A recommendation system for predicting risks across multiple business process instances

doi:10.1016/j.dss.2014.10.006

Decision Support Systems

Volume 69, January 2015, Pages 1-19

https://doi.org/10.1016/j.dss.2014.10.006 Get rights and content

Highlights

•
We propose a recommendation system to support risk-informed decisions.
•
The system provides suggestions which minimize the predicted process risk.
•
Risks are predicted traversing decision trees generated from process logs.
•
In case of concurrent process instances, optimal suggestions are computed using ILP.
•
Process-related faults and their severities are significantly reduced by our system.

Abstract

This paper proposes a recommendation system that supports process participants in taking risk-informed decisions, with the goal of reducing risks that may arise during process execution. Risk reduction involves decreasing the likelihood and severity of a process fault from occurring. Given a business process exposed to risks, e.g. a financial process exposed to a risk of reputation loss, we enact this process and whenever a process participant needs to provide input to the process, e.g. by selecting the next task to execute or by filling out a form, we suggest to the participant the action to perform which minimizes the predicted process risk. Risks are predicted by traversing decision trees generated from the logs of past process executions, which consider process data, involved resources, task durations and other information elements like task frequencies. When applied in the context of multiple process instances running concurrently, a second technique is employed that uses integer linear programming to compute the optimal assignment of resources to tasks to be performed, in order to deal with the interplay between risks relative to different instances. The recommendation system has been implemented as a set of components on top of the YAWL BPM system and its effectiveness has been evaluated using a real-life scenario, in collaboration with risk analysts of a large insurance company. The results, based on a simulation of the real-life scenario and its comparison with the event data provided by the company, show that the process instances executed concurrently complete with significantly fewer faults and with lower fault severities, when the recommendations provided by our recommendation system are taken into account.

Introduction

A process-related risk measures the likelihood and the severity that a negative outcome, also called fault, will impact on the process objectives [1]. Failing to address process-related risks can result in substantial financial and reputational consequences, potentially threatening an organization's existence. Take for example the case of Société Générale, which went bankrupt after a €4.9B loss due to fraud.

Legislative initiatives like Basel II [2] and the Sarbanes–Oxley Act¹ reflect the need to better manage business process risks. In line with these initiatives, organizations have started to incorporate process risks as a distinct view in their operational management, with the aim to effectively control such risks. However, to date there is little guidance as to how this can be concretely achieved.

As part of an end-to-end approach for risk-aware Business Process Management (BPM), in [3], [4], [5] we proposed several techniques to model risks in executable business process models, detect them as early as possible during process execution, and support process administrators in mitigating these risks by applying changes to the running process instances. However, the limitation of these efforts is that risks are not prevented, but rather acted upon when their likelihood exceeds a tolerance threshold. For example, a mitigation action may entail skipping some tasks when the process instance is very likely to exceed the defined maximum cycle time. While effective, mitigation comes at the cost of modifying the process instance, often by skipping tasks or rolling back previously-executed tasks, which may not always be acceptable. Moreover, we have shown that it is not always possible to mitigate all process risks [4]. For example, rolling back a task for the sake of mitigating a risk of cost overrun, may not allow the full recovery of the costs incurred in the execution of that task.

To address these limitations we propose a recommendation system that supports process participants in taking risk-informed decisions, with the aim to reduce process risks preemptively. A process participant takes a decision whenever they have to choose the next task to execute out of those assigned to them at a given process state, or via the data they enter in a user form. This input from the participant may influence the risk of a process fault to occur. For each such input, the technique returns a risk prediction in terms of the likelihood and severity that a fault will occur if the process instance is carried out using that input. This prediction is obtained via decision trees which are trained using historical process data such as process variables, resources, task durations and frequencies. The historical data of a process is observed using decision trees which are built from the execution logs of the process, as recorded by the IT systems of an organization.

This way, the participant can take a risk-informed decision as to task to execute next, or can learn the predicted risk of submitting a form with particular data. If the instance is subjected to multiple potential faults, the predictor can return the weighted sum of all fault likelihoods and severities, as well as the individual figures for each fault. The weight of each fault can be determined based on the severity of the fault's impact on the process objectives.

