Read to the end for an interesting note about this post.1. Ad hoc rules: Most businesses have no logical approach for defining their business rules. As a result, business workers often make up the rules as they go along. This leads to confusion, contradiction, and operational inefficiency. After-the-fact resolution of these problems wastes time and resources and causes frustration for customers and staff alike. The larger the organization, the bigger the problem. Also, since many business rules involve monetary transactions (for example, whether a customer should be given a discount, and if so, how much), this problem can also directly affect the bottom line.
Business rule solution: A structured approach helps you think through rules before the fact.
2. Miscommunication: Misunderstanding of key business concepts inevitably results in miscommunication. Does preferred customer discount mean the same across all departments? If not, what are the differences? What rules apply? Do these rules differ for different areas of the business? Are the rules consistent?
Business rule solution: A clear set of concepts provides a foundation on which rules can be directly based.
3. Inaccessible rules: Finding out what rules apply to a given business situation often involves an open-ended search through multiple sources. It is not uncommon in the end to resort to the application source code. Pursuing rules in this fashion is time-consuming, inefficient, and inaccurate.
Business rule solution: A way to manage business rules provides direct accessibility.
4. Massive differentiation: Many businesses seek to support highly individualized relationships with growing numbers of customers and other partners for ever more complex products or services. How can businesses massively differentiate between business parties and, at the very same time, conduct each business transaction faster, more accurately, and at ever lower costs?
Business rule solution: A rule-based approach featuring rapid development and deployment of rules supports differentiation.
5. The need to keep up to speed: Rapid change, at an ever faster pace, is a fact of life. In the Internet age, people expect almost instantaneous implementation of changes. How can line workers consumed with day-to-day activities ever hope to keep up?
Business rule solution: Real-time delivery of business logic to knowledge workers as errors actually occur creates a seamless, never-ending, self-training environment.
6. Knowledge walking out the door: By and large, baby boomers created much of the operational business capacity and operational systems we see in place in larger organizations today. Much of the related knowledge still sits in their heads—and nowhere else. What will happen when they retire? On a smaller scale, people with vital operational knowledge walk out the door almost every day.
Business rule solution: A systematic way of capturing, documenting, and retaining the business rules prevents the loss of knowledge when people leave.
~~~~~~~~~~Excerpted from Principles of the Business Rule Approach, by Ronald G. Ross, AddisonWesley, 2003, pp. xx-xxii.Note: This list of benefits was written a dozen years ago. It seems the more things change, the more they stay the same for business rules. About the only thing I would alter today is to add the following buzzwords for the respective benefits.
Your ability to respond in appropriate ways to pinpoint circumstances where business rules are breached – automatically and independently of processes – provides the mechanism you need to support very smart, very friendly business systems. Normally we think about breaches occurring for behavioral rules, where a breach means a violation has occurred. Can breaches occur for decision rules too? The answer is yes and no. Read on!
A breach occurs for a business rule when the business rule isn’t satisfied upon being applied to some set of circumstances (state of affairs). Normally we think about breaches occurring for behavioral rules, where a breach means a violation has occurred (e.g., you violated the posted speed limit).
The potential for violations of behavioral rules raises several important questions that business analysts should answer in advance of deployment for each behavioral rule:
1. What level of enforcement should be applied.
2. What special response to a violation is appropriate, if any.
3. What special message, if any, should be returned to some worker(s) upon a violation.
Unlike behavioral rules, no definitional rule can ever be violated. Literally, things must be correct under such rules by definition.
Let’s take an example. Suppose somebody asserts “2+2=5”. According to the rules of mathematics, we know the correct answer is 4. The answer “5” is deemed irrevocably wrong. But is the asserted answer ever allowed to stand?
If the rule is defined as a decision rule, the asserted answer is never allowed to stand. More precisely, the assertion would never be recognized to have happened in the first place. If someone asserts “2+2” the answer “4” is concluded immediately. Period. No breach, no opportunity for error.
If defined as a behavioral rule (one that is not strictly enforced), the asserted answer is allowed to stand, but a violation is recognized. How might that capability be useful? Suppose the error were made by a student in grade school. It might be quite useful for the student and/or a tutor to know about it immediately and automatically. Specifying an appropriate violation response can make such notification happen.
