JSEA  Vol.5 No.12 , December 2012
Multiperspective Representation of Internal Controls in Business Processes
ABSTRACT

The internal control process, which is designed to help an organization accomplish specific control objectives, is one of the most important processes, as it can determine whether or not the organization is in compliance with its internal or external requirements. Internal controls emerge from different perspectives. Currently, experts view and act on one control perspective at a time, which creates inefficiencies and duplication. This software engineering research is aimed at proposing a multiperspective framework for representing internal controls, in order to obtain a centralized and comprehensive view of all internal control mechanisms. To carry out this research, we also needed to represent the many different stakeholder perspectives of internal controls. Based on a literature review of mathematical and psychological analysis, we searched for the most suitable multiperspective representation of internal controls, and assessed the many representation options using the AHP (analytical hierarchical process) sensitivity analysis approach. This approach has been applied to a study group which has been called to answer to a questionnaire.


Cite this paper
I. Abdellatif and A. April, "Multiperspective Representation of Internal Controls in Business Processes," Journal of Software Engineering and Applications, Vol. 5 No. 12, 2012, pp. 971-982. doi: 10.4236/jsea.2012.512112.
References
[1]   C. Monsalve, A. April and A. Abran, “Representing Unique Stakeholder Perspectives in BPM Notations,” Proceedings 8th ACIS International Conference on Software Engineering Research, Management and Applications (SERA), Montreal, 24-26 May 2010, pp. 42-49. doi:10.1109/SERA.2010.16

[2]   S. Sadiq, G. Governatori and K. Niamiri, “Modeling Control Objectives for Business Process Compliance,” 5th International Conference on Business Process Management, Vol. 4714, 2007, pp. 149-164. doi:10.1007/978-3-540-75183-0_12

[3]   J. E. Gamble and A. A. Thompson Jr., “Essentials of Strategic Management: The Quest for Competitive Advantage,” 3rd Edition, McGraw-Hill Inc., New York, 2012.

[4]   C. Stefansen and S. E. Borch, “Using Soft Constraints to Guide Users in Flexible Business Process Management Systems,” International Journal of Business Process Integration and Management, Vol. 3, No. 1, 2008, pp. 26-35. doi:10.1504/IJBPIM.2008.019345

[5]   L. Turner and A. Weickgenannt, “Accounting Information Systems: Controls and Processes,” 2nd Edition, Wiley, San Francisco, 2012.

[6]   V. R. Karimi, “Formal Analysis of Access Control Policies for Pattern-Based Business Processes,” 2009 World Congress on Privacy, Security, Trust and the Management of E-Business, Saint John, 25-27 August 2009, pp. 239-242. doi:10.1109/CONGRESS.2009.18

[7]   R. K. Vahid, “Verification of Access Control Policies for REA Business Processes,” Computer Software and Applications Conference, Vol. 2, 2009, pp. 422-427. doi:10.1109/COMPSAC.2009.170

[8]   C. Ramaswamy, “Business Process Driven Framework for Defining an Access Control Service based on Roles and Rules,” 23rd National Information Systems Security Conference, Baltimore, 16-19 October 2000.

[9]   S. Huang, H. M. Cai and B. Y. Xu, “A Resource State-Based Business Process Control Mechanism for BPM,” International Conference on Progress in Informatics and Computing (PIC), Piscataway, 10-12 December 2010, pp. 1157-1161. doi:10.1109/PIC.2010.5687985

[10]   Y. C. Ren, T. Xing, D. Y. Jiang and P. Zhu, “Research on Software Quality Control Method Based on Control Chart,” IEEE 2nd International Conference on Computing, Control and Industrial Engineering (CCIE), Jinzhou, 20-21 August 2011, pp. 274-277.

[11]   B. B. Anderson, J. V. Hansen, P. B. Lowry and S. L. Summers, “Model Checking for E-Business Control and Assurance,” IEEE Transactions on Systems, Man, and Cybernetics, Part C: Applications and Reviews, Vol. 35, No. 3, 2005, pp. 445-450. doi:10.1109/TSMCC.2004.843181

[12]   G. Succi, L. Benedicenti, S. de Panfilis and T. Vernazza, “Activity-Based OO Business Modeling and Control,” IT Professional, Vol. 2, No. 3, 2000, pp. 45-50. doi:10.1109/6294.846211

[13]   I. Oditis and J. Bicevski, “The Concept of Automated Process Control,” Computer Science and Information Technologies, Vol. 756, 2010, pp. 193-203. http://www.lu.lv/materiali/apgads/ raksti/756_pp_193-203.pdf

[14]   M. Kehlenbeck, T. Sandner and M. H. Breitner, “Managing Internal Control in Changing Organizations through Business Process Intelligence—A Service Oriented Architecture for the XACML Based Monitoring of Supporting Systems,” 43rd Hawaii International Conference on System Sciences (HICSS), Honolulu, 5-8 January 2010, pp. 1-10. doi:10.1109/HICSS.2010.262

