Recent studies have shown that business process management (BPM) continues to be effective in reducing costs and in improving process quality, not to mention its status as an important technology by CEOs.
Nevertheless, numerous high-profile scandals, such as the classic Enron scandal as well as the recent UBS rogue trader and the Olympus accounting scandals have highlighted the fact that business processes are subjected to numerous risks, some of which may be detrimental to the survival of the organizations. In particular, the UBS rogue trader scandal showed how a weakness in ETF trade confirmation process (which allows trade confirmation to happen after trade settlement) was allegedly exploited by the rogue trader as a tool to cover the actual lost he made from other speculative trading. This event happened despite the bank having "'one of the best' risk management units".
These incidents, combined with the increasing pressure of businesses to comply with a significant number of risk-related standards (such as Basel II and SOX), highlight the need to bring closer the discipline of BPM and risk management such that integrated reasoning and management of risks in business processes can be achieved.
Unfortunately, these two disciplines tend to operate independently of each other. While there have been some contributions from the research community in this area, the study of integrating these two disciplines is still in its infancy. The risk-aware business process management research project is therefore conducted at Queensland University of Technology to increase our knowledge in this area and to provide theoretically-sound and usable tools that can be used by practitioners in managing risks in business processes.