In business, of course, definitional rules can be far more complex. Nonetheless, your ability to respond in appropriate ways to the pinpoint circumstances where certain rule-related events occur – automatically and independently of processes – provides exactly the mechanism you need to support very smart, very friendly operational business decision systems.
Decision Rules and Breaches
Decision rules are a special kind of definitional rule involving implications (e.g., A implies B). They support inferences and determinations – identifying an appropriate outcome from among a set of alternatives.
Like all decision rules, definitional rules cannot be violated. They are simply deemed true by definition.
Purely from a business perspective, however, some assertions of fact(s) may make it appear that a breach-like event has occurred. I take pains to emphasize any such perception is purely from the business perspective, not from the perspective of logic. You perceive a breach of a decision rule simply because it’s useful to do so, not because any true violation has occurred.
In evaluating some particular case (situation, set of circumstances, or matter of concern), for example, things might not follow the ‘happy path’. Think of a breach of a decision rule as a bump in the road – a gap along the happy path.
Let’s return to the three questions listed earlier. Although the first question about enforcement level obviously doesn’t apply to decision rules, adjusted versions of questions 2 and 3 remain in play.
Consider the following simple business example. Suppose a bank has this decision rule:
A credit application must be considered discrepancy-free with respect to a credit report for the applicant if all the following are the same:
date of birth
Social Security Number
Let’s suppose that an applicant uses just the initial for her middle name on her credit application. If the credit report shows her full middle name, then the names are not the same and the credit application will not be considered discrepancy-free.
Note carefully the rule hasn’t been violated; it did its ‘work’ correctly and it did reach the proper conclusion (not discrepancy-free). But a gap – a breach – for her case has been identified from a business perspective because the rule failed on one of the conditions. We should be able to take advantage of that breach to take appropriate action – selectively, automatically and in real time.
For example, the desired response to the breach might be to insert the following to-do item in the work queue of the responsible staff member: “Review discrepancy and manually ok if appropriate”. (The to-do item should naturally also provide ready access to the related documents.) The breach of the rule causes this action to occur automatically.
Think about how many decision rules might exist for determining credit-worthiness, and how many selective conditions they might have. Could you build a responsive system by incorporating the selective responses needed into the related process model(s)? Not a chance – that approach won’t scale. Instead, the selective responses need to be specified based on the business-rule side of things.
Kinds of Breach Specifications for Decision Rules
Breach specifications for a decision rule can be of the following two kinds.Breach Response. A breach response can be an action of virtually any kind. For example, a breach action might be to:
Add some task(s) to a (non-redundant) to-do list in some appropriate work queue.
Add some documentation items to a (non-redundant) not-yet-received list.
By these means very selective follow-up processing/handling (“what to do next”) can be organized pertaining to any specific issue (breach) for a given case. Such selectivity is made possible by the granularity of the rules.
Breach Message. A specially-worded breach message can be forwarded to any involved party either inside or outside the company. A breach message generally explains one or both of the following at any level of detail desired:
Why the rule or condition failed. (The rule or condition statement already indicates very precisely what the issue is, but the breach message can explain in a more friendly manner.)
What should be done to address the issue.
More Complex Example
Breach specifications apply selectively and specifically to a decision rule and/or any of its conditions. A breach specification applies if and only if that decision rule and/or condition fails (is not true) in evaluating some specific case (e.g., a specific credit application). An example of a decision rule with condition-specific breach specifications is illustrated in Table 1.
Table 1. Example of More Complex Decision Rule with Condition-Specific Breach Specifications
A fluctuating income must be considered eligible if all the following are true:
Conditions of the
the applicant has a 3-year proven track record of consistent income
the applicant is likely to have comparable income in the future
Add to-do item for that credit application: “Contact employer to verify applicant has reasonable opportunity for future income.”
the income is validated
Add required documentation items not yet received to a pending list for the credit application.
To applicant: “[date] Here’s a list of documentation items related to your income we have not yet received. [pending list].”
Using Breach Specifications
Breach specifications can be:
General for an entire decision rule including all its conditions. (The example in Table 1 doesn’t include any whole-rule specifications. If the rule did they would appear in the first row.)
