Latest News

Palette: Consistency to Increase Understanding

This article will talk BPMN 2.0’s conformance sub-classes and how applying the conformance to modelling efforts can deliver higher engagement from users of BPMN models.

BPMN is the default modelling standard for capturing business processes.  Its predominance over other standards comes from its intuitive layout which doesn’t require the casual user to invest a lot of time in order to understand the process being described.  However it is also able to capture those ad-hoc events and actions which replicate real-life day-to-day operations and thus differentiate BPMN models from those models which are limited to describing a process at a general level only.

Why should this interest the keen modeller who is looking to model a business process architecture of the business they work in?  Because although simple models can communicate a lot of information, there are a lot of symbols in BPMN (over a hundred) so it can be easy to get your meaning off-message.  To this end, the idea of palettes has been introduced by Bruce Silver (in his book BPMN Method & Style).  As you know a palette from those painting on canvas is a thin piece of wood where an artist can place the colours that they are using and also mix them together to get the shades they want on their work.  Fast-forward a few hundred years and now we all use palettes on software like ms-paint which has a range of colours to choose from to ms-visio which offers a palette of shapes to drag and drop onto a sheet (also known as a stencil).

Thus the idea of a palette of shapes for BPMN models actually restricts the actual number of shapes that are available to the modeller to use in their diagram.  Why would you want to restrict the range available for use?  What happens to that exact meaning that you want your model to transmit, doesn’t restricting elements make for a less granular diagram?  Actually in terms of meaning for a model architecture, the opposite is true, but it depends on what you are trying to achieve with your diagram.  Models can have different purposes, so before putting pen to paper, it can be worthwhile to have a think about what is the model to be used for and who will be consuming the model.

Models can have all sorts of uses such as:-

  • Training
  • Software specification
  • Process Improvement efforts
  • Execution/automation
  • Education
  • Analysis

The level of detail required can vary across these different uses and also within each use.  However one key concept in increasing communication across an array of models is consistency.  Models that are similar in the elements they use engender confidence in the viewer.  The person viewing a model of a process as say part of an on-boarding experience can look at a model of a different process and because the model is built with the same elements there is less for the viewer to worry about.  The viewer who doesn’t have to waste energy worrying about elements they haven’t come across before can spend more time understanding the meaning of the model.   When a model uses elements not on the palette, then the viewer will be spending more time trying to understand what is happening in the model (we hope, more often than not making the model difficult to understand just makes it easier for the viewer to switch off).

The palettes are based on the amount of conformance that vendors producing modelling tools for needed to match to show their level of conformance to the standard.   The 3 levels of conformance are:-

  • Descriptive
  • Analytical
  • Common Executable

Descriptive conformance is for software tools concerned with “visible elements used in high-level modelling. It should be comfortable for analysts who have used BPA tools”.  Whilst Analytical has a bigger palette and so is able to deliver models at a lower level detail for more analytical use.  Whilst the last conformance class is all about the elements required to take a model and execute it on a BPMS.  These conformance classes thus represent palettes of elements for use in our models.  The key then is to use the relevant palette bearing in mind the use of the model.

So for models who are going to be viewed by people who want a bird’s eye view of the model architecture then, say someone who wants to see how the business’s architecture supports their company’s strategy, then use the Descriptive palette, then restrict yourself to the Level 1 Palette.  Whereas for people who are producing models for a process improvement program then more detail is required and so the bigger palette of level 2 would be more adequate.

Finally level 3 is the executable level and this isn’t really a palette as such as no elements are restricted.  These type of models are used for execution and not so much for communicating understanding about the process.

The palette is a great idea and it is based on a lot of experience from silver and so I definitely recommend its use.  The viewer’s precious attention should be spent on understanding the process semantics and not deciphering un-familiar elements from the standard.  It should be used as part of a variety of techniques to leave the viewer with as little to worry about as possible, such as layout style, naming standards and number of objects in a model.

As with life, it’s always good to question and be pragmatic rather than blindly follow the rules.  So if you want to have different objects in your palette because the area you are modelling require them, then add them so that all your models have them.  Bear in mind that by adding more you are taking away some of the power of the palette and that the palette itself is based on a lot of year’s experience as to what works.  Other than that, happy modelling and get in touch if you have any queries. 

