cyber Security and Information Intelligence Research: Cyber Security and Information Intelligence Challenges and Strategies, CSIIRW 7809, pages 69:1-69:3, New York, NY, USA. ACM.
  3. Goluch, G., Tjoa, S., Jakoubi, S., Quirchmayr, G., 2008. Deriving resource requirements applying risk-aware business process modeling and simulation. In ECIS, AISeL.
  4. Governatori, G., Milosevic, Z., Sadiq, S., 2006. Compliance checking between business processes and business contracts. In: Proceedings of the 10th IEEE Conference on Enterprise Distributed Object Computing.
  5. ISO/DIS 31000, 2009. Risk management - Principles and guidelines on implementation. International Organization for Standardization.
  6. Jans, M., Depaire, B., Vanhoof, K., 2011. Does process mining add to internal auditing? An experience report. In Halpin, T. A., Nurcan, S., Krogstie, J., Soffer, P.,Proper, E., Schmidt, R., and Bider, I., editors, BMMDS/EMMSAD, volume 81 of LNBIP, pages 31- 45, Springer.
  7. Lano, K., Clark, D., Androutsopoulos, K., 2002. Safety and security analysis of object-oriented models. In S. Anderson et al., editors, Computer Safety, Reliability and Security: SAFECOMP, volume 2434 of Lecture Notes in Computer Science (LNCS). Springer-Verlag, 2002.
  8. Lhannaoui, H., Kabbaj, M.I., Bakkoury, Z., 2013. Towards an approach to improve business process models using risk management techniques. Intelligent Systems: Theories and Applications (SITA), 8th International Conference on 8-9 May 2013.
  9. Martin-Guillerez, D., Guiochet, J., Powell, D. Zanon, C., 2010. A uml-based method for risk analysis of humanrobot interactions. In 2nd International Workshop on Software Engineering for Resilient Systems, pp. 32- 41.
  10. McDermid, J., Nicholson, M., Pumfrey, D., Fenelon, P., 1995. Experience with the application of HAZOP to computer-based systems. In Computer Assurance. COMPASS 7895. IEEE.
  11. Ministry of Defence, 2000. HAZOP studies on systems containing programmable electronics. Defence Standard 00-58, Parts 1 and 2, Issue 2, May 2000.
  12. Mock, R., Corvo, M., 2005. Risk analysis of information systems by event process chains. International journal of critical infrastructures, 1(2-3):247- 257.
  13. Suriadi, S., WeiƟ, B., Winkelmann, A., ter Hofstede, A., Adams, M., Conforti, R., Fidge, C., La Rosa, M., Ouyang, C., Rosemann, M., Pika, A., Wynn, M., 2000. Current Research in Risk-Aware Business Process Management - Overview, Comparison, and Gap Analysis, BPM Center Report BPM-12-13, BPMcenter.org.
Download


Paper Citation


in Harvard Style

Lhannaoui H., Kabbaj M. and Bakkoury Z. (2014). Analyzing Risks in Business Process Models using a Deviational Technique . In Proceedings of the 9th International Conference on Software Engineering and Applications - Volume 1: ICSOFT-EA, (ICSOFT 2014) ISBN 978-989-758-036-9, pages 189-194. DOI: 10.5220/0005109801890194


in Bibtex Style

@conference{icsoft-ea14,
author={Hanane Lhannaoui and Mohammed Issam Kabbaj and Zohra Bakkoury},
title={Analyzing Risks in Business Process Models using a Deviational Technique},
booktitle={Proceedings of the 9th International Conference on Software Engineering and Applications - Volume 1: ICSOFT-EA, (ICSOFT 2014)},
year={2014},
pages={189-194},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0005109801890194},
isbn={978-989-758-036-9},
}


in EndNote Style

TY - CONF
JO - Proceedings of the 9th International Conference on Software Engineering and Applications - Volume 1: ICSOFT-EA, (ICSOFT 2014)
TI - Analyzing Risks in Business Process Models using a Deviational Technique
SN - 978-989-758-036-9
AU - Lhannaoui H.
AU - Kabbaj M.
AU - Bakkoury Z.
PY - 2014
SP - 189
EP - 194
DO - 10.5220/0005109801890194