Improving Responsibility modelling in Enterprise Architecture, Case Study in the Healthcare Sector

[ISO38500. 2008. ISO/IEC 38500:2008, International Standard for Corporate Governance of IT.

The Open Group. ArchiMate® 2.0 Specification. Van Haren Publishing, The Netherlands, 2012.

IT Governance Institute, editor. CobiT 4.1: Framework, Control Objectives, Management Guidelines, Maturity Models. IT Governance Institute, Rolling Meadows, 2007.

Storer T, Lock R (2008) Modelling responsibility. project working paper 7, indeed project.

Sommerville I, Storer T, Lock R (2009). Responsibility modelling for civil emergency planning. URL http://www.ncjrs.gov/App/Publications/abstract.aspx? ID=250623.

Carsten Stahl B (2006) Accountability and reective responsibility in information systems. 195:51-68. URL http://dx.doi.org/10.1007/0-387-31168-8_4.

Martin D, Rouncefield M, O'Neill J, Hartswood M, Randall D (2005) Timing in the art of integration: 'that's how the bastille got stormed'. In Proceedings of the 2005 international ACM SIGGROUP conference on Supporting group work, GROUP '05, pages 313-322, New York, NY, USA.

Sommerville I (2007) Models for responsibility assignment. In Responsibility and Dependable Systems. Springer.

Strens R, Dobson J (1993). How responsibility modelling leads to security requirements. In Proceedings on the 1992-1993 workshop on New security paradigms, NSPW '92-93, pages 143-149, New York, NY, USA.

Cholvy L, Cuppens F, Saurel C (1997) Towards a logical formalization of responsibility. In ICAIL '97: Proceedings of the 6th international conference on Artificial intelligence and law, pages 233-242, New York, NY, USA.

Vincent N A (2011) A structured taxonomy of responsibility concepts. Moral Responsibility: Beyond free will and determinism, Nicole A. Vincent, Van de Poel and Van den Hoven, pages 15-35.

Sommerville I (2007). Causal responsibility model. In Responsibility and Dependable Systems. Springer.

Blyth J C, Chudge J, Dobson J E, and Strens M R (1993) Ordit: a new methodology to assist in the process of eliciting and modelling organizational requirements. In Proceedings of the conference on Organizational computing systems, COCS '93, pages 216-227, New York, NY, USA.

Sein M K, Henfridsson O, Purao S, Rossi M, Lindgren R (2011) Action design research. MIS Q., 35(1):37-56, ISSN 0276-7783.

Petit M, Feltus C, Vernadat F (2012) Enterprise Architecture Enhanced with Responsibility to Manage Access Rights - Case Study in an EU Institution, in Proceedings of The Practice of Enterprise Modeling - 5th IFIP WG 8.1 Working Conference (PoEM), Rostock, Germany.

Feltus C, Dubois E, Proper E, Band, Petit M (2012) Enhancing the ArchiMate® Standard with a Responsibility Modeling Language for Access Rights Management, in Proceedings of the 5th International Conference on Security of Information and Networks (SIN), Jaipur, Rajastan, India.

Paterno F (2001) Task models in interactive software systems. In S. K. Chang, editor, Handbook of Software Engineering and Knowledge. World Scientific Publishing Co.

White S A (2004) Business process modeling notation (bpmn) version 1.0. Technical report, BPMI.org.

Becker J, Bergener P, Delfmann P, Eggert M, Weiß B (2011) Supporting business process compliance in financial institutions - a model-driven approach. In Wirtschaftsinformatik, page 75.

Feltus C, Dubois E, Petit M. (2015). Alignment of ReMMo with RBAC to manage access rights in the frame of enterprise architecture. In 9th International Conference on Research Challenges in Information Science (RCIS). Pages 262-273. IEEE.

Katranuschkov P, Gehre A, Scherer R J (2007) Reusable process patterns for collaborative work environments in AEC. In Proceedings of the 13th International Conference on Concurrent Enterprising.

Yu E (1997) Towards modeling and reasoning support for early-phase requirements engineering. In Proceedings of the 3rd IEEE International Symposium on Requirements Engineering, RE '97, pages 226, Washington, DC, USA. IEEE Computer Society.

Sliwka D (2006) On the notion of responsibility in organizations. Volume 22(2).

Spinello R A (1996) Case Studies in Information and Computer Ethics. Prentice Hall PTR, Upper Saddle River, NJ, USA, 1st edition. ISBN 013533845X.

Mulgan R (2000) Accountability: An ever-expanding concept? Public Administration, 78(3): 555-573. URL http://dspace.anu.edu.au/handle/1885/41945.

Laudon C K, Laudon P J (2001) Essentials of management information systems: Organization & technology in the networked enterprise.

Sinclair A (1995) The chameleon of accountability: Forms and discourses. Accounting, Organizations and Society, 20(2-3):219-237, February 1995. ISSN 03613682.

