Do Business Rules Define the Operational Boundaries of an Organization?

I've heard it said that “business rules define the operational boundaries of an organization”. Do they?

The short answer is no. Any interpretation of business rules that suggests they directly define scope in some way – i.e., the operational edges of an organization, business area, or project – is almost certainly off-target. Even if they did, scope needs to be defined in a more basic, straightforward manner.1

But the suggestion does provide an interesting basis for discussion. Something is being bounded by business rules, but what? Does scope need to be understood in some deeper, richer sense? And how do these issues relate to smart business processes?

Business Rules as Delimiters

Let's revisit the definition of business rule. The definition we use is the following:

business rule: criterion used to:

  • guide conduct or actions
  • shape judgments of behavior
  • make decisions

Business rules can therefore be used to delimit:

  • Acceptable or desirable conduct or actions from unacceptable or undesirable conduct or actions.
  • Proper behavior from improper behavior.
  • Correct or best decisions from incorrect or poorer decisions.

These delimitations might be called 'boundaries'. But note these 'boundaries' are a result of applying business rules, not what business rules fundamentally are (i.e., guides or criteria).

To say that business rules are boundaries can therefore be misleading. A thing is best defined according to what it is, not by what it might do or produce. An umbrella might be used as a weapon, for example, but it's still an umbrella.

Business Rules as Soft Delimiters

The delimitations produced by business rules are not so rigid as the term boundary might suggest. The key is enforcement level – how strictly a business rule is to be enforced when violations are detected.

Depending on the enforcement level specified for any particular behavioral rule, the rule might be overridden with proper authority or explanation, or even ignored (e.g., as with guidelines). See Table 1 for the most common levels of enforcement.2

Table 1. Common Enforcement Levels for Behavioral Rules

Suppose scope is understood as the kinds of behavior expected and tolerated by some model of the business. Behavior permitted when a business rule is overridden, or when a rule is applied merely as a guideline, still falls within scope understood in that sense.

In other words, violations of a rule with such enforcement levels are both expected and tolerated. Business rules specified in that way represent soft delimiters.

How hard and fast any given behavioral rule is to be enforced is an organizational decision. It's a crucial question business analysts should be asking. Indeed, enforcement level is how richness of organization response can be achieved at scale in highly adaptive business solutions.3

Lines in the Sand for Smart Business Processes

We've had a fascinating conversation of late on social media about smart business processes. Here's a good, straightforward definition.4

smart business process: a business process that is self-learning, and can adapt while running

The natural question is how smart business processes and business rules relate.

It's surprising to me (not in a pleasant way) how many process gurus can talk about business processes becoming smart without ever mentioning business rules. Do they mean system processes, not business processes? Maybe. Are there multiple dimensions to creating intelligence in processes? Probably.

So I think some bottom line, some minimum threshold, is needed to judge when business processes are smart. The question I would ask is this:

What keeps a smart business process honest?

Is a business process truly smart if it finds clever means to achieve some results where the means are:

  • illegal?
  • self-defeating?
  • at odds with the company's business policies or goals?

Clearly not. Any smart business process will always need to know which behaviors and decisions are acceptable and which ones are not. Those lines in the sand are business rules.

1For explanation of our approach to defining scope refer to Chapter 3, Building Business Solutions: Business Analysis with Business Rules, by Ronald G. Ross with Gladys S.W. Lam, An IIBA® Sponsored Handbook, Business Rule Solutions, LLC, 2011, 304 pp. URL:

2Adapted from Business Rule Concepts: Getting to the Point of Knowledge (4th ed, 2013), by Ronald G. Ross,, p. 135.

3Refer to “Breaking the Rules: Breach Questions,” by Ronald G. Ross, Business Rules Journal, Vol. 14, No. 2 (Feb. 2013), URL:

4Acks Geoffrey Darnton

Ron Ross

Ron Ross

Ronald G. Ross is Co-Founder and Principal of Business Rule Solutions, LLC ( BRS provides workshops, consulting services, publications, and methodology supporting business analysis, business rules, business vocabulary, and rule management. His popular public seminars on business rules and business analysis, the first on business rules (starting in 1996) and the longest-running in the industry, are given through AttainingEdge ( At BRS, Mr. Ross co-develops Proteus®, its landmark business analysis and business rules methodology, which features numerous innovative techniques including the popular RuleSpeak® (available free through These are the latest offerings in a 30-year career that has consistently featured creative, business-driven solutions. Mr. Ross also serves as Executive Editor of and its flagship on-line publication, Business Rules Journal. He is a regular columnist for the Journal's Commentary section which also features John Zachman, Chris Date, Terry Halpin, and Roger Burlton., hosted and sponsored by BRS, is a vertical community for professionals working with business rules and related areas. Mr. Ross was formerly Editor of the Data Base Newsletter from 1977 to 1998.