BPM Perspectives to Support ICSs: Exploiting the Integration of Formal Verifications into Investment Service Provision Processes
Domenico Raucci , Antonella Santone , Francesco Mercaldo , Tomasz Dyczkowski
AbstractPurpose – This paper investigates the criteria for a selective integration, in the multidisciplinary business process management (BPM) areas, between information technologies tools and the company’s internal control systems (ICSs) aimed at directing organizational behaviours. Adopting a process-based perspective, the authors propose a formal methodology to increase ICSs aims, related to the segregation of duties (SoDs) models, efficiently and effectively. Design/methodology/approach – The authors examine the applicability of formal verifications to validate a banking process of providing investment services, which is mapped through the workflow management system. To mitigate the state explosion problem of formal methods, the authors propose an efficient methodology that has been proved on the SoDs models in the bank ICSs, as a case study. Findings – The authors’ investigations suggest that in the BPM domain, the banking ICSs aims can benefit from the aforesaid methodologies, originating from the formal methods area, to increase the reliability and correctness in the design, modelling and implementation of the SoDs models. Originality/value – The proposed methodology is quite general and can be efficiently applied to large-scale systems in different business contexts or areas of the BPM. Its application to the bank’s SoD prevents or detects significant weaknesses, operational risks, excessive risk appetite and other undesirable behaviours in the investment services provision processes. This guarantees that the investment ordered/offered is “suitable and appropriate” with the client’s risk profile, especially non-professional, required by theMiFID II Directive.
|Journal series||Industrial Management & Data Systems, [Industrial Management and Data Systems], ISSN 0263-5577, e-ISSN 1758-5783, (N/A 100 pkt)|
|Publication size in sheets||0.85|
|Keywords in English||Business Process Management, Internal Control Systems, Segregation of Duties, Formal Methods, Banking Processes, Investment Services|
|ASJC Classification||; ; ; ;|
|Publication indicators||: 2018 = 1.706; : 2018 = 3.727 (2) - 2018=3.418 (5)|
* presented citation count is obtained through Internet information analysis and it is close to the number calculated by the Publish or Perish system.