3 neospin overview
TRANSCRIPT
NeospinTM
Overview
2015
pg. 2
Table of Contents
NeospinTM Overview ....................................................................................................................................................... 3
1. General Information ......................................................................................................................................... 3
2. Sagitec Tool Sets ............................................................................................................................................ 15
3. Security ............................................................................................................................................................ 26
4. Reporting ......................................................................................................................................................... 29
5. EDMS Integration ........................................................................................................................................... 31
6. Correspondence ............................................................................................................................................. 34
7. Workflow - BPM .............................................................................................................................................. 35
pg. 3
NeospinTM Overview
1. General Information Sagitec’s proposed Neospin™ solution is fully Web-based. We have certified it on current versions of Internet
Explorer, Netscape, Safari, and Chrome. Neospin™ uses HTML or XML to declare and generate its user
interface (UI). The image presented in Exhibit 1 –Web Presentation Architecture, highlights the presentation
components of our solution.
Exhibit 1 –Web Presentation Architecture
Since 2013, our presentation layer features the Model, View, View-Model (MVVM) architectural pattern. MVVM
is a specific implementation targeted at User Interface development platforms that support the event-driven
programming in Windows Presentation Foundation (WPF) on the .NET platforms using XAML and .NET
languages. MVVM facilitates a clear separation of graphical user interface development (either as a markup
language or GUI code) from the business logic or back end logic (known as the model) development (also
known as the data model to distinguish it from the view model). MVVM was designed to make use of data
binding functions in WPF to promote the separation of view layer development from the rest of the pattern by
removing virtually all GUI code (“code-behind”) from the view layer. Instead of requiring user interface (UX)
pg. 4
developers to write GUI code, they can use the framework markup language (e.g., XAML) and create bindings to
the view model, which is written and maintained by application developers.
Integration We define ‘integration’ as “near real-time collaboration” between Neospin™ and external systems. This is
different from ‘interfacing,’ which is a file exchange between Neospin™ and external systems. By design,
Neospin™ supports a wide variety of integration protocols and techniques (APIs, SOAP and RESTful Web
Services, Remote Procedure Calls, and more) to accommodate the constraints associated with various external
systems.
Neospin™ supports integration mechanisms that expose Neospin™ LOB services to external applications as
well as consume services from external applications. Sagitec implements and exposes application
programming interfaces (APIs) using Web Services. Any Neospin™ data or method can quickly be exposed as a
Web Service using the ASP.NET WebAPI.
In some instances, Neospin™ populates Integration Objects from Web Services. Integration Objects often serve
as wrapper classes of an integrated system. Integration Objects are powerful because they can create
composite business services. Composite services consist of functionality drawn from various sources that
create a super-set service.
For most customers, we recommend point-to-point integration and do not rely on an Enterprise Service Bus
(ESB). We make this recommendation because the integration points are few (less than 10) and performance
requirements prohibit the effective use of an ESB.
A view of our integration architecture is shown in Exhibit 2 – Neospin Integration Architecture.
pg. 5
Exhibit 2 – Neospin Integration Architecture
We have successfully integrated Neospin™ with dozens of external applications including commercial software
applications (e.g., financial/accounting, enterprise content management, address validation, etc.), legacy
administration systems, and third-party administrative solutions.
Neospin™ can integrate with other systems via exposed API using SOAP-based Web Services. By design,
Neospin™ supports a wide variety of integration protocols and techniques (APIs, Web Services, Remote
Procedure Calls, etc.) to accommodate the constraints associated with various external systems. For legacy
systems that don’t support Web Services or APIs, file interfaces are typically used to support integration.
Neospin™ is database-independent. Our persistence layer can connect to any relational database. Neospin™ is
built on top of .NET and uses ADO.NET to communicate with the underlying database. The Framework includes
integrated Object-relational mapping (ORM). You do not need to purchase any middleware licenses for
accessing the underlying database.
A typical Neospin™ database has roughly 350 tables, 20 views, and less than 15 stored procedures. Neospin™
is designed to the Third Normal Form with selective de-normalization to improve performance. In general, we
used the database for persistence only, and do not set application logic in stored procedures because it
complicates maintenance. More importantly, our architecture does not need stored procedures for database
performance, except in select activities.
Sagitec offers robust information architecture for storing, managing, and accessing your structured and non-
structured information. Our information architecture is implemented using an “Information Aggregation”
business pattern that allows users to access and manipulate data that is aggregated from many sources (LOB
database/metadata, ECM metadata, reporting database, knowledge management system, etc.).
pg. 6
We developed the Neospin™ data architecture using patterns that provide a consistent way to persist
application data using ADO.NET.
ADO.NET provides:
• A structure that allows us to communicate with local and remote data stores (RDBMS, Flat Files,
Mainframe, XML, and others)
• Generic libraries for ODBC and OleDb
• Intrinsic support for XML
• Focus on both connected and disconnected systems
By design, Neospin™ is database agnostic. Sagitec can implement or port Neospin™ to any number of
relational or object-oriented databases without incidence. At Kansas PERS, for example, a single XML
configuration file allowed Neospin™ to switch dynamically from DB2/400 to Microsoft SQL Server without
users experiencing any difference in the performance of the application. Further, we accomplished this without
any software recompilation or performance degradation. This is remarkable when comparing Neospin™ to our
competitors’ offerings. Most of our peers make extensive use of PLSQL, stored procedures, and triggers, which
bind them to specific databases and brittle software architectures.
Database independence is important even if you already have investments in Oracle. We
know you want to provide best-in-class services to your members at a moderate total
cost of ownership. Solutions built with database-independence in mind give your team
better financial control to manage change and respond to market conditions. With
Sagitec, you can easily change your database platform if you become unhappy with
product performance, licensing terms, or support and maintenance costs.
By way of comparison, several of our COTS competitors offer solutions tightly coupled
to the Oracle database platform. Their software simply does not operate on another
platform.
The Neospin™ (anagram for Pension) solution is built on top of a Sagitec Framework, which is a domain-neutral
technology architecture designed to mitigate the risk of technical obsolescence and simultaneously respond to
rapidly changing business requirements.
The Framework is an ‘n-tier’, component-based, object-oriented software architecture built on top of Microsoft
.NET. Featuring a reusable set of stacked architectural layers, the Framework simplifies maintenance and
fosters the reuse of “black box” services, allowing developers to focus on delivering business outcomes. It
allows for high-quality software implementation without restricting the ability to target different requirements.
Additionally, the Framework dramatically improves your ability to evolve your solution quickly, safely, and
continuously in response to plan design or policy changes.
Key benefits of our n-tier architecture include:
pg. 7
• Componentization - Dividing software into logically isolated pieces make it much easier to modify,
extend, or replace without breaking or recompiling client side-code.
• Database Independence - Changes in the underlying database and data access methods do not affect
any other layer. We have run Neospin™ successfully using DB/400, SQL Server, DB2, and Oracle.
