A Framework for Proactive, Automated and Continuous E-commerce Control and Assurance

A Framework for Proactive, Automated and Continuous E-commerce Control and Assurance
Author(s): Wang, Wenli and Bailey, Andrew D. and Hidvegi, Zoltan and Whinston, Andrew B.
Year: 2001
Paper Number: GBS-DIA-2001-006
Goizueta Department: Decision and Information Analysis

Abstract

In electronic commerce, proper operations of e-processes are crucial to an e-business’ economic well-being. We suggest that due to the complexity and characteristics of e-operations, the only viable approach for rigorous control and assurance relies on mathematical and computational methods to represent and analyze e-systems. Traditional auditing methods, based on manual verification, piecemeal analysis and post-audits, are insufficient. An innovative set of methods is proposed: 1) Applying economic reasoning, e.g., mechanism design, to design correct e-commerce rading rules and policies; 2) Applying the concept of atomic transactions to define e-system properties and specifications; 3) Applying formal verification, e.g., model checking, to ensure correct implementation; and 4) Applying agent technology to monitor real-time execution. These four methods should be embedded within the System Development Life Cycle. They complement each other, and their proper applications can refine e-systems and enhance the relevance, completeness and reliability of control and assurance.