Ontological analysis of policy-based decision making Hans Weigand1∗, Paul Johannesson2, Birger Andersson2 1 Tilburg University, P.O. Box 90153, 5000 LE Tilburg, The Netherlands 2 Stockholm University, Department of Computer and Systems Sciences, Sweden Abstract Recently, a proposal has been made for an UFO-based ontology on Decision Making. The current paper builds on this work and aims to extend it by working out the relationship between decisions and policies. Organizational decisions are usually constrained by policies and rules, sometimes up to the point of completely automated decision making. Policies are relational, they exist on multiple levels within the organization and are a manifestation of organizational power. Drawing on and extending the UFO-L ontology on legal positions, we offer a critical analysis of the relationship between policy and policy document and provide ontological models for both. Keywords UFO-L, Decision-making ontology, policies 1 1. Introduction Not much ontological research has been done the internal workings of the organization. In [13], a proposal has been made for a core ontology on decision making grounded in UFO [12]. The current paper builds on this result and extends it with the investigation of an important aspect not covered in the core ontology, the policy aspect. Many organizational decisions are constrained by policies and rules – sometimes more open, sometimes more closed in the form of standards and guidelines, up to the point of completely automated decision making. We see practical risks in the way policies are usually dealt with in information systems. In the past, policies were often hidden in the code. It is positive that new developments such as the DMN standard (OMG) treat decision rules as first-class citizens and separate them from process models. However, decision rules cannot be isolated from their organizational context. This context, for example the issuer or the time of validity, can be specified in the form of meta- data, but needs to be explicit as well, for the system to be transparent, explainable, and adaptive. A good step forward would be to have an UFO-based ontology of decision making that includes policies. So far, the concept of policy has not been given much attention in UFO and existing accounts have some problems. In earlier UFO papers [12], a policy has been conceptualized as a normative description, a term originally developed in DOLCE [4]. Informally, a description is the content of a book or document. Some descriptions are normative, in the sense that they say what to do or not to do. In the DOLCE approach, a norm is identified Proceedings of the 17th International Workshop on Value Modelling and Business Ontologies (VMBO 2024), February 26–27, 2024, 's Hertogenbosch, The Netherlands ∗ Corresponding author. h.weigand@tilburguniversity.edu (H. Weigand) 0000-0002-6035-9045 (H. Weigand); 0000-0002-7416-8725 (P. Johannesson) © 2024 Copyright for this paper by its authors. Use permitted under Creative Commons License Attribution 4.0 International (CC BY 4.0). CEUR ceur-ws.org Workshop ISSN 1613-0073 Proceedings with its description [14]. Whatever the merits of this approach are, it seems to be incompatible with the UFO-L view (§2.2) in which legal positions (such as duties and rights) are modes of agents and dependent on a relator between these agents. The challenge that we address in this paper is to reconcile these two approaches. Before continuing, we briefly explore the conceptual domain. An often-applied definition is that a policy is a set of rules based on an organizational decision that addresses an important issue concerning the achievement of the overall purpose of the organization. A procedure details the steps to comply with the policy, whereas a guideline provides general guidance, and additional advice and support for policies or procedures. According to another popular view, the policy describes the why, standards the what, procedures the how, and guidelines any additional recommendations. These distinctions are also found in OMG standards (BMM, SBVR)2. Here a business rule is a “rule [element of guidance] - that is practicable and that is under business jurisdiction” whereas a business policy is “an element of governance that is not directly enforceable whose purpose is to guide an enterprise”. Business rules and business policies are mutually exclusive. The relationship is that a business rule is derived from a business policy (the former is the basis for the latter). Furthermore, OMG distinguishes a business policy from an advice (or guideline). The OMG standards are very useful by giving precise definitions of a broad range of concepts in the policy domain, but still do not solve all questions. Sometimes it seems that a policy is just less precise than a rule (intentional or unintentional ambiguity). OMG seems to create clear distinct realms, by saying that rules are practicable and under business jurisdiction and policies are guiding the