Business Rule Concepts
A business rule is simply a rule that is under business jurisdiction. Under business jurisdiction is taken to mean that the business can enact, revise, and discontinue their business rules as they see fit. If a rule is not under business jurisdiction in that sense, then it is not a business rule. For example, the 'law' of gravity is obviously not a business rule. Neither are the 'rules' of mathematics.
Business Rule Concepts
The more basic question is the real-world, non-IT meaning of rule. Clearly, rule carries the sense of guide for conduct or action, both in everyday life and in business. One way or another, this sense of rule can be found in most, if not all, authoritative dictionaries.
If a rule is to serve as a guide for conduct or action, it must also provide the actual criteria for judging or evaluating that conduct or action. In other words, a rule serves as a criterion for making decisions. A business definition of rule therefore encompasses the sense of criteria as given by authoritative dictionaries.
In contrast to a business policy, a business rule needs to be practicable. This means that a person who knows about a business rule could observe a relevant situation (including his or her own behavior) and decide directly whether or not the business was complying with the business rule. In general, a business policy is not practicable in that sense; a business policy must be interpreted into some more concrete business rule(s) that satisfy its supposed intent. (That's what the fact type in Figure 1 worded practicable element of guidance is derived from business policy is about.) For example the following business policy is not practicable: Safety is our first concern.
For a business rule (or an advice) to be practicable assumes that the business vocabulary on which it is based has been adequately developed, and has been made available as appropriate. Note the fact type in Figure 1 worded practicable element of guidance is based on fact type. Every business rule (and advice) should be directly based on a structured business vocabulary. Each business rule (and advice) is expressed using terms and wordings to create statements in building-block fashion.
Now consider this statement: An order $1,000 or less may be accepted on credit without a credit check. This statement of advice is different. It suggests a business rule that possibly hasn't been captured yet: An order over $1,000 must not be accepted on credit without a credit check. Let's assume the business needs this rule and considers it valid.
Any business rule that can be violated directly is a behavioral rule. (It doesn't matter whether it is automatable or not.) Behavioral rules are really people rules. Basic business operations typically involve significant numbers of behavioral rules.
Behavioral rules (also called operative rules) enable the business to run (i.e., to operate) its activities in a manner deemed suitable, optimal, or best aligned with its goals. Behavioral rules deliberately preclude specific possibilities (of operation) that are deemed undesirable, less effective, or potentially harmful. Behavioral rules remove those degrees of freedom. Often, sanction is real and immediate if a behavioral rule is broken.
You may have noted that none of the examples of business rule statements given above (or anywhere in these articles) use if-then syntax. A major reason is that if-then syntax is not well suited for expressing behavioral rules. See Sidebar.
Reasoning. Since behavioral rules can be broken, they require special care in reasoning (automated or otherwise). Consider the behavioral rule: A gold customer must be allowed access to the warehouse. It cannot be assumed that the business rule has always been faithfully enforced; therefore, it cannot be inferred that in every situation where it was appropriate for a gold customer to be allowed access to the warehouse, the customer actually was allowed such access. Violations happen. Reasoning must be carefully restricted in this regard for behavioral rules.
Consider the behavioral rule: An order over $1,000 must not be accepted on credit without a credit check. Suppose this behavioral rule is restated with a should instead of a must such that it reads: An order over $1,000 should not be accepted on credit without a credit check. Now does it express an advice (non-rule)?
No. It is still a business rule, only with a lighter sense of prohibition. What actually changed was its presumed level of enforcement. Rather than strictly enforced, now the business rule has the sense: It's a good thing to try to do this, but if you can't there's no sanction. In other words, now it's simply a guideline (or suggestion, if you prefer).
Guidance Message. We say that a business rule statement is the guidance message. This remains true for guidelines. A guideline can indeed be violated, but no enforcement action is taken. Instead, the end user (if authorized) is simply informed. If you think of business rules simply as hard-and-fast constraints, you're missing an important part of the picture. In the larger sense, business rules are always about dispensing basic business knowledge in real time. Guidelines are an important part of that overall scheme.
Additional business rules would be relevant to evaluating the behavioral rule: A gold customer must be allowed access to the warehouse. Specifically, what criteria should be used for determining whether a particular customer is gold or not? Here is an example: A customer is always considered a gold customer if the customer places more than 12 orders during a calendar year.
Such business rules are called definitional rules. Definitional rules always carry the sense of necessity or impossibility. To reflect that sense, RuleSpeak prescribes the rule keywords always or never to express a definitional rule.
Let's return to our two business rules. Suppose a customer appears at the warehouse, but the security guard is unaware of the criteria expressed in the definitional rule, or misapplies that criteria. Quite possibly the customer will not be given due access. The error, however, manifests itself as a violation of the behavioral rule, not the definitional rule per se. Definitional rules can be ill-conceived, misunderstood, or misapplied, but they cannot be directly violated.
Unlike behavioral rules, not all definitional rules are business rules. The reason is that not all definitional rules are under business jurisdiction. As mentioned earlier, the 'law' of gravity is obviously not under business jurisdiction. Neither are the 'rules' of mathematics.
For example, consider an 'essence' definition of gold customer: a customer that does a significant amount of business over a sustained period of time. Now compare that with the associated definitional rule: A customer is always considered a gold customer if the customer places more than 12 orders during a calendar year.
 This discussion of business rules is based on, and consistent with, the OMG 2007 standard Semantics of Business Vocabulary and Business Rules (SBVR). For more about SBVR, see my article, "The Emergence of SBVR and the True Meaning of 'Semantics': Why You Should Care (a Lot!)," Business Rules Journal, Vol. 9, No. 3 (Mar. 2008), URL:
 Examples of definitional rules in this discussion use the keywords always or never (or permissible variations) for clarity and emphasis. In current practice, distinguishing behavioral vs. definitional rules via selective keywords is not the greatest concern. For practical guidelines, refer to www.RuleSpeak.com.
Business rules are an expression of business policy in a form that is both comprehensible to business users and executable by a rule engine. From a business perspective, a business rule is a precise statement that describes, constrains, or controls some aspect of the business.
The concept of business rules is not new, and for decades analysts and developers were implementing them within business applications. Since the introduction of a Business Rule Management System application, early 2000, which provides tools to manage the rule as a standalone element, outside of the core business application, and in a form which is executable by a rule engine.
Business rules are packaged as a Rule Set which can be considered as a piece of software executed by a rule engine. Integrated in a business application, the rule set implements a sub-set of the business logic. This logic is externalized from the traditional code and can be easily changed, and maintained by business analysts instead of developers.
As opposed to business logic embedded and hidden in functions, procedures, macros or databases, business rules are clearly separated from the rule engine, a software component which executes and activates rules based on matching conditions on a set of data.
Figure 1 below illustrates this fundamental approach in implementing business logic, with the old embedded model on the left and the new architecture on the right. In many ways the approach is similar to the separation of code and data which Data Base Management Systems (DBMS) brought in the 1970s.
A rule which is externalized in a BRMS platform, and whose versions are controlled in a rule repository and deployed and executed in a rule engine, will be much easier to modify, thus reducing dramatically the time and cost to implement changes required by the business.
Traditional software life cycles such as the V cycle or waterfall model are notorious for leading to systems which costs more than expected, come to market later than planned and with outcomes not matching the clients' initial expectations. With such approaches, the business users have little ownership of the solution, and the time required to implement changes can easily range from 3 to 6 months if not more. As a result, policy owners don't feel comfortable with change which translates into a loss of agility to respond to new business and competitive situations: too much time passes between policy owners submitting requirements to IT and the actual deployment of new rules.