When the Business Rules Manifesto was published in 2003 (http://www.businessrulesgroup.org/brmanifesto.htm), I co-proposed the six items below related to business processes as an additional (eleventh) Article. The Business Rules Group (BRG) decided (probably wisely) to avoid that potentially controversial area, however, and concentrate on the core message of business rules. Since a Business Process Manifesto has been in the works, it’s worth going back over the proposed items. I believe they remain valid. So I dug them out of my Editor archives, cleaned them up a bit, and presented them below. Aside: In 2003 the BRG wasn’t careful about saying “business rule” (instead of just “rule”) and business process (instead of just “process”). But that’s what we meant – real-world rule and real-world process – not technical specifications. I’m very careful about that clarification these days. A great many people have a hard time seeing the difference. Item 1. Business rules guide business processes.

Comment: If this one is not self-evident, all bets are off.

Item 2. Business rules should be substituted for any activity in a business process where the result(s) of that activity can be produced by the business rules.

Comment: This item refers to what SBVR calls definitional rules – business rules that can derive, classify or compute something. For any given ‘something’, there might be only a single business rule, or a very large number of business rules. The ‘something’ could be an operational business decision requiring many dozens or hundreds of decision rules organized into decision tables.

One thing the item doesn’t say is that not all such ‘somethings’ need to be supported by business rules from the very beginning. In fact as Item 8.5 says, they don’t need to be. Business rules are very good for incremental development. (Development of what? Smart business processes.)

Item 3. Business rules can cause business processes to be initiated under appropriate circumstances.

Comment: Circumstances can arise that require the business to respond in a pre-scripted manner – e.g., low inventory status, potential fraud or intrusion, etc. Some business rule(s) should identify the circumstances involved in such ‘spontaneous’ business events.

Item 4. The default explanation or message for any error that occurs in a business process for a business reason is a business rule.

Comment: This item is truly ground-breaking. Business rules express the do’s and ‘don’ts’ of business activity; therefore, any error that occurs under a business process for a business reason is ‘explained’ by a business rule. What else could it be?!

Keeping systems carefully aside, and noting the obvious possibility of providing additional or alternative ‘explanations’, I like to say ‘the business rules are the error messages’. By the way, I’ve been saying that since 1994 – I have the slides (transparencies actually) to prove it. If you have doubts about this item, please provide examples(!).

Item 5. Any delay in the ability to enforce a business rule must be coordinated with business processes.

Comment: In SBVR, behavioral rules are business rules that can be violated. (Definitional rules can’t be.) An example where such delay might occur is a business rule that requires an approval or sign-off on something (e.g., an extra-large order on credit) by somebody (e.g., the branch manager) who is not immediately available. The business process for that particular something must be suspended until some future time.

Note: Additional business rule(s) providing appropriate suspense criteria (e.g., 24 hours) would be wise in such cases. We don’t want an order sitting in limbo forever(!).

Item 6. Business rules cannot constrain the workings of a business process directly, but only the following: (a) the state required for the business process to be performed; (b) the state while the business process is being performed; and (c) the results – that is, the state – the business process seeks to leave behind when finished.

Comment: I think of a business process as being like a black box with respect to business rules. The business rules cannot and should not ‘look’ inside. Instead, all matters of state should be externalized so business rules – and business people – can know it and talk about it. Get ready for this: This item indicts BPMN with its token-based approach to process state. The future lies with externalizing semantics. Sorry guys!

