This document proposes a method for constructing policy models in financial institutions to improve requirements engineering. The method defines responsibilities and ensures policies align across organizational levels from strategic to technical. It analyzes reliability of the policy system and its impact on business processes. The case study examines operational risk management policies in a bank to demonstrate defining policy outcomes and responsibilities for each process according to Basel II requirements.
Controlling and organization of international businessArpit Amar
When we talk about International Business we think of certain concepts like strategy, planning, marketing, finance and so on. This presentation certainly focus on aspects which includes how to control and organize these functions and which instruments and application should be used for them.
This was a presentation made by me during MBA program in Germany under the supervision of Dr.Prof. Schminke.
Controlling and organization of international businessArpit Amar
When we talk about International Business we think of certain concepts like strategy, planning, marketing, finance and so on. This presentation certainly focus on aspects which includes how to control and organize these functions and which instruments and application should be used for them.
This was a presentation made by me during MBA program in Germany under the supervision of Dr.Prof. Schminke.
Enterprise Governance in Web 2.0 World OverviewMichael Ruiz
Enterprise Governance is a framework that was created by the Enterprise Governance Working Group at BearingPoint, Inc and continued at Deloitte Consulting. Enterprise Governance is a well-define set of processes, procedures, and feedback mechanisms for more effectively governing large scale enterprises. Enterprise Governance leverages the power of crowd sourcing to solicit and elicit input from the enterprise at large. This presentation was given as a series of lecture at Virginia Commonwealth University School of Business.
Governance relates to management, policies, procedures, and decisions for a given area of enterprise responsibility.Hence IT related assets should be governed in way that it will of profitability to the company in order to achieve its goals and objectives.
Proven Paradigm for Creating Enterprise Project and Portfolio Management Adop...UMT
Capability Maturity Assessment is one of the tools consistently leveraged by Enterprise Project and Portfolio Manage-ment (EPM) practitioners in the creation of adoption roadmaps for organizations that are creating momentum for change with the objective of improving internal governance. Historically, the problem has been addressed in parallel at the Project, Program, or Portfolio levels, and in many cases the solutions devised have been independent of one anoth-er, potentially missing on integration aspects that could greatly improve overall results. In the past couple of years, new methodologies that attempt to encompass all three disciplines have been developed, including OPM3 from the PMI.
Cancer cell metabolism: special Reference to Lactate PathwayAADYARAJPANDEY1
Normal Cell Metabolism:
Cellular respiration describes the series of steps that cells use to break down sugar and other chemicals to get the energy we need to function.
Energy is stored in the bonds of glucose and when glucose is broken down, much of that energy is released.
Cell utilize energy in the form of ATP.
The first step of respiration is called glycolysis. In a series of steps, glycolysis breaks glucose into two smaller molecules - a chemical called pyruvate. A small amount of ATP is formed during this process.
Most healthy cells continue the breakdown in a second process, called the Kreb's cycle. The Kreb's cycle allows cells to “burn” the pyruvates made in glycolysis to get more ATP.
The last step in the breakdown of glucose is called oxidative phosphorylation (Ox-Phos).
It takes place in specialized cell structures called mitochondria. This process produces a large amount of ATP. Importantly, cells need oxygen to complete oxidative phosphorylation.
If a cell completes only glycolysis, only 2 molecules of ATP are made per glucose. However, if the cell completes the entire respiration process (glycolysis - Kreb's - oxidative phosphorylation), about 36 molecules of ATP are created, giving it much more energy to use.
IN CANCER CELL:
Unlike healthy cells that "burn" the entire molecule of sugar to capture a large amount of energy as ATP, cancer cells are wasteful.
Cancer cells only partially break down sugar molecules. They overuse the first step of respiration, glycolysis. They frequently do not complete the second step, oxidative phosphorylation.
This results in only 2 molecules of ATP per each glucose molecule instead of the 36 or so ATPs healthy cells gain. As a result, cancer cells need to use a lot more sugar molecules to get enough energy to survive.
Unlike healthy cells that "burn" the entire molecule of sugar to capture a large amount of energy as ATP, cancer cells are wasteful.
Cancer cells only partially break down sugar molecules. They overuse the first step of respiration, glycolysis. They frequently do not complete the second step, oxidative phosphorylation.
This results in only 2 molecules of ATP per each glucose molecule instead of the 36 or so ATPs healthy cells gain. As a result, cancer cells need to use a lot more sugar molecules to get enough energy to survive.
introduction to WARBERG PHENOMENA:
WARBURG EFFECT Usually, cancer cells are highly glycolytic (glucose addiction) and take up more glucose than do normal cells from outside.
Otto Heinrich Warburg (; 8 October 1883 – 1 August 1970) In 1931 was awarded the Nobel Prize in Physiology for his "discovery of the nature and mode of action of the respiratory enzyme.
WARNBURG EFFECT : cancer cells under aerobic (well-oxygenated) conditions to metabolize glucose to lactate (aerobic glycolysis) is known as the Warburg effect. Warburg made the observation that tumor slices consume glucose and secrete lactate at a higher rate than normal tissues.
