Question Automation of Invoice System (1 Viewer)

[Gemma Khan]

Hi all,
I am novice in MS Access application development. I have developed an application of invoice automation system. Any invoice received is signed by the manager. It then entered into the database and kept in the record (in cabinet). Reports can be generated in database on requirements. I mean the system is paper based and DB is only used for counter check and generation of reports.
Now I want to extend it so that paper based signature system can be avoided. The procedure is below:
After user/operator receives and enters the invoice into DB, he sends notification to project manager for approval. The project manager then adds his digital/electronic signatures for that record which means he has approved that invoice. After that it goes to Finance manager for his signatures.
Now my questions are:
1. How to notify project manager and then finance manager that new record of invoice has arrived for his signatures.
2. How to add digital/electronic signatures in db table which will show some person’s unique identity.
3. Signatures should be secure enough so that no one other can sign that document on his place.
4. Through those signatures it should be proved that that person has actually signed the invoice/record (to avoid forging).
5. I want to make this system reliable enough which could actually replace paper based system.
Can anyone help and guide me for this?
Thanks

 

[Mr. B]

Gemma Khan,

You do know how to ask a question. LOL Actually that is a lot of questions.

As for notification to the project manager and then the finance manager, that can be done by just sending an email. When certain criteria is completed the first email would go out to the Project Manager.

This now brings us to the real question. That is the "electronic signature". Just what kind of signature would be acceptable to you and your company? What form are you expecting it to take and how do you expect it to be entered or applied?

Oh, well, back to the senerio. When the Project Manager has applied the correct "signature" the second email would be sent to the Finance Manager.

I really think that what you want to do can be done, but I also thing that there are a lot of unanswered questions at this point. I would be interested in reading the input of others on the "electronic signature" issue and any thoughts on just what would constitute an acceptable "signature".

 

[Gemma Khan]

long question & Long answer.
Thanks a lot for your so valuable response.

The Idea is to convert paper based system to fully electronic. I mean invoices are signed in sequence and every concerned person put his signatures for authorization. I want the same thing implement into DB.

As for Signatures are concerned, these should serve the same purpose as that of real time paper based signatures. I am not clear what should be in these signatures. But only project manager can add his signatures (no one else can do that), and so on. The purpose is to get approval.

Perhaps this may be confusing. But I have tried to make my requirement clear. If some more information is required, please tel me and I ll provide it.
thanks again

 

[marianne]

Hi all,
I am novice in MS Access application development. I have developed an application of invoice automation system. Any invoice received is signed by the manager. It then entered into the database and kept in the record (in cabinet). Reports can be generated in database on requirements. I mean the system is paper based and DB is only used for counter check and generation of reports.
Now I want to extend it so that paper based signature system can be avoided. The procedure is below:
After user/operator receives and enters the invoice into DB, he sends notification to project manager for approval. The project manager then adds his digital/electronic signatures for that record which means he has approved that invoice. After that it goes to Finance manager for his signatures.
Now my questions are:
1. How to notify project manager and then finance manager that new record of invoice has arrived for his signatures.
2. How to add digital/electronic signatures in db table which will show some person’s unique identity.
3. Signatures should be secure enough so that no one other can sign that document on his place.
4. Through those signatures it should be proved that that person has actually signed the invoice/record (to avoid forging).
5. I want to make this system reliable enough which could actually replace paper based system.
Can anyone help and guide me for this?
Thanks

REPLIES:

1. when a record is added in the database, you can add a field in your table that is yes/no type. meaning, after the record is added, that certain field is set to no, meaning it has not been signed or validated by certain personnel. thereby you can make a code that on login of that personnel, when there is a record set to no, a form will pop-up showing those unvalidated records.

2. when a certain personnel or user will enter into the program using his or her login ID, "login id" here is a unique identifier. so you can either opt to use ID as a digital or electronic signature.

3. number three question is up to you on how you design your security.

4. number four question is a combination of my answers 1, 2 and 3.

5. number five question is AGAIN a matter of security.

 

[Gemma Khan]

You mean we will need to implement Access control system with DB.
I believe while giving permission to some user on tables, he can also open up tables and one person can alter the signatures of some other one. Is it possible that user only has access to interact with tables through Form, not not open table explicitly. I mean user should not be allowed to open up table directly and form in design view.
Am I correct or wrong.

 

[DCrake]

You need to be looking at role based access control. Who can log into the application, how they log in, what access rights do they have. This is from the user who can only read data to the database administrator.

If you have a tabel with each users name and encrypted password along with permissions and rights, such as:

Can Sign Off
Can Print Reprots
Can Delete
Etc

Tables store data
Queries present data
Forms collect data
Reports print data

If you have a form that allows the user to digitally sign off an invoice then when a user attempts to open that form the system will check their permissions either allow or deny access to the form. If permitted they would tick a box to say that the invoice has been signed off and the repord is updated accordingly along with the username and date/time stamp that the signoff occurred. This is for traceability.

If a user who does not have permission to open a said form attempts to open it you could invoke some sort of audit log file that records the event in much the same way.

When you talk about "electronic signatures" this does not need to be a physical graphical image of the users signature as this would bloat the table and is unneccessary.

David

 

[samia]

Hello DCrake,

This really sounds interesting and I would really be interested to know how you can do that. I might need to do this for our help desk system too. I'll appreciate it.

Thank you,

Samia

 

[DCrake]

Samia:
alot of what I said is self explanitory. However, your first step is to create a table which will contain the information about each user and their permissions.

Windows Login Name
System Login Name
Password
Active status
Permissions


Then when a user logs in the system verifies the user name and password and stores the permissions to public variables. Lets start with CanDelete

If a user has a record open and they hit the delete button. Your system can do one of 2 things, Delete or Ignore This is dependant on the rights of the user. If CanDelete = True then the delete can take place and an audit of the deletion is created in the audit log for traceability. However is the user cannot delete then bring up a message box that states that they attempted to delete a record without the necessary permissions and tell the user that a recrod of this event has been saved in the audit log. Whether you actually do that is another matter, it however makes the user think "I better not try that again!".

This is a very large topic and cannot be covered easily in one response. Better of doing things in stages. Look for examples of different areas or concern.


David

 

[Gemma Khan]

Sorry for disturbing again & again.
I want to know that is there any way to restrict any user from opening up the table directly. For example in Access 2007, if you press F11, window on the left appears through which you can open up any object in either Layout view or design view. For tables it is possible to open any table and modify data. How to restrict user only to certain form or switch board only?