T. Benedict, N. Bilodeau, P. Vitkus, E. Powell, D. Morris et al., BPM CBOK Version 3.0: Guide to the Business Process Management Common Body of Knowledge, 2013.

M. Dumas, M. La-rosa, J. Mendling, and H. A. Reijers, Fundamentals of Business Process Management, 2018.

R. T. Burlton, Business Process Management: Profiting From Process. SAMS publishing, 2001.

P. Franz and M. Kirchmer, Value-Driven Business Process Management: The Value-Switch for Lasting Competitive Advantage, 2014.

M. Blyth, Business Continuity Management: Building An Effective Incident Management Plan, 2009.

O. Rejeb, R. Bastide, E. Lamine, F. Marmier, and H. Pingaud, A model driven engineering approach for business continuity management in e-health systems, 6th IEEE International Conference on Digital Ecosystems, Technologies (DEST, pp.1-7, 2012.
URL : https://hal.archives-ouvertes.fr/hal-01759597

R. J. Chapman, Simple Tools and Techniques for Enterprise Risk Management, 2011.

A. A. Nacer, C. Godart, G. Rosinosky, A. Tari, and S. Youcef, Business process outsourcing to the cloud: balancing costs with security risks, Comput. Ind, vol.104, pp.59-74, 2019.
URL : https://hal.archives-ouvertes.fr/hal-01888396

P. Radanliev, D. C. De-roure, R. Nicolescu, M. Huth, R. M. Montalvo et al., Future developments in cyber risk assessment for the internet of things, Comput. Ind, vol.102, pp.14-22, 2018.

P. Bernus, T. Goranson, J. Gøtze, A. Jensen-waud, H. Kandjani et al., Enterprise engineering and management at the crossroads, Comput. Ind, vol.79, pp.87-102, 2016.

M. Rosemann and M. Z. Muehlen, Integrating Risks in Business Process Models, ACIS 2005 Proceedings, 2005.

D. I. Dickstein and R. H. Flast, No Excuses: A Business Process Approach to Managing Operational Risk, 2008.

S. Jakoubi, T. Neubauer, and S. Tjoa, A roadmap to risk-aware business process management, IEEE Asia-Pacific Services Computing Conference, pp.23-27, 2009.

S. Jakoubi, S. Tjoa, S. Goluch, and G. Kitzler, Risk-aware business process management-establishing the link between business and security, Complex Intell. Syst. Appl, pp.1-26, 2010.

S. Suriadi, B. Weib, A. Winkelmann, A. H. Ter-hofstede, M. Adams et al., Current research in risk-aware business process management -overview, comparison and gap analysis, Commun. AIS, vol.34, 2014.

M. Lankhorst, Enterprise Architecture at Work: Modelling, Communication and Analysis, 2012.

K. Hinkelmann, A. Gerber, D. Karagiannis, B. Thoenssen, A. Van-der-merwe et al., A new paradigm for the continuous alignment of business and it: combining enterprise architecture modelling and enterprise ontology, Comput. Ind, vol.79, pp.77-86, 2016.

A. Sienou, A. Karduck, and H. Pingaud, Towards a framework for integrating risk and business process management, IFAC Proc, vol.39, pp.647-652, 2006.

A. Sienou, E. Lamine, H. Pingaud, and A. Karduck, Aspects of the BPRIM language for risk driven process engineering, On the Move to Meaningful Internet Systems: OTM 2009 Workshops, vol.5872, pp.172-183, 2009.
URL : https://hal.archives-ouvertes.fr/hal-01685418

A. Sienou, Proposition d'un cadre méthodologique pour le management intégré des risques et des processus d'entreprise, 2009.

D. Karagiannis and H. Kühn, Metamodelling platforms. E-Commerce and Web Technologies, Third International Conference, 2002.

J. Mylopoulos, Conceptual Modelling and Telos, Conceptual Modelling, Databases, and CASE: An Integrated View of Information System Development, pp.49-68, 1992.

