{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,4,6]],"date-time":"2026-04-06T10:16:38Z","timestamp":1775470598699,"version":"3.50.1"},"reference-count":39,"publisher":"Springer Science and Business Media LLC","issue":"3","license":[{"start":{"date-parts":[[2020,4,23]],"date-time":"2020-04-23T00:00:00Z","timestamp":1587600000000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springer.com\/tdm"},{"start":{"date-parts":[[2020,4,23]],"date-time":"2020-04-23T00:00:00Z","timestamp":1587600000000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":["Int J Syst Assur Eng Manag"],"published-print":{"date-parts":[[2020,6]]},"DOI":"10.1007\/s13198-020-00985-w","type":"journal-article","created":{"date-parts":[[2020,4,23]],"date-time":"2020-04-23T10:02:44Z","timestamp":1587636164000},"page":"561-576","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":22,"title":["A systematic literature review on compliance requirements management of business processes"],"prefix":"10.1007","volume":"11","author":[{"given":"A. M.","family":"Mustapha","sequence":"first","affiliation":[]},{"given":"O. T.","family":"Arogundade","sequence":"additional","affiliation":[]},{"given":"Sanjay","family":"Misra","sequence":"additional","affiliation":[]},{"given":"Robertas","family":"Damasevicius","sequence":"additional","affiliation":[]},{"given":"Rytis","family":"Maskeliunas","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2020,4,23]]},"reference":[{"issue":"3","key":"985_CR1","doi-asserted-by":"publisher","first-page":"145","DOI":"10.1007\/s12599-011-0155-7","volume":"3","author":"R Accorsi","year":"2011","unstructured":"Accorsi R, Lowis DIL, Sato Y (2011) Automated certification for compliant cloud-based business processes. Bus Inf Syst Eng 3(3):145\u2013154. https:\/\/doi.org\/10.1007\/s12599-011-0155-7","journal-title":"Bus Inf Syst Eng"},{"key":"985_CR2","unstructured":"Awad AMH (2010) A compliance management framework for business process models. Dissertation, University of Potsdam"},{"key":"985_CR3","doi-asserted-by":"crossref","unstructured":"Awad A, Barnawi A, Elgammal A, Elshawi R, Almalaise A, Sakr S (2015) Runtime detection of business process compliance violations: an approach based on anti-patterns. In: Proceedings of the 30th annual ACM symposium on applied computing. ACM, pp 1203\u20131210","DOI":"10.1145\/2695664.2699488"},{"key":"985_CR4","unstructured":"Barnawi A, Awad A, Elgammal A, El Shawi R, Almalaise A, Sakr S (2015) BP-MaaS: a runtime compliance-monitoring system for business processes. In: BPM (Demos), pp 25\u201329"},{"key":"985_CR5","doi-asserted-by":"publisher","first-page":"259","DOI":"10.1007\/978-3-642-24148-2_17","volume-title":"Governance and sustainability in information systems. Managing the transfer and diffusion of IT","author":"J Becker","year":"2011","unstructured":"Becker J, Ahrendt C, Coners A, Wei\u00df B, Winkelmann A (2011) Modeling and analysis of business process compliance. In: N\u00fcttgens M, Gadatsch A, Kautz K, Schirmer I, Blinn N (eds) Governance and sustainability in information systems. Managing the transfer and diffusion of IT. Springer, Berlin, pp 259\u2013269"},{"key":"985_CR6","doi-asserted-by":"crossref","unstructured":"Betke H, Kittel K, Sackmann S (2013) Modeling controls for compliance\u2014an analysis of business process modeling languages. In: 27th international conference on advanced information networking and applications workshops (WAINA). IEEE, pp 866\u2013871","DOI":"10.1109\/WAINA.2013.53"},{"key":"985_CR7","unstructured":"Biolchini J, Mian PG, Natali ACC, Travassos GH (2005) Systematic review in software engineering. System Engineering and Computer Science Department COPPE\/UFRJ, Technical Report ES, 679(05), p 45"},{"key":"985_CR8","doi-asserted-by":"crossref","unstructured":"Cabanillas C, Knuplesch D, Resinas M, Reichert M, Mendling J, Ruiz-Cort\u00e9s A (2015) RALph: a graphical notation for resource assignments in business processes. In: International conference on advanced information systems engineering. Springer, pp 