Transcript for:
Business Analysis Case Study - Access Management

in this video I'm walking you through and I will work together with you on a business analysis case study this case study is a very good representation of a possible day-to-day task for a business analyst so what is the case study I have prepared for today it's the following company a is growing rapidly and hence increases the amount of employees as the amount of employees is increasing the company has to take access management more into consideration because it becomes harder to keep an overview on who holds access rights for which application as the company only had five employees this was an easy task but it isn't anymore company a has the need to keep this overview to prevent fraud and other possibilities a group of business analysts gathered this need and came up with a solution that company a needs a software which allows company a to let employees request access rights for an application and also to get the request reviewed by their line manager this process should be digitalized you are hired to come up with a first prototype this here is the whole case study and this is a possible task which might happen for you on a day-to-day basis as a business analyst let's walk through this case study together and work on this the very first thing we need to do is to sketch the requirements Workshop or an interview to really get more understanding of this topic how to do requirements workshops and interviews that's a topic I have created also some content already here on YouTube I will link it down below so also make sure to watch these too but let's say you schedule this meeting and the outcome of this meeting are the following requirements so employees have to be able to request access to foreign application and line managers so second users have to be able to review the request and possible outcomes of such a new review could be either an approval a rejection or rework I think approval and rejection is clear rework could mean that if the laminator says okay do a rework so it goes back to the person who requested it in the first place just to adjust some information then the next requirement could be that the automated download of the approved application and a working role concept can be ignored for the Prototype so our prototype will be a one user only executable software so one user is doing everything so with all these information requirements we can model this business process this workflow with the bpmn standard if you don't know bpmn stands for business process model annotation and it's a worldwide accepted standard to model business processes and workflows also in order to model it and later to execute the business process that's the main value of this video I have a tool here prepared which allows us to do both model the flow and execute it so we can really see how would it look like in a production kind environment in reality for a real user so the first thing I'm doing is I have to create this process right so I'm quickly in this application creating this process let's name it for now access management that's okay for now that's the start of the process so every item you see here basically is part of the bpmn standard right so these two circles that you can see the first one here is a start event so the process is starting and the thick one is the end event the process is ending and like I've said the first step in this process is to access to request the access right so that's an activity in bpmn so an activity looks like this that's a task something we have to do and we can call it request access so the employee is requesting access the next thing is this request could be a form right so the user is entering some information here so we can create a form let's say request access form something like this there was an error because I think I've created this form before but that doesn't doesn't matter so that's now the option to create a form so a mask for the user a user interface and if you think about it okay what is important for the user to enter which information are critical let's say one critical thing is for sure the application right so we want to select an application so this tool here is allowing me to put in to drag and drop some some options how the form looks like and this one is a select single drop down so basically that's a drop down of applications and an image is application and what I can do is I can predefine values so let's say we have three applications to choose from the first one could be let's say PowerPoint so this one then we can have XL and let's say we can have word these three applications for now are okay the user can select from another important information could be a justification right so if you are requesting access for an application you want to justify why that is so we have some text Fields like here the multi-line text I will just drag and drop that in and call it justification now you can see in these fields with these brackets I zoom in bracket bracket a word bracket bracket that's basically the variable name of this field we will need this Rebel variable name later to reference in the flow to this variable and what we could also do is say okay these two fields are required so we don't want to let the user complete this step without also filling some information in here and maybe an other thing we could do we could maybe have a welcome information on top so that's a text display and maybe we just we just call it something like welcome initiator so now these two brackets initiator is again a variable an issue initiator is basically the variable for the for the user who started the process right so we're just welcoming the person whoever is that okay so that's the first form I would say um so let's save it and publish it and see in production how it would look like so click here on publish quickly restarting the application okay creating something new so here you can see the access management process that's the one we just created let me click on this click on continue and you can see the first task request access there is an S missing and if I click on it that's the form we have specified right so welcome team two here you can see my current user is called team two that's why team two is here and I can select an application cool so I can select Excel for example and I can also or have to provide a justification and you see at the top top right this complete button only if I fill in something here it gets activated so I can click on complete and the flow is done here in the history you can see how the flow did look like it was basically just one user task that's the reason why it's done so let's jump back to the flow so now we have the chance to request access or create an access request that's cool the next thing is or the requirement was another person has to be able to review this request and decide if