Formalizing Integrity Management Workflows: Towards Integrity Process Modelling

2018 ◽  
Author(s):  
Alejandro Reyes ◽  
Otto Huisman
Keyword(s):  
Risk Assessment ◽  
Decision Making ◽  
Risk Management ◽  
Business Process ◽  
Asset Management ◽  
Process Model ◽  
Business Processes ◽  
Building Blocks ◽  
Assessment Process ◽  
Integrity Management

Workflows are the fundamental building blocks of business processes in any organization today. These workflows have attributes and outputs that make up various Operational, Management and Supporting processes, which in turn produce a specific outcome in the form of business value. Risk Assessment and Direct Assessment are examples of such processes; they define the individual tasks integrity engineers should carry out. According to ISO 55000, achieving excellence in Asset Management requires clearly defined objectives, transparent and consistent decision making, as well as a long-term strategic view. Specifically, it recommends well-defined policies and procedures (processes) to bring about performance and cost improvements, improved risk management, business growth and enhanced stakeholder confidence through compliance and improved reputation. In reality, such processes are interpreted differently all over the world, and the workflows that make up these processes are often defined by individual engineers and experts. An excellent example of this is Risk Assessment, where significant local variations in data sources, threat sources and other data elements, require the business to tailor its activities and models used. Successful risk management is about enabling transparent decision-making through clearly defined process-steps, but in practice it requires maintaining a degree of flexibility to tailor the process to the specific organizational needs. In this paper, we introduce common building blocks that have been identified to make up a Risk Assessment process and further examine how these blocks can be connected to fulfill the needs of multiple stakeholders, including data administrators, integrity engineers and regulators. Moving from a broader Business Process view to a more focused Integrity Management view, this paper will demonstrate how to formalize Risk Assessment processes by describing the activities, steps and deliverables of each using Business Process Model and Notation (BPMN) as the standard modeling technique and extending it with an integrity-specific notation we have called Integrity Modelling Language or IML. It is shown that flexible modelling of integrity processes based on existing standards and best practices is possible within a structured approach; one which guides users and provides a transparent and auditable process inside the organization and beyond, based on commonalities defined by best practice guidelines, such as ISO 55000.

scholarly journals Establish Crowdsourcing as an Organisational Business Process: A Design Science Approach

2021 ◽  
Author(s):  
◽  
Thuan Nguyen
Keyword(s):  
Decision Making ◽  
Business Process ◽  
Domain Knowledge ◽  
Process Model ◽  
Business Processes ◽  
Design Science ◽  
Building Blocks ◽  
The Body ◽  
Business Strategies ◽  
Decision Tool

<p>Crowdsourcing can be an efficient organisational strategy to harness innovation and agility by distributing work to Internet users. As crowdsourcing is different from other business strategies, organisations are often unsure about how to structure crowdsourcing as a business process. We identify two challenges: first, crowdsourcing has been perceived as a one-off endeavour and a comprehensive repeatable crowdsourcing process has not been defined yet. Second, while organisations need a solid knowledge base in order to integrate crowdsourcing with their business processes, the domain knowledge remains unstructured, scattered, and sometimes conflicting. Together, these challenges indicate that crowdsourcing needs to evolve from an immature form towards a more repeatable business process.  The research adopts the design science paradigm and follows four research stages. We first synthesise existing knowledge in the domain, which identifies twelve repeatable building blocks of crowdsourcing processes. Second, we define a model of business process crowdsourcing (BPC). The model has seven processes organised in three stages: decision to crowdsource, process design, and technical configuration. The model was empirically evaluated using two existing crowdsourcing projects. The results suggest the usefulness of the model for structuring crowdsourcing processes.  Third, we turn the BPC model into a heavyweight ontology that consolidates the domain knowledge. The ontology captures the following domain concepts: business processes, activities, data entities, data attributes, and their hierarchical relationships. It also captures decision-making relationships. We evaluated the ontology by triangulation. The findings are that the ontology provides a high coverage and clarity of the domain.  Finally, based on the ontology, a decision tool is developed. The tool provides advice to make informed decisions about BPC establishment. Using experiments and focus groups to evaluate the tool, the quantitative and qualitative results confirm its utility and show that the tool improves decision-making performance.  The dissertation contributes to the body of knowledge in several ways. It promotes and conceptualises crowdsourcing as an organisational business process. It offers a process model, ontology, and decision tool for BPC. It also provides empirical results about the use of the decision tool. By doing so, we hope that the dissertation will motivate organisations to further assimilate crowdsourcing.</p>

scholarly journals Establish Crowdsourcing as an Organisational Business Process: A Design Science Approach