• Location Transparency - The client application is unconcerned and unaware of where data comes
from. Neospin™ exploits the full benefits of distributed, multi-tiered software. This ‘n-tier’ architecture
design separates software into layers, thus simplifying maintenance and fostering reuse.
Separating the technical architecture (Framework) from the line-of-business solution (Neospin™) means
technology can evolve free from solution constraints. This separation provides freedom for the underlying
domain specific business rules, business process, data, and User Interface. This allows both the Framework
Layer and Domain Layer to evolve independently without affecting each other.
This has multiple benefits for you, your project, and your solution:
The pace of evolution quickens,
Project timelines collapse,
Total cost of ownership goes down, and
The long-term viability of your solution expands (i.e., your solution resists technical
obsolescence).
The Framework layer can be upgraded periodically to keep up with the technological changes without
affecting the domain layer.
We produce significantly fewer lines-of-code than our competitors. We achieve this by offering our clients a
fully-featured, externalized business rules engine, an externalized business process modeling and execution
engine, and a design studio for generating Web forms, data binding, correspondence generation, and interface
file management. Fewer lines of code mean fewer intrusive software changes, reduced regression testing,
improved performance, and improved agility. While most of our competitors are busy re-coding their systems to
untie the rules they implemented for earlier clients, we’re able to focus more time on your unique business
problems.
The remainder of this section describes the Sagitec Framework layers from an application architecture
perspective. We present it with a conceptual view of Neospin™ in the next picture.
pg. 8
Exhibit 3 - Framework Layers
Layer 1 | Sagitec Enterprise Framework Services
This layer includes a set of ‘black box’ services that provide the underlying implementation of the software
architecture. The term ‘black box’ refers to objects or services characterized only by their external interface
behavior. It includes both runtime and design-time environments supported by a set of tools.
Microsoft intended from the very beginning to make the .NET Framework extensible for solving specific
problems. Extensibility only means that Microsoft built the .NET Framework with the ability to add new features
without disturbing existing code. Taking Microsoft’s lead, Sagitec’s entire approach to solution development is
to build reusable, extensible services that achieve agile applications for our clients. Sagitec extended the .NET
framework by implementing two significant components: Sagitec Framework Engines and Sagitec Studios.
pg. 9
Exhibit 4 Framework Engines
The Sagitec Framework implements a set of engines that provide foundational services to line-of-business
solutions such as Neospin™. Sagitec Framework Engines offer significant benefits to you because they:
• Implement Application Foundation Services - Application foundation services represent the physical
implementation of software architecture. It allows project teams to focus on ‘what’ to do rather than
‘how’ to do it.
• Implement Development Standards - Framework Engines are not code generators. They implement
coding standards by moving the majority of business logic into XML metadata using advanced tools
including Sagitec Studios. XML provides a flexible way to create common, standards-based
information formats and share the format and data.
• Reduce Lines of Code - Bloated code is the root cause of most software problems. Framework Engines
eliminate lines of code by acting as XML metadata interpreters. The engines facilitate a metadata
foundation that reduces software code compared to traditional software programs. The metadata
foundation makes Neospin™ agile, organic, and easy to upgrade to newer versions.
Enterprise Framework Services
pg. 10
Batch Engine Operates as a ‘helper’ service. This helper service acts as a separation layer that
populates (loads) objects through published interfaces. This service exploits the benefits
of asynchronous, multi-threaded processes to ensure that batch processing is executed
any time.
Business Services
Engine
Powers the Neospin™ Business Service Tier. This engine is the heart of every Neospin™
LOB solution. Service requests initiated by users (internal or external), integration
services, or batch programs funnel through this service tier and engine. Service
requestors communicate with the Business Services Engine through the WCF
architecture, HTTP, or Web services communication protocols. In turn, the Business
Services Engine calls Data Services, retrieves database information, and sends business
or integration objects using JSON format back to each service requestor. App Fabric is
used to cache Business Object instances to speed up access during database
operations.
Presentation
Engine
Web servers host the WebAPI controller and serve the HTML transformed from the XML
through XSLT. The client side architecture is built on Jquery, KendoUI, and a Sagitec
JavaScript UI engine. This provides the necessary architecture to bind data, perform
client-side validation, and client-side caching. The separation of responsibilities between
client machines and Web servers facilitates rapid application development for emerging
platforms including mobile and other handheld device-based applications.
Correspondence
Engine
Works with Correspondence Services and is responsible for retrieving correspondence
XML metadata, instantiating correspondence, invoking business services, creating the
document tracking data, rendering correspondence to the client device, and processing
batch correspondence.
Rules Engine Works with other core engines such as the Business Services Engine, Correspondence
Engine, and Batch Engine to execute business rules that are defined using Analyst
Studio. This is not a code generator. It uses .NET Dynamic Language Runtime (DLR)
technology to execute complex rules, business policies, decision matrices, and
expressions defined through XML.
Process Engine Implements a BPMN 2.0 standards-based BPM engine. The Process engine uses process
maps to orchestrate processes within Neospin™. The same process models drive
workflows (e.g., approvals, parallel tasks, and other processing) and provide a wrapper
for Case Management.
Persistence Engine Handles Neospin™ requests made to any persistence layer. Persistence layers include
any object-oriented, relational, network or hierarchical database, and flat or indexed files.
This layer provides Neospin™ with a high degree of separation from the database and
provides for database independence, portability, and scalability.
pg. 11
Data and
Metadata Cache
Engines
Stores commonly retrieved data that changes infrequently. This service boosts system
performance because it reduces database network traffic. Examples of commonly
retrieved data include system codes, code values, system paths, and system messages.
Any data that shares similar characteristics can be added to the Data Cache Engine. If
any underlying data in the Data Cache Engine changes, we use predefined methods to
refresh the cache.
Exhibit 5 Enterprise Framework Services
Layer 2 | Neospin™ Enterprise Application Management Services
Neospin™ Application Management Services represent the realization of different Framework Services through
a combination of services and user interfaces.
Exhibit 6 Application Management Services
This layer contains another set of ‘black box’ components that are configurable, but do not typically require
custom development. The term ‘black box’ is used to describe hardened technical assets that are proven and
typically do not need testing unless they are changed.
Enterprise Application Management Services are described in the table below.
pg. 12
Sagitec Enterprise Application Management Services
Report/Analytic
Services
Provides services for storing, organizing, displaying, and retrieving reports created in the
run-time version of SAP Business Objects.
Content/MS
Office Services Provides required functionality for users to define, manage, and implement
correspondence using Microsoft Word. It supplies the underlying framework to export data
to Excel and provides mechanisms for using inline SAP Business Objects.
SharePoint
Services
Represents a pre-built environment for authoring, searching, retrieving, viewing, and
editing SharePoint content from Neospin™.
Imaging Services Represents a pre-build environment for searching, retrieving, viewing, and editing ECM
content from Neospin™.
