Abstract
Managing regulatory compliance is increasingly challenging and costly for organizations world-wide. Due to the diversity of stakeholders in compliance management initiatives, any effort towards providing compliance management solutions demands a common understanding of compliance management concepts and practice. This paper reports on research undertaken to develop an ontology to create a shared conceptualization of the compliance management domain, namely CoMOn (Compliance Management Ontology). The ontology concepts are extracted from interviews and surveys of compliance management experts and practitioners, and refined through synthesis with leading academic literature related to compliance management. A semiotic framework was utilized to conduct a rigorous evaluation of CoMOn through a series of eight case studies spanning a number of industry sectors. The consensus achieved through the evaluation has positioned CoMOn as a comprehensive domain ontology for Compliance Management.
Chapter PDF
Similar content being viewed by others
References
Sadiq, W., Governatori, G., Namiri, K.: Modeling Control Objectives for Business Process Compliance. In: Alonso, G., Dadam, P., Rosemann, M. (eds.) BPM 2007. LNCS, vol. 4714, pp. 149–164. Springer, Heidelberg (2007)
Lu, R., Sadiq, S., Governatori, G.: Compliance Aware Business Process Design. In: 3rd International Workshop on Business Process Design (BPD 2007) (2007); In: ter Hofstede, A.H.M., Benatallah, B., Paik, H.-Y. (eds.) BPM Workshops 2007. LNCS, vol. 4928, pp. 120–131. Springer, Heidelberg (2008)
Louis Anon, J., Filowitz, H., Kovatch, J.M.: Integrating Sarbanes-Oxley Controls into an Investment Firm Governance Framework. The Journal of Investment Compliance 8, 40–43 (2007)
Syed Abdullah, N., Indulska, M., Sadiq, S.: A Study of Compliance Management in Information Systems Research. In: The 17th European Conference on Information Systems (ECIS 2009), Verona, Italy (2009)
Syed Abdullah, N., Sadiq, S., Indulska, M.: Emerging Challenges in Information Systems Research for Regulatory Compliance Management. In: Pernici, B. (ed.) CAiSE 2010. LNCS, vol. 6051, pp. 251–265. Springer, Heidelberg (2010)
Gruber, T.: Ontology. In: Liu, L., Özsu, M.T. (eds.) Encyclopedia of Database Systems. Springer, U.S (2009)
Grüninger, M., Lee, J.: Ontology Application and Design: Introduction. Communication of the ACM 45, 39–41 (2002)
Blomqvist, E., Öhgren, A.: Constructing an Enterprise Ontology for an Automotive Supplier. Engineering Applications of Artificial Intelligence 21, 386–397 (2008)
Moreira, E.D.S., Andréia, L., Martimiano, F., Brandão, A.J.D.S., Bernardes, M.C.: Ontologies for Information Security Management and Governance. Information Management & Computer Security 16, 150–165 (2008)
Uschold, M., King, M.: Towards a Methodology for Building Ontologies. In: Workshop on Basic Ontological Issues in Knowledge Sharing, Held in Conduction with IJCAI 1995, Montreal, Canada (1995)
Uschold, M.: Building Ontologies: Towards a Unified Methodology. In: 16th Annual Conf. of the British Computer Society Specialist Group on Expert Systems (1996)
Burton-Jones, A., Storey, V.C., Sugumaran, V., Ahluwalia, P.: A Semiotic Metrics Suite for Assessing the Quality of Ontologies. Data & Knowledge Engineering 55, 84–102 (2005)
Banker, R.D., Kalvenes, J., Patterson, R.A.: Information Technology, Contract Completeness, and Buyer-Supplier Relationships. Information Systems Research 17, 180–193 (2007)
Kim, H.M., Fox, M.S., Sengupta, A.: How to Build Enterprise Data Models to Achieve Compliance to Standards or Regulatory Requirements (and share data). Journal of the Association for Information Systems 8, 105–128 (2007)
Weitzner, D.J., Abelson, H., Berners-Lee, T., Feigenbaum, J., Hendler, J., Sussman, G.J.: Information Accountability. Communication of the ACM 51, 82–87 (2008)
