Patent Application
20200117822
The present disclosure relates to computer systems, and, in particular, to methods, systems, and computer program products for processing a matter for approval.
Business enterprises may have internal business processes that have been automated to improve efficiency. They may have workflows with rules conforming to the organizational processes to automate the day to day activities. Approvals and authorizations may also be automated where a sequence of steps are required to approve a record. For example, the steps required to approve a record may be defined in the workflow and, as the workflow execution progresses, different participants in the whole approval process may act on the record to either approve or reject the record.
Many approval processes are implemented as workflows where the sequence of steps required for a particular approval process is defined and deployed into the enterprise's workflows. Any change required in the approval process typically requires a cancellation of the currently executing workflow process and redeployment of the workflow. Also, different entities in the enterprise may require different approval processes. As a result, one approval process may not be able to cater to all of the approval scenarios.
In some embodiments of the inventive subject matter, a method comprises, performing by a processor, operations comprising: generating an approval routing matrix that is configured to associate a route with at least one a plurality of roles for accessing a record in a storage medium, the record being representative of a matter for approval, receiving a request to approve the matter, generating an assignment matrix based on the approval routing matrix, the assignment matrix being configured to specify an order in which the at least one of the plurality of roles are granted access to the record, allowing access to the record to at least one user associated with the at least one of the plurality of roles, respectively, in the order specified in the assignment matrix, and determining whether the matter is approved based on input received by the at least one user associated with the at least one of the plurality of roles, respectively.
In other embodiments of the inventive subject matter, a system comprises a processor and a memory coupled to the processor and comprising computer readable program code embodied in the memory that is executable by the processor to perform operations comprising: generating an approval routing matrix that is configured to associate a route with at least one a plurality of roles for accessing a record in a storage medium, the record being representative of a matter for approval, receiving a request to approve the matter, generating an assignment matrix based on the approval routing matrix, the assignment matrix being configured to specify an order in which the at least one of the plurality of roles are granted access to the record, allowing access to the record to at least one user associated with the at least one of the plurality of roles, respectively, in the order specified in the assignment matrix, and determining whether the matter is approved based on input received by the at least one user associated with the at least one of the plurality of roles, respectively.
In further embodiments of the inventive subject matter, a computer program product comprises a tangible computer readable storage medium comprising computer readable program code embodied in the medium that is executable by a processor to perform operations comprising: generating an approval routing matrix that is configured to associate a route with at least one a plurality of roles for accessing a record in a storage medium, the record being representative of a matter for approval, receiving a request to approve the matter, generating an assignment matrix based on the approval routing matrix, the assignment matrix being configured to specify an order in which the at least one of the plurality of roles are granted access to the record, allowing access to the record to at least one user associated with the at least one of the plurality of roles, respectively, in the order specified in the assignment matrix, and determining whether the matter is approved based on input received by the at least one user associated with the at least one of the plurality of roles, respectively.
It is noted that aspects described with respect to one embodiment may be incorporated in different embodiments although not specifically described relative thereto. That is, all embodiments and/or features of any embodiments can be combined in any way and/or combination. Moreover, other methods, systems, articles of manufacture, and/or computer program products according to embodiments of the inventive subject matter will be or become apparent to one with skill in the art upon review of the following drawings and detailed description. It is intended that all such additional systems, methods, articles of manufacture, and/or computer program products be included within this description, be within the scope of the present inventive subject matter, and be protected by the accompanying claims. It is further intended that all embodiments disclosed herein can be implemented separately or combined in any way and/or combination.
Other features of embodiments will be more readily understood from the following detailed description of specific embodiments thereof when read in conjunction with the accompanying drawings, in which:
In the following detailed description, numerous specific details are set forth to provide a thorough understanding of embodiments of the present disclosure. However, it will be understood by those skilled in the art that the present invention may be practiced without these specific details. In some instances, well-known methods, procedures, components and circuits have not been described in detail so as not to obscure the present disclosure. It is intended that all embodiments disclosed herein can be implemented separately or combined in any way and/or combination. Aspects described with respect to one embodiment may be incorporated in different embodiments although not specifically described relative thereto. That is, all embodiments and/or features of any embodiments can be combined in any way and/or combination.