Earliest Galaxies in the JADES Origins Field: Luminosity Function and Cosmic ...Sérgio Sacani
We characterize the earliest galaxy population in the JADES Origins Field (JOF), the deepest
imaging field observed with JWST. We make use of the ancillary Hubble optical images (5 filters
spanning 0.4−0.9µm) and novel JWST images with 14 filters spanning 0.8−5µm, including 7 mediumband filters, and reaching total exposure times of up to 46 hours per filter. We combine all our data
at > 2.3µm to construct an ultradeep image, reaching as deep as ≈ 31.4 AB mag in the stack and
30.3-31.0 AB mag (5σ, r = 0.1” circular aperture) in individual filters. We measure photometric
redshifts and use robust selection criteria to identify a sample of eight galaxy candidates at redshifts
z = 11.5 − 15. These objects show compact half-light radii of R1/2 ∼ 50 − 200pc, stellar masses of
M⋆ ∼ 107−108M⊙, and star-formation rates of SFR ∼ 0.1−1 M⊙ yr−1
. Our search finds no candidates
at 15 < z < 20, placing upper limits at these redshifts. We develop a forward modeling approach to
infer the properties of the evolving luminosity function without binning in redshift or luminosity that
marginalizes over the photometric redshift uncertainty of our candidate galaxies and incorporates the
impact of non-detections. We find a z = 12 luminosity function in good agreement with prior results,
and that the luminosity function normalization and UV luminosity density decline by a factor of ∼ 2.5
from z = 12 to z = 14. We discuss the possible implications of our results in the context of theoretical
models for evolution of the dark matter halo mass function.
Richard's aventures in two entangled wonderlandsRichard Gill
Since the loophole-free Bell experiments of 2020 and the Nobel prizes in physics of 2022, critics of Bell's work have retreated to the fortress of super-determinism. Now, super-determinism is a derogatory word - it just means "determinism". Palmer, Hance and Hossenfelder argue that quantum mechanics and determinism are not incompatible, using a sophisticated mathematical construction based on a subtle thinning of allowed states and measurements in quantum mechanics, such that what is left appears to make Bell's argument fail, without altering the empirical predictions of quantum mechanics. I think however that it is a smoke screen, and the slogan "lost in math" comes to my mind. I will discuss some other recent disproofs of Bell's theorem using the language of causality based on causal graphs. Causal thinking is also central to law and justice. I will mention surprising connections to my work on serial killer nurse cases, in particular the Dutch case of Lucia de Berk and the current UK case of Lucy Letby.
Slide 1: Title Slide
Extrachromosomal Inheritance
Slide 2: Introduction to Extrachromosomal Inheritance
Definition: Extrachromosomal inheritance refers to the transmission of genetic material that is not found within the nucleus.
Key Components: Involves genes located in mitochondria, chloroplasts, and plasmids.
Slide 3: Mitochondrial Inheritance
Mitochondria: Organelles responsible for energy production.
Mitochondrial DNA (mtDNA): Circular DNA molecule found in mitochondria.
Inheritance Pattern: Maternally inherited, meaning it is passed from mothers to all their offspring.
Diseases: Examples include Leber’s hereditary optic neuropathy (LHON) and mitochondrial myopathy.
Slide 4: Chloroplast Inheritance
Chloroplasts: Organelles responsible for photosynthesis in plants.
Chloroplast DNA (cpDNA): Circular DNA molecule found in chloroplasts.
Inheritance Pattern: Often maternally inherited in most plants, but can vary in some species.
Examples: Variegation in plants, where leaf color patterns are determined by chloroplast DNA.
Slide 5: Plasmid Inheritance
Plasmids: Small, circular DNA molecules found in bacteria and some eukaryotes.
Features: Can carry antibiotic resistance genes and can be transferred between cells through processes like conjugation.
Significance: Important in biotechnology for gene cloning and genetic engineering.
Slide 6: Mechanisms of Extrachromosomal Inheritance
Non-Mendelian Patterns: Do not follow Mendel’s laws of inheritance.
Cytoplasmic Segregation: During cell division, organelles like mitochondria and chloroplasts are randomly distributed to daughter cells.
Heteroplasmy: Presence of more than one type of organellar genome within a cell, leading to variation in expression.
Slide 7: Examples of Extrachromosomal Inheritance
Four O’clock Plant (Mirabilis jalapa): Shows variegated leaves due to different cpDNA in leaf cells.
Petite Mutants in Yeast: Result from mutations in mitochondrial DNA affecting respiration.
Slide 8: Importance of Extrachromosomal Inheritance
Evolution: Provides insight into the evolution of eukaryotic cells.
Medicine: Understanding mitochondrial inheritance helps in diagnosing and treating mitochondrial diseases.
Agriculture: Chloroplast inheritance can be used in plant breeding and genetic modification.
Slide 9: Recent Research and Advances
Gene Editing: Techniques like CRISPR-Cas9 are being used to edit mitochondrial and chloroplast DNA.
Therapies: Development of mitochondrial replacement therapy (MRT) for preventing mitochondrial diseases.
Slide 10: Conclusion
Summary: Extrachromosomal inheritance involves the transmission of genetic material outside the nucleus and plays a crucial role in genetics, medicine, and biotechnology.
Future Directions: Continued research and technological advancements hold promise for new treatments and applications.
Slide 11: Questions and Discussion
Invite Audience: Open the floor for any questions or further discussion on the topic.
Seminar of U.V. Spectroscopy by SAMIR PANDASAMIR PANDA
Spectroscopy is a branch of science dealing the study of interaction of electromagnetic radiation with matter.
Ultraviolet-visible spectroscopy refers to absorption spectroscopy or reflect spectroscopy in the UV-VIS spectral region.
Ultraviolet-visible spectroscopy is an analytical method that can measure the amount of light received by the analyte.
A brief information about the SCOP protein database used in bioinformatics.
The Structural Classification of Proteins (SCOP) database is a comprehensive and authoritative resource for the structural and evolutionary relationships of proteins. It provides a detailed and curated classification of protein structures, grouping them into families, superfamilies, and folds based on their structural and sequence similarities.
The increased availability of biomedical data, particularly in the public domain, offers the opportunity to better understand human health and to develop effective therapeutics for a wide range of unmet medical needs. However, data scientists remain stymied by the fact that data remain hard to find and to productively reuse because data and their metadata i) are wholly inaccessible, ii) are in non-standard or incompatible representations, iii) do not conform to community standards, and iv) have unclear or highly restricted terms and conditions that preclude legitimate reuse. These limitations require a rethink on data can be made machine and AI-ready - the key motivation behind the FAIR Guiding Principles. Concurrently, while recent efforts have explored the use of deep learning to fuse disparate data into predictive models for a wide range of biomedical applications, these models often fail even when the correct answer is already known, and fail to explain individual predictions in terms that data scientists can appreciate. These limitations suggest that new methods to produce practical artificial intelligence are still needed.