In preparation for this year’s Building Business Capabilities (BBC) Conference (http://goo.gl/6JcB9) and its new Business Architecture Summit (http://goo.gl/5hnzh), I’ve been doing some background research on how professionals in the space view ‘capability’. Here’s a good exchange I had with Alexander Samarin (http://goo.gl/DNGLp).  RGR: What is meant by ‘capability’ in the context of enterprise architecture?  Samarin: ‘Capability’ is the proven possession of characteristics required to perform a particular service (to produce a particular result, which may include the required performance). Capability needs to ‘understand’ the mechanics of delivering that service for expected demand. The mechanics include the resources, skills, policies, powers/authorities, systems, information, other services, etc., as well as the coordination of work within the service. There are three options to ensure a service has the required characteristics: 1. By contract (“re-active” approach) – acquire a service with the required characteristics, use it, check that its performance is acceptable and replace it if something is wrong with it. 2. By measurement (“active” approach) – implement a service, use it, measure it, improve or re-build it, etc. 3. By design (“pro-active” approach) – build a service model, run a simulation test, improve the model, build the service, use it, measure it, improve it, etc.  RGR: By contract do you mean ‘contract’ as a business person would understand it (legal), or as understood in object/component IT methodologies? Other?  Samarin: Legal.  RGR: By service do you mean a business service, a system service, an eCommerce service … other? All the above? Samarin: A service is a consumer-facing formal representation (i.e. explicitly-defined) of a self-contained (i.e. operationally-independent) provider’s repeatable set of activities which creates a result for the consumer. (It is considered that there are internal [even within an enterprise] providers and consumers.) It is important that the internal functioning of a service is hidden from its consumers, so that some parts of the enterprise can be changed independently. For example, a ‘proper’ service can be relatively easily outsourced. Services are expressed in terms of expected products, characteristics and delivery options (cost, quality, speed, capacity, geographic location, etc.) – this is the Service Level Agreement (SLA). RGR: How does the notion of business service apply to a company that sees itself selling widgets, not services in a conventional sense?  Samarin: An enterprise creates a result which has value to a customer who pays for this result. The enterprise acts as a provider (supply-side) and the customer acts as a consumer (demand-side). There is a (business) transaction between the provider and the consumer. From the point of view of the consumer (the outside-in view) the transaction is bounded by the pair ‘request and result’, e.g. from making an order to receiving goods. From the point of view of the provider (the inside-out view) the transaction is a set of several distinct activities (or units of work) which function together in a logical and coordinated manner to satisfy / delight the consumer. These activities are carried out in response to the consumer’s request which is an external business event for the provider. The main ‘problem’ is the coordination of activities (remember – they have to evolve). Processes, services, capabilities are, finally, the tools to improve the coordination (and the final outcome). For example, services are building blocks which are ‘glued’ by processes in bigger services. Capabilities are measures for how solid those blocks should be. RGR: In the approach you describe, how is the how-how handled? Surely know-how is essential to ensuring repeatable, ‘delightful’ results, gluing services together, etc. Samarin: As much as possible, ‘things’ (e.g. artifacts and relationships between them) should be made explicit and executable. For example, coordination of activities can be expressed in different techniques: template-based, event-based, data-based, rule-based, role-based, intelligence-based, community-based, etc. Also it should be known how to use those techniques together – similar to changing gears. RGR: Sounds a bit vague to me. Let me try a different angle. The problem with BPMN is that it is token-based. It doesn’t externalize the state of business things. But talking about the state of business things is exactly what business people want and need to do (and do informally in everyday conversation). Structured business vocabulary (fact models) is how you externalize state so business people can talk about it. Business rules are how the business encodes its know-how so as to constrain the states of things (and derive classifications) … and retain the know-how. Business processes attempt transforms and add value. Thoughts?  Samarin: You consider that BPMN is token-based, but it also provides some event-based coordination. For me, this is not a problem, but just a building block to execute some coordination techniques. I don’t think that BPMN is designed for externalizing states of business objects. You emphasize that business people want to know state. And, in addition, I am asked by business people to show them a course of actions to obtain the result and to warn them in case of potential problems. Different people have different needs.

There is much confusion in the Enterprise Architecture space over some of the most fundamental words in the English language: what, how, where, who, when, why. I’m afraid to say there’s some very loopy thinking out there. Zachman anticipated all this and brilliantly provided six generic models for the 6 question words. Here they are roughly as follows (and possibly needing to be adjusted slightly in his new 3.0): What:  thing-relationship-thing How:  input-process-output Where:  site-link-site Who:  role-workproduct-role When:  event-cycle-event (moment-state-moment) Why:  ends-means-ends For me, it’s hard to argue that these are not what each question is about from an architectural point of view. The only thing missing is how you relate instances of the 12 elements to comprehensively configure an enterprise at any given point in time. (Zachman calls these “integration relationships”. They’ve always been there, but only on the schematic in 3.0.) IMO, the best, most dynamic (agile) way to support the ‘integration relationships’ is business rules. What could possibly be better?