GDPR and Business Process Management

GDPR Impact on BPMS

This post will be looking at the impact of the GDPR regulation on BPMS and in particular Decision Management or “Business Rules” which is functionality that often comes bundled with BPMS solutions.
In general, any business which is aligned to the earlier Data Protection Act (1995) shouldn’t have too much to worry about.  In terms of automated business processes, there shouldn’t be any major change (except for automated decision making see later).  The key to thinking about GDPR is all about the D in GDPR, it’s Data.
The area where businesses are having to review their systems is where they obtain personal data and whether they have obtained consent correctly.  This means that businesses are having to review their privacy policies and consent management so that people are aware of what their data is going to be used for and they can give their consent to the organisation to process the data for those purposes. Aside from work with legal teams for policy and consent wordings on the UX layer (web-form, call-centre script etc.) there are changes to the data model to manage consent for each individual and also again on the UX to capture this.   So as long as the organisation has obtained personal data correctly then the processes don’t need to change.
On the plus side, due to the nature of automated business processes there can be no doubt as to what was presented to the individual when gaining consent as each interaction through a BPMS creates its own record and so enforces an auditability out of the box.

Decision Management or Business Rules

There is one caveat to this which is the subject of this post and that is the use of decision management services or business rules tasks.  I’m a big fan of Business Rules,  this is where you take the business logic out of your applications and keep them centrally in one location where they can be accessed from throughout the business through API calls.  This means that the logic that is applied to your customers is the same irrespective of the channel or application being used. The other big advantage is that the business logic is there to be accessed and managed by the business, it doesn’t require a software change with the associated time and expense for implementation.
However, when talking about Decision Management consideration is required for one of the principal rights that GDPR introduces and that of “Automated individual decision-making including profiling” (Art. 22).  This is to safeguard individuals against the risk of having a potentially damaging decision taken without human intervention, for example having a job application processed automatically or an application for a credit card.
And here is an inherent characteristic of Decision Management Systems in that it is discriminatory.  Not in the charged sense of the word as unjust/prejudicial treatment of a group of people but in the sense that it works by taking data and applying a rule to the data and arriving at a decision, so that in some cases the decision is favourable and in others non-favourable.
Care must then be taken with the rules that are implemented to ensure that systems are not discriminatory (in the bad sense of the word) and that the logic can be explained when asked to do so.  So whilst an insurance company obviously can’t use GDPR’s sensitive categories e.g. someone’s ethnicity as a business rule in calculating the premium for a car, they also have to be careful if they are not using ethnicity involuntarily.  A business rule system which calculated the premium by using  post code could be discriminatory against a minority group that live in a particular post code and get charged higher premiums.
This is a difficult subject because data isn’t ‘neutral’, it’s descriptive and consequently ripe for inference.  So whilst a post code that has elevated motor car premiums can reveal a particular minority group is prevalent in an area, it is also the case that the post code has hard data about vehicle theft associated with it from the National Crime Database.  Furthermore, with big enough data sets, patterns can be revealed across different sources which make it impossible to not arrive at sensitive information about individuals.
Thus, you must ensure that the appropriate safeguards are in place (not just for the individual but for the organisation).  The safeguard must “provide meaningful information about the logic involved, as well as the significance and the envisaged consequences”.  So, if you are using vehicle theft data by post code to calculate the insurance premium for a car, then you must be able to explain the logic for the premium amounts and also what happens when the figures for vehicle theft change across a post code (gentrification etc. which should reveal a changed premium).


In conclusion, as long as you are able to clearly show that processing of the data is fair and transparent, that it has the correct controls in place and that no damaging decision has been made without human intervention then there is still a place for automated decision-making.  There is now more emphasis on the ethical dimension to be considered before releasing any software which automates a decision. The advantage in this sense of Decision Management Services is that decisions can be changed much more quickly than conventional software.
For further reading on profiling and the impact of predictive algorithms see Seth Flaxman’s paper on the Cornell University Library site.

