Approvals
Approvals allows a financial institution to implement additional levels of oversight by requiring one or more users to manually review and approve critical actions that are initiated using the Common Services user interface. Critical actions requested by one user, the requester, are manually approved or rejected by other users who act as reviewers. The requested actions do not take effect until they are approved by all of the reviewers. A requester cannot review their own requested actions.
A financial institution configures Approvals by defining approval policies in a rules engine. These policies determine which actions are reviewable and how many reviewers are required to act before the action is executed. The number of reviews can differ for each reviewable action and ranges from zero to five. A single reviewer cannot perform more than one of the reviews for a given action. When a policy specifies that zero reviews are required, or when no approval policy is found for a reviewable action, the request is approved immediately.
- Level 1
- Level 2
- Level 3
Eligible reviewers
Once the rules engine returns the level of users required for each review, Approvals uses it to identify the permission needed for each review of the action. The permission determines who is eligible to perform each review for the action.
- the permission required to review the action is assigned to a group that the user is a member of
- the user is not the original requester
- the user has not already reviewed this action
- an approval request is pending for the action
Multiple roles for a requester
The role of the requester is one of the details that approval policies may use to determine how many reviews are required for an action. The role is a user group to which the requester belongs. Since a requester can be a member of more than one group, the Approvals engine examines the approval policies for each group to which the requester belongs. When conflicting approval policies are found for a user with multiple roles, the Approvals engine uses the policy that requires the lowest number of reviews.
Components of Approvals
Approvals consists of an engine component and a browser-based user interface component. The user interface allows a user to manage approval requests and to make decisions for any pending requests that the user is an eligible reviewer for.
These components can be deployed across one or more WebSphere® Application Server instances and to one or more machines. Multiple machines provide for performance management and high availability.