Feltus C, Petit M, Dubois E (2011). ReMoLa: Responsibility model language to align access rights with business process requirements. In Fifth International Conference on Research Challenges in Information Science (RCIS). Pages 1-6. IEEE.

Bovens M (2010) Two concepts of accountability: Accountability as a virtue and as a mechanism. West European Politics, 33(5):946-967.

Blind P K (2011) Accountability in public service delivery: A multidisciplinary review of the concept. Prepared for the Expert Group Meeting Engaging Citizens to Enhance Public Sector Accountability and Prevent Corruption in the Delivery of Public Services,.

Dobson J, Martin D (2006) Enterprise modeling based on responsibility. In Trust in Technology: A Socio-Technical Perspective, volume 36, pages 39-67.

Bovens M (2007) Analysing and Assessing Accountability: A Conceptual Framework. European Law Journal, 13(4):447-468.

Jonathan A. F. (2007) The uncertain relationship between transparency and accountability. URL http://ideas.repec.org/p/cdl/glinre/410729.html.

Dubnick M J (2007) Situating accountability: Seeking salvation for the core concept of modern governance (manuscript, university of New Hampshire).

Feltus C, Dubois E, Petit M (2010). Conceptualizing a responsibility based approach for elaborating and verifying RBAC policies conforming with cobit framework requirements. In Third International Workshop on Requirements Engineering and Law (RELAW). Pages 34-43. IEEE.

Amyot D, Horkoff J, Gross D, Mussbacher G (200) A lightweight GRL profile for i* modeling. In Proceedings of the ER 2009 Workshops (CoMoL, ETheCoM, FP-UML, MOST-ONISW, QoIS, RIGiM, SeCoGIS- on Advances in Conceptual Modeling - Challenging Perspectives, ER '09, pages 254-264, Berlin, Heidelberg, Springer-Verlag.

Feltus C, Petit M, Sloman M (2016). Enhancement of business it alignment by including responsibility components in RBAC. Business/IT Alignment and Interoperability BUSITAL 2010. Page 61.

Parent C, Spaccapietra S (2000) Database integration: The key to data interoperability. In Advances in Object-Oriented Data Modeling, pages 221-253.

Zivkovic S, Kühn H, Karagiannis D (2007) Facilitate modelling using methodintegration: An approach using mappings and integration rules. In Hubert Osterle, Joachim Schelp, and Robert Winter, editors, ECIS, pages 2038-2049. University of St. Gallen,

Day P, Klein R (1987) Accountabilities: five public services. Tavistock, URL http://www.worldcat.org/oclc/17412398.

Fox J A (2007). The uncertain relationship between transparency and accountability. (410729), URL http://ideas.repec.org/p/cdl/glinre/410729.html.

Sommerville I, Lock R, Storer T, Dobson J (2009) Deriving information requirements from responsibility models. In CAiSE '09: Proceedings of the 21st International Conference on Advanced Information Systems Engineering, pages 515-529, Berlin, Heidelberg, Springer-Verlag.

Prendergast C G (1995) A theory of responsibility in organizations. Volume 13(3), pages 387-400.

Feltus C, Petit M (2009). Building a responsibility model using modal logic-towards Accountability, Aapability and Commitment concepts. In International Conference on Computer Systems and Applications, 2009. Pages 386-391. IEEE.

ISO27000 (2012) ISO/IEC 27000:2012 family of standards - Information Security Management System (included are. ISO/IEC 27000, 27002, 27006, 27005, 27004, 27003).

Basel2 (2004) Basel Committee on Banking Supervision. (June 2004). International convergence of capital measurement and capital standards; a revised framework. Bank for International Settlements.

SOX. Sarbanes-oxley act of 2002, united states code, pl 107-204, 116 stat 745. July 2002.

Feltus C, Petit M., Dubois E (2009). Strengthening employee's responsibility to enhance governance of IT: COBIT RACI chart case study. In Proceedings of the first ACM workshop on Information security governance, page 23-32. ACM.

Feltus C, Petit M (2009). Building a responsibility model including accountability, capability and commitment. In International Conference on Availability, Reliability and Security. Pages 412-419. IEEE.

Bruno G, Torchiano M (2000) Process enabled information systems. In ICEIS, pages 32-37.

Feltus C (2014). Aligning access rights to governance needs with the responsibility metamodel (ReMMo) in the frame of enterprise architecture (Doctoral dissertation, University of Namur - Public Research Centre Henri Tudor, Belgium - Luxembourg).

Feltus C (2008). Preliminary Literature Review of Policy Engineering Methods; Toward Responsibility Concept. In 3rd International Conference on Information and Communication Technologies: From Theory to Applications. Pages 1-6. IEEE.

Ackerman J M (2005) Social accountability in the public sector: A conceptual discussion.

Bovens M (2007) Analysing and Assessing Accountability: A Conceptual Framework. European Law Journal, 13(4):447-468.

Vernadat F (2002) Enterprise modelling and integration. In ICEIMT, pages 25-33.