it gets approved or not so we have a second user task and we could call it something like review request right and also here again the user have to input some information so we can create a form let's say review request forms click on Create and here again we can specify a form so what is important for the reviewer I would say to see the same information the requester entered is key for the reviewer so we can drag in again a single drop select single that's the drop down application the re employee requested something like this and now you see here is a different variable name than before I can show you here it was application and as we want to refer to the value here we have to call it the same so what I would do here in the value is just put in application and that's it so we are referring to the already having value then the justification we also want to put in here that was a multi-text color justification the employee entered and also here we want to just call it just defecation cool that's awesome then what we also want to do maybe again showing some text like welcoming the user so we could also call it something like deer then again these variables this what I'm entering here is super dependent on your application that you're using right so here it's current user.display name for me to display the name of the current user that's what I want to do and maybe what I also want to do is I want to say something like um there is a request from and call it initiator just to show from who the request is coming from um yep that's also fine we have the application we have the justification what you could do is you could enable it meaning we cannot enter it's only read only I think this makes sense to keep these fields read only as the reviewer doesn't want to change it just to review it and yeah let's also save this and deploy it so we can have a look in reality how this looks like just refreshing the page trading access management okay let's say we're requesting word I complete this and now you can see the second task got created review request and it says to me dear team two the thing is that's the current use that I'm logged in there is a request from Team 2 and this was the initiator and the application which was which was requested is word I cannot end change it it's great and a justification the employee entered was this one here so we were able to see what the first user entered that's great and fine so that's the flow for now as the requirements also said we have to review it and based on the review we can either approve it reject it or rework and this is basically a decision and these decisions get mostly represented by a Gateway this Gateway is basically a route which helps us helps us to decide which way to go from here right so basically you can imagine in code an if condition and if conditioned to decide where to go and as we've said if it's approved we have a different one then if it's rejected so what we could do also here in this review request form we can specify the outcome so for example we have here the outcomes field and outcomes could be like you could you could imagine buttons right so you have a form enter information and then you have three buttons like approve reject and rework three buttons to decide what the next step is so here in outcomes we can enter these so let's say I'm just adding three items very brief and the third one is a rework something like this and we click ok so we have three possible outcomes of this let's save it again and let me show you how this would look like access management again we put in some weird information and now you can see here are three outcomes approve reject and rework so right now all these three things do the same so there's no logic but we can now implement this logic so here in this Gateway let's click on the sequence here and here on the right side it asks me for a condition so what is the condition the if condition and like I've said if the outcome of the review request form right this is this one here equals approve so now you can see the options right if the outcome is the clicking of approve button then we just want to say request approved so that's the happy case right there could also be different variations so we can say Okay [Music] um do it something like this so it looks pretty good okay so in this flow what is the condition here we could say again so review request forms equals now reject right so that's the second option then we can say request reject it we can also name the sequences so it looks a bit more better like rejected approved we can also name this Gateway like outcome of review let me make that a bit more beautiful like this and there is a third option the rework and the rework could basically just be here an arrow going back to the request access task so the thing we need to do is we also have to put a condition here but as you can see there is a default flow variation this means if approved and rejected both are not true then we go with the default flow meaning rework and that's the business process here let's also again save it and publish it and see how it would look like in reality I'm again Opening Our access management application so let's say we are requesting PowerPoint I like PowerPoint we complete this task now we have to review it and we can see the employee is requesting PowerPoint because he or she likes it let's say that's not good enough for us we can either rework or reject it let's say for now we just want to reject it that's okay as you can see the whole business process is done and here in the history you can see here marked in blue we had the request access we reviewed it and we went to this end event so basically it's rejected now let's also test the other paths so we could say okay this time I'm requesting axel I need Axel for my work and send this request now we can review it and then we say okay that's fine for me let's approve it and here in the history again we can see it's now the happy path it is approved the very last last option could be the rework so let's go to the point where we can rework it so we say here click on rework and now you see the request access task is back right so if I click on it again I can see what I've entered in the beginning I've entered Microsoft Excel and this justification better justification let's do it like this we can complete it again we have the review but first let's have a look in the history and here we can see we went to this Gateway and we went back so basically in these last couple of minutes what you have seen is based on the case studying the requirements we have built a prototype a first prototype which is matching the requirements modeled in bpmn so as standard and executed here in the tool which is called in this case flowable to execute bpmn in real time for a real project I hope you liked this case study let me know in the comments below thanks take care bye