[15]   I. Bider and A. Striy, “Controlling Business Process Instance Flexibility via Rules of Planning,” International Journal of Business Process Integration and Management, Vol. 3, No. 1, 2008, pp. 15-25. doi:10.1504/IJBPIM.2008.019344

[16]   Business Dictionary, “Process Control,” 2011. http://www.businessdictionary.comdefinition/ business-process.html

[17]   A. Zakarian, P. Wickett and Y. Siradeghyan, “Quantitative Model for Evaluating the Quality of an Automotive Business Process,” International Journal of Production Research, Vol. 44, No. 6, 2006, pp. 1055-1074. doi:10.1080/00207540500371949

[18]   Addison-Hewitt, “Sarbanes-Oxley Act,” 2012. http://www.soxlaw.com/

[19]   D. Radovanovic, T. Radojevic, D. Lucic and M. Sarac, “IT Audit in Accordance with COBIT Standard,” MIPRO, Proceedings of the 33rd International Convention, Opatija, 24-28 May 2010, pp. 1137-1141.

[20]   A. April, A. Abran and E. Merlo, “Process Assurance Audits: Lessons learned,” Proceedings of the International Conference on Software Engineering, Kyoto, 19-25 April 1998, pp. 482-485. doi:10.1109/ICSE.1998.671611

[21]   R. Ouanouki and A. April, “IT Process Conformance Measurement: A Sarbanes-Oxley Requirement,” Proceedings of the IWSM, Mensura, Palma de Mallorca, 5-8 November 2007, pp. 26-37.

[22]   D. Hoyle, “ISO 9000 Quality Systems Handbook,” 5th Edition, Butterworth-Heinemann, Amsterdam, 2006.

[23]   T. Kasse, “Practical insight into CMMI,” 2nd Edition, Artech House, Boston, 2008.

[24]   T. T. Allen, “Introduction to Engineering Statistics and Six Sigma: Statistical Quality Control and Design of Experiments and Systems,” Springer, London, 2006.

[25]   C. Wolter, M. Menzel, A. Schaad, P. Miseldine and C. Meinel, “Model-Driven Business Process Security Requirement specification,” Journal of System Architecture, Vol. 55, No. 4, 2009, pp. 211-223. doi:10.1016/j.sysarc.2008.10.002

[26]   M. McGuffin and R. Jean-Marc, “Quantifying the Space-Efficiency of 2D Graphical Representations of Trees,” Information Visualization Journal, Vol. 9, No. 2, 2010, pp. 115-140.

[27]   C. Plaisant, J. Grosjean and B. B. Bederson, “Space Tree: Supporting Exploration in Large Node Link Tree, Design Evolution and Empirical Evaluation,” IEEE Symposium on Information Visualization (INFOVIS), 29 January 2003, pp. 57-64. doi:10.1109/INFVIS.2002.1173148

[28]   M. Bruls, K. Huizing and J. J. Van Wijk, “Squarified Treemaps,” Proceedings of the Joint EUROGRAPHICS and IEEE TCVG Symposium on Data Visualization, Vienna, 29-31 May 2000, pp. 33-42.

[29]   International Organization for Standardization, “ISO 9241-11 Ergonomic Requirements for Office Work with Visual Display Terminals (VDTS)—Part 11: Guidance on Usability,” International Organization for Standardization, Genova, 1998. http://www.iso.org/iso/catalogue_detail.htm?csnumber=16883

[30]   T. Barlow and P. Neville, “A Comparison of 2-D Visualizations of Hierarchies,” IEEE Symposium on Information Visualization INFOVIS, 2001, pp. 131-138.

[31]   J. Stasko, R. Catrambone, M. Guzdial and K. McDonald, “An Evaluation of Space-Filling Information Visualizations for Depicting Hierarchical Structures,” International Journal of Human-Computer Studies, Vol. 53, 2000, pp. 663-694. doi:10.1006/ijhc.2000.0420

[32]   M. Burch, N. Konevtsova, J. Heinrich, M. Hoeferlin and D. Weiskopf, “Evaluation of Traditional, Orthogonal, and Radial Tree Diagrams by an Eye Tracking Study”, IEEE Transactions on Visualization and Computer Graphics, Vol. 17, No. 12, 2011, pp. 2440-2448. doi:10.1109/TVCG.2011.193

[33]   S. Hyunjoo, K. Bohyoung, L. Bongshin and S. Jinwook, “A Comparative Evaluation on Tree Visualization Methods for Hierarchical Structures with Large Fan-Outs,” 28th International Conference on Human factors in Computing Systems, Atlanta, 2010. doi:10.1145/1753326.1753359

[34]   Expert Choice, “Expert Choice Software,” 2012. http://www.expertchoice.com/

 
 
Top