Managers sometimes use the ‘four-eye principle’, also known as the ‘two-man rule’, to provide a stronger control mechanism than a. This article shows you how to enforce the rule in an executable business process for ‘four-eye’ approvals, using Signavio Workflow.
To start, consider a simple approval, where a ‘reviewer’ must approve or reject a proposal. This process starts with a ‘Review proposal’, to choose between the ’s ‘Approve’ and ‘Reject’ options.
In this workflow, the process model assigns the ‘Review proposal’ task to a ‘Reviewer’ role (not shown on the diagram). This reviewer gives you the first two ‘eyes’, so you still need another two eyes on the proposal.
Adding a second approval
To use the four-eye principle in ‘four-eye’ approvals, you need to add a second approval task to the workflow, for a second reviewer. The model now duplicates the pattern of a ‘review’ user task, followed by aexclusive gateway.
The process model now has two review tasks, which it assigns to the‘First reviewer’ and ‘Second reviewer’, respectively. However, this workflow unnecessarily constrains the two reviews/approvals to happen in sequence, instead of creating both review tasks at the same time.
Use a(parallel gateway) to allow the reviewers to complete the two approvals in either order. When you run this process, you want the ‘First review’ and ‘Second review’ tasks to be created at the same time, so you can complete either one first.
To make this work, this model must change the ‘Approved?’ exclusive gateway from a manual decision to an. The process model requires this because the exclusive gateway does not immediately follow a single user task.
To change the double-approval to an automatic, first add the decision as a Yes/No field on each approval task’s form.
Next, configure the exclusive gateway to make an automatic decision based on the two review tasks’ approval fields, called ‘First approval’ and ‘Second approval’ in this example. Under ‘Decision type’, select ‘Automatic’. Then add two conditions to the approval case, one for each approval field. Set the Rejection case as the default.
Now you have a workflow with two parallel approvals. However, you have not finished yet because although this process supports the four-eye principle, it doesn’t enforce it. You would still be able to assign the ‘First reviewer’ and ‘Second reviewer’ roles to the same person.
Enforcing the rule for ‘four-eye’ approvals
Using the four-eye principle for approvals has two requirements:
- You need the double-approval workflow from the previous section.
- You must enforce the four-eye rule, by making sure that you cannot assign the two reviewer roles to the same person when you execute the case.
To ensure separate reviewers, assign both roles and then check that the assignments differ. First add a new ‘Assign reviewers’ user task at the start of the process, to assign the two reviewer roles using two User form fields, called ‘First reviewer’ and ‘Second reviewer’, respectively.
Next, add an exclusive gateway after the ‘Assign reviewers’ task, and configure it as an automatic decision that checks that the two reviewers are not the same person. Add a ‘does not equal’ condition for the ‘First reviewer’ field, and instead of a fixed value use the field link button to select the ‘Second reviewer’ field.
If the two reviewers are the same, loop back and create an ‘Assign reviewers’ task again, so you can correct the problem. The model now has a new pair of exclusive gateways at the start.
The final process model now enforces the four-eye rule and includes two review tasks.
If you want, you could add a read-only Text field called ‘Message’ to the ‘Assign reviewers’ user task form, and use that to show the message ‘The two reviewers are the same, which isn’t allowed’ to the form. To automatically set this validation error message value, use a.
Fine-grained workflow control for everyone
This ‘four-eye’ approvals example introduces more complexity than a simple approval workflow. However, each step in setting this up only makes a small change that builds on the previous step. This makes a change that would normally require custom software available to everyone who can model a workflow.
Try out your own ‘four-eye’ approvals and other custom workflows today:.