Davis, C.J., Hikmet, N.: Training as Regulation and Development: An Exploration of the Needs of Enterprise Systems Users. Information & Management 45, 341–348 (2008)
Mishra, S., Weistroffer, H.R.: A Framework for Integrating Sarbanes-Oxley Compliance into The Systems Development Process. Communication of the Association for Information Systems 20, 712–727 (2007)
Hevner, A.R., March, S.T., Park, J., Ram, S.: Design Science in Information Systems Research. MIS Quarterly 28, 75–105 (2004)
Fernández, M., Gómez-Pérez, A., Juristo, N.: METHONTOLOGY: From Ontological Art towards Ontological Engineering. In: AAAI 1997 Spring Symposium Series, pp. 33–40. AAAI Press (1997)
Fernández-López, M., Gómez-Pérez, A.: Overview and Analysis of Methodologies for Building Ontologies. The Knowledge Engineering Review 17, 129–156 (2002)
Pinto, H.S., Martins, J.P.: Ontologies: How can They be Built? Knowledge and Information Systems 6, 441–464 (2004)
Spyns, P., Tang, Y., Meersman, R.: An Ontology Engineering Methodology for DOGMA. Applied Ontology 3, 13–39 (2008)
Syed Abdullah, N., Sadiq, S., Indulska, M.: A Framework for Industry-Relevant Ontology Development. In: Proceedings of the 22nd Australasian Conference on Information Systems (ACIS 2011). AIS Electronic Library (AISeL), Sydney, Australia (2011)
Denaux, R., Dolbear, C., Hart, G., Dimitrova, V., Cohn, A.G.: Supporting Domain Experts to Construct Conceptual Ontologies: A Holistic Approach. Web Semantics: Science, Services and Agents on the World Wide Web 9, 113–127 (2011)
Paredes-Moreno, A., Martínez-López, F.J., Schwartz, D.G.: A Methodology for the Semi-automatic Creation of Data-driven Detailed Business Ontologies. Information Systems 35, 758–773 (2010)
Lim, S.C.J., Liu, Y., Lee, W.B.: A Methodology for Building a Semantically Annotated Multi-faceted Ontology for Product Family Modelling. Advanced Engineering Informatics 25, 147–161 (2011)
Syed Abdullah, N., Sadiq, S., Indulska, M.: Information Systems Research: Aligning to Industry Challenges in Management of Regulatory Compliance. In: Proceedings of the Pacific Asia Conference on Information Systems Engineering (PACIS 2010), Taipei, Taiwan (2010)
Booch, G., Rumbaugh, J., Jacobson, I.: Unified Modeling Language User Guide. Addison-Wesley Professional (2005)
Pulido, J.R.G., Ruiz, M.A.G., Herrera, R., Cabello, E., Legrand, S., Elliman, D.: Ontology Languages for the Semantic Web: A Never Completely Updated Review. Knowledge-Based Systems 19, 489–497 (2006)
W3C OWL Working Group: OWL 2 Web Ontology Language - Document Overview. World Wide Web Consortium (2009)
Pinto, H.S., Gómez-Pérez, A., Martins, J.P.: Some Issues on Ontology Integration. In: Proceedings of the IJCAI 1999 Workshop on Ontologies and Problem-Solving Methods (1999)
Pinto, H.S., Martins, J.P.: A Methodology for Ontology Integration. In: Proceedings of the 1st International Conference on Knowledge Capture, pp. 131–138. ACM, Victoria (2001)
Syed Abdullah, N., Sadiq, S., Indulska, M.: A Study of Ontology Construction: The Case of a Compliance Management Ontology. In: Ahmad, M.N., Colomb, R.M., Abdullah, M.S. (eds.) Ontology-Based Applications for Enterprise Systems and Knowledge Management. IGI Global (in press)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2012 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Syed Abdullah, N., Sadiq, S., Indulska, M. (2012). A Compliance Management Ontology: Developing Shared Understanding through Models. In: Ralyté, J., Franch, X., Brinkkemper, S., Wrycza, S. (eds) Advanced Information Systems Engineering. CAiSE 2012. Lecture Notes in Computer Science, vol 7328. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-31095-9_28
Download citation
DOI: https://doi.org/10.1007/978-3-642-31095-9_28
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-31094-2
Online ISBN: 978-3-642-31095-9
eBook Packages: Computer ScienceComputer Science (R0)