[AISWorld] CfP: Workshop on Governance Risk and Compliance in IS (GRCIS'13) at CAiSE'13

[Marta Indulska]

5th INTERNATIONAL WORKSHOP ON GOVERNANCE, RISK AND COMPLIANCE -  APPLICATIONS IN INFORMATION SYSTEMS (GRCIS'13)
http://www.grcis.com

18 June, 2013
Valencia, Spain
In conjunction with CAiSE'13 (http://www.pros.upv.es/index.php/en/home-caise2013)

IMPORTANT DATES
Paper Submission: March 11, 2013
Notification of acceptance: April 29, 2013
Camera ready: May 13, 2013
Workshop: June 18, 2013

BACKGROUND
The importance of governance and associated issues of compliance and risk management is well recognized in enterprise systems. This importance has dramatically increased over the last decade as a result of numerous events that led to some of the largest scandals in corporate history. The governance, risk and compliance market is estimated to be worth over $32 billion, with a typical Standard & Poor’s 500 company spending an average of $4 million on compliance annually. Tool support for governance, risk and compliance related initiatives is provided by over 100 software vendors, however, while the tools have on average tripled in price since 2003, they are often insufficient to meet organizational needs. At the same time, there is an increasing complexity in the facilitation of compliant business processes, which stems from an increasing number of regulations, frequent and dynamic changes, as well as shared processes and services executing in highly decentralized environments.

In the age of outsourcing, dynamic business networks, and global commerce, it is inevitable that organizations will need to develop methods, tools and techniques to design, engineer, and assess processes and services that meet regulatory, standard and contractual obligations. Governance, Risk and Compliance (GRC) can be expected to play a significant part in several applications. This area is emerging as a critical and challenging area of research and innovation. It introduces, among others, the need for new or adapted modeling approaches for compliance requirements, extension of process and service modeling and execution frameworks for compliance and risk management, and detection of policy violations. In addition, it introduces questions relating specifically to the use of technology to support compliance management. For example, how auditors and regulators can put into use techniques like continuous monitoring and data analysis to assess whether an organization complies with relevant rules and regulations, or how technology can be used to support assessment of design and operational effectiveness of controls.

This workshop will provide, for the fifth year running, a forum for researchers from diverse areas and make a consolidated contribution in the form of new and extended methods that address the challenges of governance, risk and compliance in information systems. Industry papers are also encouraged at this workshop. 

TOPICS OF INTEREST
Topics covered by the workshop will include at least the following:
*Policy definition and enforcement 
*Smart auditing & technologies for compliance assurance 
*Compliant service and process design 
*Compliance and Risk Aware Business Process Management 
*Non-compliant process identification 
*ICT-enabled risk management 
*Visualization and simulation of risk in process models 
*Governance processes 
*Integration and effectuation of multiple regulatory standards 
*Compliance, risk and tolerance metrics 
*Organizational structures to support compliance 
*Requirements engineering for compliant information systems 
*Implementations of compliance technologies 
*Separation of duties/Separation of rights 
*Decision tracing 
*Data provenance and lineage 
*Work tracking 
*Violation detection 
*Applications of RuleML, SBVR, and other rule modeling approaches 
*Risk management and governance in software projects 
*Conformance to process reference models 
*Applications, case studies and use cases 

Submitted papers will be evaluated on the basis of significance, originality, technical quality, and exposition. Accepted papers will be published in online CEUR proceedings. Papers should clearly establish the research contribution, and relation to previous research. Position, survey and industry papers are also welcome. 

SUBMISSION DETAILS
Papers should be submitted in PDF format. The results described must be unpublished and must not be under review elsewhere. Submissions must conform to Springer's LNCS format and should not exceed 14 pages, including all text, figures, references and appendices. Information about the Springer LNCS format can be found at www.springer.de/comp/lncs/authors.html. It is expected that at least one author of each accepted paper will register for and attend the workshop. Papers should be submitted via the EasyChair submission system found at  https://www.easychair.org/conferences/?conf=grcis2013

CO-CHAIRS
Marta Indulska - The University of Queensland
Michael zur Muehlen - Stevens Institute of Technology
Shazia Sadiq - The University of Queensland
Yao-Hua Tan - Delft University of Technology

CONTACT
Email: grcis AT business.uq.edu.au

-- 
A/Prof Marta Indulska
UQ Business School
The University of Queensland
St Lucia, QLD 4072
Australia
W: +61-7-33468131
F:  +61-7-33468166