Process, Risk and Compliance

Organizations manage their processes for two reasons:

  • To improve performance (e.g., through process redesign or the development of process-oriented application systems)
  • To maintain compliance (e.g., by complying to voluntary (ISO, ITIL etc.) or mandated (Sarbanes-Oxley, HIPAA etc.) regulations)

While performance management has been addressed in many process publications, the management of risk and compliance in processes is a rather recent topic and has not been studied in much detail. Furthermore, the risk management and process management communities typically reside in different domains, with different vocabularies and documentation styles. CEBPI in conjunction with colleagues from QUT Brisbane and Monash University has started a research initiative to improve the risk management of business processes.

If your company is interested in participating in this stream of research, please contact us.