Audit Services Supports the implementation of audit history functionality. Audits can be placed at the
column level of any table, and audits can be assigned to tables, users, or security roles.
Directory Services Represents a pre-built environment for integrating Neospin™ with Active Directory to
manage identities and relationships for authentication and authorization.
Security Services Supports the implementation of application-level security for Neospin™. Administrators will
create users, assign them to roles, and define the system resources assigned to each role.
Neospin™ supports security down to the file level, including the ability to hide or mask
fields based on the security profile.
Administrator
Services Supports systems administration activities, such as establishing file and printer paths,
setting code titles and user messages, managing templates, setting archival parameters,
and others.
Testing Services Represents a pre-built design and execution environment to support end-to-end functional
testing including unit, systems, integration, life cycle, and regression testing. This includes
integrated tools for creating, storing test templates, scenarios, and flows as well as a
runtime test execution environment.
Rules Engine
Services
Represents the complex business rules, business policies, decision matrices, expressions,
and test cases that are defined using Sagitec Analyst Studio.
BPM services Represents BPMN 2.0 compliant, predesigned, configurable processes for authoring and
maintaining simple and complex business process without programming using a
combination of Sagitec Design Studio and Sagitec Modeling Studio™.
pg. 13
Batch Services Provides a scheduler with the ability to assign specific system tasks to run on a predefined
schedule and calendar.
Exhibit 7 Enterprise Application Management Services
Layer 3 | Neospin™ Solution Services
This layer includes a set of business services that can be considered as “grey box” because they change with
each client. While many of the patterns and practices are similar between tax collection agencies, we
discovered that the differences in tax calculation, case management, and implementation are often radically
different.
Using Neospin™ is as straightforward as it gets. Everything from Taxpayer Registration, changing tax calculation
rules, assessments and payments, collection and debt management, and managing workloads can be made by
business analysts and administrators.
The following diagram provides a conceptual view of high-level processes followed by a brief description of
each primary process.
Exhibit 8 Tax Services
Neospin™ Tax Services
Taxpayer
Registration
Collect and manage information about NP and LP registrations including demographic,
contact, beneficiary, notes, death data, and more.
pg. 14
Assessment and
Payments Manage and Payment of taxpayers´ liabilities originating from returns, assessment and
various adjustments. Generation of automated assessment reminders
Compliance
Monitoring and
Enforcement
Collect, verify, and maintain Filing compliance, dealing with late filers reminding and
sanctioning, dealing with late payments reminding and sanctioning, and dealing with
defaulted taxpayers.
Collection and Debt
Management
Collect, verify, maintain, and facilitate debt collection, including debt protection
instruments, along with classic collection features such as calculation of penalties,
interest, and management of instalments payment arrangements.
Objections and
Appeals Facilitate comprehensive handling of objection and appeal cases, using case
management integrated with document management and workflow features.
Taxpayer Services Provide static information, Includes publications, exchange of information between
different government agencies regarding a specific user.
Exhibit 9 Neospin™ Tax Services
Layer 4 | Tailored Extensions
This is the layer where specific product integration, legacy bridging, unique requirements, or customized
framework extensions occur.
Tying it all Together
Sagitec extended Visual Studio.NET by creating powerful but simple development accelerators (Studios) that
unify Framework engines with XML metadata and other services. When taken together, these tools form a
Development Suite that allows business analysts, software developers, and technical architects to design,
build, extend, deploy and maintain the solution.
Studio tools are important to you because they simplify technical knowledge
transfer. We developed Studios to help customers maximize their return on
investments by providing a ‘change ready platform’ that embraces business change.
Studios implement complex functions in easy-to use, graphical processes – without
requiring expert-level technical skills. In this way, business users can actively
participate in the software development process and increase your overall capacity
to respond to social, political, economic and technical change.
Currently, we have four Studio tools that stand alone, but work together in an integrated fashion. The picture in
Exhibit 10 Sagitec Development Suite provides a consolidated view of the Studios and describes their main
features.
pg. 15
2. Sagitec Tool Sets
Sagitec Design Studio
Exhibit 10 Sagitec Development Suite
Since 2004, our clients have had the opportunity to use our sophisticated design tool: Sagitec Design Studio
(Design Studio). Design Studio enables you to build new line-of-business Web Forms, create complex data
validation rules, create correspondence templates with bookmarks and conditional logic, and create or
consume interface files. Design Studio is an XML generator that serves as an Integrated Development
Environment (IDE) for binding Neospin™ with Business Objects (including data) during design time. Many
changes can be deployed only by refreshing metadata caches without forcing users to exit the system. Design
Studio allows you and us to be extremely productive without programming.
Exhibit 11 Design Studio shows the user interface associated with building validations for Web forms.
pg. 16
Exhibit 11 Design Studio
Sagitec Analyst Studio Beginning in 2013, our clients have a powerful business rule engine that stores complex logical rules (see
Exhibit 12 Logical Rules) and decision tables (see Exhibit 13 Decision Tables) that are used instead of
programming. Business rules are statements that describe business policies or key business decisions. For
example, business rules include business policies such as auditing policies and approval matrices, constraints
such as regulatory requirements, computations such as tax calculation formulas, and reasoning capabilities
such as proactive communication based on member interactions.
Analyst Studio offers sophisticated functionality, including the ability to define rules and rules sets, test rules
(with or without accessing Neospin™), deploy (bind) rules to Neospin™ Business Objects, and analyze rules.
Rules are written in simple English-like syntax without programming. Once the project is finished, you can
create and manage your own rules with or without involvement from us.
Analyst Studio is optimized for using declarative rules, where you create rules that make declarations based on
facts rather than coding. Business analysts can model and maintain business rules without programming.
Business analysts use expressive statements and simple graphical user interface to design rules. Rules can be
drafted simply by using graphical elements and descriptions, which dramatically improves the understanding of
requirements. After drafting rules, business analysts insert expressions into rules by modeling business logic
(if-then-else).
Analyst Studio also provides a powerful facility for business analysts to test rules (flow and expression) before
rules are deployed. Test values are supplied by the business analyst and stored within the tools. Before
deployment, business rules need to be bound to Neospin™ Business Objects and re-tested. This requires
knowledge of the Neospin™ Object Model, but not programming. Developers will need to add minimal C# to
call the rule from within Neospin™.
pg. 17
Exhibit 12 Logical Rules
Exhibit 13 Decision Tables
Sagitec Modeling Studio In 2014, Sagitec introduced Sagitec Modeling Studio (Modeling Studio) after being selected by Teachers
Retirement System of New York City to implement their pension administration solution. Modeling Studio is our
Business Process Modeling (BPM) framework that allows you model, analyze, redesign, implement, monitor,
manage and automate business processes – again, without software programming. Modeling Studio is BPMN
pg. 18
2.0 standards compliant. Exhibit 14 Modeling Studio shows the design interface for modeling BPM 2.0 process
models.