The above technique only provides “local” risk predictions, i.e. predictions relative to a specific process instance. In reality, however, multiple instances of (different) business processes may be executed at any time. Thus, we need to find a risk prediction for a specific process instance that does not affect the prediction for other instances. The interplay between risks relative to different instances can be caused by the sharing of the same pool of process participants: two instances may require the same scarce resource. In this setting, a sub-optimal distribution of process participants to the set of tasks to be executed may result in a risk increase (e.g. overtime or cost overrun risk). To solve this problem, we equipped our recommendation system with a second technique, based on integer linear programming, which takes input from the risk prediction technique, to find an optimal distribution of process participants to tasks. By optimal distribution we mean one that minimizes the overall execution time (i.e. the time taken to complete all running instances) while minimizing the overall level of risk. This distribution is used by the recommendation system to suggest to process participants the next task to perform.

We operationalized our recommendation system on top of the YAWL BPM system by extending an existing YAWL plug-in and by implementing two new custom YAWL services. This implementation prompts process participants with risk predictions upon filling out a form or for each task that can be executed. We then evaluated the effectiveness of our recommendation system by conducting experiments using a claim handling process in use at a large insurance company. With input from a team of risk analysts from the company, this process has been extensively simulated on the basis of a log recording one year of completed instances of this process. The recommendations provided by our recommendation system significantly reduced the number and severity of faults in a simulation of a real life scenario, compared to the process executed by the company as reflected by the event data. Further, the results show that it is feasible to predict risks across multiple process instances without impacting on the execution performance of the BPM system.

The remainder of this paper is organized as follows. Section 2 discusses related work. Section 3 contextualizes the recommendation system within our approach for managing process-related risks, while Section 4 presents the YAWL language as part of a running example. Next, Section 5 defines the notions of event logs and faults which are required to explain our techniques. Section 6 describes the technique for predicting risks in a single process instance while Section 7 extends this technique to the realm of multiple process instances running concurrently. 8 Implementation, 9 Evaluation discuss the implementation and evaluation of the recommendation system, respectively. Finally, Section 10 concludes the paper. A provides the formal definition of a YAWL specification, the algorithms to generate a prediction function, and technical proofs of two lemmas presented in Section 7.

Section snippets

Related work

The approach presented in this paper is related to work on risk prediction, job scheduling, operational support and work-item distribution for business processes. In this section we review the state of the art in these fields to motivate the need for our approach.

Risk framework

In this section we elaborate on the type of process-related risks that we can address and on the basis of this, we illustrate an overarching approach for managing process-related risks within which the contribution of this paper fits.

YAWL specification and running example

We developed our technique on top of the YAWL language [41] for several reasons. First, this language is very expressive as it provides a comprehensive support for the workflow patterns,² patterns covering all main process perspectives such as control-flow, data-flow, resources, and exceptions. Further, it is an executable language supported by an open-source BPM system, namely the YAWL System. This system is based on a service-oriented architecture, which facilitates

Event logs and fault severity

The execution of completed and running process instances can be stored in an event log:

Definition 1 Event log

Let T and V be a set of tasks and variables, respectively. Let U be the set of values that can be assigned to variables. Let R be the set of resources that are potentially involved during the execution. Let D be the universe of timestamps. Let Φ be the set of all partial functions V

U that define an assignment of values to a sub-set of variables in V. An event log

L

is a multi-set of traces where each trace

Risk estimation

We aim to provide work-item recommendation to minimize the risk corresponding to the highest product of fault severity and likelihood. For this purpose, it is necessary to predict the most likely fault severity associated with continuing the execution of a process instance for each enabled task. The problem of providing such a prediction can be translated into the problem of finding the best estimator of a function.

Definition 2 Function estimator

Let X₁, …, X_n be n finite or infinite domains. Let Y be a finite domain. Let f : X₁ × X

Multi-instance work-item distribution

With the technique presented so far, each resource is given local risk advice as to what work item to perform next, i.e. a resource is suggested to perform the work item with the lowest overall risk for that combination of process instance and resource, without looking at other resources that may be assigned work items within the same instance or in other instances running concurrently. Clearly, such a local work-item distribution is not optimal, since work items have to compete for resources

Implementation

We operationalized our recommendation system on top of the YAWL BPM system, by extending an existing YAWL plug-in and by implementing two new custom YAWL services. This way we realized a risk-aware BPM system supporting multi-instance work distribution and form filling-out.