In this talk, I will discuss our work in (1) building an integrative knowledge infrastructure to prepare FAIR and "AI-ready" data and services along with (2) neurosymbolic AI methods to improve the quality of predictions and to generate plausible explanations. Attention is given to standards, platforms, and methods to wrangle knowledge into simple, but effective semantic and latent representations, and to make these available into standards-compliant and discoverable interfaces that can be used in model building, validation, and explanation. Our work, and those of others in the field, creates a baseline for building trustworthy and easy to deploy AI models in biomedicine.
Bio
Dr. Michel Dumontier is the Distinguished Professor of Data Science at Maastricht University, founder and executive director of the Institute of Data Science, and co-founder of the FAIR (Findable, Accessible, Interoperable and Reusable) data principles. His research explores socio-technological approaches for responsible discovery science, which includes collaborative multi-modal knowledge graphs, privacy-preserving distributed data mining, and AI methods for drug discovery and personalized medicine. His work is supported through the Dutch National Research Agenda, the Netherlands Organisation for Scientific Research, Horizon Europe, the European Open Science Cloud, the US National Institutes of Health, and a Marie-Curie Innovative Training Network. He is the editor-in-chief for the journal Data Science and is internationally recognized for his contributions in bioinformatics, biomedical informatics, and semantic technologies including ontologies and linked data.
Professional air quality monitoring systems provide immediate, on-site data for analysis, compliance, and decision-making.
Monitor common gases, weather parameters, particulates.
An ontology for requirements analysis of managers’ policies in financial institutions
1. An Ontology for Requirements Analysis of Managers’
Policies in Financial Institutions
C. Feltus1
and A. Rifaut1
1
Centre de Recherche Public Henri Tudor, 29, Avenue John F.Kennedy, L-1855
Luxembourg-Kirchberg, Luxembourg (http://www.tudor.lu)
{Christophe.Feltus, Andre.Rifaut}@tudor.lu
Abstract. Policies are an important organizational tool giving an effective support
for building business systems, from the strategic level down to the operational and
technical levels. In particular, policies are a cornerstone for the governance system
of financial institutions. In international organizations, a lot of policies span all
country-local representatives and span all organizational levels. This work is part
of a series concerning the improvement of requirements engineering methods for
process-based organizations. This requires enhancing a shared vision between
employees of the process responsibilities, by advocating cross-functional thinking
with the focus set to the outcomes of the processes, and defining the outcomes in
relationship with the business goals. We complement the works on business
process models by the managers’ concerns, i.e. the managers’ responsibilities for
value to be delivered by the processes. This research proposes a method for
constructing policy models. Ontology is defined for interoperability purposes of
the models of different organizational levels. The main formal analyse that is used
for verification purposes is the reliability of the policy system and its impact on the
reliability of the operational system which is one important objective of recent
governance regulations.
1 Introduction
Policies are an important organizational tool giving an effective support for
building business systems, from the strategic level down to the operational and
technical levels. In particular, policies are a cornerstone for the governance system
of financial institutions. In international organizations, a lot of policies span all
country-local representatives (e.g. policies addressing the organization strategy, or
the international regulations) and span all organizational levels.
2. 2 C. Feltus and A. Rifaut
This work is part of a series concerning the improvement of requirements
engineering methods for process-based organizations, in particular for financial
institutions. This requires enhancing a shared vision between employees of the
process responsibilities, by enhancing cross-functional thinking with the focus set
to the outcomes of the processes, and defining the outcomes in relationship with
the business goals [1]. We complement the works on business process models [2]
by the managers’ concerns, i.e. the managers’ responsibilities for value to be
delivered by the processes. This research proposes a method for constructing those
policy models, i.e. defining sets of assigned responsibilities in the organization.
Ontology is defined for interoperability purposes between the different models and
grounded in a standard first-order linear temporal logic semantics when more
expressive power is needed than descriptive logics [3]. The main formal analyse
that can be used for verification purposes is the reliability of the policy system and
its impact on the reliability of the operational system. Actually, reliability is one
important objective of recent governance regulations [4][5].
For each process, define the core outcomes
of the business and the manager’s
commitments for fulfillingthem.
Collect the business objectives.
Collect the value delivery assurance
level forthe business objectives.
For each process,
select the assurance
profile
For each process, add accountabilities and
commitments to ensure capabilities
required bythe assurance profile
For each process, define the employees’ commitments, accountabilities
and capabilities and addthe separation of duties for all resources
Analysefinancial,operational,technical
feasibility.Assesscostsandbenefits
For each process, define the
manager’s capabilities (rights) to
fulfil its commitments.
For each process, select
the minimal cardinality
of the cut-sets based on
the human resources
For each process, define the core outcomes
of the business and the manager’s
commitments for fulfillingthem.
Collect the business objectives.
Collect the value delivery assurance
level forthe business objectives.
For each process,
select the assurance
profile
For each process, add accountabilities and
commitments to ensure capabilities
required bythe assurance profile
For each process, define the employees’ commitments, accountabilities
and capabilities and addthe separation of duties for all resources
Analysefinancial,operational,technical
feasibility.Assesscostsandbenefits
For each process, define the
manager’s capabilities (rights) to
fulfil its commitments.
