The capture of items within a Operational Risks Management system should kick off a process with clear allocation of roles and responsibilities. This is the area where most organisations will differ; whilst at a high level there will be similarity in organisation structures and processes, the details will differ markedly and indeed, an organisation is more likely than not to change both its structure and its approval processes over time.
Powerful and Configurable Workflow
This is where Optial’s powerful and configurable workflow component comes in, to provide an organisation with the flexibility it needs. The Optial workflow engine provides the framework to map the business process for loss events, risks, controls, audits, etc (in fact every item in the Optial system has its own workflow definition) into a series of steps and flows with associated business rules logic.
Texts, graphics, steps and flows in the process are fully configurable. A simple process can be extended and refined by the use of standard Optial features including alerts, timeouts, escalations, automatic closure of items and setting automatic read-only upon finalisation. Any number of steps and flows are supported. The progress of each step of the workflow is displayed on the View page, by including read-only fields for status and the person to whom the event is currently assigned.
Optial’s powerful and configurable workflow engine supports controlled status assignment, approvals, escalation, flagging, overdue processing, email notifications, automatic assignment based on roles as well as manual override. Status-driven rules can be set up to provide specific business functionality, e.g. when to make fields mandatory and who can view or edit an item.
Roles for Workflow
Roles for workflow determine which user is assigned to an object during the course of the workflow. By virtue of being assigned to a workflow role, the user gets automatically assigned to items as per the workflow configuration.
For example: A user who plays the role of a risk officer in a business, inherits all the access control configured for a risk officer that is contextual to the organisation unit where the role exists, and also gets assigned to tasks automatically as per the workflow. This ensures accountability of tasks to be performed, and also provides transparency to management about the ownership of various tasks in the system.
Email notifications can optionally be configured to alert users to the items that are now assigned to them or are becoming due or overdue. The user will receive an email notification containing the URL of the item to be addressed. Clicking the URL will take the user straight to the item requiring attention.