A guide formed from everything we’ve learned about this commonly used process.
Acceptance, agreement, consensus, and authorization; approval has a lot of meanings and each team and task has unique needs and goals. Most situations, however, require an effective, efficient and repeatable process to obtain, inform, document and perform approvals. The end goal of approval is to provide a standard workflow; conserve resources like time, money, or assets; and to comply with regulation and/or control processes.
Another reason teams and processes include approval is to add transparency and clarity to tasks that are being performed or decisions that are being made. Automating the approval process can contribute to clear collaboration and transparency for the state and progression of work. Although formalizing an approval process can slow this collaboration, the goal for this type of process is to balance standardization with productivity and autonomy.
The most common reasons to include approval within a process are regulation and compliance. These types of approval are typically not optional. For example, the United States Department of Agriculture (USDA) has a standard that requires that labels be submitted and inspected by Labeling and Program Delivery Staff (LPDS)". Labels undergo a series of checks and are registered into a system called the Public Health Information System (PHIS)", which serves as a reference for food-based health issues, should they arise. Food without a compliant label cannot be sold legally within the United States.
Compliance with label regulation is required for companies that produce, distribute and sell food. There are similar regulations in many industries including much more rigorous and costly compliance activities. However, applying the right amount of tooling and automation can expose opportunities for cost-saving and efficiency for compliance.
An additional benefit for formalizing and potentially automating the approval structures and processes around compliance and regulation is consistency. Regulations can be complex. Having defined (and potentially automated)" processes helps things from falling through the cracks.
There are cases where approval has been used as a “signature” to approve a process continuing forward, agreement with a EULA, or other use for what would normally be a signed paper. Approvals contain an authenticated response with a time/date stamp, and can be used for more than the “standard” approval uses.
Approvals are key in making sure assets, money, and people are being appropriately allocated. Examples of resources that you may establish approvals for could include:
Approval steps can be inserted into a workflow to ensure future steps can be performed efficiently. Some examples of non-regulatory process controls:
What types of approvals are best for processes is entirely dependant the goal of those processes, the regulations thereof, the foundation data available for the individuals involved in those processes, and what the requesters are requesting. Each type of approval has advantages and disadvantages. It is likely your system will contain more than one approval type to support business as usual.
Lack of an approval could be considered one of the most efficient, cost-effective, and fastest ways to get work done. Many process improvement efforts try to get to this point, but sometimes it is simply unattainable, most likely for the reasons listed previously in the compliance and control sections.
Where approvals are not strictly required; consider removing them completely. Requests and processes not controlled via regulations could be managed with a process involving regular audits and reporting rather than individuals approving each transaction.
With pre-approval rules, there is a broad opportunity for efficiency. A fairly common tactic is to base approval on a requester’s role. If you’re a project manager, for example, you could be automatically approved to order a specific laptop, request a task assignment, or schedule changes.
A similar pre-approval rule could be based on hierarchical levels. Managers might be pre-approved to request access to systems and information. Directors, however, might get higher budgetary spending thresholds and be able to request cubical moves in the facilities management system.
An important component of systems with pre-approval is strong foundational data. You need to accurately be able to tell who people are and what role they have to be able to assign the correct pre-approvals. This becomes even more challenging as the size of a team increases.
Named approvals are when one specific person has to approve a specific request. Turnover, vacation, and changing roles are just some of the challenges that must be managed when using named approvals.
In the group approval model, approvals are assigned to a group of people to attend to rather than an individual. In most cases, these are an “any response” scenario where any reply from any individual in that group fulfills the approval requirement and the request moves on as indicated. This is a straightforward, streamlined, and robust way to go about approvals.
As with any group activity, it can bring up system complexities such as record locking as well as process complexities such as what happens when two approvers disagree.
A group approval sub-type is group consensus. Group approvals can also be set up as an “all must approve” scenario. These can cause the same sort of delay as named approvals, due to turnover, vacation, etc. These are best reserved for cases where approval by all parties is absolutely necessary.
Voting is another type of a group approval. Voting is where multiple people are sent an approval but the majority approving or disapproving drives the outcome.
Line item approvals are both efficient and complex. These allow a portion of the request to continue while another portion is denied, must be resubmitted, or must be modified. Line item approvals provide a good user experience because even if part of the request does not meet the requirements for approval, the entire request isn’t denied. The parts of the request that met approval are allowed to continue and begin fulfillment.
That said, these systems can be some of the most complex to build and design for the user experience. Users will need to have clarity into what was approved, what was denied, and why (for each item denied)". There also should also be a way for the user to simply and easily copy the denied portion of the request into a new request to begin a modified resubmission. While none of these things are simple to design, they can provide a big pay off in customer experience.
A potential issue with “Line item” approvals is that some requests need to be “whole and complete” to be valuable. Example: no sense ordering a computer if your requests for a network connection was denied.