For each process, select
the minimal cardinality
of the cut-sets based on
the human resources
Fig. 1. Method for defining policies ensuring a value delivery assurance level
The main focus of research about policy in IT systems concerns the design of
policies and the design of IT systems that efficiently operate those policies, the
ability of those policies to express concepts such as segregation of duties,
delegation (of rights, permissions, and obligations), accountability, ... [6][7]. Our
proposal complements those results by easing the elicitation of requirements for
managers’ policies and relies on 4 principles. First, the design of policies must be
done in tight relationship with objectives, strategies, and key indicators. Second, all
organizational levels must be addressed including aspects outside the scope of IT
systems and Information System (IS). Third, responsibilities must be fully
decomposed into the capabilities (i.e. permissions and rights), the commitments
(i.e. the obligations or goals to fulfil) and the accountability requirements. Fourth,
policies must always be related to the enforcement of an optimal resource usage in
regard to the defined objectives, strategies, and indicators. This paper details the
method presented in Figure 1.
3. An Ontology for Requirements Analysis of Managers’ Policies in Financial Institutions 3
Table 1. Purpose and outcomes of the Operational Risk Mitigation/Control process
Operational Risk Mitigation/Control (BORO.1)
Purpose The purpose of the Operational Risk Mitigation/Control process is to miti-
gate the assessed operational risks and to manage operational risk impact.
Outcome
1
An operational risk mitigation and control strategy is developed, including
the principles of how operational risk is to be mitigated and how its
realization is to be control, according to the size, the sophistication, the
nature and the complexity of the bank’s activity;
Outcome
2
The existing option to mitigate risk are analyzed and, for each risk, the most
in accordance with bank's strategy is chosen;
…
The rest of this Section presents the case study that will be used and the aims and
context of our research for process-based organizations. The ontology of
operational assurance level of business process is explained in Section 2. For all
step of the construction process analyses of policies are described in Section 3.
Then the ontology of more IT-oriented policies is presented in Section 4, with an
example how to derive those policies from managers’ policies. The last section
concludes on the originality of our work and presents the future works.
Our case study is based on the Basel II Accord [5] that defines the requirements
of operational risk management systems that must be implemented in Banks. Those
requirements have been structured in our previous works [9] (the result is freely
accessible on the website of CSSF, the Luxemburg Bank Regulators, [10]; see the
example in Table 1 about the operational risk mitigation process).
Our case study focuses concerns an operational risk management system
implementation. The corporate operational risk management team (CORMT) has
specialized sub-teams for each Business Unit, in particular for Venture Capital
Management (i.e. CORMT-AM related to the Business Line “Asset Management”)
and for Securities Management (i.e. CORMT-CF related to the Business Line
“Corporate Finance”). The Basel II corporate policy imposes that each business
line is responsible for the day-to-day management of its own risks; however, the
implementation of the risk management system is the responsibility of the
corporate operational risk management team. Each business unit manager assigns
clerks to collect the operational risk data.
Technicallevel
Operationallevel
Tacticallevel
Strategiclevel
E.g. in the IT domain:
applications, components, …Procedures
Business
processes
Business
value
Objectives
Indicators
StrategiesPolicies
Goals
Indicators
StrategiesPolicies
Goals
Indicators
StrategiesPolicies
Standard view of
organizational layers
Concepts
and artifacts of
organizational layers
Goals
Indicators
StrategiesPolicies
Goals
Indicators
StrategiesPolicies
Goals
Indicators
StrategiesPolicies
Goals
Indicators
StrategiesPolicies
Technicallevel
Operationallevel
Tacticallevel
Strategiclevel
E.g. in the IT domain:
applications, components, …Procedures
Business
processes
Business
value
Technicallevel
Operationallevel
Tacticallevel
Strategiclevel
Technicallevel
Operationallevel
Tacticallevel
Strategiclevel
E.g. in the IT domain:
applications, components, …Procedures
Business
processes
Business
value
E.g. in the IT domain:
applications, components, …Procedures
Business
processes
Business
value
Objectives
Indicators
StrategiesPolicies
Goals
Indicators
StrategiesPolicies
Goals
Indicators
StrategiesPolicies
Standard view of
organizational layers
Concepts
and artifacts of
organizational layers
Goals
Indicators
StrategiesPolicies
Goals
Indicators
StrategiesPolicies
Goals
Indicators
StrategiesPolicies
Goals
Indicators
StrategiesPolicies
Fig. 2. The alignment of policies in management methods
4. 4 C. Feltus and A. Rifaut
1.1 Process Models for Business Process Managers
Our global approach, presented in [11], is based on the organizational pyramid [12]
used in international financial institutions in order to align policies with business
processes described with goal-oriented models [13]. In the context of financial
regulations, a good governance system is based on the 4 organizational layers [14]
(strategic, tactical, operational and technical levels on Figure 2) for aligning
business value[15], business processes, procedures and technical artefacts [16]
(such as IT applications in the IT domain). The core of the ontology used for this
alignment is presented at the bottom of Figure 1: objectives, strategies, policies and
indicators [17]. The formal definition of those 4 core concepts of the ontology
relies on goal-oriented models [18][19], with their semantics presented in the
context of the requirements engineering language i* [20][13].
This framework allows abstracting requirements from implementation details
as much as possible in order for managers being able to assess the effectiveness
and efficiency of the processes in relationship with the business goals. A number of
methods exist for assessing this alignment that have been created for managers,
such as e.g. the Balanced Score Card [21]. Our proposal complements those
methods by using a goal-oriented description of business processes similar to the
one used for process models used in the standard ISO/IEC 15504 [13]. For each
process, this standard imposes to define the main goal of the process (the purpose),
the sub-goals (outcomes) for which an objective judgment can be made upon their
fulfilment on the basis of the indicators of the outcomes. Indicators are categorized
into base practices, work-products, and resources.
Fig. 3. Ontology of business process goal, indicators and assurance profile.