2021 ◽  
Author(s):  
◽  
Thuan Nguyen
Keyword(s):  
Decision Making ◽  
Business Process ◽  
Domain Knowledge ◽  
Process Model ◽  
Business Processes ◽  
Design Science ◽  
Building Blocks ◽  
The Body ◽  
Business Strategies ◽  
Decision Tool

<p>Crowdsourcing can be an efficient organisational strategy to harness innovation and agility by distributing work to Internet users. As crowdsourcing is different from other business strategies, organisations are often unsure about how to structure crowdsourcing as a business process. We identify two challenges: first, crowdsourcing has been perceived as a one-off endeavour and a comprehensive repeatable crowdsourcing process has not been defined yet. Second, while organisations need a solid knowledge base in order to integrate crowdsourcing with their business processes, the domain knowledge remains unstructured, scattered, and sometimes conflicting. Together, these challenges indicate that crowdsourcing needs to evolve from an immature form towards a more repeatable business process.  The research adopts the design science paradigm and follows four research stages. We first synthesise existing knowledge in the domain, which identifies twelve repeatable building blocks of crowdsourcing processes. Second, we define a model of business process crowdsourcing (BPC). The model has seven processes organised in three stages: decision to crowdsource, process design, and technical configuration. The model was empirically evaluated using two existing crowdsourcing projects. The results suggest the usefulness of the model for structuring crowdsourcing processes.  Third, we turn the BPC model into a heavyweight ontology that consolidates the domain knowledge. The ontology captures the following domain concepts: business processes, activities, data entities, data attributes, and their hierarchical relationships. It also captures decision-making relationships. We evaluated the ontology by triangulation. The findings are that the ontology provides a high coverage and clarity of the domain.  Finally, based on the ontology, a decision tool is developed. The tool provides advice to make informed decisions about BPC establishment. Using experiments and focus groups to evaluate the tool, the quantitative and qualitative results confirm its utility and show that the tool improves decision-making performance.  The dissertation contributes to the body of knowledge in several ways. It promotes and conceptualises crowdsourcing as an organisational business process. It offers a process model, ontology, and decision tool for BPC. It also provides empirical results about the use of the decision tool. By doing so, we hope that the dissertation will motivate organisations to further assimilate crowdsourcing.</p>

An Extension of Business Process Model and Notation for Security Risk Management

2015 ◽  
pp. 897-919
Author(s):  
Olga Altuhhov ◽  
Raimundas Matulevičius ◽  
Naved Ahmed
Keyword(s):  
Risk Management ◽  
Business Process ◽  
Process Model ◽  
Business Processes ◽  
Domain Model ◽  
Security Model ◽  
Business Process Model ◽  
Security Risk ◽  
Secure Information ◽  
Security Risk Management

Business process modelling is one of the major aspects in the modern information system development. Recently business process model and notation (BPMN) has become a standard technique to support this activity. Typically the BPMN notations are used to understand enterprise's business processes. However, limited work exists regarding how security concerns are addressed during the management of the business processes. This is a problem, since both business processes and security should be understood in parallel to support a development of the secure information systems. In the previous work we have analysed BPMN with respect to the domain model of the IS security risk management (ISSRM) and showed how the language constructs could be aligned to the concepts of the ISSRM domain model. In this paper the authors propose the BPMN extensions for security risk management based on the BPMN alignment to the ISSRM concepts. We illustrate how the extended BPMN could express assets, risks and risk treatment on few running examples related to the Internet store regarding the asset confidentiality, integrity and availability. Our proposal would allow system analysts to understand how to develop security requirements to secure important assets defined through business processes. The paper opens the possibility for business and security model interoperability and the model transformation between several modelling approaches (if these both are aligned to the ISSRM domain model).

Meta-Risk as a Method for Addressing Uncertainty in a Pipeline Risk Management System

2002 ◽  
Author(s):  
Louis Fenyvesi ◽  
Brian Rothwell ◽  
Iain Colquhoun
Keyword(s):  
Risk Assessment ◽  
Decision Making ◽  
Single Point ◽  
Management Strategies ◽  
Assessment Process ◽  
Failure Frequency ◽  
Point Estimates ◽  
Risk Estimates ◽  
Risk Approach ◽  
Integrity Management

Typical risk assessment processes produce risk estimates by multiplying together single-valued, expected failure frequencies and associated consequences. However, a range of consequences can result from an incident, and a more representative estimate of failure frequency is captured by a distributed variable rather than by a single point value. Risk estimates calculated by typical assessment processes are sometimes referred to as “mean” estimates or “cautious best estimates”. This terminology acknowledges implicitly that there is truly a range of possible values. Meta-risk is a potential approach for analyzing risk that captures this uncertainty by utilizing distributions of failure frequency and consequence in place of point estimates. These distributions are combined to form a risk distribution that can then be used more directly in quantified decision making. Meta-risk improves on the principle of “As low as reasonably practicable” (ALARP) by acknowledging that the levels of uncertainty associated with models used in the risk assessment process are not equal. By providing “probability of exceedance” targets relative to defined risk acceptance criteria, the meta-risk approach allows for quantified decision making that addresses both the level of risk and the associated level of uncertainty. This process allows an analyst to compare risks more accurately from multiple hazards between which levels of uncertainty may vary greatly, and to quantify the benefits of integrity management strategies such as condition monitoring whose primary effect is to reduce uncertainty rather than to reduce risk directly.

