17 June, 2008
Montpellier, France
In conjunction with CAiSE’08

Governance, Risk and Compliance (GRC) are rapidly emerging challenges for enterprise systems designers. The significance of these topics has dramatically increased over the last few years as a result of numerous events that led to some of the largest scandals in corporate history. Compliance related software and services are expected to reach a market value of over $27billion this year. At the same time, facilitating compliant business process execution is increasingly complex due to the growing number of regulations, frequent and dynamic changes, as well as shared processes and services executing in highly decentralized environments.

In the age of outsourcing, dynamic business networks, and global commerce, it is inevitable that organizations will need to develop methods, tools and techniques to design, engineer, and assess processes and services that meet regulatory standards and contractual obligations. We expect Governance, Risk and Compliance to play a significant part in several applications, from transaction systems to management reporting infrastructures. GRC is emerging as a critical and challenging area of research and innovation. It introduces, among others, the need for new or adapted modeling approaches for compliance requirements, the extension of process and service modeling and execution frameworks for compliance and risk management, and the detection of policy violations.

This workshop will provide a forum for researchers from diverse backgrounds that contribute to this emerging area and will make a consolidated contribution in the form of new and extended methods that address the challenges of governance, risk and compliance in information systems.

Topics covered by the workshop will include at least the following:

* Compliance and Risk Modeling
* Policy definition and enforcement
* Compliant service and process design
* Noncompliant process identification
* Risk management
* Visualization and simulation of risk in process models
* Governance processes
* Integration and effectuation of multiple regulatory standards
* Compliance, risk and tolerance metrics
* Organizational structures to support compliance
* Separation of duties/Separation of rights
* Decision tracing
* Data provenance and lineage
* Work tracking
* Violation detection
* Technologies for compliance assurance
* Applications, case studies and use cases

Submitted papers will be evaluated on the basis of significance, originality, technical quality, and exposition. Papers should clearly establish the research contribution, and relation to previous research. Position and survey papers are also welcome. Efforts are underway to secure a Special Issue of a journal publication for selected papers of exceptional quality accepted for the workshop.

Paper Submission February 22, 2008
Notification of acceptance March 21, 2008
Camera ready due April 8, 2008
Workshop June 17, 2008

Papers should be submitted in PDF format. The results described must be unpublished and must not be under review elsewhere. Submissions must conform to Springer’s LNCS format and should not exceed 15 pages, including all text, figures, references and appendices. Information about the Springer LNCS format can be found at Three to five keywords characterizing the paper should be indicated at the end of the abstract. It is expected that at least one author of each accepted paper will register for and attend the workshop. Papers should be submitted via the EasyChair submission system found at

Dr Shazia Sadiq
School of Information Technology and Electrical Engineering
The University of Queensland
St Lucia QLD 4072
Brisbane, Australia

Dr Marta Indulska
UQ Business School
The University of Queensland
St Lucia QLD 4072
Brisbane, Australia

Dr Michael zur Muehlen
Howe School of Technology Management
Stevens Institute of Technology
Castle Point on Hudson
Hoboken, NJ 07030


Sami Bhiri, National University of Ireland
Wojciech Cellary, The Poznan University of Economics
Aditya Ghose, University of Wollongong
Peter Green, The University of Queensland
Daniela Grigori, UniversitÈ de Versailles St-Quentin en Yvelines
Guido Governatori, The University of Queensland
Jochen Kuester, IBM Zurich Research Laboratory
Zoran Milosevic, Deontik Pty Ltd
Olivier Perrin, University Henri Poincare
Michael Rosemann, Queensland University of Technology
Andreas Schaad, SAP Research Karlsruhe
Edward A. Stohr, Stevens Institute of Technology
Paolo Torroni, Universit‡ di Bologna
Yathi Udupi, North Carolina State University
Jan Vanthienen, Katholieke Universiteit Leuven
Julien Vayssiere, SAP Research Brisbane

Leave a Reply