5. An Ontology for Requirements Analysis of Managers’ Policies in Financial Institutions 5
1.2 Operational assurance profile
A number of case studies [22][9][23] have shown that with this goal-oriented
model, the goals concerning managers can easily be described (together with the
expected outcomes) and linked to the business goals and the business system
implementation goals. Indeed, in addition to process-specific outcomes shown in
the preceding table, other generic outcomes (not shown) concern the process
performance management (i.e. planning and monitoring, availability of resources
and information, …), the work-product management (work-product control and
review, …), the process definition, the process deployment, … In Section 2, those
typical outcomes are the main concern of operational policies imposed by business
process managers. In [9] it is shown how the interaction between processes can be
precisely analyzed at that high-level of abstraction suited for business unit
managers, allowing them to delegate process implementation and still being able to
assess that the implemented system is faithful to the requirements. On Figure 3 is
shown the ontology for modelling process goals and indicators. For clarity
purposes, the concepts “process system implementation” and “goal” have not been
displayed on the diagram, but the concepts “purpose”, “outcome”, “indicator”
(refining the outcomes) and “business goal” (this latter not shown) are sub-classes
of the concept “goal”.
Op. risk
system implemented
(achievement)
Risk
categories reviewed
(doing)
Risk
categories reviewed
(doing)
Obligation Obligation
Oblig-
ation
Operational
risk managed
(goal)
Op. risk
system used
(achievement)
Oblig-
ation
Head of CORMT
Member CORMT-AM Member CORMT-CF
Head of BU
Venture-Capital
Risk data assessed
(doing)
Obligation
Member BU Venture-Capital
Op. risk
system implemented
(achievement)
Risk
categories reviewed
(doing)
Risk
categories reviewed
(doing)
Obligation Obligation
Oblig-
ation
Operational
risk managed
(goal)
Op. risk
system used
(achievement)
Oblig-
ation
Head of CORMT
Member CORMT-AM Member CORMT-CF
Head of BU
Venture-Capital
Risk data assessed
(doing)
Obligation
Member BU Venture-Capital
Fig. 4. Vertical responsibility refinement
With this ontology assurance profiles are sets of outcomes that defines the
operational assurance of each system implementation. The generic outcomes have
a comprehensive set of pre-defined indicators. Those generic outcomes and
indicators are typical concerns of managers. So, it easy for them to select the best
assurance level and assess its financial, organizational and technical feasibility. For
instance, the “venture capital work-product management” assurance profile
includes all outcomes imposing that the venture capital documents are controlled
and reviewed. Process system implementations (e.g. one for each country) must be
compliant to this profile. This assurance profile depends on the business domain of
the business process, showing the specificities of each country-local system
6. 6 C. Feltus and A. Rifaut
implementation made by managers. When an assurance profile is selected, it is
easier to constructively build an integrated set of policies (i.e. set of assigned
responsibilities) ensuring the profile.
2 Policies for Business Process Managers
This section details the ontology used for defining policies that is adequate for
business process managers which aim is to address the completeness of the
responsibilities included in a policy to ensure the operational reliability as required
by the selected operational assurance profile. Recall that a policy is a set of
responsibilities, including the associated goals, and assignments to resources.
Fig. 5. Ontology of vertical responsibility refinement
2.1 Vertical responsibility decomposition
The ontology distinguishes between, first, high-level policies concerning the work
of managers aiming at the creation, maintenance, and optimization of their process
(“responsibility-for-achievement”), and, second, the policies imposed on, for
instance, clerks when doing the work (or executing the procedures) described in
the business processes (“responsibility-for-doing”).
In the example shown on Figure 4, the corporate goal of managing operational
risks is split into two main parts: first the implementation of the operational risk
management system is assigned to the head of the CORMT, and the second part,
the operational use of the system is assigned to each business unit manager (e.g.
the head of venture capital business unit). They have to organize the work of
employees belonging to their unit: the specialized team members (CORMT-AM
and CORMT-CF) must have the knowledge (through coaching or attendance to
courses) for dealing with operational risk categories. In Figure 4, (neutral)
graphical notations are used (instead of showing ontology instances) to ease the
readability: ovals are responsibilities represented by their goals, arrows with labels
are assignments (that will be explained hereafter), and arrows without labels are
goal refinements. Recall that this is a goal-oriented model and this is why
responsibilities are identified with their goal (Figure 5) just like processes are
modelled with their goals decomposition (Figure 3). The three kinds of refinements
in Figure 5 are just refinements of the responsibilities’ goals. This is an advantage
for steering processes because the goal-refinements are driven by the assurance
profile and by the responsibility decomposition.
In most of requirements engineering models of business processes, the scope of
the model tend to show that for the risk data being collected, it is sufficient for the
clerk to (timely and accurately) input the data (and for CORMT-AM or CORMT-
7. An Ontology for Requirements Analysis of Managers’ Policies in Financial Institutions 7
CF to validate the data entered). However, this is only the description of
“responsibility-of-doing”, i.e. the low-level operational aspect. However,
depending on the level of reliability that is required, the goal is reached if and only
if all “sub-responsibilities-of-doing” are fulfilled together with the “responsibi-
lities-of-achievement”. In real case studies the bottom of the tree, i.e. the
“responsibility-of-doing” are rarely sufficient. Indeed, the “principle of exception”
of management theory, shows that it is nearly impossible to detail all managers’
responsibilities into “responsibilities-for-doing” due to unforeseen events. In the
ORDIT methodology [24][25] similar concepts are presented, but not fully
formalized in goals-oriented models and business process models for managers.
