-------- Original-Nachricht -------- Betreff: [AISWorld] Deadline extended: CAiSE GRCIS'10 - Governance, Risk, and Compliance in Information Systems Datum: Tue, 2 Mar 2010 15:01:51 +1000 Von: Marta Indulska m.indulska@business.uq.edu.au An: aisworld@lists.aisnet.org

THIRD INTERNATIONAL WORKSHOP ON GOVERNANCE, RISK AND COMPLIANCE - APPLICATIONS IN INFORMATION SYSTEMS (GRCIS'10) http://www.grcis.com

7 June, 2010 Hammamet, Tunisia In conjunction with CAiSE'10

*Paper Submission: March 8, 2010* (extended)

BACKGROUND The importance of governance and associated issues of compliance and risk management is well recognized in enterprise systems. This importance has dramatically increased over the last few years as a result of numerous events that led to some of the largest scandals in corporate history. The governance, risk and compliance market is estimated to be worth over $32 billion. Tool support for governance, risk and compliance related initiatives is provided by over 100 software vendors, however, while the tools have on average tripled in price since 2003, they are often insufficient to meet organizational needs. At the same time, there is an increasing complexity in the facilitation of compliant business processes, which stems from an increasing number of regulations, frequent and dynamic changes, as well as shared processes and services executing in highly decentralized environments.

In the age of outsourcing, dynamic business networks, and global commerce, it is inevitable that organizations will need to develop methods, tools and techniques to design, engineer, and assess processes and services that meet regulatory, standard and contractual obligations. Governance, Risk and Compliance (GRC) can be expected to play a significant part in several applications. This area is emerging as a critical and challenging area of research and innovation. It introduces, among others, the need for new or adapted modeling approaches for compliance requirements, extension of process and service modeling and execution frameworks for compliance and risk management, and detection of policy violations.

This workshop provides a forum for researchers from diverse backgrounds to contribute to this emerging area and make a consolidated contribution in the form of new and extended methods that address the challenges of governance, risk and compliance in information systems.

TOPICS OF INTEREST Topics covered by the workshop will include at least the following:

* Policy definition and enforcement * Compliant service and process design * Noncompliant process identification * Risk management * Visualization and simulation of risk in process models * Governance processes * Integration and effectuation of multiple regulatory standards * Compliance, risk and tolerance metrics * Organizational structures to support compliance * Separation of duties/Separation of rights * Decision tracing * Data provenance and lineage * Work tracking * Violation detection * Technologies for compliance assurance * Applications, case studies and use cases

Submitted papers will be subjected to a double-blind review process and evaluated on the basis of significance, originality, technical quality, and exposition. Papers should clearly establish the research contribution, and relation to previous research. Position and survey papers are also welcome. The proceedings will be published as online CEUR Workshop Proceedings. Best papers from the workshop will be invited to develop an extended submission for an Information Systems special issue on GRC.

IMPORTANT DATES Paper Submission: March 8, 2010 Notification of acceptance: March 29, 2010 Camera ready: April 15, 2010 Workshop: June 7, 2010

SUBMISSION DETAILS Papers should be submitted in PDF format. As the review process is double-blind, papers must not include author details. The results described must be unpublished and must not be under review elsewhere. Submissions must conform to Springer's LNCS format and should not exceed 15 pages, including all text, figures, references and appendices. Information about the Springer LNCS format can be found at www.springer.de/comp/lncs/authors.html. Three to five keywords characterizing the paper should be indicated at the end of the abstract. It is expected that at least one author of each accepted paper will register for and attend the workshop. Papers should be submitted via the EasyChair submission system found at http://www.easychair.org/ conferences/?conf=grcis2010.

CO-CHAIRS Dr Marta Indulska UQ Business School The University of Queensland St Lucia QLD 4072 Brisbane, Australia

Dr Michael zur Muehlen Howe School of Technology Management Stevens Institute of Technology Castle Point on Hudson Hoboken, NJ 07030, USA

Dr Shazia Sadiq School of Information Technology and Electrical Engineering The University of Queensland St Lucia QLD 4072 Brisbane, Australia

CONTACT Email: grcis@business.uq.edu.au _______________________________________________ AISWorld mailing list AISWorld@lists.aisnet.org