Gladys has started a new LinkedIn Group ‘Rules Say Must Not’. She’s looking for silly or dumb rules. I’m sure you know some — we run into them all the time! Share for the fun of it. (Prizes  offered for the best — uhm, worst — including an iPod!)   See  http://goo.gl/0tLD3  … Here’s my own first post. ~~~~~~~~~~~ A recent graduate from a top-ranked university registered for the MCAT, the gateway test to medical school. Let’s call him Jeffrey Hamilton (not his real name). Someday Jeffrey, known to all as Jeff, will make a great doctor. But Jeff made the mistake of actually calling himself ‘Jeff’ in registering and paying for the MCAT. Go figure.  Jeff knew the MCAT rules called for two forms of id. (Rule 1: A person’s name must be verified by two government-issued identity cards.) Not a problem. He had a passport and a driver’s license, both with photos and signatures. (Not great photos, but you know how id photos go.) He had not signed either one with his full name – just ‘Jeff Hamilton’.  As the date of the test approached, Jeff was talking to friends who had already taken the test. Just to make sure, it occurred to him to check whether his having registered as ‘Jeff’ instead of ‘Jeffrey’ might cause any problems.  As it turned out, big problems. The full names had to match. (Rule 2: A person’s full name must be given in an MCAT registration.) Only “Jeffrey” (the id’ed person) could take the test. ‘Jeff’ (the registered person) could not. O.K., he had messed up. So ‘Jeffrey Hamilton’ (the real person), being a poor recent college graduate, naturally asked for a refund of his registration fee (considerable for college kids). Not allowed – the rules said must not.  You would think that ‘Jeffrey Hamilton’ (the real person) had to be either ‘Jeff’ (the registered person) or ‘Jeffrey’ (the id’ed person). Since ‘Jeffrey Hamilton’ (the real person) could not take the test, he must not have been ‘Jeffrey’ (the id’ed person). So he must have been ‘Jeff’ (the registered person). But ‘Jeff’ (the registered person), couldn’t take the test, nor could he get a refund, even a partial one. (Rule 3 (presumably): A refund may be issued only if the name of registered person matches the full name on two government-issued id’s.) Bottom line: Poor Jeff was not himself. He was lost in identity limbo.

… And somebody did recently: What’s wrong with current business process management (BPM) practices?  1. When a discipline becomes mature, it stops seeing itself as a solution to every problem. BPM is not there. Limitations?

• It does not provide the order-of-magnitude improvement in business agility that companies need urgently.
• It is not the solution to compliance issues.
• It does not effectively provide for massive customization or personalization.

BPM needs to recognize and accommodate peers: business strategy, business rules, business vocabulary, business decisions, and business events.  2. Words matter. Well-defined business vocabulary is not a luxury or an option. It’s fundamental to effective business orchestration. Ultimately, it’s all about business communication, whether person-to-person or automated. I don’t think BPM really gets this. 3. The business world today is already in a knowledge economy (read: know-how economy); the milestone has been passed. We need to start acting and practicing accordingly. You certainly can’t get there with only BPM.

The other night I watched the movie Butch Cassidy and the Sundance Kid for about the 50^th time. It’s a highly entertaining movie – all you have to do is suspend judgment.  As a rules person, the classic scene for me is Harveychallenging Butch to a knife fight (with a knife about the size of a machete) for leadership of the gang. Now Butch is the one who’s always thinking. Stalling for a bit of time he walks an angling path toward Harveyand says, “No, no, not yet. Not until me and Harvey get the rules straightened out.” Harvey, thrown off guard, says (paraphrasing), “Rules?! There are no rules in a knife fight!” Well, exactly! Poor Harvey pays for his moment of verbal clarity with a challenge-ending reminder that, well, there are no rules in a knife fight.  In SBVR terms, Harveyexpressed an advice, a non-rule. If Harvey had been a rule analyst (doubtful) he might have said: “Any action is permitted in a knife fight.” The statement is not a rule because it removes no degree of freedom. Butch, always thinking, complied completely.