Operational
risk managed
(goal)
Op. risk budget
(achievement)
Op. risk
accountability
(achievement)
Op. risk
system used
(achievement)
Right
Right
ObligationObligationObligation
Op. risk account-
ability feedback
(achievement)
Obligation
Board of directors Board of directorsHead of BU Venture-Capital
Operational
risk managed
(goal)
Op. risk budget
(achievement)
Op. risk
accountability
(achievement)
Op. risk
system used
(achievement)
Right
Right
ObligationObligationObligation
Op. risk account-
ability feedback
(achievement)
Obligation
Board of directors Board of directorsHead of BU Venture-Capital
Fig. 6. Full cover of responsibility decomposition
2.2 Full cover of responsibility decomposition
When decomposing responsibilities, all 3 aspects must be covered: in order for a
person being committed to fulfilling a responsibility and accepting to be
accountable for that responsibility, that person always must get the right for having
the capabilities needed to fulfil both its commitment and accountability. A missing
aspect, induced weaknesses in the responsibility system decrease its reliability.
In the running example (see Figure 6), the corporate goal of having an
operational risk management system can be split into the following responsibilities:
the business unit manager is responsible for the day-to-day operational risk
management, whereas the corporate risk manager is responsible for creating an
operational risk system. Of course, both managers must have the capabilities (e.g.
budgets) corresponding to these responsibilities. Moreover, in order to ensure their
commitment, both managers must be accountable for their responsibilities (i.e.
their commitments) and the usage of their rights (i.e. the usage of the capabilities
received). Similarly, when managers are assigning “responsibilities-for-doing”,
then they have to provide all resources needed for employees belonging to their
unit to have sufficient time allocated for operational risk data assessment.
The capabilities required are the resources needed such as some budget and
manpower, the description of the tasks, input/output information, … Those
capabilities are rights for the person responsible of the commitment, but it is an
8. 8 C. Feltus and A. Rifaut
obligation for another person (to provide the capabilities for the first one, see
Figure 6). Accountability is important: one is accountable for both its commitment
and the usage of its rights (i.e. the time usage, the access to some information, the
budget, …) The 3 concepts involved in this decomposition (classes “Responsibility
capability”, “Responsibility commitment”, “Responsibility accountability”) are
subclass of the class “Responsibility” (not shown on Figure 5).
3 Analyses of policy requirements models
Relying on goal-oriented models within which all formal definitions are related to
goals, formal analyses are made through the analysis of the goal model. In practice,
lightweight formal analysis tools such as model checkers, or automatic theorem
provers are used. It has been shown that those tools, although having a limited
formal analysis capability, are efficient with goal-oriented models because most of
errors can be pointed out by making local analyses of the goal model. [26][27]. Our
analysis tool is based on the SWI-Prolog-XPCE Semantic Web Library package
[28] in conjunction of the Otter automated theorem prover [37][36] and using
bounded-model checking techniques for dealing with temporal logic formulae [29].
As said above, there is no intent to have a formal proof of the properties (hence, no
intent to prove the inexistence of counter-examples), but the intent is to exhibit
counter-examples. Formal analyses are presented hereafter.
Reliable responsibility assignment (minimal cut-set) analysis. Policies are a
tool for managers for creating a robust business process implementation system. In
particular, lots of review and control responsibilities that are defined in organiza-
tions and described in our model through the use of operational assurance profiles,
could be seen as redundant work. A traditional concept in reliability theory is the
minimal cut-set of a system [30]. In our case, the cut-set of a process implementa-
tion is a set of goals that when no longer reliable can put at risk the business goals.
Our model allows 3 different minimal cut-sets analyses of the system. First, the
minimal cut-sets of the process assurance profile that points out the different
redundancies (such as a reviewing process). Second, the minimal cut-sets with the
responsibility-for-achievement that represents a degree of redundancy: if the clerk
fails to fulfil its responsibility, the manager might be able to mitigate that failure.
Third, the minimal cut-sets in regard to the completeness of responsibilities
concerning reliable commitments, accountabilities and required capabilities.
Separation-of-duties analyses [31] are made with minimal-cut sets. Indeed,
separation-of-duties aims at increasing the minimal cardinality of all minimal-cut
sets. So, the failure of the process implementation will require the failure of more
independent resources (managers and clerks), hence decreasing its probability.
This analysis is appropriate for non-intentional misbehaviours of managers and
clerks. Basel II statistics indicates the majority of operational risks in financial
institutions occur due to those weaknesses. Dishonest, fraudulent and criminal
behaviours have a limited impact [32].
Minimal obligation set and least privilege analysis. The set of obligations can
be analysed in order to be minimal in accordance to the business goals and in
accordance to the required assurance profile. For each policy, the refinement of the
9. An Ontology for Requirements Analysis of Managers’ Policies in Financial Institutions 9
policy goal into responsibilities must be complete, and the set of responsibilities
must be minimal (i.e. the policy goal is not entailed when removing one
responsibility of the policy). Least privilege requires that the minimal set of rights
be granted in order for the obligations being realizable. Moreover, the
responsibility of accountability imposes that the usage of rights are accounted for.
This implies that the minimal set of rights is also allowed. This actually depends on
the selected assurance profile. For instance, in our case study, a clerk having the
“responsibility-for-doing” of assessing the operational risk data will have the right
of using time-slots for doing that just in case the selected assurance profile includes
the resource allocation outcome of the process performance management purpose.
maybe_non_minimal_policy(Policy) :-
bagof(GoalFormalDefinition #<=> B,
Responsibility^(Goal^(Resource
(rdf_db:rdf(Policy, has_responsibility, Responsibility),
rdf_db:rdf(Responsibility, obligation_is_assigned_to, Resource),
rdf_db:rdf(Responsibility, has_goal, Goal),
rdf_db:rdf(Goal, has_formal_definition, GoalFormalDefinition)
)), ConstraintSet),
rdf_db:rdf(Policy, policy_has_goal, PolicyGoal),
rdf_db:rdf(PoliyGoal, has_formal_definition, PolicyGoalFormalDefinition),
length(ConstraintSet,L), L1 is L-1, + run_OTTER(
select_constraint(ConstraintSet, L1), PolicyGoalFormalDefinition #<=> 0 ).