The intent of our recommendation system is to “drive” participants during the execution of process instances. This goal can be achieved if participants can easily understand the suggestions proposed by our tool. For this we

Evaluation

We evaluated our recommendation system using the claim handling process and related event data, of a large insurance company kept under condition of anonymity. The event data recording about one year of completed instances (total: 1065 traces) was used as a benchmark for our evaluation. The claim handling process, modeled in Fig. 6, starts when a new claim is received from a customer. Upon receipt of a claim, a file review is conducted in order to assess the claim, then the customer is

Conclusion

This paper proposes a recommendation system that allows users to take risk-informed decisions when partaking in multiple process instances running concurrently. Using historical information extracted from process execution logs, for each state of a process instance where input is required from a process participant, the recommendation system determines the risk that a fault (or set of faults) will occur if the participant's input is going to be used to carry on the process instance. This input

Acknowledgments

This research is partly funded by the ARC Discovery Project “Risk-aware Business Process Management” (DP110100091). NICTA is funded by the Australian Government as represented by the Department of Broadband, Communications and the Digital Economy and the Australian Research Council through the ICT Centre of Excellence program.

Raffaele Conforti is a post-doctoral research fellow in the Information Systems School in the Science and Engineering Faculty, Queensland University of Technology, Brisbane, Australia. He received his PhD from Queensland University of Technology in 2014. He is conducting research in the area of business process management. His research focuses on incorporating aspects of risk management into business process management systems. In particular he focuses on the identification of techniques for

References (45)

R. Conforti et al.
Real-time risk monitoring in business processes: a sensor-based approach
Journal of Systems and Software
(2013)
D. Vengerov
A reinforcement learning approach to dynamic resource allocation
Engineering Applications of Artificial Intelligence
(2007)
S.E. Elmaghraby
Resource allocation via dynamic programming in activity networks
European Journal of Operational Research
(1993)
I.-T. Yang
Utility-based decision support system for schedule optimization
Decision Support Systems
(2008)
W.M.P. van der Aalst et al.
Time prediction based on process mining
Information Systems
(2011)
S. Alter
A work system view of DSS in its fourth decade
Decision Support Systems
(2004)
M. de Leoni et al.
Visual support for work assignment in process-aware information systems: framework formalisation and implementation
Decision Support Systems
(2012)
Z. Huang et al.
Mining association rules to support resource allocation in business process management
Expert Systems with Applications
(2011)
Y. Liu et al.
A semi-automatic approach for workflow staff assignment
Computers in Industry
(2008)
Standards Australia and Standards New Zealand
Standard AS/NZS ISO 31000
(2009)

Basel Committee on Bankin Supervision

Basel II — International Convergence of Capital Measurement and Capital Standards

(2006)

R. Conforti et al.

History-aware, real-time risk detection in business processes

R. Conforti et al.

Automated risk mitigation in business processes

C. Alberts et al.

OCTAVE criteria, version 2.0

B. Barber et al.

The Use of the CCTA Risk Analysis and Management Methodology CRAMM in Health Information Systems

M. Lund et al.

Model-driven Risk Analysis — The CORAS Approach

(2011)

Suriadi Suriadi et al.

Current Research in Risk-aware Business Process Management―Overview, Comparison, and Gap Analysis

Communications of the Association for Information Systems:

(2014)

A. Pika et al.

Predicting deadline transgressions using event logs

S. Suriadi et al.

Root cause analysis with enriched process logs

K. Baker

Introduction to Sequencing and Scheduling

(1974)

W. Zhang et al.

A reinforcement learning approach to job-shop scheduling

A. Kumar et al.

Dynamic work distribution in workflow management systems: how to balance quality and performance

Journal of Management Information Systems

(2002)

Cited by (137)

