Compliance Monitoring as a Service: Requirements, Architecture and Implementation

Business processes describe how an organization achieves its goals by defining a set of steps and their orchestration. Such processes have to also comply with different regulations, norms and policies. Compliance management of business processes has received considerable attention. The lion´s share goes to checking compliance at process design time. As design-time checking can help eliminate many of the violation scenarios, design-time checking alone is insufficient to guarantee compliance. Thus, attention has shifted to provide compliance support at other phases of a business process lifecycle, especially to that of the enactment phase. However, proposed monitoring approaches have limitations when it comes to the type of compliance requirements supported, the technology used or the assumptions about the process execution environment. In this paper, we discuss the requirements and set the architecture for a proposed approach to provide business process compliance monitoring as a service. In addition, we discuss the different components of the framework and layout an implementation road map.