2 Eyes- 4 Eyes- 6 Eyes Principle
Blog: ProcessMaker Blog
Many industries deal with large sums of sensitive data regularly, and two of the most crucial operational risks include error and fraud. As a result, we want to discuss the 2 Eyes – 4 Eyes – 6 Eyes principle, which centers around the segregations of duties, also known as “duality.” When thinking about preventing mistakes, the principle postulates involving multiple people – or automation – throughout the life cycle of a data process transaction to mitigate unnecessary risk. What are the 2 Eyes – 4 Eyes – 6 Eyes principle? Continue reading to learn more.
Describing the 2 Eyes – 4 Eyes – 6 Eyes principle
Within the “duality” principle lies the idea that a minimum must approve any decision, transaction, or sensitive process of two people. A principle that has roots in the banking sector, it offers risk mitigation benefits for any industry. Further, it is powered by automated electronic approvals and workflows to ensure process efficiency and quick decision-making. At the same time, you can achieve effective monitoring capabilities and overall control. Moreover, it is one of the advantages when utilizing business process management (BPM) factoring in intelligent automation.
Putting the principle to work
Our example DevOps implementation will focus on the software delivery model of a continuous integration and continuous delivery (CI/CD) mechanism. It’s not essential how that is precisely implemented as many organizations have many different components in use to achieve the same results, automated delivery of software into production.
Let’s look at a software delivery model using continuous integration and continuous delivery (CI/CD). Every organization has its unique method for implementing various components to achieve their desired results. With the 2 Eyes – 4 Eyes – 6 Eyes principle, you would incorporate a rule engine to apply automated checks and automated update approvals within the CI/CD pipeline. So then, the second set of eyes are provided by intelligent automation. And, of course, you can certainly add 4 eyes, and then 6 eyes. Now you can enforce your rules with user-friendly and executable BPM that alleviates your human workers from time-consuming and repetitive tasks.
In another example of a simple approval, say a human reviewer is responsible for approving or rejecting a proposal. The human reviewer would be the first set of eyes. Who will provide another set of eyes? Who is responsible for quality control checks and a second approval? Well, by way of this principle, intelligent automation can give the second approval.
To implement the 4 eyes aspect, you wouldn’t want to assign a double reviewer role to one person. For enhanced fraud and error prevention, reviewers must have different assignments and, even more so, come from various departments. Not only does this principle work in the office, but it can genuinely achieve quality control when employees work from home.
Here is another illustration of using duality in banking where a front-office employee transacts a loan and enters it into a specified system. Automation can provide instant checks whether the loan contract breaches any limits or bank policies. Another confirmation can be automated to determine if the loan data matches what was entered by the front-office employee before disbursing any funds. Due to this type of business process’s complexity, it is quite likely a human worker can make a mistake. The good news is intelligent automation can provide the 2 eyes, 4 eyes, and 6 eyes you need to retain accuracy and data quality while minimizing risk.
Detailed workflow and process control
Invariably, the 2 Eyes – 4 Eyes – 6 Eyes principle can make a process appear more complicated with the addition of reviewers. Since multiple reviewers can and should be automated, it only requires a simple configuration within your workflow design.
Try out the 2 Eyes – 4 Eyes – 6 Eyes principle within your organization; contact Processmaker today for a consultation.