Combining an LNS-based approach and organizational mining for the Resource Replacement Problem
2024, Computers and Operations Research
For companies, it is crucial to promptly react to (even short-term) lack of resources, for guaranteeing the continuity of the operations in business processes. This leads to the solution of a Resource Replacement Problem (RRP) aimed at reassigning as many activities performed by resources that are no longer available to those that are available. To this purpose, several aspects are considered simultaneously, e.g., resources skills, workloads and other domain-specific constraints. In this paper, we propose an innovative hybrid approach for solving RRP, combining mathematical optimization with organizational mining. In particular, logs of past process executions are used to model a social network of resources by organizational mining techniques. Then, a similarity measure among resources is derived and exploited along with run-time resource workload and information on activities priority to formulate an Integer Linear Programming (ILP) model for reassigning the activities of unavailable resources, minimizing the total reassignment cost. To efficiently solve RRP, a Large Neighborhood Search based matheuristic is developed. Computational experiments show that the proposed matheuristic outperforms the commercial solver used to solve the ILP model. A sensitivity analysis, on possible variations of the input parameters and on the moves of the matheuristic, concludes the work.
Pattern-based action engine: Generating process management actions using temporal patterns of process-centric problems
2023, Computers in Industry
As business environments become more competitive, organizations strive to improve their business processes to reduce costs and increase quality and productivity. As process improvement traditionally embraces manual creative tasks that are time-consuming and labor-intensive, the need for automating it arises. Action-Oriented Process Mining (AOPM) aims to support automated process improvement by leveraging various process mining techniques. To that end, AOPM first monitors the presence of operational constraints, i.e., operational problems, in business processes, e.g., a high waiting time for patients to register. Next, it produces interim management actions designed to address these transient problems by analyzing the monitoring results. For instance, if an excessive waiting time persists for more than a week, the system might recommend dispatching additional resources for the upcoming week. Contrary to the mature process mining support for monitoring operational constraints, the action part is typically missing in today’s process mining tools. In this work, we propose an action engine to support the automatic generation of actions. It analyzes temporal patterns of monitoring results and produces action plans that describe the execution of management actions. We have demonstrated a use case using the data of a Dutch financial institute to evaluate the feasibility of the proposed action engine and conducted experiments to evaluate its effectiveness.
Predictive compliance monitoring in process-aware information systems: State of the art, functionalities, research directions
2023, Information Systems
Business process compliance is a key area of business process management and aims at ensuring that processes obey to compliance constraints such as regulatory constraints or business rules imposed on them. Process compliance can be checked during process design time based on verification of process models and at runtime based on monitoring the compliance states of running process instances. For existing compliance monitoring approaches it remains unclear whether and how compliance violations can be predicted, although predictions are crucial in order to prepare and take countermeasures in time. This work, hence, analyzes existing literature from compliance monitoring as well as predictive process monitoring and provides an updated framework of compliance monitoring functionalities. Moreover, it raises the vision of a comprehensive predictive compliance monitoring system that integrates existing predicate prediction approaches with the idea of employing PPM with different prediction goals such as next activity or remaining time for prediction and subsequent mapping of the prediction results onto the given set of compliance constraints (PCM). For each compliance monitoring functionality we elicit PCM system requirements and assess their coverage by existing approaches. Based on the assessment, open challenges and research directions realizing a comprehensive PCM system are elaborated.
A unified model of supply risk mitigation
2023, Computers and Industrial Engineering
Supply risk (SR) pervades the structures and behaviour of supply networks (SNs) and the potential economic significance of deviant, disruptive, and disastrous incidents motivate significant investments by organisations in strategies for SR mitigation to lessen adverse organisational effects and vulnerability of SNs. Thus, a key challenge for researchers is to design analytical tools, techniques, and methodologies that enhance intelligence for SR mitigation. Guided by contingency theory, this study aims to propose a unified model for descriptively characterising the process for SR mitigation and assessing SR mitigation methodologies for SNs. A multi-case study conducted with four companies in petroleum and aluminium industry sectors, aids in evaluating the proposed model. Theoretically, the research is original in offering a formal approach for prescribing SR mitigation actions, and for formulating benchmarks that comparatively analyse the uncertainty level, perception scrutiny, and mechanism deployment of risk mitigation methodologies. Managerially, the research is valuable in shedding light on the significance of SN control mechanisms in SR management and a controllability–predictability continuum that elaborates on dimensions of potential incidents associated with SRs in SNs.
A proposed guidance approach for BP performance improvement
2023, Procedia Computer Science
The emergence of Intelligent BPM (IBPM) is built upon adding smart technologies and business intelligence to BPM. In such a harsh environment, improving BPs using the most appropriate and adequate technologies is considered to be a complex task to deal with. Recently, for the sake of exploring the use of technologies 4.0 in different domains using specific languages and in order to efficiently improve BPs in the context of IBPM, we need to define a specific approach for deciding about the technologies 4.0 to adopt. Thereby, such an approach would improve business processes effectively in this context of IBPM. For this purpose, it is worth noting that considering performance criteria can help us to integrate a specific intelligent technology to a given business process and it is important to develop an IBPM ontology as a first contribution in our approach. This approach was implemented in a tool named BPIGuide. To evaluate this approach, we have studied the post-operative monitoring (POM) process. The results of this study would help users to select the most adequate technology 4.0 that best fit their needs on performance criteria.
Encoding resource experience for predictive process monitoring
2022, Decision Support Systems
Events recorded during the execution of a business process can be used to train models to predict, at run-time, the outcome of each execution of the process (a.k.a. case). In this setting, the outcome of a case may refer to whether a given case led to a customer complaint or not, or to a product return or other claims, or whether a case was completed on time or not. Existing approaches to train such predictive models do not take into account information about the prior experience of the (human) resources assigned to each task in the process. Instead, these approaches simply encode the resource who performs each task as a categorical (possibly one-hot encoded) feature. Yet, the experience of the resources involved in the execution of a case may clearly have an impact on the case outcome. For example, specialized resources or resources who are familiar with a given type of case, are more likely to execute the tasks in a case faster and more effectively, leading to a higher probability of a positive outcome. Motivated by this observation, this article proposes and evaluates a framework to extract features from event logs that capture the experience of the resources involved in a business process. The framework exploits traditional principles from the literature to capture resource experience, such as experiential learning and social ties on the workplace. The proposed framework is evaluated by comparing the performance of state-of-the-art predictive models trained with and without the proposed resource experience features, using publicly available event logs. The results show that the proposed resource experience features may improve the accuracy of predictive models, but that depends on the process execution context, such as the type of process generating an event log or the type of label that is predicted.