The most common type of approval is hierarchy based or relative to the request. For example, it is common for a requester’s manager to have to approve a new mobile device request. That isn’t a named approval, but someone who is getting that approval based on the role they have in relationship to me (my manager)".
It can be important to note that these approvals suffer from delays in the case of bad foundational data and time off (such as sick time and vacations)". It is important to design these types of approvals (and any approvals that go to just one person)" into systems that can manage reassignment, delegation, escalation, and expiration.
In rare cases, it can be necessary to involve multiple levels in the approval of the same item. Perhaps, to approve bringing in new, non-standard software in the environment, there may need to be an approval from an individual manager, from a security team, and from the CIO. Each person or group would get their approval in turn, and only if the level before approved.
Users aren’t specifically requesting approval in most cases but requesting items or initiating processes that require approval. Making sure that requesters and users understand that an approval will be required prior to delivery is part of setting expectations. Requesters may also benefit from entering or confirming their location, department, or manager to ensure proper approval routing, depending on process and foundation data reliability. Also, visibility into the status of the request while awaiting approval is important for customer experience: Has the approval been assigned to a person or a team? Has it been escalated? Delayed? Was it reassigned? Users are more likely to be patient if they understand what is going on.
Making approvals simple and easy for the approvers is key on the receiving end of an approval request. Having an integrated and single point of approval in an organization can greatly improve the experience and productivity. However, most organizations have multiple systems and functions that require approval, so bringing them all to one location may not be a simple possibility. This integration can be a project in itself but potentially worth the investment.
One type of approval is consensus, so approval mechanisms may need to provide not only the details of what is being approved, but also the opportunity to discuss it with other stakeholders.
Rejection, denial, refusal. Different companies use different terminology, but the functionality required is the same: the status needs to be accompanied by a reason and the process needs to stop. Having approvers enter in a denial reason allows the submitter to address that reason and resubmit if desired.
Sometimes requests are not rejected outright, but sent back to the submitter with a request for correction. This assumes the customer will want to continue the request with an update. Other times, the request is rejected with a reason and an option to clone the original to restart. When teams are planning complex work or requests take extra time to plan and enter, requesters don’t want to simply lose that work. Making it simple to update and proceed after rejection is important to the customer experience.
If an approval is held for a longer than expected duration, there are a few options: you can remind the approvers of the approval, escalate the approval to another level, and/or expire the approvals and take a default action on the request. These can be used individually or in concert to create an optimal user and approver experience.
Some things to consider are:
As with all portions of process automation, approvals are an area for continuous auditing and improvement. A static system is likely an out of date system and having a process around continuous improvement is critical.
As mentioned in previous sections, managing delegation of approval authority is critical. These could be long term delegations (if a VP, for example, delegates approval responsibility to their assistant or peers)" or short term delegations (for vacations, illnesses, etc)", but automating handling of these delegations will save time, money, and prevent errors and delays.
Being able to approve multiple items at once can provide a significantly improved approver experience. Some things to consider when bulk approving:
The ability to request an additional approval from any particular task or approval that is already out there is important for record keeping and process modeling. This allows you to keep the additional approvals in the same system if something is needed that is not a part of the documented process. It also allows you to later report on these ad hoc approvals to document where there are additional needs for approvals not met in your current automated workflows, which leads to process improvement.
As part of the aforementioned continuous improvement process, measurements taken out of the system are critical. These may be dashboards, graphical reports, or spreadsheet style data exports; automating these items is an important consideration. Having these items automatically generated prevents someone from having to take additional initiative to look at the data that will drive improvement.
Important measurements include:
One concern many companies have around the use of approvals is approval fraud. Opportunities for fraud typically occur due do a lack of segregation of duties. Being the receiver and distributor of funds is one example. This is very risky for 501(c)"(3)" organizations in that they can lose their exempt status if funds aren’t handled properly.
In reality, no matter the apparent opportunities for fraud, a correctly and diligently audited approval system will leave little opportunity for uncaught fraudulent actions. Even the simplest approval systems that allow the users to select their own approvers can be checked with a couple of simple weekly or monthly reports. The important step is to set up and attend appropriately to the necessary auditing.
Another concern many companies have is of employees “gaming the system”, or taking advantage of “holes” in the system to get their work done “easier” but incorrect ways. One example is using another, less bureaucratic process. Given the choice between fast and easy forms versus a long difficult process with possible wait times, which do you think people will chose? The “fix” in this case is likely twofold: make it easier to find and fill in the requests and don’t accept submissions that are supposed to be requested by other means. A good system will make approvals as easy to enter as other forms. For example, approval forms could autofill much of the information, or not require all of the information needed from the customer at time of submission, they can add it later. However it is designed, the key is to balance perspectives and keep approvers thinking holistically about their actions and their downstream impacts.