Case Study Risk Control Framework for Business Process Assessment
www.brainvire.com | Š 2013 Brainvire Infotech Pvt. Ltd
Page 1 of 1
Client
Requirement
The application is a web-based system for online assessment of various business processes under respective units. It is also used for monitoring the tasks of individuals in an organization. The system hierarchy is categorized based on companies under the various Group Companies. It also allows viewing the reports based on various aspects which will help to take corrective measures for any process failure under specific units. The system is based on Client/Server architecture. It is divided in different modules and categories. The client-defined purpose of the application is for audit department of the organization to assess the risk factors and review and rate the level of risks associated in each business processes across various divisions in a company. Client required the modules for application as follows. Each section is accessible to the users based on authorization and authentication:
The Home Screen acts as a dashboard for admin users that shows 2D charting representation of data at macro level and data access screen for external users.
Master Data management section allows admin users to set up the master information and also to external users to view the authorized details. User management section is accessible only to admin users.
The Risk Assessment is a transactional module and accessible to the users based on authorization.
Action Plan allows setting an action and deadline for failed processes.
Reports section helps the admin and management users to analyze the status of the each business process across various divisions for particular companies.
The users are categorized based on various roles. Each role is associated with different modules of the application. The modules have View and Edit permissions associated with it. The Risk Assessments should be conducted as per authorizations. The auditors can set the ratings for business processes under units and for risks which are associated with it. The auto generated business process score and ratings based on the assessment by the users will be used by the auditors to review the state of business processes and set necessary corrective Action Plans. The Reports should be allowed to download in either Excel or PDF formats.
Project
Challenges
Team faced the following challenges:
Generating animated chart representation with Drill down features to enhance the analysis and decision making process.
Allowing users to download formatted reports in MS Excel format and PDF format using 3rd party APIs such as POI & iText respectively.
Developing enhanced views in database to ensure the aggregated data from disparate data resources and generating group results. www.brainvire.com | © 2013 Brainvire Infotech Pvt. Ltd
Page 2 of 2
Harmonizing the simultaneous execution of various integrated features and options while maintaining consistent load balance.
Developing a fully AJAX-driven site with various features without compromising at the performance and execution level.
Ensuring safe and secure login of users while integrating external web services and JavaScript compatibility for all browsers.
Developing a sturdy and dependable framework to support the real-time updation of content on the site.
Technologies Operating System & Server Management
Development Tools & Environments
Used Windows OS, Multi-Server Architecture with Staging & Production Environment through Version Controlling releases, Server Optimization, Security & SSL Implementation, Scheduler for Back-ups, Alert Monitoring System Integration, Server Performance Tuning at regular intervals, Software Firewall Configuration & Maintenance Eclipse, JSP, Servlet, JDom, Apache Tomcat Server 6, HTML, CSS, JavaScript, SVN, POI, iText etc. Oracle 10g Database Server, DB Clustering, DB Optimization, Master Slave Replication, Query Optimization, Scheduler for Backups
Database
Manpower Project Leader
1
Developers
3
Designers
1
Quality Assurance Testers
1
www.brainvire.com | © 2013 Brainvire Infotech Pvt. Ltd
Page 3 of 3
Planning The following four-tier development approach was adopted to equip the site with numerous features and functionality mentioned below:
The Database Layer containing Oracle 10g Database, Tables, Triggers and so on.
The Data Access Layer containing the Data Access Objects responsible for accessing the data from the database.
The Business Layer Objects consisting of all the business logic procedures for modules such as Reagent, Protocols, Facilities, Timer, Profile and Message Center, Account Settings, Network etc.
The User Interface Layer that forms the Graphical User Interface of the website.
Architecture
Development Highlights The RCF application is based on MVC Architecture consisting of three parts: JSP UI, J2EE Server and the Data Sources. In addition to these, the user logins are verified by external web services of the client.
www.brainvire.com | © 2013 Brainvire Infotech Pvt. Ltd
Page 4 of 4
Details of Servers
T CP/IP
The application is hosted on the cloud server instances with cenTOS. The heart of the application is the Tomcat app server. The web application is hosted on the WebApps folder. The code for the website is served by the WebApps (/Program Files/Apache Software Foundation/Tomcat 6.0/webapps) and the services for the user’s login are handled by the Web Services located on the Servers. The application uses JSP and Servlet technologies and Oracle 10g for business logic wiring and database access. Application connects to DB Server through TCP/IP Connection based on the Socket Architecture. It uses Type4 driver to connect to the Oracle Database. Connection with the application server is managed by a dedicated server architecture where multiple instances will be created to serve each connection requests in order to fasten the response. The application follows a Service-Oriented Architecture that exposes login services in the Java Services layer. All remote method calls originating from the JSP UI are processed by the Tomcat Server engine which then utilizes one or more Java Services. Calls such as login, post chart and subscribe which originates from the HTML pages are processed by the JSP/Servlet layer that further uses the Java Services. The login data for users is authenticated with the help of Web Service access. The Web Service is hosted on the Application Servers. J2EE Application Server communicates with company’s Application Servers for authentication and authorization through these web services for the users.
www.brainvire.com | © 2013 Brainvire Infotech Pvt. Ltd
Page 5 of 5