DIY Demo

This page was put together to show an example of an automated work-flow. The objective is to show how a business process captured on a BPMN diagram can be deployed onto a server and thus create a work-flow process for your business.

So I have made available a session which shows what an automated business process looks like. First you can see the business process that has been captured and then at the bottom the session for anyone to log-on and try out a underwriting process as part of the sales team. Finally at the bottom of the page is the back-end of the server where you can see the administration of processes as well.
The BPMN diagram shows an underwriting process that takes place in the sales department. The diagram is shown below:-

This BPMN diagram is used to hold the logic of the business process. A front-end is packaged together with the diagram and deployed onto a BPM server. The business logic captured in the diagram controls the whole underwriting process.

Below is a window linked to a cloud-hosted server which lets you execute the business process yourself.

Log-in using the username/password of john/john

The BPM server has a back-end which allows control of all aspects of the work flow, from setting up users and groups to examining process instances and reporting.
The user ‘john’ also has some privileges in this area, log-in again to take a look around the back-end.

The code for the underwriting example is freely available on github here.

Simple BPMN Tutorial

Today I’m going to expand upon this to walk through an example of a BPMN diagram and explain what automating the diagram looks like for any users of the system and finish off with some of the advantages that this can bring.

So in the previous blog post I explained a little bit about some terms that you may have heard about.  Today I’m going to expand upon this to walk through an example of a BPMN diagram and explain what automating the diagram looks like for any users of the system and finish off with some of the advantages that this can bring.
A key concept about business processes is that they are measured and managed as you would look after any asset of the business which directly delivers value to your customer.  So how does that work then?  If you take the example of an energy company, you’d think that their main objective is to supply electricity and gas to people’s houses around and at a basic level it is, however the energy company exists in a market with other competitors.  On the retail side there is no difference between the energy supplied by either of the suppliers, gas from one supplier will not fry your eggs any quicker than the others, it’s all the same stuff coming down the tubes.
So for the domestic customer, you’d think that the only driver would be price and that this should lead to a race to the bottom for the suppliers trying to gain market share.  It’s not though, price is definitely important but at some point the customers will have to interact with the energy company that interaction will be part of a process.  How the company organises itself to meet that customer interaction will determine the customer’s perception of the company and value they then associate with them.
BPM is about ensuring that these interactions are measured and can thus be managed to ensure that the customer perception of the company is consistently delivered to the customer and also aligned with the company’s strategy and longer term aims.  It doesn’t make sense to shave off profitability to offer a cheap deal to your customers if some of them have to call five times to resolve a query on their bill.
So the following is a simple BPMN 2.0 model, often known as a swim-lane model as it looks like a swimming pool seen from above.  Again, this is a BPMN diagram shown through‘s plug-in which is a great on-line modelling tool, this allows you to zoom in and out as well as scroll across, very useful.  This model shows an order fulfilment process.
The swim-lanes themselves represent actors in the process, the names of the actors are located at the left hand side, note that bpmn diagrams can go across horizontally or vertically, there isn’t one correct way, it depends on the modeller.  There aren’t that many types of objects in the diagrams so it isn’t that difficult to begin to understand them.  They are basically made up of Events, Activities or Gateways, these objects are joined together by black arrows which make up the ‘sequence flow’.  The starting point for any BPMN is a start event identified by a concentric ring.
There are different types of start event but in this case we will use the the message one, so this means that an instance of this process diagram will be created when a message of some type is received by the Order Management department.  A connection goes from the event to the next object which is a task object with an arrow indicating the direction of the flow. The best way to think about these diagrams is to imagine that for each time a customer calls in to place an order then one of these diagrams is created and a little red ball (or token) sets of rolling from the start event along the sequence flow.