53\u201368","DOI":"10.1007\/978-3-319-19069-3_4"},{"key":"985_CR9","doi-asserted-by":"crossref","unstructured":"Compagna L, Guilleminot P, Brucker AD (2013) Business process compliance via security validation as a service. In: 2013 IEEE sixth international conference on software testing, verification and validation (ICST). IEEE, pp 455\u2013462","DOI":"10.1109\/ICST.2013.63"},{"issue":"6","key":"985_CR10","doi-asserted-by":"publisher","first-page":"884","DOI":"10.1080\/17517575.2015.1135482","volume":"11","author":"M Comuzzi","year":"2017","unstructured":"Comuzzi M (2017) Alignment of process compliance and monitoring requirements in dynamic business collaborations. Enterpr Inf Syst 11(6):884\u2013908. https:\/\/doi.org\/10.1080\/17517575.2015.1135482","journal-title":"Enterpr Inf Syst"},{"key":"985_CR11","doi-asserted-by":"publisher","unstructured":"Daniel F, Casati F, D\u2019Andrea V, Mulo E, Zdun U, Dustdar S, Strauch S, Schumm D, Leymann F, Sebahi S, De Marchi F (2009) Business compliance governance in service-oriented architectures. In: International conference on advanced information networking and applications, 2009. AINA\u201909. IEEE, pp 113\u2013120. https:\/\/doi.org\/10.1109\/aina.2009.112","DOI":"10.1109\/aina.2009.112"},{"key":"985_CR12","unstructured":"D\u2019Aprile D, Giordano L, Gliozzi V, Martelli A, Pozzato GL, Dupr\u00e9 DT (2011) Verifying compliance of business processes with temporal answer sets. In: CILC, pp 147\u2013161"},{"issue":"1","key":"985_CR13","doi-asserted-by":"publisher","first-page":"67","DOI":"10.18417\/emisa.10.1.4","volume":"10","author":"P Delfmann","year":"2015","unstructured":"Delfmann P, H\u00fcbers M (2015) Towards supporting business process compliance checking with compliance pattern catalogues\u2014a financial industry case study. Enterpr Model Inf Syst Arch 10(1):67\u201388. https:\/\/doi.org\/10.18417\/emisa.10.1.4","journal-title":"Enterpr Model Inf Syst Arch"},{"key":"985_CR14","doi-asserted-by":"crossref","unstructured":"Elgammal A, Turetken O (2015) Lifecycle business process compliance management: a semantically-enabled framework. In: 2015 international conference on cloud computing (ICCC). IEEE, pp 1\u20138","DOI":"10.1109\/CLOUDCOMP.2015.7149646"},{"issue":"01","key":"985_CR15","doi-asserted-by":"publisher","first-page":"31","DOI":"10.1142\/S0218843012400023","volume":"21","author":"A Elgammal","year":"2012","unstructured":"Elgammal A, Turetken O, Van den Heuvel WJ (2012) Using patterns for the analysis and resolution of compliance violations. Int J Cooper Inf Syst 21(01):31\u201354. https:\/\/doi.org\/10.1142\/S0218843012400023","journal-title":"Int J Cooper Inf Syst"},{"key":"985_CR16","doi-asserted-by":"publisher","DOI":"10.1007\/s10270-014-0395-3","author":"AFSA Elgammal","year":"2015","unstructured":"Elgammal AFSA, T\u00fcretken O, van den Heuvel WJAM, Papazoglou M (2015) Formalizing and applying compliance patterns for business process compliance. Softw Syst Model. https:\/\/doi.org\/10.1007\/s10270-014-0395-3","journal-title":"Softw Syst Model"},{"key":"985_CR17","unstructured":"Fellmann M, Zasada A (2014) State-of-the-art of business process compliance approaches. In: 22nd European conference on information systems, ECIS 2014, Tel Aviv, Israel, June 9\u201311, 2014. http:\/\/aisel.aisnet.org\/ecis2014\/proceedings\/track06\/8"},{"issue":"1","key":"985_CR18","first-page":"15","volume":"35","author":"M Fellmann","year":"2015","unstructured":"Fellmann M, Delfmann P, Koschmider A, Laue R, Leopold H, Schoknecht A (2015) Semantic technology in business process modeling and analysis. Part 1: matching, modeling support, correctness and compliance. EMISA Forum 35(1):15\u201331","journal-title":"EMISA Forum"},{"key":"985_CR19","doi-asserted-by":"crossref","unstructured":"Ghanavati S, Hulstijn J (2015) Impact of legal interpretation on business process compliance. In: Proceedings of the first international workshop on technical and legal aspects of data privacy. IEEE Press, pp 26\u201331","DOI":"10.1109\/TELERISE.2015.13"},{"issue":"2","key":"985_CR20","doi-asserted-by":"publisher","first-page":"161","DOI":"10.1080\/17517575.2013.830340","volume":"9","author":"S