Fig. 7. SWI-Prolog code for identifying non-minimal policy obligation sets
The example shown in the Figure 7, detects a non-minimal obligation set by
removing one obligation that do not produce any goal violation for the new
refinement. (Note that out tool cannot to detect all non-minimal obligation sets due
to the limitations of bounded model checking.) The Prolog predicate
“select_constraint” just selects successively (on backtracking) all possible subsets
of constraints having a cardinality given in the argument, and the predicate
“run_OTTER” feeds the automated theorem prover with the formulae. (The
namespaces of concepts are not shown for a better readability or the Prolog code.)
Fig. 8. Policy profile for usage control policies
Delegation of responsibilities analyses. [31] The delegation of responsibilities is
implicitly handled in the model. Indeed, one can say that when a manager splits its
“responsibility-for-achievement” into a number of “responsibility-for-doing” that
are assigned to clerks, this is a kind of delegation. Dynamics aspects of the
delegation can be defined in the temporal formulae. However, all delegation chains
have their length and pattern fixed into the goal refinement model because, in
10. 10 C. Feltus and A. Rifaut
financial institutions, the length of delegation chains cannot be fully dynamic.
Analyses on responsibility models (coded in Prolog) are described in [33], but no
method is given for constructing those models from business processes and goals.
Fig. 9. Dynamics of usage right decisions and of attributes
4 The mapping onto policies for IT systems
It is not the intent of this section to describe in details this ontology, but it aims at
showing the principles of the mapping between policies for managers and policies
for IT systems. The mapping onto policies for IT systems is made through the
Usage CONtrol policy family of models [34] because it can represents classical
policy models and can be implemented, for instance, with XACML [35].
permission(Role, Object, Right) :-
rdfs:rdfs_individual_of(Object,
'Work_product'),
rdfs:rdfs_individual_of(Role, 'Resource'),
rdf_db:rdf(Act, has_resource, Role),
((rdf_db:rdf(Act, has_input,Object),
Right=input
);(rdf_db:rdf(Act, has_output,Object),
Right=output )).
ucon_rbac_allowed(Subject, Object, Right) :-
rdfs:rdfs_individual_of(Subject, 'Subject'),
rdfs:rdfs_individual_of(Object, 'Object'),
rdf_db:rdf(Practice, has_resource, Subject),
( rdf_db:rdf(Practice, has_input, Object) ;
rdf_db:rdf(Practice, has_output, Object) ),
rdf_db:rdf(Subject, has_role,Role),
rdf_db:rdf(Object, has_work_product, Work_product),
permission(Role, Work_product, Right).
permission(Role, Object, Right) :-
rdfs:rdfs_individual_of(Object,
'Work_product'),
rdfs:rdfs_individual_of(Role, 'Resource'),
rdf_db:rdf(Act, has_resource, Role),
((rdf_db:rdf(Act, has_input,Object),
Right=input
);(rdf_db:rdf(Act, has_output,Object),
Right=output )).
ucon_rbac_allowed(Subject, Object, Right) :-
rdfs:rdfs_individual_of(Subject, 'Subject'),
rdfs:rdfs_individual_of(Object, 'Object'),
rdf_db:rdf(Practice, has_resource, Subject),
( rdf_db:rdf(Practice, has_input, Object) ;
rdf_db:rdf(Practice, has_output, Object) ),
rdf_db:rdf(Subject, has_role,Role),
rdf_db:rdf(Object, has_work_product, Work_product),
permission(Role, Work_product, Right).
Fig. 10. Prolog code querying the rights allowed to resources (subjects) for a target (object)
The policy model UCON (Figure 8) generalizes of the usual access control policy
model to usage control policy model. This family of models (or meta-model) is
based the well-known concepts: a subject gets some rights for target resources.
However, the focus is no longer on how to structure the attributes of the subjects
and resources (for instance, in a hierarchy of roles and permissions as in RBAC
[34]), but to structure the decision concerning the rights. This is why in addition to
authorizations there are obligations and external conditions that are defined.
Moreover, the dynamics of the decision is considered through the concepts of
ongoing decision controls, and the mutability of attributes. With the concept of
policy profile, RBAC profile (not shown on the Figures) is a specialisation of the
UCON profile “pre authorization immutable” (Figure 9). The Figure 10 illustrates
the link between each ontology by giving the Prolog predicates that are used to
query the rights allowed to resources (subjects) for a target (object). The RBAC
concept of “role” is just mapped onto the concept “subject attribute” of Figure 8.
11. An Ontology for Requirements Analysis of Managers’ Policies in Financial Institutions 11
5 Conclusions and work plan
By using a set of concepts structuring the alignment of policies (goals, indicators,
policies, strategies), structuring the assurance profile of business processes
(purpose and outcomes), structuring the policies themselves, one can provide a set
of analyses that help managers to build their policies, and allow experts to use
lightweight goal-oriented formal analyses. The reliability of policy system can be
formally defined and be the basis of usual requirements on policies such separation
of duties, delegation of responsibilities, … To our knowledge, the operational
assurance profile is not present in requirements engineering models of business
processes. Although sometimes parts of the models concern operational assurance
of the process, it is often too technical and/or spread within the model that makes
difficult for managers to understand and analyse the models.
The work in progress concerns the definition of the value delivery assurance
underlying good governance principles. The reliability of policy systems is an
important basis for analysing the value delivery assurance. A tool is under
construction, based on our ontology-based database. New real case studies in
financial institutions are still in progress (e.g. a model of venture capital fund-of-
funds management). The link between the our models and the technical policies is
still under study with UCON in order to provide a technical layer for the policies
defined by the managers which is based on new technologies, such as DRM.
6 References
[1] M. Hammer (1996) Beyond Reengineering: How the Process-Centered Organization
is Changing Our Lives. HarperBusiness.