Exhibit 14 Modeling Studio
Sagitec Test Studio We provide you with a powerful regression test harness for defining test cases and automating test case
scenarios for your Neospin™ solution. Test software and test data are configured to test Neospin™ software
running under various conditions and monitoring its behavior and outputs. It has two main parts: a test
execution engine and test script repository.
Sagitec Test Studio allows for the automation of tests without programming. It calls functions with supplied
parameters and compares desired software results to desired values.
pg. 19
Exhibit 15 Test Studio
We offer you the most robust security architecture available in the market. The Neospin™ security architecture
features fine-grained security, rich audit functionality, directory services, and segregation of duties into a
unified security framework.
• It supports the most recent version of SSL for secure communication between Web servers and Web
browsers, including standards for cryptography such as Triple DES.
• It supports IPSec where applicable.
• It supports the use of S/MIME Version 3 for securing email communications where applicable.
Directory Services allow Neospin™ to interact with system directories. Typically we use the Active Directory
Service Interface (ADSI) to access directories of any network provider. Natively, Directory Services assume
responsibility for traversing and accessing Microsoft Active Directory for authenticating users. This service
extends the Directory Service provided by Microsoft .NET. In the diagram, Exhibit 16 Neospin™ Security Access
Model, we provide a view of our conception application-level security model.
pg. 20
Exhibit 16 Neospin™ Security Access Model
The following list describes some of the unique functional features associated with Neospin™ application-level
security.
• Fine-Grained Resource Security - After defining roles and resources, the administrator binds the link
between the two to security privileges that control whether resources are visible or editable. In
addition, security privileges control whether users can insert, modify, or delete records. Finally, the
administrator applies business rules to security privileges that further constrain security by limiting a
user's ability to modify their own records or block set records (e.g., internal employees, legislators).
• Field-Level Masking - Allows developers to create field-level formats and map them to the association
between a system resource and a user. This means Social Security Numbers, or any other confidential
data, can be displayed only as needed.
• Navigation Tracking - Neospin™ contains internal methods that capture click streams associated with
users (internal and external) to monitor when users view or modify screen data. Managers can use this
data to verify if people are complying with privacy policies and rules.
Neospin™ leads the market in advanced audit journaling and event logging. Our solution captures finely
grained information and preserves a complete audit trail of changes made by users (internal and external).
Because we preserve the relationship between data and member/employer accounts, our solution allows
auditors and supervisors unparalleled flexibility for viewing audit logs.
Key features include:
• Customized Configuration Settings - Allows authorized Neospin™ administrators the flexibility to turn
auditing on or off for specific tables, table columns, roles, or users. For example, managers might
choose to set different audit levels for new employees for quality assurance purposes.
pg. 21
• Storing Before-and-After Images - For transactions identified, Neospin™ captures the “before-and
after” image of the changed data element(s) along with named user ID and date/time stamp.
Neospin™ can also capture additional information such as MAC and IP addresses if needed.
• Advanced Audit Views - Provides advanced audit view capabilities out-of-the-box. Auditors and
supervisors can search for records changed by Employee X or changes made to Account X. Further,
each category has one or more additional search and filter parameters, such as date ranges, employer
IDs, and others.
Because of threats associated with online identity fraud, you need a sophisticated range of authentication
capabilities. In response, we have integrated Neospin™ with Entrust IdentityGuard to deliver a range of
authentication capabilities that provide strong authentication without requiring client-side software, hardware,
or significant changes to the user experience. This includes the ability to identify individuals using one or more
authenticators by leveraging non-intrusive options like IP-geolocation, device, knowledge-based, one-time-pass-
code (OTP) authentication. Physical second factors such as Entrust’s patented grid-based authentication can
be deployed for advanced authentication for reporting agencies, third party administrators, and other partners.
Exhibit 17 Neospin™ and Entrust IdentityGuard shows the variety of multifactor authentication solutions
available to you within Neospin™. For you, we proposed a combination of username and password,
IPgeolocation registration, and device registration as the best choice for authenticating your members and
partners.
Exhibit 17 Neospin™ and Entrust IdentityGuard
Sagitec understands that the life span of technology investments is uncertain. We also know that capital
expenditures for new technology are not easily approved and that you will want/need to get the most out of
your IT investments.
pg. 22
At Sagitec, we believe one of the most important value
propositions of our framework architecture is its ability to
evolve. By enabling modular, incremental evolution as well
as seamless integration with other systems, platforms, and
tools, we provide an extremely effective strategy for
countering the threats of technical obsolescence and
maximizing the life and value of your business solution.
Since day one, we have dedicated ourselves to the
development of software architecture that evolves in
concert with Microsoft’s underlying technical stack. The
clear separation between our technology layer and the
domain layer allows us migrate your solution to newer
technology by providing new framework releases. Proof
point: every Sagitec client has been migrated to Neospin™
4.0. We have never orphaned a client on a platform that is
outdated. Every Sagitec client has access to new, advanced
features associated with Microsoft’s Framework 4, including
new features such as support for asynchronous messaging,
parallel processing, Windows Communication Foundation,
and Windows Presentation Foundation.
The table below shows how our framework offerings have
expanded over the years.
The Sagitec Framework encourages long -
term viability through the following:
With fewer open source, public
domain, or mixed vendor products, our
.NE
T
- based Neospin™ framework
gr eatly reduces the risks associated
with product abandonment.
The underlying framework evolves with
each new release of .NET, seamlessly
incorporating upgrades without
impacting the business functionality
that rests on top of it.
.NET benefits from the onging o
commitment of Microsoft, whose
investments have rendered better,
more stable code.
pg. 23
Area of Evolution Framework 1.0 (2004) Framework 2.0 (2005) Framework 3.0 (2009)
Usability 100% browser based;
Based on ASP.NET Web
forms
Allow user preferences;
Updated Web controls;
Smart Navigation
Implemented AJAX
controls; Seamless
Workflow-driven
processes; CSS styling
Business/
System Management
Manage reference values,
messages, security, etc.;
Batch Process Monitor
Enhanced Batch Monitor
across servers; Integrated
exception management
Implemented Workload
monitoring
SDLC Management Deployed Studio for
designing Web Forms and
Business Rules
(Validations)
Support for designing
Correspondence, Reports,
and interface file layout
Support for Workflow Flow
Diagram design; Studio
support for Prototype;
Automated migration
using Cruise Control;
Automated code review
using Code-Gym
pg. 24
Exhibit 18 Framework Evolution
Exhibit 19 Framework Evolution Continued
Sagitec supports our clients with an obvious upgrade path that doesn’t impose excessive down-line costs or
effort. As our client, you will be upgraded to a new framework release shortly after Microsoft changes their
underlying technology stack. You will then gain access to new features to enhance your line-of-business
solution (such as parallel computing, for example). However, you will not be forced to do so. You’ll be able to
assimilate new features and functions as needed or when they can be budgeted for.