organization. However, why would business polices not be under business jurisdiction, and why would rules (classified as elements of guidance) not guide organizations? In our view, OMG has managed to express common intuitions about policies quite well but is still missing a thorough ontological analysis. In DAML [19], a policy is represented as an instance of some policy type (i.e., positive or negative authorization, positive or negative obligation) with associated values for properties: priority, update timestamp and a site of enforcement. A key property is the name of a controlled action class. Through various property restrictions, a given policy can be variously scoped. Note that DAML does not distinguish between elements of guidance and elements of governance but that it introduces a distinction between policy type and instance. This distinction is not made as such in the OMG approach, although it does distinguish different deontic modes on the basis of the verbal predicate used. The paper is structured as follows. Section 2 provides the background while in Section 3 we delve deeper into the UFO definition of policies as normative descriptions. In Section 4, we present both a new Policy Ontology, grounded in UFO, in the form of OntoUML models3. Section 5 is a brief conclusion. 2 www.omg.org 3 OntoUML is an ontology-driven conceptual modeling language grounded on UFO. 2. Background We start with a description of the Core Ontology on Decision Making. As policies have a normative character, we also summarize UFO-L, an ontology of legal relations. 2.1. Core Ontology on Decision Making (COoDM) [13] describes an initial decision-making ontology COoDM grounded in UFO. Central to this ontology is the conceptualization of the decision as an intention. The decision has a goal, whose propositional content is to be satisfied by a situation, created through the execution of an action. Note that the decision is not aimed at an action but at a situation, although the executed action is important and considered to be the manifestation of the decision. The decision is itself the result of a deliberation (or decision making) action. The deliberation is triggered by a situation in which that agent’s intentions has not been satisfied. In other words, the agent is desiring a different situation. Beliefs, desires and intentions (BDI) have been studied extensively in the Multi-Agent System Literature [16]. UFO is largely in line with the BDI architecture, although not all agree that an intention has a propositional content – many defend Bratman’s approach [6] in which intentions are intentions to do. COoDM assumes a rational decision process and accordingly, the model includes preference matching and value ascriptions as part of the deliberation. The ontology makes a careful distinction between the decision as an intention (not a belief), the preferences as beliefs (not intentions), and between the agent's goal to start with. The preferences are conceptualized as value ascriptions of the agent with respect to some value experience. 2.2. UFO-L The Legal Core Ontology termed UFO-L [10] was developed by extending the foundational ontology UFO and by incorporating the theory of constitutional rights proposed by Hohfeld and Alexy [1]. In this perspective, rights are defined in terms of legal relations, as correlative to obligations of the other party. A legal position is a mode of an agent (existence-dependent) that is part of the relator between them, so it disappears when the relation ends. For instance, the rights and duties of John as husband disappear when the marriage relator with Mary would be dissolved. UFO-L has been further extended with a relational notion of normative power. Rights and duties can be given for actions that the agent is capable of anyway, such as speech or delivering a product. However, there are also actions that only exist in the legal reality, such as declaring John and Mary husband and wife or imposing a tax. These actions require not only a right but also a legal capability. Recent work on UFO-L [10] models a power-subjection relator between Power Holder and Subjection Holder, with power and subjection being modes inhering the first or the second, respectively. It also shows a creation event for this relator and how a derived legal relator can be created through an action that manifests the power-subjection relator. Between the two events, a historical dependence has been posited. UFO-L has been designed specifically for the legal domain. Examples are tax collection and the right of free speech. In this paper, we extend it in a broad normative sense and apply the patterns to internal organizational policies as well, whether these policies have a legal force or not. 3. Policies as normative descriptions? In the UFO tradition, a policy is classified as a “normative description”, being a social object. The notion of normative description stems from DOLCE [4,14] that identifies norms with norm descriptions. Masolo et