View all citing articles on Scopus

Massimiliano de Leoni is an Assistant Professor of Information Systems at the Technische Universiteit Eindhoven (TU/e), The Netherlands. In 2009, he earned a Ph.D. in Computer Engineering at SAPIENZA - University of Rome (Italy) discussing a dissertation on “Adaptive Process Management in Highly Dynamic and Pervasive Scenarios”. He has been guest research fellow at Queensland University of Technology, Vienna University of Economics and Business and University of Naples. His research interests are in the area of Process-aware Information Systems and Business Process Management, predominantly focusing on multi-perspective process mining, process-aware decision support systems and visualization techniques for business process management and analysis.

Marcello La Rosa is associate professor of business process management and academic director for corporate engagements for the Information Systems School at the Queensland University of Technology, Brisbane, Australia. He researches on process consolidation, mining, configuration and automation. He received his PhD degree from Queensland University of Technology in 2009.

Wil van der Aalst is a full professor of Information Systems at the Technische Universiteit Eindhoven (TU/e). He is also an adjunct professor at Queensland University of Technology (QUT). His research interests include workflow management, process mining, Petri nets, business process management, process modeling, and process analysis. He is an elected member of the Royal Holland Society of Sciences and Humanities (Koninklijke Hollandsche Maatschappij der Wetenschappen) and the Academy of Europe (Academia Europaea).

Arthur ter Hofstede is a Professor in the Information Systems School in the Science and Engineering Faculty, Queensland University of Technology, Brisbane, Australia, and is Head of the Business Process Management Discipline. He is also a Professor in the Information Systems Group at Eindhoven University of Technology, Eindhoven, The Netherlands. His main research interests lie in the areas of business process automation and process mining.

View full text

A recommendation system for predicting risks across multiple business process instances

Highlights

Abstract

Introduction

Section snippets

Related work

Risk framework

YAWL specification and running example

Event logs and fault severity

Risk estimation

Multi-instance work-item distribution

Implementation

Evaluation

Conclusion

Acknowledgments

Journal of Systems and Software

Engineering Applications of Artificial Intelligence

European Journal of Operational Research

Decision Support Systems

Information Systems

Decision Support Systems

Decision Support Systems

Expert Systems with Applications

Computers in Industry

Standard AS/NZS ISO 31000

Basel II — International Convergence of Capital Measurement and Capital Standards

History-aware, real-time risk detection in business processes

Automated risk mitigation in business processes

OCTAVE criteria, version 2.0

The Use of the CCTA Risk Analysis and Management Methodology CRAMM in Health Information Systems

Model-driven Risk Analysis — The CORAS Approach

Current Research in Risk-aware Business Process Management―Overview, Comparison, and Gap Analysis

Communications of the Association for Information Systems:

Predicting deadline transgressions using event logs

Root cause analysis with enriched process logs

Introduction to Sequencing and Scheduling

A reinforcement learning approach to job-shop scheduling

Dynamic work distribution in workflow management systems: how to balance quality and performance

Journal of Management Information Systems