D. Bork and H. Fill, Formal aspects of enterprise modeling methods: a comparison framework, 47th Hawaii International Conference on System Sciences (HICSS), pp.3400-3409, 2014.

D. Karagiannis and H. C. Mayr, 2016. Domain-Specific Conceptual Modeling, Concepts, Methods and Tools

D. Bork, R. A. Buchmann, D. Karagiannis, M. Lee, and E. Miron, An open platform for modeling method conceptualization: the OMiLAB digital ecosystem, Commun. Assoc. Inform. Syst, vol.44, pp.673-697, 2019.

M. F. Dallas, Value and Risk Management: A Guide to Best Practice, WB, 2011.

A. Ter-hofstede, M. Jans, J. M. Van-der-werf, N. Lybaert, and K. Vanhoof, A business process mining application for internal transaction fraud mitigation, Expert Syst. Appl, vol.38, pp.13351-13359, 2011.

J. A. Wickboldt, L. A. Bianchin, R. C. Lunardi, L. Z. Granville, L. P. Gaspary et al., A framework for risk assessment based on analysis of historical information of workflow execution in it systems, Comput. Netw, vol.55, pp.2954-2975, 2011.

N. A. Panayiotou, S. Oikonomitsios, C. Athanasiadou, and S. P. Gayialis, Risk assessment in virtual enterprise networks: a process-driven internal audit approach, Global Business: Concepts, Methodologies, Tools and Applications, pp.888-910, 2011.

A. Rogge-solti and M. Weske, Prediction of business process durations using non-Markovian stochastic petri nets, Inform. Syst, vol.54, pp.1-14, 2015.

B. Weiss and A. Winkelmann, Developing a process-oriented notation for modeling operational risks -a conceptual metamodel approach to operational risk management in knowledge intensive business processes within the financial industry, 44th Hawaii International Conference on System Sciences (HICSS), pp.1-10, 2011.

M. H. Haggag, A. E. Khedr, and H. S. Montasser, A risk-aware business process management reference model and its application in an Egyptian university, Int. J. Comput. Sci. Eng. Surv, vol.6, p.11, 2015.

K. Rotaru, C. Wilkin, L. Churilov, D. Neiger, and A. Ceglowski, Formalizing process-based risk with value-focused process engineering, Inform. Syst. E-Business Manag, vol.9, pp.447-474, 2011.

A. Pika, W. M. Van-der-aalst, M. T. Wynn, C. J. Fidge, and A. H. Ter-hofstede, Evaluating and predicting overall process risk using event logs, Inform. Sci, vol.352, pp.98-120, 2016.

S. Strecker, D. Heise, and U. Frank, Riskm: a multi-perspective modeling method for it risk assessment, Inform. Syst. Front, vol.13, pp.595-611, 2011.

R. Conforti, S. Fink, J. Manderscheid, and M. Röglinger, Prism -a predictive risk monitoring approach for business processes, International Conference on Business Process Management, pp.383-400, 2016.

S. Fenz, From the resource to the business process risk level, Proceedings of the South African Information Security Multi-Conference, p.100, 2010.

J. Kim, J. Lee, J. Lee, and I. Choi, An integrated process-related risk management approach to proactive threat and opportunity handling: a framework and rule language, Knowl. Process Manag, vol.24, pp.23-37, 2017.

X. Bai, R. Krishnan, R. Padman, and H. J. Wang, On risk management with information flows in business processes, Inform. Syst. Res, vol.24, pp.731-749, 2012.

A. Metzger and P. Bohn, Risk-based proactive process adaptation, International Conference on Service-Oriented Computing, pp.351-366, 2017.

L. Shabnam, F. Haque, M. Bhuiyan, and A. Krishna, Risk measure propagation through organisational network, IEEE 38th International Computer Software and Applications Conference Workshops, pp.217-222, 2014.