al. [14] identify the following features of descriptions: • Descriptions are created by (communities of) intentional agents at the time of their first encoding in an expression of a ‘public’ (formal or informal) language. • Different expressions (possibly in different languages) can be associated to the same description, provided they have the same semantic content. • Descriptions must be encoded on (possibly multiple) physical supports. Printed or recorded texts obviously count as physical support. Whether the human memory counts as support is not clear. • Descriptions are usually accepted (adopted) by (communities of) intentional agents, but a description can exist even if no one accepts it, as long as it remains encoded; acceptance can change in time. • Descriptions cease to exist when their last physical support ceases to exist. At first sight, it looks counter-intuitive to identify a norm with a norm description. After all, an employee record is not an employee. However, a norm or right is not material, and without some written evidence, the question is what warrants us to assume there is such an entity that would be neither material nor an (eternally existing) ideal object such as numbers [9]. If it requires written evidence to be valid, then why not identify it with this description – not the physical bearer, but the contents of the physical bearer. This could also solve the problem that a norm or obligation is temporal [9]. When reasoning with norms in a Multi-Agent System, or any other rule-based system, it makes no difference whether we call these objects norms or normative descriptions. Clearly, this conceptualization of a norm deviates from the UFO-L ontology that positions the norm in an inter-personal relationship. Apart from that, we think there are several reasons not to identify norms with norm descriptions. One point is that it does not solve the temporality question but instead complicates it. Indeed, it is the case that descriptions can cease to exist. But the obligation of John to pick up Mary when he committed himself to do so in a text message, does not disappear with the removal of the text message, but with the fulfillment of the obligation. Another point is that a description can exist, it is said, when no one accepts it. This may be reasonable for textual objects (although even in that case, more nuances are needed), but for a norm, that is hard to maintain. Thirdly, the account is problematic in cultures without writing that do have norms. Fourthly, what does it mean for a document to be normative? One proposal is to treat them, e.g., a law or a traffic sign that says, “Slow down”, as speech acts. To treat an endurant as a perdurant seems highly problematic, but Donahue, for instance, goes into that direction [9]. However, even in that case: a speech act is not an obligation – it can create an obligation, as in the case of a promise, or describe an existing obligation in the form of an assertive. Finally, we note that many ontologists nowadays are social realists and social realists are less anxious about the existence of immaterial social objects [17], as long as there is some link between facts about these social objects and material facts. Habermas’ communicative theory assumes a subject world, an object world, and a social world. For Smith [17], the existence of social entities such as debts is evident, although he also argues that in writing- based cultures such as the modern world, evidential documents and speech acts that enforce these documents, such as the signing of a contract, play a decisive role. In a recent paper of Griffo [11] on contract dynamics in UFO-L, normative descriptions are mentioned alongside legal positions. The idea that norms are the content of a normative document seems to be maintained, but at the same time, a clear distinction is made between a document such as Service Agreement Description and a legal relation (with legal positions), such as a Service Agreement. “[T]here is a difference between the ontological nature of the Service Agreement and Service Agreement Description. The first one has an ontological nature of the relation and the second one has an ontological nature of object; a service agreement Description is a text while the Service Agreement is the relation itself described in the Service Agreement Description.” In the next sentence, it looks as if the two are identified again: “Furthermore, there are types of service agreements that have legal effects, such as terms of services between a provider of communication apps and customers. (...) These agreements must necessarily be written considering requirements prescribed by law.” It is said that service agreements are written (whereas texts are written) and that they have a legal effect (whereas agreements/legal relators consist of legal relations, and do not create them). The paper continues: “(..) A Legal Service Agreement (LSArelation) is a bundle of legal relations prescribed by a Legal Normative Description (e.g., the document Terms of Services drafted by WhatsApp is a Legal Normative Description, but the content of this document is a bundle of legal relations).” Here again the document and the legal relations are distinguished, but whereas earlier the document was said to describe the legal relations, now it is said that it contains a bundle of legal relations. In the related figure, there is not a component relation between the two, but a ‘prescribe’, or ‘describe’, depending on the level (we ignore this level difference here). In our view, it is not correct to identify description with contents. We can have a text describing Paris, but that does not mean that the object Paris is in the document. It is not in the physical bearer. It is also not in its content – the Information Content Entity (IAO [8]), or whatever one names it – although the term ‘Paris’ is. Our conclusion is that an identification of norm and normative description is not maintainable, and certainly not in UFO. We argue that policies are (typically complex) legal positions governing the behavior of agents, as in UFO-L. The policy document is a kind of textual or symbolic artifact [20] that plays a role of regulatory artifact (cf. §4.2). An artifact is built on the basis of a design, inhering in a design conversation, and, as for all artifacts, a distinction must be made between the artifact universal and all physical instantiations that comply with the design. In the case of documents, the design specifies the document structure; it can be identified with the information content in IAO [21]. The policy document is used by the organizational agent in making decisions – the use plan is part of the design and specifies the use effect when use conditions are met. A policy document draft does not create a policy automatically. An action is needed to come from a policy document to a policy in effect and that action (e.g. signing, publication) requires normative power. Policy documents, such as accounting standard documents, can be shared between organizations, but policies inhere in a specific organization. Both policy documents and policies need to be accounted for in a policy ontology. The relationship between the two concepts is that a policy document is about [8] or refers to [20] a policy. 4. Policy-based decision making In this section, we introduce ontological models for policy-based decision making, with an emphasis on the ontology of organizational policy. We distinguish between organizational policy and policy document artifacts. 4.1. Organizational policy pattern In UFO-C [15], delegation is a material relation derived from a social relator delegatum. When an agent A (called delegator) delegates a goal to an agent B (called delegatee), a social claim of B towards A is created. By B assuming the achievement of the goal on behalf of A, a social commitment of B towards A is also created. The commitment/claim pair composes the delegatum from which the delegation is derived. The policy pattern of Fig. 1 builds on this, but with a few extensions that are specific to organizations, rather than social relationships in general. Organizations coordinate actions towards a common goal. First, we use the term Organizer for the role name Delegator, while its type is Corporation, the employer of the organizational agents, an entity that itself is grounded in a legal relation with the government or some higher power. Although the Corporation can only act through human agents (e.g. CEO, manager), the organizational delegation is not a social relationship between two human agents, but between the Corporation in its role of Organizer and its agents. Figure 1: Organizational policy pattern Secondly, we extend the delegatum relator now called Organization with the notion Organizational Policy. The policy is not something existing on its own, but a mode of the Organizer; and since it also externally dependent on the Organizational Agent, it is positioned as part of the Organization relator. Similar for the correlative Organizational Rule. Thirdly, (here we claim that UFO-L as legal ontology is not specific enough for organizations) it must be recognized that organizational actions always use and consume resources owned by the Corporation. The Organizer not only assigns tasks to the organizational agents, it also provides access to its Org Resources (modeled here as relator, following COFRIS [2]). The powers, rights, and duties that the Organizer delegates apply to the use of these resources, including contracted work hours, in the first place. As shown in Fig. 1, an organizational policy serves (external dependency) organizational goals. The agents are not subject to these goals as such, but they are subject to the policies. In Fig. 1, we do not distinguish between atomic and complex legal positions for simplicity’s sake. Policies are typically complex, and we may use the term policy instrument for the parts and policy for the bundle. An Organizational Rule for an Org Role [7,10,18], such as treasurer or oncologist, constrains his or her actions – to be more precise, Action Universals, for instance “paying invoice” or “testing for breast cancer”. We assume that action universals can be very general or more specific. On the most general level, the action type is identified by a goal/postcondition only, for instance, “making sure that the room is clean”, or “going to Barcelona”. Action types can also be more specific, such as “flying from Amsterdam to Barcelona economy class”. When an agent performs an organizational action, for instance, paying the invoice of creditor X to the amount of $2000 on June 1, 2023, this event instantiates “paying invoice” but also “paying an international invoice above $500”, for which specific rules may apply. Between action universals, there is a subsumption relation of specialization. Example: An organizational role Treasurer that has the task to pay invoices and that has the right to pay international invoices, but in the case of amounts higher than $500, only after written consent of the department head. The legal position of the Treasurer that refers to the pay invoice action plan is part of the (complex) Governance policy that has the goal to minimize financial risks. 4.2. Policy document pattern We have argued that policy documents should be treated as artifacts. Artifacts come with make plans (the composition) and use plans. Using a textual artifact always implies reading, including interpretation but it can involve more. In the case of a normative document such as a manual to put together an IKEA bookcase, the use plan includes the actions undertaken, and basically says that, given the use conditions the use effect is a completed bookcase. In the case of an organizational policy, the use plan can include a decision action and/or the action decided upon. A use plan without organizational rules to obligate its use is a guideline. The guideline tells what to do in order to achieve the use effect. Use plans as such are not deontic; they become deontic if the organization prescribes the use plan as mandatory. Policy documents are regulatory artifacts, they can be more high-level or more operational and refer to (deontic) policies. There are also regulatory artifacts instrumental to the implementation of policies (e.g. traffic signs or speed limitation devices). Here we limit ourselves to policy documents, such as bylaws, law texts, or imposed medical guidelines. Policy documents can be modeled with a life cycle (cf. [11]. They can be changed or deactivated, resulting in different policies or their removal. One essential step in the life cycle of a policy document is the Activation event. We assume that the activation event is included in the design specification, so a policy document is not finished yet without the activation. The activation is a manifestation of the normative power of the Activator and gives it the capability (a disposition) of law or policy document. This disposition is manifested in (the creation of) a Policy at a specified point in time or at an official publication event (Effectuation). In the case of a standard document, it has the disposition when it is published by the standard organization. Fig. 2 models a policy document used as (role) Procedure in a Deliberation. Figure 2: Policy document pattern A policy document can have several use plans. For instance, a law is used by judges in a court and by citizens in making daily decisions. Here we focus on the organizational use by some Decision Maker. The use event is the manifestation of a decision support capability offered by the decision rules in the guideline. Note that, being an artifact, the design of the Policy Document is inhering in the Policy Designer - Policy User design conversation. The use may be imposed on the agent, but if the artifact is not usable, it will not work, so it has to fulfill certain user requirements. In other words, whereas the organizational agent has organizational duties that are imposed, as a user, he can have requirements. Example: Consider an organization having an ERP system in which invoices are processed according to internal controls. The system can be arranged in such a way that only the Treasurer role can order the payment, and, under certain conditions, only after consent of the Head of Department role and some other checks. In this case, the ERP software, with embedded decision rules, implements the Policy Document artifact that is used by the Treasurer in making the decision to pay the invoice. Strictly speaking, we should distinguish the IT application interpreting the rules from the rules themselves. They are used in combination. Example: An oncology specialist uses a DMN table to check if there is a contra-indication to radiotherapy. The decision rule, perhaps embedded in a clinical decision service, has its basis in a Clinical Practice Guideline. We distinguish between the CPG policy document and the CPG policy adopted by the hospital at some point and manifesting the CPG capability that constrains the work of the oncology specialist, related to the medical quality and compliance goals. For instance, contra-indication and radiotherapy decisions (action universal) should be taken according to the rules (CPG policy). The DMN table refers to the CPG policy. The CPG policy document gets the role of design document [20] for the development of the DMN table. 