Supporting Compliance through Enhancing Internal Control Systems by Conceptual Business Process Security Modeling
The importance of Business Process Modeling (BPM) particularly in sensitive areas combined with the rising impact of legislative requirements on IT operations results in a need to conceptually represent security semantics in BPM. The authors define critical security semantics that need to be incorporated in BPM to aid documentation of security needs and support compliant behavior of security systems. They analyze ways to express such semantics in BPM and their possible role in designing and operating internal control systems, which ensure and document the execution of compliance-related activities.