Decision-Making Support for the Correctness of Input Data at Runtime in Business Processes

2014 ◽  
Vol 23 (04) ◽  
pp. 1450003 ◽  
Author(s):  
María Teresa Gómez-López ◽  
Rafael M. Gasca ◽  
José Miguel Pérez-Álvarez
Keyword(s):  
Decision Making ◽  
Decision Support ◽  
Business Process ◽  
Process Model ◽  
Input Data ◽  
Business Processes ◽  
Business Process Model ◽  
Programming Paradigm ◽  
Business Process Execution ◽  
Data Constraints

In a business process, the information that flows between the activities can be introduced by those users who interact with the process. This introduced information could be incorrect due to a lack of knowledge or a mistake. For this reason and to make the business process execution consistent, we propose a Decision Support System (DSS) to inform the user about the possible and correct values that the input data can take. The DSS takes into account the business process model and the policy of the company. The policy concerning the input data and dataflow that the company manages can be represented by constraints (called Business Data Constraints (BDCs)). In order to ascertain all the possible values of the input data that permit the execution of the process following the defined goals, the DSS analyzes the business process model and the BDC, using the constraint programming paradigm.

An Extension of Business Process Model and Notation for Security Risk Management

2013 ◽  
Vol 4 (4) ◽  
pp. 93-113 ◽  
Author(s):  
Olga Altuhhov ◽  
Raimundas Matulevičius ◽  
Naved Ahmed
Keyword(s):  
Risk Management ◽  
Business Process ◽  
Process Model ◽  
Business Processes ◽  
Domain Model ◽  
Security Requirements ◽  
Security Model ◽  
Business Process Model ◽  
Security Risk ◽  
Security Risk Management

Business process modelling is one of the major aspects in the modern information system development. Recently business process model and notation (BPMN) has become a standard technique to support this activity. Typically the BPMN notations are used to understand enterprise's business processes. However, limited work exists regarding how security concerns are addressed during the management of the business processes. This is a problem, since both business processes and security should be understood in parallel to support a development of the secure information systems. In the previous work we have analysed BPMN with respect to the domain model of the IS security risk management (ISSRM) and showed how the language constructs could be aligned to the concepts of the ISSRM domain model. In this paper the authors propose the BPMN extensions for security risk management based on the BPMN alignment to the ISSRM concepts. We illustrate how the extended BPMN could express assets, risks and risk treatment on few running examples related to the Internet store regarding the asset confidentiality, integrity and availability. Our proposal would allow system analysts to understand how to develop security requirements to secure important assets defined through business processes. The paper opens the possibility for business and security model interoperability and the model transformation between several modelling approaches (if these both are aligned to the ISSRM domain model).

scholarly journals An Approach to Sustainability Risk Assessment in Industrial Assets

2021 ◽  
Vol 13 (12) ◽  
pp. 6538
Author(s):  
Fco. Javier García-Gómez ◽  
Víctor Fco. Rosales-Prieto ◽  
Alberto Sánchez-Lite ◽  
José Luis Fuentes-Bargues ◽  
Cristina González-Gaya
Keyword(s):  
Risk Assessment ◽  
Risk Management ◽  
Asset Management ◽  
Analysis And Evaluation ◽  
The People ◽  
Preliminary Study ◽  
Assessment Procedures ◽  
Identification Analysis ◽  
A Company ◽  
Industrial Company

Asset management, as a global process through which value is added to a company, is a managerial model that involves major changes in strategies, technologies, and resources; risk management; and a change in the attitude of the people involved. The growing commitment of companies to sustainability results in them applying this approach to all their activities. For this reason, it is relevant to develop sustainability risk assessment procedures in industrial assets. This paper presents a methodological framework for the inclusion of sustainability aspects in the risk management of industrial assets. This approach presents a procedure to provide general criteria, methodology, and essential mandatory requirements to be adopted for the identification, analysis, and evaluation of sustainability aspects, impacts, and risks related to assets owned and managed by an industrial company. The proposed procedure is based on ISO 55,000 and ISO 31,000 standards and was developed following three steps: a preliminary study, identification of sustainability aspects and sustainability risks/opportunities, and impact assessment and residual risks management. Our results could serve as a model that facilitates the improvement of sustainability analysis risks in industrial assets and could be used as a basis for future developments in the application of the standards to optimize management of these assets.

