Details
| Original language | English |
|---|---|
| Title of host publication | Proceedings of the 43rd Annual Hawaii International Conference on System Sciences, HICSS-43 |
| Publication status | Published - 2010 |
| Event | 43rd Annual Hawaii International Conference on System Sciences, HICSS-43 - Koloa, Kauai, HI, United States Duration: 5 Jan 2010 → 8 Jan 2010 |
Publication series
| Name | Proceedings of the Annual Hawaii International Conference on System Sciences |
|---|---|
| ISSN (Print) | 1530-1605 |
Abstract
Organizations respond to opportunities and risks by strategic decisions. Strategic decisions ensure the sustainable existence of organizations, but require continuous organizational change. Organizational change includes the redesign of business processes. Processes are subject to internal and external requirements. Requirements include the alignment to strategic goals, the effective and efficient use of resources and the compliance with applicable laws and regulations. Their achievement is assured by embedding internal controls into processes. Many controls can be incorporated into supporting systems, as their access control functions allow the modeling of authorization and segregation of duties. A model for the annotation of processes with controls, permissions and roles based on BPMN, COSO and XACML is presented. Additionally, a Service Oriented Architecture for the automated monitoring of controls and the timely communication of thereby detected control exceptions is proposed. The benefits of the approach are demonstrated in a prototype implementation and a corresponding case study.
ASJC Scopus subject areas
- Engineering(all)
- General Engineering
Cite this
- Standard
- Harvard
- Apa
- Vancouver
- BibTeX
- RIS
Proceedings of the 43rd Annual Hawaii International Conference on System Sciences, HICSS-43. 2010. 5428589 (Proceedings of the Annual Hawaii International Conference on System Sciences).
Research output: Chapter in book/report/conference proceeding › Conference contribution › Research › peer review
}
TY - GEN
T1 - Managing internal control in changing organizations through business process intelligence - A service oriented architecture for the XACML based monitoring of supporting systems
AU - Kehlenbeck, Matthias
AU - Sandner, Thorben
AU - Breitner, Michael H.
N1 - Copyright: Copyright 2010 Elsevier B.V., All rights reserved.
PY - 2010
Y1 - 2010
N2 - Organizations respond to opportunities and risks by strategic decisions. Strategic decisions ensure the sustainable existence of organizations, but require continuous organizational change. Organizational change includes the redesign of business processes. Processes are subject to internal and external requirements. Requirements include the alignment to strategic goals, the effective and efficient use of resources and the compliance with applicable laws and regulations. Their achievement is assured by embedding internal controls into processes. Many controls can be incorporated into supporting systems, as their access control functions allow the modeling of authorization and segregation of duties. A model for the annotation of processes with controls, permissions and roles based on BPMN, COSO and XACML is presented. Additionally, a Service Oriented Architecture for the automated monitoring of controls and the timely communication of thereby detected control exceptions is proposed. The benefits of the approach are demonstrated in a prototype implementation and a corresponding case study.
AB - Organizations respond to opportunities and risks by strategic decisions. Strategic decisions ensure the sustainable existence of organizations, but require continuous organizational change. Organizational change includes the redesign of business processes. Processes are subject to internal and external requirements. Requirements include the alignment to strategic goals, the effective and efficient use of resources and the compliance with applicable laws and regulations. Their achievement is assured by embedding internal controls into processes. Many controls can be incorporated into supporting systems, as their access control functions allow the modeling of authorization and segregation of duties. A model for the annotation of processes with controls, permissions and roles based on BPMN, COSO and XACML is presented. Additionally, a Service Oriented Architecture for the automated monitoring of controls and the timely communication of thereby detected control exceptions is proposed. The benefits of the approach are demonstrated in a prototype implementation and a corresponding case study.
UR - http://www.scopus.com/inward/record.url?scp=77951736353&partnerID=8YFLogxK
U2 - 10.1109/HICSS.2010.262
DO - 10.1109/HICSS.2010.262
M3 - Conference contribution
AN - SCOPUS:77951736353
SN - 9780769538693
T3 - Proceedings of the Annual Hawaii International Conference on System Sciences
BT - Proceedings of the 43rd Annual Hawaii International Conference on System Sciences, HICSS-43
T2 - 43rd Annual Hawaii International Conference on System Sciences, HICSS-43
Y2 - 5 January 2010 through 8 January 2010
ER -