Abstract Business processes are subject to regulations, and complying with them is crucial to organizational success. To monitor regulatory compliance at run-time, conformance checking approaches compare process executions with a to-be process model. However, a mismatch often arises between process models and regulations that affect the process: models may impose too many constraints (i.e., overspecification) or fail to adequately capture regulatory requirements (i.e., underspecification). In this paper, we investigate this mismatch by developing a taxonomy of regulations for business processes, aiming to facilitate the application of conformance checking for run-time compliance monitoring. We evaluate the taxonomy through focus group meetings and an illustrative scenario. Using the taxonomy, we identify practical needs as well as existing scientific support for compliance checking of regulations for business processes. By contrasting these perspectives, we derive directions for future research and propose a novel view on the requirements for process modeling and conformance checking to enable holistic compliance monitoring in organizational practice.
Grohs et al. (Mon,) studied this question.