As used herein, a “service” includes, but is not limited to, a software and/or hardware service, such as cloud services in which software, platforms, and infrastructure are provided remotely through, for example, the Internet. A service may be provided using Software as a Service (SaaS), Platform as a Service (PaaS), and/or Infrastructure as a Service (IaaS) delivery models. In the SaaS model, customers generally access software residing in the cloud using a thin client, such as a browser, for example. In the PaaS model, the customer typically creates and deploys the software in the cloud sometimes using tools, libraries, and routines provided through the cloud service provider. The cloud service provider may provide the network, servers, storage, and other tools used to host the customer's application(s). In the IaaS model, the cloud service provider provides physical and/or virtual machines along with hypervisor(s). The customer installs operating system images along with application software on the physical and/or virtual infrastructure provided by the cloud service provider.
As used herein, the term “data processing facility” includes, but it is not limited to, a hardware element, firmware component, and/or software component. A data processing system may be configured with one or more data processing facilities.
Embodiments of the inventive subject matter are described herein in the context of generating a dynamic authorization matrix that may comprise and/or represent one or more matrices, such as an approval routing matrix and an assignment matrix. The matrices described herein may be implemented in different ways in accordance with various embodiments of the inventive subject matter including, but not limited to, a relational database model, such as a DB2 database, a flat database model, a hierarchical database model, a network database model, an object-relational database model, and a star schema database model. In other embodiments, the matrices may be implemented using one or more data structures, such as an array, a linked list, and the like.
Some embodiments of the inventive subject matter stem from a realization that approval processes may lack the flexibility to adapt to changing organizational operation models, such as, for example, a change in organizational breakdown structure, a change in approval authority, or the addition/subtraction of approvers to a current approval process. It may not be possible to make changes to an approval process that is already in progress. Any changes to an approval process, even for a particular record, may require a change in the workflow design and a subsequent cancellation and re-deployment of the workflow/approval process.
According to some embodiments of the inventive subject matter, approval requests may be managed using a dynamic authorization matrix for any type of entity that requires approvals, including, but not limited to, financial transactions and change requests. Embodiments of the inventive subject matter are not limited to particular types of records for which the approval process is to be designed and implemented. The dynamic authorization matrix makes use of organizational roles that are representative of participants in the approval process.
Embodiments of the inventive subject matter may include one or more of the following aspects: a generic and dynamic approval process may be provided for any organizational entities, which can range from financial transactions to change requests; approval rules may be dynamically reconfigurable and may be aligned to changing business operational needs; new approval routes may be dynamically introduced and/or existing approval routes may be amended for in-progress approval processes; additional approvals can be introduced as needed to supplement existing approvals; approval processes can be dynamically reconfigured without the need to cancel and/or re-start existing approval processes; approval routing information used by each process may assist in identifying various approval patterns and/or paths within an organization and may contribute to future process improvements; the dynamic approval process can be used with Business Process Management (BPM) tools and may augment workflow/process flow tools to facilitate dynamic approvals; and the dynamic approval process may obviate the need for hard coded process definitions and rules for processing approval requests.
Embodiments of the inventive subject matter may make use of a dynamic authorization matrix, which may include or represent one or more matrices, such as an approval routing matrix and/or an assignment matrix, where different approval routing information may be defined (e.g., for a particular scenario that can trigger an approval process), such as the roles involved in the approval process, the number of participants from the particular role, the priority of the role in the approval process, whether the approvals should be sequential or parallel, and any pre-condition and/or post-condition handler information for each individual approval step.
