Workflow Management System (WMS) today form an integral part of any Enterprise Content Management (ECM) System. Simply put, a WMS allows an administrator to create a set of rules which govern the flow of work within a process. “Work” typically moves with a set of documents in tow.
For instance, an invoice passes through an approval process and then is routed to the accounts-payable department. Dynamic rules allow for branches to be created in a workflow process. An example would be to enter an invoice details and depending on the amount the workflow follows different routes.
In a lot of cases “work” means making changes to editing / approving documents, images and drawings. As the workflow moves from one person to another, the copies of information locally downloaded tend to remain on the local computer. The user has complete control on this information and can view, edit, print, copy content from the data and use it is unintended/malicious purpose even after the workflow has moved on to a new state. This is undesirable since the confidentiality of the data might change as the workflow progresses i.e. A listed company is announcing its quarterly results. As the results are compiled the documents become more and more confidential. After the results are announced the information becomes publicly available.
In an ideal case the confidentiality attached to the information should change as the workflow progresses. In an individual step of the workflow the person who is expected to do the work should have specific rights required to do the work i.e. view, edit, print, copy-paste, etc.
Click on image for enlarged view
Information Rights Management (IRM) combined with a WMS system can help enterprises achieve this. The administrator can give selective rights to users of a workflow depending on their role and also control the rights of users automatically as the workflow moves from one person to another. Let’s consider a simple workflow of document editing (A) -> verification (B) -> approval & printing (C) ->Archival (D). When the WMS is integrated with IRM user A can be given view + edit rights only, user B can be given view only rights and user C can be given view + print only. Additionally, as the workflow moves from one user to another, their access on the downloaded document can automatically be enabled or disabled irrespective of where the document is residing (i.e. on the computer, removable media, etc). For instance, when the workflow moves from state A to state B, A’s original rights (view + edit) on the document can be automatically rescinded. The below diagram gives a diagrammatically view of the above process the way IRM can dynamically control the rights of users on the document as it flows though the workflow.
Apart from controlling the usage rights of users on document in a workflow, the IRM system also maintains a complete report of all the activities performed by different users on the document. A complete history of Who (users) has done What (view, edit, print, copy-paste, print-screen, etc) with the information, When (time) and from Where (location and computer) is completely tracked and logged. This helps organizations comply with regulatory and compliance norms like ISO 2700-1, PCI, HIPPA, etc.
IRM systems can thus add tremendous value to workflow systems. A judicious decision on defining the correct usage rights that users should have at any given state helps reduce intentional and un-intentional loss of information and in the end reputation of the organization.
Posts
0 comments:
Post a Comment