Indra: An integrated quantitative system for compliance management for IT service delivery
by N. Bhamidipaty,
N. C. Narendra,
S. Nagar,
V. K. Varshneya,
M. Vasa,
and C. Deshwal
The explosive growth of business process implementations in
various industries has brought into sharp focus the need for process
compliance with regulatory policies. This has raised the need for
business process compliance solutions requiring an automated and
quantitative approach. Quantification of compliance enables an
organization to accurately determine its compliance posture and
take steps to improve process noncompliances in the future. To that
end, in this paper, we propose Indra, our system for integrated
compliance management. Indra takes a holistic approach toward
compliance, focusing on a compliance life cycle comprising process
modeling for maximal compliance at minimal cost, measuring
noncompliance at runtime, analyzing the results of the
measurement, and suggesting corrective actions to continuously
improve process compliance in the future. The scope of this paper
covers the analytic models and formulations for compliance
maximization, along with a demonstration on a simplified version
of a real-life example drawn from the IBM IT (information
technology) service delivery units. We also describe ongoing
piloting of our analytic models on real audit data from the IBM
India Business Controls department. To the best of our knowledge,
Indra is the first of its kind in providing integrated and
quantitative compliance management.
PDF