Embodiments of the dynamic authorization matrix may make use of the concept of routes and, in some embodiments, the ability to have multiple routes and also the ability to execute these routes in either in sequential or parallel mode. Such flexibility may allow dynamic authorization matrix to cater to complex authorization needs of an enterprise. Some embodiments of the inventive subject matter may be illustrated by way of example:
1. In an organization O1, the requirement of the authorizations for any vendor payment above $100K can be:
2. In an organization O2, the requirement of the authorization for any change request approval can be:
Referring to
In some embodiments of the inventive subject matter, the approval server 115 may include an approval module 118 that is configured to manage approval requests for records in the managed system 130 using a dynamic authorization matrix for any type of entity that requires approvals, including, but not limited to, financial transactions and change requests. The dynamic authorization matrix may comprise and/or represent an approval routing matrix and/or an assignment matrix that may be stored in a database 125 or other information repository. The records representing the matters for approvals may be stored in the database 125 and/or other computer readable storage media/medium accessible to the approval server 115 and/or the managed system 130.
Although
Referring now to
As shown in
The approval routing matrix generator module 325 may be configured to generate the approval routing matrix 340 through definition of one or more routes comprising one or more roles representing individuals that are required for approving a matter that is represented as a record. Each route may specify the order in which individuals associated with the various roles may access the record and indicate their approval of the matter or deny approval of the matter. Each route may represent one combination of roles and an authorization order for approving or partially approving a matter. There may be other combinations of roles and/or authorization orders for approving or furthering the approval of the same matter. Accordingly, a record representing a matter may have multiple routes associated therewith. The order in which the routes are executed may be sequential or in parallel in accordance with various embodiments of the inventive subject matter. Moreover, the order in which users associated with the roles are allowed access to the record may be sequential or in parallel in accordance with various embodiments of the inventive subject matter.
The validation engine 330 may be configured to process the approval routing matrix 340 to identify conflicts and/or ambiguities in the defined routes, roles, and/or the priorities assigned thereto. These conflicts and/or ambiguities may be used as a basis for amending the approval routing matrix 340 and/or waiting until execution of the approval process has started to determine then whether to make amendments. The validation engine 330 may also be invoked during execution of the approval process when the approval routing matrix 340 is modified due to changing approval requirements, for example. The validation engine 330 may use example rules including, but not limited to the following:
1. The approval routing matrix 340 cannot have duplicate routes defined (i.e., the same combination of roles, users per role and priority).
2. For any individual route, the same role cannot appear more than once.
3. For multi-route definition in which all the routes are defined to run in parallel mode:
The approval engine 335 may generate the assignment matrix 345 based on the approval routing matrix 340. When the approval engine 335 is invoked for the first time for a given matter for approval or record, the approval engine 335 loads the approval routing matrix corresponding to the approval trigger, i.e., the event that triggered a need to approve a matter. The approval engine 335 generates the assignment matrix 345 by extracting information from the approval routing matrix for the record associated with the matter for approval. Preparation of the assignment matrix 345 effectively denormalizes the data in the approval routing matrix 340 in a single matrix.
The communication module 350 may be configured to facilitate communication between the approval server 115 and the managed system 130, client devices 102, 105, and 110, and the database 125.
Although
Computer program code for carrying out operations of data processing systems discussed above with respect to
Moreover, the functionality of the approval server 115 of
The data processing apparatus of
Referring to
Returning to
Referring to
Referring to
Embodiments of the inventive subject matter may provide an authorization methodology based on a dynamic authorization matrix comprising, for example, an approval routing matrix and an assignment matrix, which define paths for approval of a matter known as routes, which comprise one or more roles. Each individual route can be defined to be executed in either a sequential or parallel mode, which means if a route is in sequential mode then users from the role that has the highest priority will have visibility of the record representing the matter for approval first to approve/reject the matter. After the approval from the first role is complete, the record will be visible to the users of the role with the next priority. In the case of parallel mode, the priority does not matter and the record is visible to all the users of the roles involved in a route simultaneously and when the approval criteria of any role is satisfied, the record is marked as approved and no more approvals need be performed on the record.
Thus, in some embodiments of the inventive subject matter, routes can be executed in sequential or parallel mode. In the case of sequential execution, when the approval is done as per the route definition, the highest priority route is executed first, the route with the next highest priority is subsequently taken for execution. In the case of parallel mode, all the routes are executed in parallel where the roles in each individual route can be executed either sequential or parallel mode.
