A systematic review of goal-oriented requirements management frameworks for business process compliance

2011 4th International Workshop on Requirements Engineering and Law, RELAW 2011, Proceedings - Held in Conjunction with the 19th International Requirements Engineering Conference

Volumn , Issue , 2011, Pages 25-34

  Ghanavati, Sepideh ^a   Amyot, Daniel ^a   Peyton, Liam ^a  

^a UNIVERSITY OF OTTAWA   (Canada)

Author keywords

business process; goal modeling; legal compliance; requirements engineering; Systematic literature review

Indexed keywords

BUSINESS ANALYSTS; BUSINESS PROCESS; BUSINESS PROCESS MANAGEMENT; GOAL MODELING; GOAL MODELS; GOAL-ORIENTED; GOAL-ORIENTED APPROACH; LEGAL COMPLIANCE; LEGAL DOCUMENTS; LEGAL REQUIREMENTS; PRIORITIZATION; REQUIREMENTS ENGINEERING TECHNIQUES; REQUIREMENTS MANAGEMENT; SEMI-AUTOMATION; SYSTEMATIC LITERATURE REVIEW; SYSTEMATIC REVIEW;

ENGINEERING; ENTERPRISE RESOURCE MANAGEMENT; INFORMATION MANAGEMENT; REQUIREMENTS ENGINEERING; SEARCH ENGINES; SOFTWARE ENGINEERING; SYSTEMS ANALYSIS;

ADMINISTRATIVE DATA PROCESSING;

EID: 80855164506     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1109/RELAW.2011.6050270     Document Type: Conference Paper

References (36)