To conclude, Sagitec has no plans to sunset our Neospin™ solution—and we shouldn’t have to. By its very
nature, Neospin™ will survive through adaptation, and thus deliver long-term value and viability to your agency.
Availability refers to an absolute degree of operational continuity during a given measurement period.
Downtime, whether planned or unplanned, brings with it considerable costs.
pg. 25
Our proposed VMware Infrastructure makes it simple and less expensive to provide high levels of availability for
Neospin™. You can increase the baseline level of availability provided for applications, as well as provide
higher levels of availability more easily and cost effectively than competitive solutions. The VMware virtual
infrastructure makes it possible to slash planned downtime, prevent unplanned downtime, and recover quickly
from outages.
• Software Scalability/Availability – Neospin™ is a distributed application, meaning that different parts
of the software can run simultaneously on two or more virtual or physical servers. Since the software is
‘vertically scalable,’ you can deploy multiple virtual servers on a single physical machine and instantly
improve the performance through load balancing. At the same time, the software is ‘horizontally
scalable,’ meaning you can add many thousands of users by simply adding hardware and distributing
virtualized snapshots of the production region across multiple machines. We recommend Microsoft
Windows Network Load Balancing (NLB) as preferred load balancing technology, but content switches
can also be used.
• Hardware Scalability/Availability – Server virtualization provides you with unprecedented flexibility to
add physical servers (aka horizontal scalability) on the fly without disrupting service. Since virtualized
servers are hardware independent, you can choose make, model, and manufacturer based on your
budget and business objectives.
For server failures, VMware High Availability (HA), a component of VMware Infrastructure 3, ensures fast,
automated restart of virtual machines. VMware HA automatically and intelligently restarts affected virtual
machines on other production servers. As part of virtual infrastructure, VMware HA can be easily configured for
a server without dependencies on operating system, applications, or physical hardware.
Storage Scalability – Our proposed solution resides on a storage area networks (SAN). This allows you to
provision more space on-demand as storage requirements dictate. Provisioning space can happen remotely
and quickly.
We have been working with customers to exploit the benefits of virtualization for over five years. We proposed
VMware extensively for your infrastructure, as well as for the Disaster Recovery site hosted at our facilities in
Denver.
The current platform architected by Sagitec provides an environment large enough to encompass not only the
current requirements, but also to encompass the forecasted growth as per the RFP. VMware's vSphere
virtualization platform provides for ease of growth and scalability while maximizing return on investment and
reducing up-front capitalized expenditure.
VMware's vSphere also provides the ability to add the necessary hardware to a configured cluster with zero
downtime and/or impact to the systems. Should your current environment reach capacity prior to end-of-life of
the systems (proposed five years), adding another server or group of servers to the existing cluster (as long as
cross-platform compatibility of CPU and RAM is maintained) will increase the capacity of the VMware cluster
providing the ability for virtual server addition. Given the enterprise level of the SAN proposed, adding more
disk-space requires a minimum of down-time to increase shared storage across the entire environment.
pg. 26
3. Security
Safeguarding Data Sagitec’s security model uses the principle of least privilege throughout the security design process. We
propose to safeguard your data as follows:
• Obtain signed non-disclosure agreements and statements from team members acknowledging their
role in protecting data and adhering to your data policies.
• Restrict access to “red” (production) data to only those people who MUST have access to perform
assigned activities.
• Force project team members to use “green” (scrambled) data to develop and test the solution.
In general, none of your data will be stored on any Sagitec device, including data classified as Personally
Identifiable Information (PII). No PII information will be stored on any local PC (including Sagitec laptops)
without explicit permission from you. Should that permission be granted, we will store the data only in
encrypted format.
We consider any data not available in the public domain to be private. An example of public information may be
an individual’s address, which is easily found and distributed in public records and searchable on the Internet.
Private information is anything that cannot be found through public record searches.
As described previously, Neospin™ can safeguard information from unauthorized access at different levels
using our application-level security model. As a best practice, we recommend that your internal users have
limited access to PII except where they MUST have access to perform assigned activities. PII information
usually stored by Public agencies include:
1) Tax Identification Numbers
2) Names
3) Account numbers
4) Date of birth
5) Email addresses
6) Telephone numbers
We are committed to protecting your sensitive data. We hold to a strict policy of never using email to
communicate information that includes any of your data. We rely on MS SharePoint sites to provide a secured
facility for sharing information. A secured folder on the site is used to store data extracts and files that can be
seen by authorized members on the solution development team. For example, if a Sagitec analyst and the
payroll manager are working on the reconciliation of a parallel payroll test, a spreadsheet may be prepared to
provide this analysis. This spreadsheet will be stored on the SharePoint server, not a laptop or desktop
computer, and the analyst and team members may view it simultaneously from any place. This provides
security and facilitates the use of staff off-site.
pg. 27
Except for the data conversion team, our off-site development centers do not use live data for testing. Data for
unit testing is either created locally with fictitious examples or, if necessary, scrambled through a program we
have developed for such purposes and then sent to the development center.
Security Management As stated previously, Neospin™ provides some of the most advanced security features available in any
administration solution. Designed for maximum control over granting user permissions, Neospin™ security
simplifies authentication (who you are), authorization (what you can do), and separation of duties (who needs
to check your work). It is also completely customizable.
Security configuration begins when an administrator maps users to one or more business roles, such as a
Counselor or Enrollment Specialist. A single person can have one or multiple roles depending on the work they
perform. Next, the administrator maps business roles to one or more system resources, such as screens or
reports. Administrators can roll up system resources or roll them down to a specific field (e.g., Tax Identification
Number on a specific screen).
Authentication Your internal users will be authenticated using Directory Services. Directory Services assume responsibility for
traversing and accessing Microsoft Active Directory for authenticating users. We use the Active Directory
Service Interface (ADSI) to access directories of any network provider.
Your members and partners will be authenticated using Entrust IdentityGuard. For you, we proposed a
combination of username and password, IP-geolocation registration and machine registration, and knowledge
question and answers (challenge questions) as the best choice for external authentication. Neospin™ has
prebuilt Entrust IdentityGuard services and screens to manage Entrust IdentityGuard users. Among others, this
includes Forgot Password, Forgot User ID, Challenge Questions, and User Login Attempts. The Entrust
IdentityGuard Policy module can be used to define the policies such as how many failed attempts to allow,
locking a user, and others.
Encryption Neospin™ supports PGP encryption for data sent outside your organization. Neospin™ also supports AES-256
encryption to protect certain sensitive data (e.g., PII) at rest within your organization. AES encryption and PGP
encryption solutions work together to ensure that your sensitive data is secure.