According to some embodiments of the inventive subject matter, the execution of the approval process is carried out by an approval engine 335, which unlike conventional workflows does not maintain a running state of the approval process operations in memory. When the approval process of a record is to be initiated based on a trigger condition, the approval engine is invoked, which in turn performs the routing of the record to appropriate participants (users associated with roles) for approval. Based on the approval process trigger condition, the approval engine 335 first locates the approval routing matrix 340 corresponding to the trigger condition; the approval engine 335 then translates the routes defined in the approval routing matrix 335 against the record in question and creates an assignment matrix 345 to perform the initial routing to users associated with the roles. In some embodiments, routing does not signify delivery of any action items to any users; instead, routing may signify the state transition of the execution or assignment matrix 345 in terms of who currently can view the record for approval. Users who are authorized to participate in the approval process may, in some embodiments, view the records through a separate interface, which can be a Web interface. The listing of the records for approval may query the assignment matrix 345 and other auxiliary information storage to display the records to the user. When a user approves/rejects a record, the approval engine 335 is invoked, which performs the state transition to reflect the changes in the assignment matrix 345 resulting from the recent approval/rejection.
More specifically, in some embodiments, after the preparation of the assignment matrix 345, the approval engine 335 determines the first set of roles which can view the record for approval based on the assignment matrix 345 and the approval routing matrix 340. The approval engine 335 first determines if there are multiple routes associated with that record and whether the routes are supposed to be executed in parallel/sequential mode. In the case of sequential mode, the approval engine 335 will select the route with the highest defined priority and proceed while in the case of parallel mode, the approval engine 335 iterates through the entire set of routes one by one. For each route, the engine determines whether the route itself has been defined to run in sequential or parallel mode. In the case of sequential mode, engine selects the role with the highest priority and may mark the visibility flag is the assignment matrix 345 as open against that role. In the case of parallel mode, the approval engine 335 may mark the visibility flag as open for all roles involved.
When the users of a particular role view the records pending for approval, they will only see those records whose visibility flag has been marked open for their role. When a user approves a particular transaction/record, the approval engine 335 may be invoked again, this time to determine the next set of roles who can now view the record for further approval if any. Based on the record information, the approval engine 335 first stores an indication that this particular user has approved/rejected the record, this may prevent the user from re-approving the same record. The approval engine 335 then accesses the assignment matrix 345 corresponding to the particular record and finds all the routes where the role of the user is a participant. If the individual routes have been setup to run in the sequential mode, then only a single route will match. In the case where the routes have been setup to execute in the parallel mode, then the approval engine 335 finds all the matching routes. Next, the approval engine 335 increments the required number of users for that role in all the matching routes and evaluates whether the criteria for that role have been fulfilled. For a particular route, if the criteria/criterion is met, then the approval engine 335 checks the role with the next highest priority level. If the same role appears in more than one route, then that role should not have visibility and the approval engine 335 may block that particular route and unset the visibility flag for all the roles in that route. As a result, that route is blocked from any further participation in the approval process. This situation may arise only when the validation engine 330 has been provided with input during the generation of the approval routing matrix 340 to allow such a conflict or ambiguity to occur.
After the increment of the user count and searching for the role with next highest priority level, if none is found, then in the case of parallel routes, the overall approval criteria has been met and the whole record can be marked complete. In the case where the routes have been defined to run in sequential mode, then the approval engine 335 may select the next highest priority route and perform the same operations as it has performed while processing the previous higher priority route. Rejection of a record may result in the blocking of all other routes and all other roles in the current route in some embodiments of the inventive subject matter.
In some embodiments of the inventive subject matter, approvals can be changed at runtime when the approval process is in progress for a particular record. For example, if a user intends to introduce one or more participant roles in the approval process, the system may allow such a modification without the restart or redeployment of the already in-progress approval process. While the system may allow such modifications to be done at the record level approvals, in some embodiments, the validation engine 330 may enforce some runtime restrictions on the allowable modification so as to avoid any ambiguity or conflict that may arise because of the proposed amendments on the entire approval process of the record.