1. G. Loniewski, E. Insfrán, and S. Abrahão, "A systematic review of the use of requirements engineering techniques in model-driven development," in 13th Int. Conf. on Model Driven Engineering Languages and Systems (MODELS'10), Norway, 2010, pp. 213-227.
2. P. N. Otto and A. I. Antón, "Addressing legal requirements in requirements engineering," 15th IEEE Int. Conf. on Requirements Engineering (RE'10), pp. 5-14, 2007.
3. A. Cleven and R. Winter, "Regulatory compliance in information systems research - literature analysis and research agenda," in Enterprise, Business-Process and Information Systems Modeling, ser. LNBIP. Springer Berlin Heidelberg, 2009, vol. 29, pp. 174-186.
4. B. Kitchenham and S. Charters, "Guidelines for performing systematic literature reviews in software engineering, version 2.3," Keele Univ. and Univ. of Durham, Tech. Rep., 2007.
5. A. Hamou-Lhadj and A. Hamou-Lhadj, "Towards a compliance support framework for global software companies," in Proc. of the 11th IASTED Int. Conf. on Software Engineering and Applications, USA, 2007, pp. 31-36.
6. T. Breaux, A. Antón, and E. Spafford, "A distributed requirements management framework for legal compliance and accountability," Journal of Computers and Security, vol. 28, pp. 8-17, 2009.
7. A. Siena, A. Perini, A. Susi, and J. Mylopoulos, "Towards a framework for law-compliant software requirements," in 31st Int. Conf. on Software Engineering (ICSE'09). IEEE, 2009, pp. 251-254.
8. W. Hassan and L. Logrippo, "Validating compliance with privacy legislation," Journal of Information Systems Frontiers (In Press), 2008.
9. -, "Requirements and compliance in legal systems: a logic approach," in 1st Int. Workshop on Requirements Engineering and Law (RELAW'08), 2008, pp. 40 -44.
10. J. C. Maxwell and A. I. Antón, "Checking existing requirements for compliance with law using a production rule model," in 2nd Int. Workshop on Requirements Engineering and Law (RELAW'09), USA, 2009, pp. 1-6.
11. -, "Developing production rule models to aid in acquiring requirements from legal texts," in 17th Int. Conf. on Requirements Engineering (RE'09), USA, 2009, pp. 101-110.
12. S. Ghanavati, D. Amyot, and L. Peyton, "Towards a framework for tracking legal compliance in healthcare," in CAiSE, ser. Lecture Notes in Computer Science, J. Krogstie, A. L. Opdahl, and G. Sindre, Eds., vol. 4495. Springer, 2007, pp. 218-232.
13. -, "Compliance analysis based on a goal-oriented requirement language evaluation methodology," in RE'09. IEEE Computer Society, 2009, pp. 133-142.
14. ITU-T, "Recommendation z.151 (11/08): User Requirements Notation (URN)-language definition," Switzerland, 2008.
15. A. Siena, A. Perini, A. Susi, and J. Mylopoulos, "A Meta-Model for Modelling Law-Compliant Requirements,"in 2nd Int. Workshop on Requirements Engineering and Law (RELAW'09), USA, 2009, pp. 45-51.
16. A. Siena, J. Mylopoulos, A. Perini, and A. Susi, "Designing law-compliant software requirements," Conceptual Modeling- ER 2009, pp. 472-486, 2009.
17. A. Rifaut and E. Dubois, "Using goal-oriented requirements engineering for improving the quality of iso/iec 15504 based compliance assessment frameworks," in 16th Int. Conf. on Requirements Engineering (RE'08), Spain, 2008, pp. 33-42.
18. F. Ishikawa, R. Inoue, and S. Honiden, "Modeling, analyzing and weaving legal interpretations in goal-oriented requirements engineering," 2nd Int. Workshop on Requirements Engineering and Law (RELAW'09), pp. 39-44, 2009.
19. T. Breaux and A. Antón, "Analyzing goal semantics for rights, permissions, and obligations," in 13th IEEE Int. Conf. on Requirements Eng. (RE'05), France, 2005, pp. 177-186.
20. H. Halas, J. Porekar, T. Klobučar, and A. J. Blazič, "Organizational aspect of trusted legally valid long-term electronic archive solution," WSEAS Trans. Info. Sci. and App., vol. 5, pp. 939-948, 2008.
21. A. Krausova, F. Massacci, and A. Saidane, "Legal patterns implement trust in it requirements: When legal means are the "best" implementation of it technical goals," in 2nd Int. Workshop on Requirements Engineering and Law (RELAW'09), USA, 2009, pp. 33-38.
22. R. Lu, S. Sadiq, and G. Governatori, "Compliance aware business process design," in 2007 Int. conf. on Business process management, 2008, pp. 120-131.
23. S. Goedertier and J. Vanthienen, "Designing compliant business processes with obligations and permissions," in Business Process Management Workshops, ser. Lecture Notes in Computer Science, 2006, vol. 4103, pp. 5-14. (Pubitemid 44543231)
24. M. E. Kharbili, S. Stein, I. Markovic, and E. Pulverüller, "Towards a framework for semantic business process compliance management," in GRCIS, 2008, pp. 1-15.
25. D. Karagiannis, "A business process-based modelling extension for regulatory compliance," München, Germany, 2008.
26. M. E. Kharbili and E. Pulvermüller, "A semantic framework for compliance management in business process management,"in Business Process, Services Computing and Intelligent Service Management, 2009, pp. 60-80.
27. D. Schleicher, T. Anstett, F. Leymann, and D. Schumm, "Compliant business process design using refinement layers,"in Confederated Int. Conf. On the Move to Meaningful Internet Systems (OTM'10),, 2010, pp. 114-131.
28. W. Hassan and L. Logrippo, "Governance requirements extraction model for legal compliance validation," in 2nd Int. Workshop on Requirements Engineering and Law (RELAW'09), USA, 2009, pp. 7-12.
29. T. D. Breaux, M. W. Vail, and A. I. Antón, "Towards regulatory compliance: Extracting rights and obligations to align requirements with regulations," in 14th IEEE Int. Conf. on Requirements Eng. (RE'06), USA, 2006, pp. 46-55.
30. J. Young and A. Antón, "A method for identifying software requirements based on policy commitments," in 18th Int. Conf. on Req. Eng. (RE'10), Australia, 2010, pp. 47-56.
31. -, "Identifying commitment-based software requirements to thwart unfair and deceptive practices," in 2nd Int. Workshop on Requirements Engineering and Law (RELAW'09), USA, 2009, pp. 19-20.
32. A. Siena, J. Mylopoulos, A. Perini, and A. Susi, "From laws to requirements," in 1st Int. Workshop on Requirements Engineering and Law (RELAW'08), Spain, 2008, pp. 6 -10.
33. S. Ghanavati, A. Siena, D. Amyot, and A. Susi, A. Perini, "Making business processes law-compliant," in 1st Workshop on Law Compliancy Issues in Organisational Systems and Strategies (iComply'10), Italy, 2010.
34. A. K. Massey, P. N. Otto, and A. I. Antón, "Prioritizing legal requirements," 2nd Int. Workshop on Requirements Engineering and Law (RELAW'09), pp. 27-32, 2009.
35. A. Massey, P. Otto, L. Hayward, and A. I. Antón, "Evaluating existing security and privacy requirements for legal compliance," Special Issue on RE'09: Security Requirements Engineering, REJ, vol. 15, pp. 119-137, 2010.
36. "jUCMNav, version 4.3.0," 2010. [Online]. Available: http://softwareengineering.ca/jucmnav/