H. Lhannaoui, M. I. Kabbaj, and Z. Bakkoury, Analyzing risks in business process models using a deviational technique, 9th International Conference on Software Engineering and Applications, pp.189-194, 2014.

L. A. Shah, A. Etienne, A. Siadat, and F. Vernadat, Process-oriented risk assessment methodology for manufacturing process evaluation, Int. J. Prod. Res, vol.55, pp.4516-4529, 2017.
URL : https://hal.archives-ouvertes.fr/hal-02333489

B. Pittl, H. Fill, and G. Honegger, Enabling risk-aware enterprise modeling using semantic annotations and visual rules, Proceedings of the 25th European Conference on Information Systems (ECIS), 2017.

E. Cope, J. M. Küster, D. Etzweiler, L. Deleris, and B. Ray, Risk Extensions to the BPMN 1.1 Business Process Metamodel, p.3, 2009.

E. W. Cope, J. Kuster, D. Etzweiler, L. A. Deleris, and B. Ray, Incorporating risk into business process models, IBM J. Res. Dev, vol.54, pp.1-4, 2010.

E. W. Cope, L. A. Deleris, D. Etzweiler, J. Koehler, J. M. Kuester et al., System and method for creating and expressing risk-extended business process models, US Patent, vol.8, p.491, 2014.

A. J. Varela-vaca, R. M. Gasca, and S. Pozo, Opbus: risk-aware framework for the conformance of security-quality requirements in business processes, Proceedings of the International Conference on Security and Cryptography, pp.370-374, 2011.

A. J. Varela-vaca, Opbus: a framework for improving the dependability of riskaware business processes, AI Commun, vol.29, pp.233-235, 2016.

C. B. Haley, J. D. Moffett, R. Laney, and B. Nuseibeh, A framework for security requirements engineering, Proceedings of the 2006 International Workshop on Software Engineering for Secure Systems, pp.35-42, 2006.

B. Marcinkowski and M. Kuciapski, A business process modeling notation extension for risk handling, IFIP International Conference on Computer Information Systems and Industrial Management, pp.374-381, 2012.
URL : https://hal.archives-ouvertes.fr/hal-01551739

O. Altuhhov, R. Matulevi?ius, and N. Ahmed, An extension of business process model and notation for security risk management, Int. J. Inform. Syst. Model. Des, vol.4, pp.93-113, 2013.

S. Jakoubi, S. Tjoa, and G. Quirchmayr, Rope: a methodology for enabling the risk-aware modelling and simulation of business processes, pp.1596-1607, 2007.

S. Jakoubi, S. Tjoa, S. Goluch, and G. Kitzler, Risk-aware business process management-establishing the link between business and security, Complex Intelligent Systems and Their Applications, pp.109-135, 2010.

S. Tjoa, S. Jakoubi, G. Goluch, G. Kitzler, S. Goluch et al., A formal approach enabling risk-aware business process modeling and simulation, IEEE Trans. Serv. Comput, pp.153-166, 2011.

S. Jakoubi, S. Tjoa, S. Goluch, and G. Kitzler, A formal approach towards risk-aware service level analysis and planning, International Conference on Availability, Reliability and Security, pp.180-187, 2010.

S. Betz, S. Hickl, and A. Oberweis, Risk-aware business process modeling and simulation using xml nets, IEEE 13th Conference on Commerce and Enterprise Computing (CEC), pp.349-356, 2011.

U. Frank, The MEMOMeta Modelling language (MML) and Language Architecture, 2011.

D. Bork, D. Karagiannis, and B. Pittl, A survey of modeling language specification techniques, Inform. Syst, vol.87, 2020.

R. Conforti, M. De-leoni, M. La-rosa, and W. M. Van-der-aalst, Supporting risk-informed decisions during business process execution, Advanced Information Systems Engineering, pp.116-132, 2013.