According to some embodiments of the inventive concept, if approval is in progress for a record, then there will be entries in the assignment matrix 345 that reflect the current state of the approval process. The assignment matrix 345 may be a de-normalized version of the approval routing matrix 340, but on a per record basis. So, when a user tries to change the current approval process and approval is in progress for that particular record, then System cannot introduce any ambiguity in the rest of the approvals for that record. Performing changes to the in-progress approval process results in a change of the current state of the assignment matrix 345 for the record. In some embodiments of the inventive subject matter, rules may be applied to restrict the type of changes that can be made to the assignment matrix 345. The following types of changes may be subject to restriction according to some embodiments of the inventive subject matter:
1. If a user with sufficient privileges performs an addition or removal of particular route(s).
2. If a user with sufficient privileges performs amendments to a particular route, such as:
In response to these types of changes, for example, the validation engine 330 evaluates the changes against the constraints that it imposes during the initial generation of the approval routing matrix. When the approval process is in-progress, more restrictions may be placed on the allowable modifications that can be performed. These restrictions may include, but are not limited to the following examples:
the required number of users for a particular role may not be changed if the criteria of the role are already fulfilled and users from the next role in priority can already view the record for approval; and
new roles can be introduced in a route if the visibility criteria are not contradicted. For example, if there are only two routes defined, in the first route, it is defined that if two users from role A completes then one user from role B can approve/reject the transaction and in the second route, it is defined that if three users from role A approve the transaction then one user from role C can approve the transaction. If an attempt is made to replace role C with role B, then an ambiguity will arise for the visibility of the transaction to role B.
Because embodiments of the inventive subject matter do not rely on any in-memory state of the current record approval in-progress, with proper validation in place via the validation engine 330, the approval routes can be changed at runtime to suit changing needs.
In the above-description of various embodiments of the present disclosure, aspects of the present disclosure may be illustrated and described herein in any of a number of patentable classes or contexts including any new and useful process, machine, manufacture, or composition of matter, or any new and useful improvement thereof. Accordingly, aspects of the present disclosure may be implemented entirely hardware, entirely software (including firmware, resident software, micro-code, etc.) or combining software and hardware implementation that may all generally be referred to herein as a “circuit,” “module,” “component,” or “system.” Furthermore, aspects of the present disclosure may take the form of a computer program product comprising one or more computer readable media having computer readable program code embodied thereon.
Any combination of one or more computer readable media may be used. The computer readable media may be a computer readable signal medium or a computer readable storage medium. A computer readable storage medium may be, for example, but not limited to, an electronic, magnetic, optical, electromagnetic, or semiconductor system, apparatus, or device, or any suitable combination of the foregoing. More specific examples (a non-exhaustive list) of the computer readable storage medium would include the following: a portable computer diskette, a hard disk, a random access memory (RAM), a read-only memory (ROM), an erasable programmable read-only memory (EPROM or Flash memory), an appropriate optical fiber with a repeater, a portable compact disc read-only memory (CD-ROM), an optical storage device, a magnetic storage device, or any suitable combination of the foregoing. In the context of this document, a computer readable storage medium may be any tangible medium that can contain, or store a program for use by or in connection with an instruction execution system, apparatus, or device.
A computer readable signal medium may include a propagated data signal with computer readable program code embodied therein, for example, in baseband or as part of a carrier wave. Such a propagated signal may take any of a variety of forms, including, but not limited to, electro-magnetic, optical, or any suitable combination thereof. A computer readable signal medium may be any computer readable medium that is not a computer readable storage medium and that can communicate, propagate, or transport a program for use by or in connection with an instruction execution system, apparatus, or device. Program code embodied on a computer readable signal medium may be transmitted using any appropriate medium, including but not limited to wireless, wireline, optical fiber cable, RF, etc., or any suitable combination of the foregoing.