[2] A. Gunasekaran and B. Kobu (2002) Modelling and analysis of business process
reengineering, Int. J. Prod. Res., 2002, vol. 40, no. 11, 2521:2546
[3] F. Baader et al., editors. (2003) The Description Logic Handbook: Theory,
Implementation, and Applications. Cambridge University Press.
[4] IFRS: International Financial Reporting Standards, IASCF, USA. SoX: Sarbanes
Oxley Act of 2002, USA. COSO: Internal Control – Integrated Framework, CSOTC.
[5] Basel Committee on Banking Supervision (2004) International Convergence of
Capital Measurement and Capital Standards, Basel.
[6] R. Crook, D. Ince, B. Nuseibeh (2003) Modelling access policies using roles in
requirements engineering, Information and Software Technology, 45:979-991.
[7] N. Damianou, A. Bandara, M. Sloman and E. Lupu, (2002) A survey of policy
specification approaches, Imperial College of Science Technology
[8] and Medicine, London, (http://www.doc.ic. ac.uk/~mss/MSSPubs.html)
[9] A. Rifaut, M. Picard and B. Di Renzo (2006) ISO/IEC 15504 Process Improvement to
Support Basel II Compliance of Operational Risk Management in Financial
Institutions, International Conference SPiCE 2006
[10] CSSF (2006) http://www.cssf.lu/index.php?id=130
[11] A. Rifaut and C. Feltus (2006) Improving Operational Risk Management Systems by
Formalizing the Basel II Regulation with Goal Models and the ISO/IEC 15504
Approach, REMO2V, CAISE06, Luxembourg.
[12] R.N. Anthony (1965) Planning and Control Systems: A Framework for Analysis.
Harward University, Boston, USA.
12. 12 C. Feltus and A. Rifaut
[13] A. Rifaut (2005) Goal-Driven Requirements Engineering for Supporting the ISO
15504 Assessment Process, EuroSPI 2005, Budapest.
[14] J. Henderson and N. Venkatraman (1999) Strategic alignment: Leveraging technology
for transforming organizations IBM Systems Journal : 38.
[15] Osterwalder and Pigneur (2005) An Ontology for e-business models. In Value
Creation from E-Business Models, Wendy Currie ed., Butterworth-Heinenmann.
[16] W. Robson (1997) Strategic Management and Information Systems, Pitman.
[17] Chaffey et al. (2005) Business Information Systems: Technology, Development and
Management for the E-business, Prentice Hall.
[18] E. Kavakli and P. Loucopoulos (2004) Goal Driven Requirements Engineering:
Analysis and Critique of Current Methods, in Information Modeling Methods and
Methodologies (Adv. topics of Database Research), 102:124
[19] Van Solingen (1999) The Goal/Question/Metric Method: A Practical Guide For
Quality Improvement of Software Development McGraw-Hill,.
[20] P. Giorgini, N. Maiden, J. Mylopoulos, E. Yu (eds.) (2006) “Tropos/i*: Applications,
variations and Extensions”, Cooperative Information Systems Series, MIT Press.
[21] R. Kaplan and D. Norton (1996) The Balanced Scorecard. Harvard Bus. School Press
[22] B. Di Renzo, M. Hillairet, M. Picard, A. Rifaut, C. Bernard, D. Hagen, P. Maar, D.
Reinard (2005) Operational Risk management in Financial Institutions: Process
Assessment in Concordance with Basel II, International Conference SPiCE 2005.
[23] Rifaut A., (2005) An assessment method compliant to the Basel II regulation on
operational risk management: example advocating that regulations can enhance
innovation when based on quality goals, Proceedings of the conference New
developments in Financial Planning Hochschule, Liechtenstein, December 2005.
[24] J. Dobson and J. McDermid.(1989) A Framework for Expressing Models of Security
Policy. in IEEE Symposium on Security and Privacy. Oakland, CA.
[25] J. Dobson (1993) New Security Paradigms: What Other Concepts Do We Need as
Well? In 1st New Security Paradigms Workshop. Little Compton: IEEE Press.
[26] C. Ponsard, P. Massonet, A. Rifaut, J.F. Molderez, A.l van Lamsweerde, H. Tran Van
(2005) Early Verification and Validation of Mission Critical Systems. Electr. Notes
Theor. Comput. Sci. 133: 237-254
[27] A. Rifaut, P. Massonet, J.F. Molderez, C. Ponsard, P. Stadnik, A. van Lamsweerde, H.
Tran Van (2003) FAUST: Formal Analysis Using Specification Tools. RE 2003: 350
[28] SWI-Prolog-XPCE Semantic Web Library package (http://www.swi-prolog.org)
[29] T. Latvala, A. Biere, K. Heljanko, T.A.. Junttila, (2005) Simple Is Better: Efficient
Bounded Model Checking for Past LTL. VMCAI 2005:380-395
[30] Kececioglu, D. (1991) Reliability Engineering Handbook, Vol. 2, Prentice Hall.
[31] A. Schaad and J. D. Moffett (2002) Delegation of Obligations, POLICY 2002.
[32] Basel Committee on Banking Supervision (2002) The 2002 Loss Data Collection
Exercise for Operational Risk: Summary of the Data Collected. Basel.
[33] J. Moffett and M. Sloman (1993) Policy Hierarchies for Distributed Systems
Management. IEEE Journal on Selected Areas in Communication, 11-9 : 1404–1414.
[34] J. Park and R. Sandhu (2004) The UCON-ABC Usage Control Model, ACM
Transactions on Information and System Security, Vol. 7, No. 1 : 128–174.
[35] X. Zhang, M. Nakae, M.J. Covington, R. Sandhu (2005) A Usage-based
Authorization Framework for Collaborative Computing Systems. ACM, SACMAT
[36] S. Hawke (2003) surnia -- OWL full reasoner based on otter,
http://www.w3.org/2003/08/surnia/
[37] J. A. Kalman (2001) Automated Reasoning with Otter, Rinton Press.