Guides
Sub-processorsAbout PismoContact us

Dual approval [beta]

Dual approval is a security and governance feature that requires two separate individuals to review and approve a critical action or data change before it's finalized. One person initiates the request and a second person reviews and approves it. This process adds a layer of oversight, helping to prevent errors, unauthorized changes, and fraud.

👍

[beta]

This feature is currently in beta release only in the test environment to give you a chance to check it out. The functionality and API contracts might change before it is released for use in production. For more information or to participate in this beta program, contact your Pismo representative. The Dual approval beta release is limited to editing program parameters and making single adjustments to financial accounts.

How it works

Dual approval works at the organization level. Rather than making a change directly, Control Center saves the operation as a pending approval request and starts an approval workflow. This workflow proceeds as follows:

  • User A (the requester) makes a single adjustment to an account balance or edits a program parameter.
  • User B (an approver) receives a notification message about the approval request and selects the message to view the request details.
  • On the Request details screen, if User B approves the request, the change is applied, and the request is closed. But if the request is rejected, canceled, or fails due to an error, no change is made and the request is immediately closed.

Roles and permissions

A requester can be anyone with permission to make the type of change. However, to be an approver, you must have the approver role for the specific type of change. If you have viewer permission only, you can view request details but cannot make changes.

The roles needed to use the Dual approval feature are:

Request typeRequester rolesApprover rolesViewer roles
Make single adjustments
  • Accounts-operator
  • Backoffice-operator
Backoffice-approver
  • Accounts viewer
  • Backoffice-viewer Collections analyst
Edit program parameters
  • Setup-operator
  • Admin
Setup-approver
  • Setup-viewer
  • Auditor </ul

Make a request

When Dual approval is active, rather than making a change directly, Control Center displays a popup message asking if you want to submit an approval request.

If you confirm sending the request, Control Center displays a confirmation message that your request was submitted. The change is not applied until another user approves it.

📘

Program parameter request locking

Requests to change a program parameter temporarily block further changes to that parameter. This is done to prevent conflicting changes while an approval is pending. However, this does not apply to single-adjustment requests.

Approval request notifications

When you make a request, you get a popup message on the screen confirming that it was sent. Other users receive a notification when:

  • A requester makes a request for a change that they have permission to make
  • An approver user accepts or rejects your request
  • The requester cancels a request that you were notified about
  • You approve or reject a request
  • Control Center encounters an error processing a request

Every user in your organization with permission to make the type of change being requested receives a request notification. Users with view access only do not receive notifications.

View requests

Selecting a request notification takes you directly to the request details screen for that request. You can also:

  • View single-adjustment requests on the Requests & approvals tab on the Accounts overview screen for a specific account.
  • From the main menu, select Users & permissions > Dual approval and the Requests and approvals screen is displayed.

The requests listed on the Requests and approvals screen are filtered by role. For instance, if you have view access to program parameters but not for single adjustments, requests for single adjustments do not display. The actions available to you on the details screen depend on:

  • The roles in your access profile
  • Your function in the approval workflow
Approval workflow functionAvailable actions
RequesterCancel a pending request that you submitted
ApproverApprove or reject a request
ViewerNone. Users with view access can review pending requests on the Requests and approvals screen or on the Requests & approvals tab on the Accounts overview screen of the specific account. However, viewers do not receive request notifications.

To view a request:

  1. To open the details of a specific request, select the request notification.
  2. To open the Requests and approvals screen, do the following:
    1. From the Main menu, select Users & permissions > Dual approval.
    2. Select the request you want to view.
      On the Request details screen, there is a link to the program or account to which the change applies.

Cancel a request

All requesters can cancel their own requests that are still in Pending status. Cancellation updates the request status to Canceled and sends a notification message to all potential approvers. The request history is updated with the date and time when you canceled it.

If you open an approval request notification for a request that already has been canceled, the cancellation message displays on the Request details screen.

To cancel a request:

  1. From the main menu, select Users & permissions > Dual approval.
  2. On the Requests and approvals screen, select the pending request you want.
  3. On the Request details screen, select Cancel request.
  4. In the confirmation dialog, select Cancel request.

Request status and history

The status of a request is reflected on the request notification, the Request list page, and the Request details screen. For single adjustment requests, the Dual approval feature adds a Requests & approvals view to the Accounts overview screen of all financial accounts. This enables you to review the request history for the specific account.

Request status can be:

  • Pending—Requested change is awaiting approval
  • Canceled—Requester withdrew the request
  • Approved—Approver accepted the change
  • Rejected—Approver rejected the change
  • Error—Request failed due to an error

The Request details screen provides a listing of all pending and previously closed approval requests. Select a request to review its details.

Approve or reject a request

Each request links to a request details screen for the pending request. If you have the proper role in your access profile, you can see the Approve and Reject options.

Requesters are not allowed to approve their own requests, they can only cancel them.

Approve a request

If the approver approves the request, the status updates to Approved and an approval notification is sent to the requester. The history of the request is also updated, with information on who approved the request and when it was approved.

To approve a request:

  1. Do one of the following:
    1. Select the request notification message. Skip to step 3.
    2. For single-adjustment requests, select the Requests & approvals tab on the Accounts overview screen for a specific account. Skip to step 3.
    3. From the main menu, select Users & permissions > Dual approval.
  2. On the Requests and approvals screen, select the pending request you want to open.
  3. On the Request overview screen, select Approve.
  4. In the confirmation dialog, select Approve.

Reject a request

If the approver rejects the request, the status updates to Rejected and a notification is sent to the requester, with details about who rejected it and when. The approver must enter a reason for the rejection. The history of the request is also updated. The request details page displays the rejection reason in a box on the top of the screen. The rejection reason is also sent in the notification to the requester.

To reject a request:

  1. Do one of the following:
    1. Select the request notification message. Skip to step 3.
    2. For single-adjustment requests, select the Requests & approvals tab on the Accounts overview screen for a specific account. Skip to step 3.
    3. From the main menu, select Users & permissions > Dual approval.
  2. On the Requests and approvals screen, select the pending request you want to open.
  3. On the Request overview screen, select Reject.
  4. Enter your reason for rejecting the request and select Next.
  5. In the confirmation dialog, enter your reason for rejecting the request and select Reject request.

Errors

If an error occurs during request approval, the status changes to Error and the platform sends an error notification to the requester and all approvers. The request history is updated with a date/time stamp. If you select an approval request notification after an error has occurred, you still go to the Request details screen but you see an Error status. In this case, the requester must make a new change request.

Updated about 20 hours ago