Compliance Check for Originator Approval - Automate_Studio_Manager - Latest

Automate Studio Manager Guide

Product type
Software
Portfolio
Integrate
Product family
Automate
Product
Automate > Automate Studio Manager
Version
Latest
Language
English
Product name
Automate Studio Manager
Title
Automate Studio Manager Guide
Copyright
2024
First publish date
2018
Last updated
2024-07-22
Published on
2024-07-22T13:20:59.472887

To further strengthen SOX compliance for processes created with Winshuttle products, we introduced a compliance check for originator approval. The compliance check ensures that an originator is unable to approve their own tasks (unless dictated by the workflow solution design).

Description

We introduced the “ComplianceCheck” key to implement this compliance check. The key will have one of the following two values:

Value: 1 (Default) – Originators will never be reassigned to their own tasks.

Value: 0 – The feature is turned off.

The following scenarios will be checked for compliance:

  1. Approval type tasks cannot be reassigned to the originator from task assignment features such as Workflow Participant control, Process control, Excel Add-in reassignment, standard workflows, and Out of Office Delegation.
  2. If the admin is the originator:

    • She cannot Complete, Approve, Reject, and/or Reassign a process’s open assignments from the Edit Assignment page. She can however perform these actions on her own open tasks, from the My Tasks page.
    • She cannot change future assignments of this process from the Edit Assignment page.
    • She cannot Reassign a process’s open assignments from the Operation > Tasks Page. She can however perform that action on her own open tasks, from the My Tasks page.
Note:

Note: If the admin is an originator, she can still Force Approve or Force Reject these processes – just not the tasks (as mentioned above).

And if the admin is not a process originator, the admin can reassign a process’s open assignment (including her own task) to anyone – including an originator.

Compliance check for delegations

  • When a delegated user is an originator, the task will be created for the original user during reassignment. An “OOODComplianceCheckFail” notification is sent to the admin for the same.
  • When a delegated user does not have access to the app within which a task is being assigned, the task will be created for the original user only upon reassignment. An “InsufficientPermissionforDelegation” notification will be sent to the admin for the same.