Legal-URN Framework for Legal Compliance of Business Processes
Why this work is in the frame
A frame that forgets how it found something cannot be audited. These are the routes that admitted this work.
Bibliographic record
Abstract
In recent years, the number of regulations an organization needs to comply with has been increasing, and organizations have to ensure that their business processes are aligned with these regulations. However, because of the complexity and intended vagueness of regulations in general, it is not possible to treat them the same way as other types of requirements. On the other hand, the cost of being non-compliant can also be fairly high; non-compliance can cause crucial harm to the organization with financial penalties or loss of reputation. Therefore, it is very important for organizations to take a systematic approach to ensuring that their compliance with related laws, regulations and standards is established and maintained. To achieve this goal, this thesis proposes a model-based compliance analysis framework for business processes called Legal-URN. This framework is composed of four layers of abstraction linked to each other. The framework exploits the User Requirements Notation (URN) as the modeling language to describe and combine legal and organizational models. In order to model legal documents, legal statements are first classified into four classes of Hohfeldian rights, and then Hohfeldian models of the regulations and their statements are created. These models are further refined into legal goal and business process models via a domain-specific version of URN called Legal URN profile. To check the well-formedness of the models and to identify instances of non-compliance, 23 Object Constraint Language (OCL) rules are provided. In this thesis, the quantitative and qualitative analysis algorithms of URN's Goal-oriented Requirement Language are extended to help analyze quantitatively and qualitatively the degree of compliance of an organization to the legal models. Furthermore, with the help of a prioritization algorithm, the framework enables one to decide, while taking the organization goals into consideration, which non-compliant instances to address first in order to provide a suitable evolution path for business processes. In addition, to assess compliance with more than one regulation, a pair-wise comparison algorithm enables organizations to identify the similarities and conflicts among regulations and incorporate them in the models. The jUCMNav tool, an Eclipse plug-in for URN modeling and analysis, was extended to support the framework and its algorithms and rules. The thesis contributions are evaluated through a gap analysis based on a systematic literature review, a comparison with closely related work, and two case studies in the healthcare domain: one with a single regulation and realistic business processes, and a second with three additional regulations. We also identify the benefits and limitations of the framework, as well as potential extensions for future work. The Legal-URN framework provides a tool-supported, rigorous approach to compliance analysis of organizations against relevant regulations.
Fetched live from OpenAlex and de-inverted. Abstracts are not stored in this database: the inverted indexes are 8.6 GB of the frame’s 9.3 GB of text, and the host has 13 GB free.
Full frame distilled prediction
Teacher imitationNot calibrated prevalence, not ground truth. Human validation pending. Learned from the 10,348 direct Codex labels and 10,348 direct Gemma labels. Candidate is the union of thresholded teacher heads; consensus is their intersection. These outputs are machine_predicted_unvalidated and are not human labels or direct frontier model labels.
Codex and Gemma teacher scores by category
| Category | Codex | Gemma |
|---|---|---|
| Metaresearch | 0.001 | 0.001 |
| Meta-epidemiology (narrow) | 0.000 | 0.000 |
| Meta-epidemiology (broad) | 0.001 | 0.000 |
| Bibliometrics | 0.001 | 0.003 |
| Science and technology studies | 0.001 | 0.000 |
| Scholarly communication | 0.000 | 0.002 |
| Open science | 0.001 | 0.000 |
| Research integrity | 0.000 | 0.001 |
| Insufficient payload (model declined to judge) | 0.000 | 0.000 |
Machine scores (provisional)
The two teacher heads of the student model, read on this work. A score orders the frame for review; it never asserts a category, and the validation status ships verbatim with every row.
Baseline scores from an immature model (maturity gate not passed, 7 training rounds). Scores rank; they never assert a category.
score_only:v0-immature-baseline · verbatim from the scoring run: score_only means the number may rank works, and no category label ships from it