scholarly journals Reengineering of supply chain management integrated scheduling processes

2018 ◽  
Vol 193 ◽  
pp. 05064 ◽  
Author(s):  
Ekaterina Kuleshova ◽  
Anastasia Levina ◽  
Rustam Esedulaev
Keyword(s):  
Decision Making ◽  
Supply Chain ◽  
Supply Chain Management ◽  
Business Process ◽  
Business Processes ◽  
Current Practice ◽  
Oil And Gas ◽  
Chain Management ◽  
Integrated Scheduling ◽  
Data Flows

The paper describes the principle of the reengineering of supply chain management integrated scheduling processes in order to increase in efficiency of business process and decrease the decision-making time at collision of plan-fact deviations. The basic concept of business-processes reengineering is analyzed. The experience of reengineering of supply chain integrated scheduling business processes for the oil and gas branch is presented. The bottlenecks of the current practice were revealed. The purpose of this paper is to carry out recommendations for improving business processes based on an analysis of the current realization of the process, his provision with information systems and data flows.

scholarly journals Business processes exceptions in relation to operational performance

2019 ◽  
Vol 25 (5) ◽  
pp. 908-922 ◽  
Author(s):  
Remco Dijkman ◽  
Oktay Turetken ◽  
Geoffrey Robert van IJzendoorn ◽  
Meint de Vries
Keyword(s):  
Business Process ◽  
Process Model ◽  
Business Processes ◽  
Process Models ◽  
Operational Performance ◽  
Normal Flow ◽  
Throughput Time ◽  
Content Type ◽  
Business Process Models ◽  
Practical Implications

Purpose Business process models describe the way of working in an organization. Typically, business process models distinguish between the normal flow of work and exceptions to that normal flow. However, they often present an idealized view. This means that unexpected exceptions – exceptions that are not modeled in the business process model – can also occur in practice. This has an effect on the efficiency of the organization, because information systems are not developed to handle unexpected exceptions. The purpose of this paper is to study the relation between the occurrence of exceptions and operational performance. Design/methodology/approach The paper does this by analyzing the execution logs of business processes from five organizations, classifying execution paths as normal or exceptional. Subsequently, it analyzes the differences between normal and exceptional paths. Findings The results show that exceptions are related to worse operational performance in terms of a longer throughput time and that unexpected exceptions relate to a stronger increase in throughput time than expected exceptions. Practical implications These findings lead to practical implications on policies that can be followed with respect to exceptions. Most importantly, unexpected exceptions should be avoided by incorporating them into the process – and thus transforming them into expected exceptions – as much as possible. Also, as not all exceptions lead to longer throughput times, continuous improvement should be employed to continuously monitor the occurrence of exceptions and make decisions on their desirability in the process. Originality/value While work exists on analyzing the occurrence of exceptions in business processes, especially in the context of process conformance analysis, to the best of the authors’ knowledge this is the first work that analyzes the possible consequences of such exceptions.

scholarly journals Paleoenvironmental Reconstructions Improve Ecosystem Services Risk Assessment: Case Studies from Two Coastal Lagoons in South America

Water ◽  
2018 ◽  
Vol 10 (10) ◽  
pp. 1350 ◽  
Author(s):  
Maria Velez ◽  
Daniel Conde ◽  
Juan Lozoya ◽  
James Rusak ◽  
Felipe García-Rodríguez ◽  
...  
Keyword(s):  
Risk Assessment ◽  
Risk Management ◽  
Ecosystem Services ◽  
South America ◽  
Coastal Lagoons ◽  
Holistic Approach ◽  
Assessment Process ◽  
History Of ◽  
Paleoenvironmental Reconstructions

Paleoenvironmental reconstructions are increasingly being used in conservation biology, ecosystem management, and evaluations of ecosystem services (ES), but their potential to contribute to the ES risk assessment process has not been explored. We propose that the long-term history of the ecosystem provides valuable information that augments and strengthens an ES risk assessment and that it should be considered routinely when undertaking risk assessments. We adjusted a standard ecosystem-based risk management (EBRM) protocol to include paleoenvironmental data, and tested the modified approach on two coastal lagoons in South America. Paleolimnological reconstructions in both lagoons indicate that salinity and nutrients (in Laguna de Rocha), and salinity (in Ciénaga Grande de Santa Marta), as controlled by hydrologic connectivity with the ocean and freshwater tributaries, have been the key variables behind ecosystem’s function. This understanding, applied to inform various components and steps in the EBRM protocol, suggests that the maintenance of hydrological connections should be a management priority to minimize risk to ES. This work illustrates the utility of including paleoenvironmental data in an EBRM context and highlights the need for a more holistic approach to risk management by incorporating the long-term history of ecosystem function.

Sign in / Sign up

Export Citation Format

Share Document