The Infosys Labs research blog tracks trends in technology with a focus on applied research in Information and Communication Technology (ICT)

« Learning from CISTM 2009 | Main | Process Elicitation Method - An Alternative to Process Mining »

BPM and Compliance

Compliance is most important and critical aspect of any business. One of the challenges is adherence to multiple standards. BPM based solutions can take care of these compliance to multiple standards.

Consider for example SOX requires adherence to ‘Segregation of Duties’ as one of the requirements. This can be implemented using a proper Access Rights within an application. If you are adhering to ISO/IEC 27002 (Information Security) compliance, there is similar requirement. The Section 11.2.4 requires Review of user access rights and privileges.

BPM based solution can monitor or extract the process executed, validate the access rights and privileges. It can also provide information about the compliance to standards.

The challenge is identifying these kinds of overlapping requirements and designing the process.

Post a comment

(If you haven't left a comment here before, you may need to be approved by the site owner before your comment will appear. Until then, it won't appear on the entry. Thanks for waiting.)

Please key in the two words you see in the box to validate your identity as an authentic user and reduce spam.

Subscribe to this blog's feed

Follow us on