Goedertier","year":"2015","unstructured":"Goedertier S, Vanthienen J, Caron F (2015) Declarative business process modelling: principles and modelling languages. Enterpr Inf Syst 9(2):161\u2013185. https:\/\/doi.org\/10.1080\/17517575.2013.830340","journal-title":"Enterpr Inf Syst"},{"key":"985_CR21","unstructured":"Governatori G, Rotolo A (2010) A conceptually rich model of business process compliance. In: Proceedings of the seventh Asia-Pacific conference on conceptual modelling, vol 110. Australian Computer Society, Inc., pp 3\u201312"},{"key":"985_CR22","unstructured":"H\u00f6henberger S, Dennis R, Delfmann P (2016) From legislation to potential compliance violations in business processes\u2014simplicity matters. In: Proceedings of the European conference on information systems (ECIS 2016), Instanbul, Turkey"},{"key":"985_CR23","unstructured":"Humberg T, Wessel C, Poggenpohl D, Wenzel S, Ruhroth T, J\u00fcrjens J (2013) Ontology-based analysis of compliance and regulatory requirements of business processes. In: CLOSER, pp 553\u2013561"},{"issue":"5","key":"985_CR24","doi-asserted-by":"publisher","first-page":"581","DOI":"10.1142\/S0218194002001062","volume":"12","author":"A Khawaja","year":"2002","unstructured":"Khawaja A, Urban J (2002) A synthesis of evaluation criteria for software specifications and specifications techniques. Int J Softw Eng Knowl Eng 12(5):581\u2013599. https:\/\/doi.org\/10.1142\/S0218194002001062","journal-title":"Int J Softw Eng Knowl Eng"},{"key":"985_CR25","volume-title":"Procedures for performing systematic reviews","author":"B Kitchenham","year":"2004","unstructured":"Kitchenham B (2004) Procedures for performing systematic reviews, vol 33. Keele University, Keele"},{"key":"985_CR26","doi-asserted-by":"crossref","unstructured":"Kitchenham B (2007) Guideline for performing Systematic Literature Reviews in Software Engineering, version 2.3. 2007, University of Keele (Software Engineering Group, School of Computer Science and Mathematics) and Durham (Department of Computer Science)","DOI":"10.1007\/11767718_3"},{"key":"985_CR27","doi-asserted-by":"publisher","first-page":"381","DOI":"10.1016\/j.is.2016.10.006","volume":"64","author":"D Knuplesch","year":"2017","unstructured":"Knuplesch D, Reichert M, Kumar A (2017) A framework for visually monitoring business process compliance. Inf Syst 64:381\u2013409. https:\/\/doi.org\/10.1016\/j.is.2016.10.006","journal-title":"Inf Syst"},{"key":"985_CR28","doi-asserted-by":"publisher","first-page":"410","DOI":"10.1016\/j.is.2016.06.003","volume":"64","author":"A Kumar","year":"2017","unstructured":"Kumar A, Barton RR (2017) Controlled violation of temporal process constraints\u2014models, algorithms and results. Inf Syst 64:410\u2013424. https:\/\/doi.org\/10.1016\/j.is.2016.06.003","journal-title":"Inf Syst"},{"issue":"2","key":"985_CR29","doi-asserted-by":"publisher","first-page":"195","DOI":"10.1007\/s10796-009-9185-9","volume":"14","author":"LT Ly","year":"2012","unstructured":"Ly LT, Rinderle-Ma S, G\u00f6ser K, Dadam P (2012) On enabling integrated process compliance with semantic constraints in process management systems. Inf Syst Front 14(2):195\u2013219. https:\/\/doi.org\/10.1007\/s10796-009-9185-9","journal-title":"Inf Syst Front"},{"issue":"4","key":"985_CR30","doi-asserted-by":"publisher","first-page":"153","DOI":"10.1016\/j.csi.2010.01.006","volume":"32","author":"D Mellado","year":"2010","unstructured":"Mellado D, Blanco C, S\u00e1nchez LE, Fern\u00e1ndez-Medina E (2010) A systematic review of security requirements engineering. Comput Stand Interfaces 32(4):153\u2013165. https:\/\/doi.org\/10.1016\/j.csi.2010.01.006","journal-title":"Comput Stand Interfaces"},{"key":"985_CR31","doi-asserted-by":"publisher","DOI":"10.19153\/cleiej.17.2.2","author":"LEM Morales","year":"2014","unstructured":"Morales LEM (2014) Business process verification: the application of model checking and timed automata. CLEI Electron J. https:\/\/doi.org\/10.19153\/cleiej.17.2.2","journal-title":"CLEI Electron