Specific to a given condition.
Specific to collections of conditions (none shown for the example).
A breach is detected only if the conclusion of the rule as a whole, or some particular condition within it, evaluates to not true. Things being true should be viewed as moving the case along the desired path (i.e., no breach has occurred). Decision rules (and breach specifications) should be expressed carefully so as to preserve this positive orientation.
Generally, breach actions should be specified only if something can be done to overcome a failure (of a rule or condition). The goal is to move things forward in the case. In the example above, for instance, if nothing whatsoever can be done to correct an issue, the credit application should simply be declined. A behavioral rule to that effect should be specified.
In hierarchies of decisions (e.g., as in Q-Charts) and decision rules (e.g., as based on series of logical dependencies), breach specifications should generally be made only at the lowest level of rule reduction/decomposition. A rule at a higher level in a logical hierarchy only evaluates to not true if some rule(s) below it evaluate to not true. Define breach specifications at the lowest level of granularity.
Although rules can be specified in violation specifications for behavioral rules (e.g., to express some sanction or penalty), they should never be specified within breach specifications for a decision rule. Such ‘nesting’ of rules, especially on the basis of ‘not true’, is inappropriate.
Otherwise the advantages of overall declarative specification can be forfeited.
By default, breach specifications for a decision rule apply only the first time it is evaluated for each case. The assumption is that all business rules, including decision rules, are evaluated on a continuous basis. Re-application of any breach specification for a case therefore requires additional timing and iteration criteria. Whether a case is evaluated iteratively on the same set of decision rules based on timing criteria applied by or for some external process or platform is outside the scope of this discussion. No matter what the scheme of evaluation, the expression of the decision rules – as for all business rules – should be completely unaware of it.
Want context-sensitive business rules? It doesn’t necessarily work the way you think it might. Let’s take an example: A client must have a physical address. That’s the rule; it just says what it says.
Separately from the rule itself, several things can be specified:
How strictly the rule is to be enforced. Such specification might be: ‘strictly enforced’, ‘override with prior authorization’, ‘override with explanation’, ‘guideline’, etc.
What response and/or message is appropriate when the rule is violated.
Both things can be specified to be context-dependent. Back to the example:
Suppose the rule is violated in signing up as a member of a website. The enforcement level might be “guideline” and the response might be “We encourage you to provide this information so that we may serve you better in the future.”
Suppose the rule is violated in placing an order. The enforcement level might be “strictly enforced” and the response might be “We’re sorry. But we need your address to send you this order.”
There are two fundamental kinds of business rules: behavioral rules and decision rules. Behavioral rules are rules people can violate; decision rules are rules that shape knowledge or information. Decision rules cannot be violated – knowledge or information just is what it is defined to be. Common to all business rules, no matter which category, is that you want them directly traceable for compliance and other purposes.
How do behavioral rules and decision rules apply differentially to service workers vs. white-collar workers vs. gold-collar workers?
Service workers are primarily subject to obeying behavioral rules, or are charged with applying them. Examples:
A counter attendant must not accept a credit card for a purchase under $10.
A flight attendant must ensure passengers have buckled their seat belts for each take-off and landing.
Service workers are subject to operational business decisions made by white-collar workers, but do not play a significant role in making such decisions themselves.White-collar workers are typically involved in business processes where operational business decisions are made. Examples:
Should this loan applicant be given a mortgage?
What flight crew should be assigned to this flight?
White-collar workers generally do not define decision rules themselves – that’s typically work for gold-collar workers. Where such rules are incomplete, unspecified or contradictory, however, white-collar workers generally rely on personal heuristics and experience to make decisions. This approach puts the main goals for white-collar work – consistency and traceability – at jeopardy.White-collar workers, like all workers, are subject to behavioral rules. Examples:
A loan officer must not handle a loan application placed by a family member
The website description for a new product must be approved by two senior managers.
Gold-collar workers (for explanation see http://www.brsolutions.com/2014/08/11/is-%e2%80%9cknowledge-worker%e2%80%9d-the-best-term-for-decision-engineering/) are responsible for non-routine, knowledge-intensive work. The primary goals for such work is that it be insightful (e.g., as in the case of medical diagnosis that fits the available data better) or creative (e.g., as in the case of a new marketing strategy). This type of work is generally beyond the scope of decision rules.