5. Conclusion Although extensive research has been done on formal characterizations of organizations, ontological analysis of policies based on the foundational ontology UFO is limited so far. Earlier work in UFO conceptualized policies as normative descriptions. In this paper, we have argued that a distinction must be made between policy documents as artifacts and policies as bundles of rights and duties. The former can be exchanged between organizations, the latter not. Not making the distinction leads to inconsistencies in UFO. We posit that this ontology can clarify conceptual distinctions around policy such as made in the OMG standards (§1). Our organizational policy ontology is compliant with UFO-L but specializes it for the organizational domain. This paper presents an initial organization ontology grounded in UFO that complements economic exchange ontologies such as COFRIS [2]. The work is still in progress. A typical feature of policies is that they exist on different levels and that a policy at a certain level is grounded on policies at a higher level. Policy grounding will be worked out in a next paper. References [1] Alexy, R. (2009). A Theory of Constitutional Rights. Oxford: Oxford Univ. Press. doi: 10.1080/17521467.2009.11424683 [2] Blums, I., & Weigand, H. (2023). Consolidating economic exchange ontologies for financial reporting standard setting. Data & Knowledge Eng, 145, doi: 10.1016/j.datak.2023.102148 [3] Boella, G., Lesmo, L., & Damiano, R. (2005). On the ontological status of norms. Law and the Semantic Web: Legal Ontologies, Methodologies, Legal Information Retrieval, and Applications, 125-141. [4] Borgo, S., Ferrario, R. et al (2022). DOLCE: A descriptive ontology for linguistic and cognitive engineering. Applied ontology, 17(1), 45-69. [5] Bratman, M. E. (1988). Intention, Plans and Practical Reason. Mind, 97(388). [6] Calvanese, D., Dumas, M., Maggi, F. M., & Montali, M. (2017). Semantic DMN: Formalizing decision models with domain knowledge. In Int. Joint Conf on Rules and Reasoning (pp. 70- 86). Springer. [7] Carvalho, V. A., & Almeida, J. P. A. (2015). A semantic foundation for organizational structures: a multi-level approach. In Proc. EDOC (pp. 50-59), IEEE. [8] Ceusters, W, Smith, B. (2015) Aboutness: Towards Foundations for the Information Artifact Ontology. In: Proc. of the Sixth Int. Conf on Biomedical Ontology (ICBO) CEUR 1515. [9] Donohue, B. J. (2020). Social ontology and social normativity (Doctoral dissertation, State University of New York at Buffalo). https://philpapers.org/rec/DONSOA-3 [10] Griffo, C., J.P.A. Almeida, J.A.O. Lima et al., (2023). Legal powers, subjections, disabilities, and immunities: Ontological analysis and modeling patterns, Data & Knowledge Engineering, doi: https://doi.org/10.1016/j.datak.2023.102219. [11] Griffo, C., Araujo, L. C., Brasil, M., et al (2023). Modeling the dynamics of contractual relations. Frontiers in Artificial Intelligence, 6, 1042319. [12] Guizzardi, G., de Almeida Falbo, R., & Guizzardi, R. S. (2008). Grounding software domain ontologies in the unified foundational ontology (ufo): the case of the ode software process ontology. In CIbSE (pp. 127-140). [13] Guizzardi, R., Carneiro, B. G., Porello, D., & Guizzardi, G. (2020). A core ontology on decision making. In Proc.(ONTOBRAS 2020) CEUR-WS., Vol. 2728, (pp. 9-21). [14] Masolo, C., Vieu, L., Bottazzi, E., et al (2004). Social Roles and their Descriptions. In KR (pp. 267-277). [15] de Oliveira Bringuente, A. C., de Almeida Falbo, R., & Guizzardi, G. (2011). Using a foundational ontology for reengineering a software process ontology. Journal of Information and Data Management, 2(3), 511-511. [16] Rao, A.S., Georgeff, M.P., et al.: BDI agents: from theory to practice. In: Lesser, V., Gasser, L. (eds.) Proc. ICMAS, vol. 95, pp. 312–319. MIT Press, Cambridge (1995) [17] Smith, B. (2012). How to do things with documents. Rivista di estetica, (50), 179-198. [18] Toyoshima, F. (2021). Roles and their three facets: A foundational perspective. Applied Ontology, 16(2), 161-192. [19] Uszok, A. et al., KAoS policy and domain services: toward a description-logic approach to policy representation, deconfliction, and enforcement, Proc. POLICY 2003 pp. 93-96, doi: 10.1109/POLICY.2003.1206963. [20] Weigand, H., Johannesson, P. & Andersson, B. (2021), An Artifact Ontology for Design Science Research. Data & Knowledge Eng. 133, 19 doi: 10.1016/j.datak.2021.101878 [21] Weigand, H., & Johannesson, P. (2022). Information Entities and Artifact Ontology. In: Proc. VMBO workshop co-located with CAiSE 2022, CEUR Vol 3155.