H. Von-scheel, M. Von-rosing, M. Hove, M. Fonseca, and U. Foldager, Risk Management -Principles and Guidelines, The Complete Business Process Handbook, vol.31000, pp.11-35, 2009.

, Enterprise Integration -Constructs for Enterprise Modelling, ISO, 2007.

A. Sienou, A. P. Karduck, E. Lamine, and H. Pingaud, Business process and risk models enrichment: Considerations for business intelligence, IEEE International Conference on E-Business Engineering, pp.732-735, 2008.
URL : https://hal.archives-ouvertes.fr/hal-01685420

L. Philippe, Le pilotage par les processus et les compétences. Editions d'Organisation, 2003.

M. Bosch, Modelisation pour la simulation de chaines de production de valeur en entreprise industrielle comme outil d'aide a la decision en phase de conception/industrialization, 2007.

M. Hammer and . Champy, Reengineering the Corporation: A Manifesto for Business Revolution, Nicholas Brealy, issue.1, 1993.

R. Davis and E. Brabander, ARIS Design Platform: Getting Started with BPM, 2007.

A. Sienou, E. Lamine, A. P. Karduck, and H. Pingaud, Towards a semi-formal modeling language supporting collaboration between risk and process manager, 2nd IEEE International Conference on Digital Ecosystems and Technologies, pp.119-125, 2008.
URL : https://hal.archives-ouvertes.fr/hal-01685419

A. Sienou, E. Lamine, A. Karduck, and H. Pingaud, Conceptual model of risk: towards a risk modelling language. Web Information Systems Engineering -WISE 2007 Workshops, WISE 2007 International Workshops, pp.118-129, 2007.
URL : https://hal.archives-ouvertes.fr/hal-01685422

. Adoxx and . Org, The Adoxx Metamodeling Platform, 2019.

K. Mcneill, Metamodeling with EMF: generating concrete, reusable java snippets. Extend Eclipse Ecore Metamodel IBM 21, 2008.

V. Viyovic, M. Maksimovic, and B. Perisic, Sirius: a rapid development of DSM graphical editor, IEEE 18th International Conference on Intelligent Engineering Systems INES, pp.233-238, 2014.

J. Tolvanen and M. Rossi, Metaedit+: defining and using domain-specific modeling languages and code generators, Companion of the 18th Annual ACM SIGPLAN Conference on Object-Oriented Programming, Systems, Languages, and Applications, pp.92-93, 2003.

G. Decker, H. Overdick, and M. Weske, Oryx -an open modeling platform for the BPM community, Business Process Management, pp.382-385, 2008.

S. Cook, G. Jones, S. Kent, and A. Wills, Domain-Specific Development with Visual Studio DSL Tools, 2007.

D. Bork and E. J. Sinz, Design of a SOM business process modelling tool based on the ADOxx meta-modelling platform, Pre-Proceedings of the 4th International Workshop on Graph-Based Tools, pp.90-101, 2010.

C. Vincent, S. Taylor-adams, E. J. Chapman, D. Hewett, S. Prior et al., How to investigate and analyse clinical incidents: clinical risk unit and association of litigation and risk management protocol, BMJ, vol.320, pp.777-781, 2000.

M. Barcelona, L. Garc’Í-borgo-nón, M. Escalona, and I. Ramos, Cbgframework: a bottom-up model-based approach for collaborative business process management, Comput. Ind, vol.102, pp.1-13, 2018.

T. A. Vest, N. P. Gazda, D. H. Schenkat, and S. F. Eckel, Practice-enhancing publications about the medication use process in 2017, Am. J. Health-Syst. Pharm, 2019.

L. L. Leape, D. W. Bates, D. J. Cullen, J. Cooper, H. J. Demonaco et al., Systems analysis of adverse drug events, JAMA, vol.274, pp.35-43, 1995.

M. Bevilacqua, F. Ciarapica, and G. Mazzuto, Fuzzy cognitive maps for adverse drug event risk management, Saf. Sci, vol.102, pp.194-210, 2018.