J"},{"key":"985_CR32","doi-asserted-by":"publisher","DOI":"10.1007\/s10257-017-0354-y","author":"AM Mustapha","year":"2017","unstructured":"Mustapha AM, Arogundade OT, Vincent OR, Adeniran OJ (2017) Towards a compliance requirement management for SMSEs: a model and architecture. IseB. https:\/\/doi.org\/10.1007\/s10257-017-0354-y","journal-title":"IseB"},{"key":"985_CR33","doi-asserted-by":"crossref","unstructured":"Papazoglou MP (2011) Making business processes compliant to standards and regulations. In: 2011 15th IEEE international enterprise distributed object computing conference (EDOC). IEEE, pp 3\u201313","DOI":"10.1109\/EDOC.2011.37"},{"key":"985_CR34","unstructured":"Pham TA, Nhan LT (2016) Checking the compliance of business processes and business rules using OWL 2 ontology and SWRL. In: Proceedings of the second international Afro-European conference for industrial advancement AECIA 2015. Springer, pp 11\u201320"},{"key":"985_CR35","doi-asserted-by":"publisher","first-page":"159","DOI":"10.1007\/978-3-642-01982-1_8","volume-title":"Handbook on business process management","author":"S Sadiq","year":"2015","unstructured":"Sadiq S, Governatori G (2015) Managing regulatory compliance in business processes. In: vom Brocke J, Rosemann M (eds) Handbook on business process management, vol 2. Springer, Berlin, pp 159\u2013175. https:\/\/doi.org\/10.1007\/978-3-642-01982-1_8"},{"key":"985_CR36","doi-asserted-by":"crossref","unstructured":"Schumm D, Turetken O, Kokash N, Elgammal A, Leymann F, Van Den Heuvel W-J (2010) Business process compliance through reusable units of compliant processes. In: International conference on web engineering. Springer, Berlin, pp 325\u2013337","DOI":"10.1007\/978-3-642-16985-4_29"},{"key":"985_CR37","doi-asserted-by":"publisher","first-page":"109","DOI":"10.1016\/j.future.2016.07.013","volume":"67","author":"S Singh","year":"2017","unstructured":"Singh S, Sidhu J (2017) Compliance-based multi-dimensional trust evaluation system for determining trustworthiness of cloud service providers. Future Gener Comput Syst 67:109\u2013132. https:\/\/doi.org\/10.1016\/j.future.2016.07.013","journal-title":"Future Gener Comput Syst"},{"key":"985_CR38","doi-asserted-by":"crossref","unstructured":"Stratigaki C, Nikolaidou M, Loucopoulos P, Anagnostopoulos D (2016) Business process elicitation from regulatory compliance documents: an E-Government case study. In: 2016 IEEE 18th conference on business informatics (CBI), vol 2. IEEE, pp 8\u201313","DOI":"10.1109\/CBI.2016.43"},{"key":"985_CR39","unstructured":"T\u00fcretken O, Elgammal A, van den Heuvel WJ, Papazoglou MP (2011) Enforcing compliance on business processes through the use of patterns. In: ECIS"}],"container-title":["International Journal of System Assurance Engineering and Management"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/s13198-020-00985-w.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/link.springer.com\/article\/10.1007\/s13198-020-00985-w\/fulltext.html","content-type":"text\/html","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/s13198-020-00985-w.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2022,10,22]],"date-time":"2022-10-22T03:34:11Z","timestamp":1666409651000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/s13198-020-00985-w"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2020,4,23]]},"references-count":39,"journal-issue":{"issue":"3","published-print":{"date-parts":[[2020,6]]}},"alternative-id":["985"],"URL":"https:\/\/doi.org\/10.1007\/s13198-020-00985-w","relation":{},"ISSN":["0975-6809","0976-4348"],"issn-type":[{"value":"0975-6809","type":"print"},{"value":"0976-4348","type":"electronic"}],"subject":[],"published":{"date-parts":[[2020,4,23]]},"assertion":[{"value":"11 June 2018","order":1,"name":"received","label":"Received","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"10 August 2019","order":2,"name":"revised","label":"Revised","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"23 April 2020","order":3,"name":"first_online","label":"First Online","group":{"name":"ArticleHistory","label":"Article History"}}]}}