When the ball reaches an activity task, the activity is executed.  What that activity might be depends on the type of task object used.
The same as for the events objects there are different types some which are executed by some IT system, some which are performed by a user with the BPM system, some can be executed by users completely manually, in this case the task is a User task which will require the user to do something in conjunction with the BPMS.  Once the task has been completed, the ball continues rolling to the next object which is a gateway.
Gateways are where the a particular path(s) can be chosen and as before there are different types of gateways to accommodate different situations.  There are gateways where the red ball divides in two (AND or ‘+’ gateways) and both sequence flow paths are followed as well as exclusive gateways (OR or ‘X’) where depending on some data/event a particular path is chosen from a selection.   In this case the availability of stock is checked, “Is there stock for all the items of the order in this warehouse?” could be what the gateway decision is checking, it’s an exclusive gateway which means that the red ball can only go one way or the other.
There is also an AND gateway further on where the ball splits in two and two activities are done in parallel and later on the gateway joins together.  At the join gateway, the two red balls join together to form one red ball and the journey continues onto finance.  But the join gateway enforces its own logic on the process, the red ball can only leave the join gateway when both the other balls have arrived, this stops the Finance task being executed twice.
Also note the non-interrupting message event which sits on the border of the Check Other Stores task.  The event could be triggered by the condition of not finding all the items from the order in stock.  In this case someone from the Order Management team would have to inform the customer and then the sequence flow would end, the little red ball would disappear down the end event.  What about the red ball that leaves the Check Other Stores task when that task has completed? Nothing, it carries on as normal, the line items from the order become a pick list for pulling products from inventory to complete the order.
There are various criticisms that can be made about the model, such as “What if the customer decides to change or cancel their order?” or “Are pick lists created for the same warehouse even though the order checked different stores?” which are all valid however the purpose of the model was to show how a BPMN model is processed by a BPM process engine.  How does this process look like when it is deployed as a work-flow?
Typically the BPMS will operate a portal through which different teams will access their work.  By logging into the portal, the BPMS will have identified your group (in this case as being in either Order Management, Warehouse or Finance teams) and thus control and present the tasks to each group in the correct order as the customer orders are received.  Someone from Order Management may log on and see the following:-
On the left are tasks that need to be addressed by the Order Management team, each task will be from a customer order.  On the right hand side are the details of one of the orders, the team member has to check whether the line items are in stock, if they are then for user clicks on the ‘Available’ button otherwise they need to click on the other button.  The BPMS will then control the flow of that order and work out whether to create a task to “Check Other Stores” or whether the Warehouse team need to “Pick Items”.
By the way the mock-up was created using balsamiq, I absolutely love the lo-fi approach of this tool as you can get clients to look at the data on display and not focus on details of the UI design.
 So as you can see the BPMN process diagram started off as a design for a workflow but with standards agreed with the Object Modelling Group, the model itself is deployed onto an engine and is now a workflow for teams in the company.
The main advantages of this approach are:-
  • The design of the workflow can directly align with the business strategy
  • No cases are lost in hand-offs between departments, every process instance is accounted for
  • The agility is there to adapt to the changing market; change the diagram and re-deploy onto the process engine
  • Truly customer-centric view, reporting and SLAs can highlight when individual cases need to be escalated.
Hope this helps.

First Things First, Some Definitions…

Trying to find out a bit more about BPM technology? Start here!