Computer program code for carrying out operations for aspects of the present disclosure may be written in any combination of one or more programming languages, including an object oriented programming language such as Java, Scala, Smalltalk, Eiffel, JADE, Emerald, C++, C#, VB.NET, Python or the like, conventional procedural programming languages, such as the “C” programming language, Visual Basic, Fortran 2003, Perl, COBOL 2002, PHP, ABAP, dynamic programming languages such as Python, Ruby and Groovy, or other programming languages. The program code may execute entirely on the user's computer, partly on the user's computer, as a stand-alone software package, partly on the user's computer and partly on a remote computer or entirely on the remote computer or server. In the latter scenario, the remote computer may be connected to the user's computer through any type of network, including a local area network (LAN) or a wide area network (WAN), or the connection may be made to an external computer (for example, through the Internet using an Internet Service Provider) or in a cloud computing environment or offered as a service such as a Software as a Service (SaaS).
Aspects of the present disclosure are described herein with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems), and computer program products according to embodiments of the disclosure. It will be understood that each block of the flowchart illustrations and/or block diagrams, and combinations of blocks in the flowchart illustrations and/or block diagrams, can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable instruction execution apparatus, create a mechanism for implementing the functions/acts specified in the flowchart and/or block diagram block or blocks.
These computer program instructions may also be stored in a computer readable medium that when executed can direct a computer, other programmable data processing apparatus, or other devices to function in a particular manner, such that the instructions when stored in the computer readable medium produce an article of manufacture including instructions which when executed, cause a computer to implement the function/act specified in the flowchart and/or block diagram block or blocks. The computer program instructions may also be loaded onto a computer, other programmable instruction execution apparatus, or other devices to cause a series of operational steps to be performed on the computer, other programmable apparatuses or other devices to produce a computer implemented process such that the instructions which execute on the computer or other programmable apparatus provide processes for implementing the functions/acts specified in the flowchart and/or block diagram block or blocks.
The flowchart and block diagrams in the figures illustrate the architecture, functionality, and operation of possible implementations of systems, methods, and computer program products according to various aspects of the present disclosure. In this regard, each block in the flowchart or block diagrams may represent a module, segment, or portion of code, which comprises one or more executable instructions for implementing the specified logical function(s). It should also be noted that, in some alternative implementations, the functions noted in the block may occur out of the order noted in the figures. For example, two blocks shown in succession may, in fact, be executed substantially concurrently, or the blocks may sometimes be executed in the reverse order, depending upon the functionality involved. It will also be noted that each block of the block diagrams and/or flowchart illustration, and combinations of blocks in the block diagrams and/or flowchart illustration, can be implemented by special purpose hardware-based systems that perform the specified functions or acts, or combinations of special purpose hardware and computer instructions.
The terminology used herein is for the purpose of describing particular aspects only and is not intended to be limiting of the disclosure. As used herein, the singular forms “a”, “an” and “the” are intended to include the plural forms as well, unless the context clearly indicates otherwise. It will be further understood that the terms “comprises” and/or “comprising,” when used in this specification, specify the presence of stated features, integers, steps, operations, elements, and/or components, but do not preclude the presence or addition of one or more other features, integers, steps, operations, elements, components, and/or groups thereof. As used herein, the term “and/or” includes any and all combinations of one or more of the associated listed items. Like reference numbers signify like elements throughout the description of the figures.
The corresponding structures, materials, acts, and equivalents of any means or step plus function elements in the claims below are intended to include any disclosed structure, material, or act for performing the function in combination with other claimed elements as specifically claimed. The description of the present disclosure has been presented for purposes of illustration and description, but is not intended to be exhaustive or limited to the disclosure in the form disclosed. Many modifications and variations will be apparent to those of ordinary skill in the art without departing from the scope and spirit of the disclosure. The aspects of the disclosure herein were chosen and described in order to best explain the principles of the disclosure and the practical application, and to enable others of ordinary skill in the art to understand the disclosure with various modifications as are suited to the particular use contemplated.
