James Taylor's Decision Management

James Taylor

Making the case for rules in compliance

user-pic
By James Taylor on December 14, 2006 11:21 AM 0 1 Vote 0 Votes

I saw an interesting article by Jim Coleman of Appian in Business Integration Journal today - the article is not online yet but here's a link to the magazine - called "Making the Case for Process-Based, Sarbanes-Oxley Compliance". Jim outlines how you can use a BPMS to support a robust SOX compliance approach. I think he understates the potential for a business rules management system or BRMS to also be part of the solution. Let's consider some scenarios:

  • If I have a decision, say pricing a product, that is covered by the compliance rules why take it manually and then automate the process of checking it was taken consistently? Instead you could automate the pricing engine using business rules and a BRMS and then compliance would consist of showing the rules used for most decisions and manually tracking just those exceptions referred to people.
  • If I have a service in my process that has to be reviewed for compliance but which needs to change often, I could use a business rules approach to automate that service and then it would be much easier to show compliance (thanks to the declarative and business-friendly approach supported by a BRMS) and, because changes to rules are more manageable and trackable, easier to show ongoing compliance even as the service changed.
  • If I have multiple systems being checked for compliance of the same action, perhaps I should use a decision service approach to automate the decision once, using a BRMS, and sharing that service across my architecture. Then I would only need to show that the service was compliant, not every application, and this would be easier thanks to rules compliance-friendly nature.

Automating decisions, especially using a BRMS, can be very beneficial when worrying about compliance. A BPMS can too, but the combination might be most effective. There's a great book called "The Joy of SOX" that I reviewed here by Hugh Taylor. Hugh and I also did a webinar on agile compliance with CMP. I have also written an article about how to use BPMS and BRMS together for compliance here and there is a section on compliance on my other blog.

Additional note - The Joy of SOX was excerpted by ebizQ a little while ago and you can read the excerpt here

Technorati Tags: , , , , , , , , ,

Categories: , , ,
More Articles:

« If SOA is Lego then decision services are Mindstorms | Main | 5 Business Reasons to Service-Orient and 3 to decision-automate »

1 TrackBack

TrackBack URL: http://www.ebizq.net/MT4/mt-tb.cgi/13016

Why optimize decisions - a nice list from Enterprise Decision Management - a Weblog on February 19, 2007 2:02 PM

John over at Big Sky Thinking had a nice post today on the reasons for optimizing decisions. It's a good list and worth checking out. I had a few comments: Business model innovation, like outsourcing and "smartsourcing", really repay (and Read More

Leave a comment

A blog about the use of decision management technologies like predictive analytics and business rules to deliver agility, improve business processes and bring intelligent automation to SOA.

James Taylor

James Taylor blogs on decision management for ebizQ, and is an independent consultant on decision management, predictive analytics, business rules, and related topics. He works with clients to identify and bring to market advanced decision management solutions. He is widely considered a leading expert and visionary in enterprise decision management, and has published a book on the topic: Smart (Enough) Systems. For more information please contact him at james@jtonedm.com.



Subscribe

 Subscribe to this blog by RSS
Subscribe by email:

Recently Commented On

Monthly Archives

ADVERTISEMENT