Trying to find out a bit more about BPM technology? Start here! You will find more accurate and comprehensive definitions elsewhere on the internet but:
  • You’ll need to read the definition 3 times before you understand it
  • It will use a long list of verbs to describe what it does
  • Frankly, for more than a basic understanding you don’t have the time
  What follows then is a personal view of BPM I may miss some points but I hope to transmit the general thrust of the terms for anybody interested in automating processes.
  • BPM (Business Process Management) – This is a way of thinking about the word around us in terms of processes.  Processes have start and end points, some steps that are executed in order and some output which is the goal/objective of the process.  They also have a point of view, that is the process is defined from the viewpoint of somebody and how they see the world and that process as a part of it.  Applied to organisations that are serving customers, there is then a natural fit with customer journey/customer-centric views of the world.The process can represent the customer’s view of the organisation, they don’t care about the organisation’s structure and challenges they only know that they aren’t receiving the service they expect.  The goals of processes can thus be aligned to the organisation’s strategy and vision in a way that the traditional approach to organising businesses cannot do.  This is because a process can straddle departments in its objective to “book installation appointment” or whatever, this differs from traditional companies where resources are organised by specialism and somehow each department will produce what is required in the correct quantity to service all the customers.BPM then does imply a move away from the silo mentality engendered by specialist teams such as Sales, Marketing, Operations, Warehouse, Customer Support, so instead of working to KPIs for their department, teams are organised around processes which cover various departments to meet a process goal which aligns to the company’s vision.
  • BPMN (Business Process Modelling and Notation) – is an Objective Modelling Group (unfortunately shortened to OMG) standard for modelling processes.  Version 2.0 of the standard was produced in 2012 after 7 years development since 1.0.   BPMN diagrams, then are the swimlane diagrams which have been around for donkey’s years. Here’s a car sales example from trisotech:-
Note: you can zoom in and out with this viewer from At a superficial level it determines which symbol is used where when describing a process.  And this is about 95% of what BPMN will be used for, even though it is able to model Complex Event Processing (so capturing situations of what should happen with an interrupting process etc.).   It’s a tool to explain something to the business of how things are and how they could be.  To be honest, diagrams are really useful for communicating with the business, does it have to be a compliant diagram to be valid? Of course not, you just want everybody to look at your diagram and understand the same thing.
Where BPMN comes into it’s own is that underneath each BPMN diagram (modelled with a BPMN compliant tool) is an XML description of the diagram.  This can be packaged up with HTML forms to create a process that can be deployed onto a BPMS engine and so create a workflow from the diagram which is accessible through a portal.  Different groups of users (the swim lanes in the diagram) will be able to access their tasks for each initiated process from the portal, so Sales can access “Enter Order” and “Order Car from Factory” only.  The process engine controls the steps in the process for each instance of the process.  It might not sound like a lot, but the impact is huge, the technology enables the business to abstract the process out of spaghetti code on a server, out of staff and onto a workflow which the business can measure, modify and re-deploy as they see fit.
  • BPMS (Business Process Management Systems) – These are products that vendors sell to manage your processes.  They are typically composed of at least the following elements:-
    • Modeler: Graphical tool for capturing processes in a BPMN diagram
    • Database: To hold the process definitions of processes
    • Process Engine: To run deployed processes
    • Back End: To manage process instances in flight
    • Admin: Configuration of users
    • Simulation: For simulating changes ahead of releasing them to understand resourcing and/or bottlenecks
The systems try to be a one stop shop for managing processes for an organisation.  The vendors themselves try to position themselves by a particular vertical or by flexibility where the most flexible systems need the most work to integrate with existing business systems.
  • CMMN (Case Management Modeling and Notation) – A standard from OMG which came out after BPMN 2.0 and so there are currently no BPMN 2.0 compliant products out there.  Case management is for the parts of processes where there are no fixed step of steps or where trying to model  the process would be hopeless as you are trying to capture “experience” that has been built up over a number of years.  Typically think of a hospital where the objective is to make you as a patient better but the steps that need to be taken to do that are not known yet.  There maybe dependencies between tasks which create mini-processes, but a case can be worked in any way as seen fit by the case worker.  Case management then is used in areas to support “knowledge workers” and whilst cases can’t be automated, they can still be managed and reported on within a BPM system.
  • DMN (Decision Model and Notation) – Another standard from the OMG, this is a way of modelling decisions so that they can provide repeatable results to decisions that are required from business processes.  DMN is related to business rules and the business rules approach to controlling business behaviour.   So by taking common decisions that are regularly made decisions across the business and referencing them in one place, the business can ensure a consistent approach to dealing with customers etc.  The logic is held in a decision table which has conditions on one side and results on the other side.  Decision tables can be chained together in a decisions results graph and take lots of variables and deliver consistent behaviour.  Personally, I think that they are useful in reducing the workload for the humdrum cases, where a case is more complex then the decision returned can be to route the case to a human pair of eyes.  Using the Pareto principle where 20% of cases take up 80% of your time, then  DMN can automate the 80% of cases which can be described as ‘humdrum’ or ‘boring’ and leave staff to concentrate on the cases that need their experience.
  Hope some of this helped.