best grammar app

Case Study – Building an Identity & Access Approval system using Savvion

Submitted by Abhishek on Tue, 2011-09-06 12:01
Windows

Although Identity and Access Control may seem to be an entire application, a large portion specially the ones involving approvals can actually be done using a Business Process Management tool. In this case study, we will be talking about how to build an identity control system using Savvion Business Manager.
 
 
Problem
The AS-IS Process: Company A, an insurance giant is struggling with its identity approval system. The firm has a huge list of applications whose access control is managed on individual application level. Any user who needs access to an application needs to send an email (with business justification) to the application owners. Application owners can be found by going through the help section of the particular application’s home screen. Application owner first asks the user to get an approval from his manager (or manager’s manager ) who is at-least a vice president. The application owners logs into the application and provides the required privileges.
Here are the gaps in the process

  • Current Access control system is email based and cannot be tracked.
  • End user needs to identify the application owners.
  • Requests coming via email do not have a standard format and fields.
  • There is no SLA Monitoring and Delay escalations.
  • Metrics and report maintenance is done on excel sheets.

 
Solution
The Access control problem can be easily solved using Savvion Business Manager Workflow based solution. Since a large number of application owners, Business rules and handoffs are involved, using an automated workflow can fill in the identified gaps.
End users would use Savvion Business manager to fill in a form where they can choose their particular application from a master list. They can provide business justification,  any additional information required (based on the application) and submit the request. Savvion can take care of finding user’s manager, getting his approval and then routing it to the concerned application owner. For certain cases where access can be automated, Savvion can automatically invoke the access control logic.
Using Savvion’s Reporting and Escalations feature,  SLA and metrics can be easily captured.
 
Implementation
Here is how the implementation should be approached.
  
Step 1: Requirements Gathering
Identify the list of applications for which Access needs to be given. Get answers to the following

  • Who would be the stakeholders and signing authority for the project?
  • Where will the list of applications be obtained from. Would it be a phase wise implementation?
  • What are the fields required for each application?
  • How to determine the approval matrix?
  • What would be the Service Level Agreements for each application?
  • Would there be a Straight through processing (STP) i.e. automatic access granting?
  • Would user be able to submit request for a single application or multiple applications together?
  • What would be the format of notification emails and the final email based on approval/rejection?

Document the requirements, create screen mockups and get the end user signoff. Create Functional tests cases as well.
 
Step 2: Design and Development
In the design phase, do the following


Abhishek Mishra
Good experience in working with BPM technologies like Savvion, JBPM. Founder and Chief Editor of BPMGeek.com. Founder of Savvion Business Manager Mobility Framework Savmobify| View my BPMGeek Profile
|
best grammar app

About BPMGeek

BPMGeek is an initiative to collaborate and communicate with the growing Business process management community out there. The goal is to help developers connect with experts, ask questions, post their learning and get understanding of BPM Concepts. Often tool specific knowledge of niche areas end up developers perplexed and confused - especially when there are very less number of resources available. We will be coming up several several new features. Have a look at our Roadmap here

BPMGeek is an independent entity not associated with any Product. All BPM product professionals are invited to contribute. The Logos and Names used across the site belong to their respective owners. The viewpoints mentioned by Individual contributors are their own. BPMgeek cannot be held liable for any issues arising out of it.


BPMgeek is promoting the Nounshoun English Grammar App - developed by Constellation Software.