Neospin™ integrates with Entrust IdentityGuard to deliver a range of authentication capabilities that can allow
strong authentication without requiring client-side software, hardware, or significant changes to the user
experience. This includes the ability to identify individuals using one or more authenticators by leveraging
nonintrusive options like IP-geolocation, machine, knowledge-based and out-of-band, one-time-passcode (OTP)
authentication.
Neospin™ integration with Entrust IdentityGuard for authenticating external users is separate and distinct from
the AD-based authentication for internal users.
As described previously, Neospin™ logs events for audit and security purposes. These logs are organized so
that they are available through Neospin™ screens. Additionally, transactions are logged in a separate
repository. Logged events are tagged with a system timestamp.
pg. 28
Neospin™ audit, security, and transaction logs are stored in a relational database. We also provide a user
interface for authorized users to search audit logs. The Neospin™ solution uses its integrated Audit Services to
support the implementation of audit history functionality; audits can be placed at the column level of any table
and audits can be assigned to tables, users, or security roles. This service allows you to:
• Customize audit logs by process, user, and type of customer (e.g. member, employer)
• Track before and after changes to any data
• Track changes by processes, customer, or user
Neospin™ captures an audit trail of security-relevant information for specific user operations, procedures, and
events. We provide a user interface for authorized users to search, filter, and retrieve specific audit information
by user and/or member.
In general, Neospin™ audit logs are designed to capture security-relevant information; however, the service
may be configured/modified to include any event, including errors. Currently, Neospin™ includes exception
handling mechanisms that capture a snapshot of each error message along with a stack trace and timestamp
for administrators and/or developers to examine.
An especially important feature of the Neospin™ application is the use of Business Objects and associated
business rules. Transactions initiated from various places (e.g., internal portal, online Web self-service portal,
batch process, file process, or a system-to-system Web service), use Business Objects. Business Objects have
a rich set of validations and a well-defined process that allows for consistent transactional performance. Key
transaction validation features include:
• Neospin™ allows multi-level rule nesting and classification of rules into validation levels for interactive
and batch applications.
• Hard errors prevent processing and Business Object persistence, which forces users to correct and
revalidate the Business Object.
• Soft errors allow processing and Business Object persistence, but capture validation messages (e.g.,
warnings) for downstream corrective action.
In each case, Neospin™ stores the Business Object along with associated validation messages. ‘Soft errors’
can also launch error messages that throw Business Objects into a process-based status (e.g., error, warning,
and information). The use of Business Objects allows us to captures error logs including error codes,
descriptions (configurable to your nomenclature), and a trace path.
Detailed answers to these questions are provided in the Section 06 Technical Requirements of our proposal.
Neospin™ inherits the passwords (and therefore, the password policies) from enterprise AD/LADP services
through integration. It is the role of AD/LDAP to enforce password policies for internal users. For security
purposes, we do not store or manage internal user passwords in Neospin™.
Likewise, Neospin™ inherits the passwords (and therefore, the password policies) from Entrust IdentityGuard
for Web Portal users. It is the role of Entrust to enforce password policies for internal users.
pg. 29
4. Reporting Neospin™ includes a robust reporting environment for providing pre-developed (canned) and ad hoc reports.
Our solution provides the ability to create, manage, and deliver both paper-oriented reports and interactive
Web-based reports.
Neospin™ pre-developed reports are designed and provided from within the line-of-business solution.
Neospin™ offers you two types of pre-defined reports: online lookup/results grids and online reports via SSRS.
Online lookup and results grids provide your authorized business users with real-time access to controlled
queries run against your production database. They allow users to select specific search criteria and
dynamically create a query that retrieves the requested data. Result grids can be viewed, sorted, filtered, pivot-
tabled, or exported to Excel.
We use the SQL Server Reporting Services plug-in with Visual Studio.NET to develop traditional “canned”
reports from within Neospin™. These reports may include parameters for narrowing report results and can be
viewed as an online report, or can be printed or exported to a variety of different formats including .PDF, Excel,
delimited, and others. These reports are typically focused on day-to-day operational reporting (i.e. daily
workload for a specific department or workflow queue). Neospin™ comes with a standard set of canned reports
(e.g., Workflow Metrics, Member Account Status Report); however, we expect to modify them to address your
specific data requirements.
To meet your ad hoc reporting requirements, we propose SQL Server Business Intelligence Reporting Services,
which provides a full range of ready-to-use tools and services to create, deploy, and manage reports, as well as
programming features that allow you to extend and customize your ad hoc reporting functionality. We
recommend taking the production data backup periodically into the Reporting DB for creating Ad hoc reports.
We recommend SQL Server Business Intelligence Edition for ad hoc reporting because it:
• Provides comprehensive tools required for Reporting Services in a single package
• Requires minimal training effort to create reports online
• Provides seamless integration with MS-Office products, Microsoft SharePoint
• Includes state-of-the-art features built in to enable Graphs, Maps, Drill-Down Maps, and KPI Measures
• Has a relatively low total cost of ownership
• Can access Oracle DB for reporting
The following diagram provides a conceptual view our proposed business intelligence solution.
pg. 30
Exhibit 23 Business Intelligence
SQL Server Business Intelligence Edition comes standard with a Reports Manager Website that is deployed on
the BI Server. The diagram below shows how Analysis Services data is imported directly into MS Excel where it
can be “sliced and diced” by end users as needed.
pg. 31
Exhibit 24 BI Integration with MS Office
As mentioned above, Neospin™ has been fully integrated with SSRS, providing full-featured reporting that is
straightforward to understand and use. From within the line-of-business solution, users create, view, and print
data-centric reports. Outside of Neospin™, SSRS provides query and analysis tools that allow authorized users to
ask questions, create queries, perform calculations, and share information without having to understand
complex database languages and structures.
Neospin™ reporting/query functionality offers many other ease-of-use features that do not need a higher level
of skill. These include:
• Advanced Search - Provides advanced search parameters that allow users to enter operators such as
“greater than”, “less than”, “like”, and others to perform searches. For example, a user could perform
a LOB query searching for members who were born before 1951 (age 55) and with more than ten
years of service.
• Export to Excel - In addition to predefined “canned” reports, Neospin™ also provides a feature to
export search result data directly to a Microsoft Excel spreadsheet. Once a data set has been defined
and retrieved, Neospin™ allows users to export the results to Excel with a single click. This Neospin™
feature allows users to create ad hoc reports at their convenience and perform analysis on the
selected data within a Microsoft Office document.
• Query Display - On the system’s various ‘lookup’ screens, authorized users will find a tab that lets
them view the actual query executed. This feature lets your IT staff copy the query, minimizing the time
required to build new “canned” reports by eliminating the need to start from scratch. Authorized users
can also make updates to query and execute it directly within the system, thereby returning updated
results in the lookup screen.