Although gold-collar workers often conduct their work in relatively independent fashion, the work is generally subject to “very close normative control from organizations they work for” [Wikipedia]. Think medical malpractice or following generally accepted principles of accounting. These normative controls, since they can be violated, are sets of behavioral rules.www.BRSolutions.com
Based on the OMG standard SBVR (Semantics of Business Vocabulary and Business Rules). For more on SBVR see the SBVR Insider section on www.BRCommunity.com.
Pink-collar worker is a term sometimes used (in the U.S. at least) to refer to a job in the service industry. Many people find the term off-putting because it traditionally referred to jobs relegated to women. I avoid the term for several other reasons. The category includes:
Such roles as buyers, loan interviewers, dieticians, administrative assistants, etc., whose work at the high-end should be considered white-collar.
Many workers providing personal services on an individual basis, rather than business services in the usual sense. Examples include midwives; hairdressers and barbers; baby sitters and nannies; personal shoppers and fashion stylists; etc.
Clearly many businesses do have extensive staff that is neither white-collar nor gold-collar working to deliver services. Examples include retail workers, sales staff, flight attendants, hotel housekeepers, counter attendants, receptionists, etc. I just call them service workers since they don’t have any traditional uniform color – white, blue or otherwise.Are service workers subject to business rules? Absolutely. Generally these rules are behavioral rules rather than decision rules, however, since their jobs do not focus on operational business decisions. More about that in my next post.www.BRSolutions.com
Some people argue that a knowledge worker is someone who gets paid to improvise or innovate, a factor distinct from the amount of training the worker receives. By this criterion even blue-collar workers can be considered knowledge workers if they constantly improvise or innovate. I don’t find the notion helpful. In my mind, a blue-collar worker who is constantly improvising or innovating, for example, has become an engineer – which is gold-collar, not blue-collar. (For explanation of gold-collar work, see http://www.brsolutions.com/2014/08/11/is-%e2%80%9cknowledge-worker%e2%80%9d-the-best-term-for-decision-engineering/)With respect to white-collar work, what I see in many organizations is white-collar entropy, all resulting from continuous and counterproductive ‘improvising’. A vacuum of coordination filled with too much information simply does not translate into a more productive organization. The more likely result is inconsistency, the enemy of good customer experience.The improvise-and-innovate argument also holds that knowledge workers don’t just apply rules – they invent rules. Hang on a minute. To take a real-life example, do we really want police officers (officers on the beat) inventing rules?! I think not. Their job is to apply rules (laws), not invent them. Otherwise we’d be living in a police state. In a well-run organization, just as in society, above all you want consistency at the operational level. If I call my bank ten different times, I should get the same answer ten different times. If I apply for a mortgage from the same bank at ten different branches, I should get the same result ten different times.
In my experience, that’s hardly the norm. Why? If staff works in an environment where many of the rules are tacit, contradictory, ambiguous, poorly implemented, inaccessible, and/or unintelligible, of course the staff will improvise.
Contrary to what some believe, well-defined rules do not lessen creativity (space to improvise and innovate about how to get desired results). That’s not the way it works. Absence of rules is literally anarchy – and only the bad guys look clever in that context.www.BRSolutions.com
In my most recent post, I distinguished between white-collar and gold-collar workers. See http://www.brsolutions.com/2014/08/11/is-%e2%80%9cknowledge-worker%e2%80%9d-the-best-term-for-decision-engineering/Can you differentiate between white-collar work and gold-collar work by whether it can be automated? In a day and age when IBM Watson can win at Jeopardy, I think it’s probably foolish to try.But I don’t think that’s the right question. Instead, I would ask whether the problem spaces are sufficiently distinct that they require different approaches. The answer to that question is definitely yes. That’s one reason I think it’s important not to say simply “knowledge worker” in process models. Companies pay gold-collar workers for their professional insight, creativity, and ability to digest huge amounts of knowledge on a continuous basis. Novel, unexpected results that fit the data better are at a premium. That’s not what companies pay white-collar workers for – or at least it shouldn’t be. Instead, they should pay white-collar workers to produce consistent results on decisions reached through directly traceable logic – that is, business rules. Unexpected results represent a failure – of an individual worker, a training regimen, or the rules themselves.More often than not, I think the problem actually lies with the rules. In many companies, we ask humans to make operational business decisions in a fog of byzantine rules – rules often far more complex than reasonable (or profitable). In addition, the ‘real’ rules are frequently more tacit or inaccessible than anyone cares to admit. In my view we simply have never been serious about defining, organizing and managing the rules in white-collar decision-making in a reasonable, scalable manner. And we certainly haven’t yet harnessed the power of computers to help with the business-side problem of rule management.www.BRSolutions.com
I was reading some discussion about data models the other day and came across the following:
“The relationships between entities define the rules about which entities relate to others, as well as the number of minimum and maximum occurrences on each side of the relationship.”