5. EDMS Integration We have successfully integrated Neospin™ with a variety of different EDMS solutions. While Neospin™ is EDMS
platform agnostic, we are an Application Specific License (ASL) IBM Business Partner. We have integrated
Neospin™ with FileNet with many clients including the Kansas Public Employees Retirement System (KPERS),
the Virginia Retirement System (VRS), the Missouri Public School Retirement System (PSRS), Kentucky Teachers
Retirement System (KTRS) and the New York City Teachers Retirement System (TRS).
User Perspective There are two primary ways for accessing member documents through Neospin™. When you want to retrieve a
list of all documents related to a member, you will navigate to the Member Maintenance screen and click a
“Search” button. This will return a list of all documents from your FileNet system.
You can open a specific document by clicking on the document link, or you can open multiple documents by
clicking multiple checkboxes and then clicking the “Open” button. Neospin™ automatically opens your FileNet
Viewer, where you will have all of your familiar features for viewing and annotating documents.
In many cases, work will be routed to you through a workflow. To view documents associated with a workflow,
you will go to your inbox and retrieve the work item. From this screen, you will click a tab titled “images”, which
will display the list of specific documents. Again, to open one or more documents, simply click to launch your
FileNet Viewer.
pg. 32
You will also create correspondence from within Neospin™ either on-demand (manually initiated) or via batch
(automated and scheduled). Correspondence is automatically archived in FileNet along with an appropriate
index for search and retrieval.
Integration In this section, we discuss some key integration touch points between Neospin™ and your IBM FileNet platform.
From an integration perspective, all FileNet integration occurs through exposed APIs via SOAP-based Web
Services. The following core services will be used as part of integration:
Upload Object – The upload object service provides a method for manually adding an item to the ECM
repository. Neospin™ will provide an upload screen where end users can choose a file, define some of
the mandatory properties, and upload with a click. Doing so will call this service, which in turn calls IBM
FileNet.
Search Object – The search object needs a function key (e.g., Person ID or Tax Identification Number)
as a search argument. There will be a “Search” button embedded into the Neospin™ search screen.
Clicking this after entering the search criteria will call IBM FileNet.
View Object – When search results are returned, the name of the document will be displayed as a link.
Clicking it will call the View Object service, which in turn will pass the document ID to IBM FileNet, who
will be responsible for opening the document in the appropriate viewer. Documents permissions will be
based on the rights of the users – whose credentials are also passed to IBM FileNet.
Synchronous Object – This object will be invoked whenever there is a change to a Neospin™ table that
requires a change to the ECM, through IBM FileNet. Similarly, whenever there is a change in IBM FileNet
data, FileNet will make a call to Neospin™, which will update the Neospin™ tables.
From a technical perspective, we have successfully implemented Single Sign-on (SSO) for HTTP requests using
Simple and Protected GSS-API Negotiation Mechanism (SPNEGO). SSO for Neospin™ and FileNet will be
achieved through SPNEGO configurations on WorkplaceXT. SPNEGO allows you to negotiate and authenticate
HTTP requests for secured resources in WebSphere Application Servers.
The authentication of HTTP requests is triggered by the requestor (the client-side), which generates a SPNEGO
token. WebSphere Application Server receives this token. Specifically, the SPNEGO Web authentication decodes
and retrieves the requester's identity from the SPNEGO token. The identity is used to establish a secure context
between the requestor and the application server.
SPNEGO Web authentication is a server-side solution in WebSphere Application Server. Client-side applications
are responsible for generating the SPNEGO token for use by SPNEGO Web authentication. The requester's
identity in the WebSphere Application Server security registry must be identical to the identity that the SPNEGO
Web authentication retrieves. An identical match does occur when Microsoft Windows Active Directory server is
the Lightweight Directory Access Protocol (LDAP) server that is used in WebSphere Application Server. A custom
login module is available as a plug-in to support custom mapping of the identity from the Active Directory to the
WebSphere Application Server security registry.
IBM FileNet IBM FileNet P8 family of products provides an efficient, flexible and financially rewarding way of reducing manual
and paperwork by automating and streamlining processes. Achieving these benefits require a collection of
technologies, including an imaging solution, business process management (BPM) capabilities and an enterprise
content management (ECM) repository. High level functions are:
pg. 33
Capture of documents into digital content, interpretation of any necessary coded information, and
storage of the content and associated metadata into the ECM repository.
Security, Storage and management of existing content.
View content, perform annotations and redact as needed.
IBM FileNet Content Manager Version 5.2 manages the identification of an electronic representation of
documents and folders through the use of a class. A class consists of a large number of system assigned
properties and any number of site defined properties. A property is a single data entity of some defined data
type. Each document or folder can exist in one and only one class at any point in time. The data values
assigned to the properties are metadata, that is, data describing other data. In the interest of database stability,
as noted before, there is a desire to minimize the amount of data duplicated between the P8 and application
databases. The intent is to use the document serial number to cross reference between the P8 and application
databases.
IBM FileNet is a JAVA based application that needs to run under a traditional J2EE application server.
IBM WebSphere Application Server Version 8.5 is a proven, high-performance transaction engine that can help
build, run, integrate, and manage dynamic web applications. An application server that can go from single
server to moderately sized configurations to dynamic web applications requiring web tier clustering and fail over
across multiple application server instances. Sagitec recommends the use of this application server to house
the IBM FileNet application and content engine.
IBM FileNet Workplace XT Version 1.1.5 provides an intuitive user interface for accessing all features related to
content management through a standard browser. This basic viewer has the capability to render standard
content like PDF and TIFF. Additional add-ons or possibly a different viewer like Daeja One may be required to
perform redaction and to support content rendering of multiple formats across a lot of versions.
KOFAX Capture KOFAX Capture accelerates business processes by collecting documents and forms, transforming them into
accurate, actionable information, and delivering it into line of business applications, workflows, repositories and
databases. Kofax Capture delivers powerful, production level capture of documents and data from virtually any
source: scanner, multi-function printer, print stream, email, fax, web service or folder. For document capture, it
boasts the fastest, most flexible scanning and indexing solution available. For data capture, Kofax Capture
extracts important information such as machine printed text, bar codes, hand printed words and even checked
boxes. Kofax Capture can help you capture it all quickly and accurately, ensuring complete chain of custody of
the content and accelerating core business processes and solutions.
Kofax Capture uses the same powerful indexing and validation process to capture information from electronic
documents that doesn't start on paper. That means workflow or content management system receives
consistently indexed content, regardless of the source or format, and your enterprise benefits from reliable,
accessible, process ready data and documents.
Kofax Capture has more than 140 connectors to various lines of business applications, ECM, ERP, BPM and
workflow solutions. It uses standard release scripts to connect seamlessly to business systems from IBM®,
Oracle®, Microsoft®, Open Text®, Hyland®, Pega® and many others. Kofax Capture can also export to any
ODBC-compatible database or to a delimited ASCII file. This flexibility makes Kofax Capture the standard front
end for any system.
pg. 34
Exhibit 27 – Imaging Integration
6. Correspondence Neospin™ correspondence services are an important part of document management and FileNet integration.
The Neospin™ Correspondence Engine (Framework) and the Content/MS Office Services (Application
Management Services) are responsible for retrieving correspondence XML metadata, instantiating
correspondence, invoking business services, creating the document tracking data, rendering correspondence
to the client device, and processing batch correspondence. These activities can be triggered by user (on-
demand) or Neospin™ (batch).
To create on-demand correspondence, a user will select a document from a filtered list (context sensitive) from
within the screen they are performing an activity. For example, from the Member Maintenance screen there will
be a list of relevant documents. The document list will be different from the Payment Maintenance screen.
Once the document opens from the list, Neospin™ automatically creates a document from templates and
populates it with specific member and process information. The user can preview the document and insert
edits. Once finished, the user will either print the correspondence or publish it to the Member Web Portal as a
PDF. If the document template has a ‘publish to ECM’ property, it will be committed to your FileNet system
along with an index. The document can be converted to TIFF or PDF on the fly, or it can be published to FileNet
in its native MS Word format. A copy of the Word document is also published to a directory on a File Server. The
File Server documents are valuable if you save ECM documents as TIFF or PDF because it gives your users
quick access to the Word documents. Web Portal published documents will automatically send an email to the
member notifying them to log on to the secure portal.
Batch correspondence uses the document creation process, but it is created by a batch job on a scheduled
basis.
pg. 35
Turnaround correspondence will be bar coded (2D) so it can be quickly scanned and indexed when it’s
returned to your office. Correspondence can be assigned ‘attachments’, so various documents are created
together.
The Neospin™ correspondence architecture includes:
Template Creation and Management – Neospin™ allows authorized users to develop Microsoft Word
templates and correspondence bookmarks and then submit the template to Neospin™. Once in
Neospin™, users can associate metadata to the template to indicate which screen(s) to bind the letter
and which general record retention/disposition policy applies to the letter and others.
Business Object Binding – Neospin™ allows authorized users to bind Business Objects to
correspondence bookmarks. Neospin™ provides easy-to-use mechanisms for binding data elements to
correspondence bookmarks.
Imaging Integration – As part of the template creation process, authorized users will define whether or
not the correspondence should be electronically committed to the imaging system. Users can also
define the imaging index associated with each correspondence, which means when the letter is
printed, an image and index will be pushed to the ECM for instant integration.
Data-Driven Conditional Paragraphing – Neospin™ uses simple scripting language to allow authorized
users to add conditional paragraphs to correspondence templates based on defined data attributes.
For example, a reminder letter might insert different text if the member paid the taxes to inform them
about the consequences of non-payment of taxes.
User-Driven Conditional Paragraphing – Neospin™ lets administrators create correspondence wizards
that allow users to make selections or inserts as part of letter creation. For example, there might be
many reasons why a beneficiary form is not valid and needs to be returned to the member. Using a
wizard, you can choose the reason (e.g., “Form was not signed” or “Pet is not a valid beneficiary”) to
insert into the letter at the appropriate place.
Tracking – Neospin™ allows users to track correspondence inside and outside of an Imaging system.
Native Microsoft Word documents can be saved, searched, integrated with contact center screens,
and retrieved on-demand for customer service.
7. Workflow - BPM Background In late 2009, we developed a fully integrated workflow solution for automating human-to-human interactions,
especially in document-oriented scenarios. We decided to build a Workflow Engine within Neospin™ instead of
relying on an ECM product for two reasons. First, some of our clients (such as you) have made significant
investments in a variety of different ECM platforms and want to retain them. We’ve integrated Neospin™ with
IBM FileNet, Onbase Documentum, Stellent/Oracle, and others. Our workflow engine needed to work
independently from any specific ECM platform. Second, workflow has become increasing less dependent on
ECM content. Member self-service, straight-through-processing, Partner Portals, Employer Portals – all of
these things have reduced traditional ECM content.
In late 2013, we began migrating our workflow solution to a Business Process Management (BPM) solution
following BPMN 2.0 standards. BPM is a holistic approach to defining, analyzing, simulating, executing, and
monitoring business processes from end-to-end. A business process is a set of related workflows that produce
value and typically involves many roles and work-units.
pg. 36
Our BPM solution also implements workflow and case management. Workflow is a set of related tasks required
to complete a portion of the process. In general, workflow is used to describe human-to-human process
handoffs where various roles are involved. Our workflow includes the following features:
• Process Initiation – Initiate workflows from forms (screens), batch jobs, Web services, and/or scanning
and indexing of incoming documents from any ECM system; a NeoFlow service monitors incoming
events, checks them against a reference database, and triggers predefined workflows accordingly.
• Prioritization and Assignment of Work Items – Automate work prioritization and escalation based on
pre-defined rules; work items are assigned to individuals or groups, depending upon the prioritization
set by their Process Managers.
• Suspension of Work Items – Users can suspend work items to remove them from the active list of the
user’s “my basket”; users choose suspension reason, suspension end date, resume action, and
comment to keep everyone updated about the suspension. If resume action doesn’t happen within the
suspension end date, a NeoFlow service will automatically resume the job.
• Queue Assignment Rules – Work items of a specific activity can be assigned to different queues,
depending on the attributes of the process.
• Backup User and Unavailable User – Process managers can configure a user as a backup user so that
over the duration of the primary user’s absence, the backup user will work on the work items for the
primary user. Users can mark themselves unavailable to “opt out” of work assignment rotation, but
can remain active for work items assigned to him/her.
• Case Management – Case managers retrieve information about case type, case events logged (e.g.,
disability case review, physician follow-up), and case status.
• Workflow Dashboard – Provides a snapshot of work; workload can be seen at different levels including
queue level, overdue work items, suspended work items, and work items received yesterday.
User Perspective From your view, workflow is fully embedded within Neospin™. The following diagram illustrates the Neospin™
workflow process at a high level.
pg. 37
Exhibit 28 - Neospin™ Workflow Diagram
Workflow in Neospin™ is designed as a “push” or “pull” system. “Push” means the workflow functionality
automatically routes work-items to designated roles or Users. “Pull” means you navigate to a screen of
available work items (group work queue) and select the ones your want/need to process.
A “push” system works as follows: a process is started (manually or automatically) and a work item goes to a
queue. The queue may associate work items to you (based on role) based on routing rules. Rules can be FIFO,
LIFO, skills based, round robin, or others. The queue routes the work item to your personal queue called “My
Basket”.
“My Basket” is always visible to your unless you intentionally hid it. When you are ready to process the work
item, just click the link for the item in their “My Basket”. This automatically brings you to a particular screen
within Neospin™ with the member record populated. When you finish the work item, click the “Complete”
button to either route the work to another user (e.g. audit step) or to complete the workflow.
pg. 38
If you cannot complete a work item for whatever reason, you have other options available. You can suspend,
cancel, and return the item to the queue or any other action you want to add.