Rules is definitely the wrong choice of word here. The misconception that relationships per se in data models represent (business) rules goes all the way back to the 1980s. It’s simply wrong. Instead I would say:
The relationships between entities provide structure for the data model, specifically indicating which entities relate to which and how. Specifications for a relationship typically indicate the number of minimum and maximum occurrences allowed on each side of that relationship – i.e., their cardinalities.
Of the three typical cardinality values – zero, one and many – only one removes any degree of freedom, and thus could be said to represent a rule. In any case, cardinality per se is a specification device; the business rule is in the meaning – for example:
A customer may be related to at most only one sales area.
Caveat: I reserve the right to change my mind on this at any time and would love to be proven wrong.The key characteristic of many operational business decisions is that they need to be directly traceable to business policy, regulations, contractual obligations, and so on. You need to be able to readily demonstrate compliance in the broadest sense of the word. (That of course has always been true for business rules. That’s what they do!) So for that reason and others, I doubt that IBM Watson and peers will prove viable platforms for execution-time support of business rules.The engineering of rules themselves – rule engineering – will remain professional work for humans to do (hopefully assisted by machines). Fortunately effective techniques for rule engineering have been proven in practice.I know some experts are calling for smart processes or intelligent processes these days. But if they’re not addressing business rules, they’re not really that smart. We want to enable smartbusiness, not just smart processes.
 These include platform-independent expression guidelines such as RuleSpeak (free on www.RuleSpeak.com). In our book Building Business Solutions: Business Analysis with Business Rules we explain patterns for harvesting business rules from business process models and other deliverables. We have also developed highly effective techniques for decision engineering. See our Primers (free): http://www.brsolutions.com/publications.php#primers
My Answer: Look at it this way. If you have no explicit business rules enabling people to do something correctly and consistently, you’ll have no rules for a machine to do it right. Except for speed and memory, machines are no smarter than people. The test of high-quality business rules is whether people could do it right.It’s shocking to me how many people think they can just use a BRMS or decision management platform to address a problem without having to express the rules clearly to other people first. I guess that silver bullet syndrome will always be with us. In any case, making tacit know-how explicit as business rules is first a business and communication problem, then and only then a platform problem.
“We actively use the BRS business-side techniques and train our business analysts in the approach. The techniques bring clarity between our BAs & customers, plus more robust requirements for our development teams. We’ve seen tremendous value.”
Jeanine Bradley – Railinc
“I found the course interesting and will be helpful.
I like the pragmatic reality you discuss, while a rule tool would be great, recognizing many people will use Word/Excel to capture them helps. We can’t jump from crazy to perfect in one leap!
Use of the polls is also great. Helps see how everyone else is doing (we are not alone), and helps us think about our current state.”
Trevor – Investors Group
“Instructors were very knowledgeable and could clearly explain concepts and convey importance of strategy and architecture.
It was a more comprehensive, holistic approach to the subject than other training. Emphasis on understanding the business prior to technology considerations was reassuring to business stakeholders.”
Bernard – Government of Canada
“A great class that explains the importance of business rules in today’s work place.”
Christopher – McKesson
“You did a wonderful job!! The material was organized and valuable.”
Janell – Texas State University
“Your work has been one of the foundations of my success in our shared passion for data integration. It has had a huge impact on innumerable people!”