New Scheduled Actions Register

The enhancements made to Scheduled Action make it much easier for users to create, edit, and manage Scheduled Actions. The paragraphs below detail each change that was made and how users can leverage the best functionality out of the changes.

• Scheduled Actions now have their own register. This register contains a list of all scheduled Actions, a history of changes to scheduled Actions, and details related to the scheduling mechanics to make future Actions details more transparent.
   
• Benefit: Adding the new register allows for easier searchability and organization of Actions set to perform on a specific schedule.
  
   

• The Edit Schedule function is introduced. With the new Edit Schedule functionality Users can edit the Recurrence Pattern and Recurrence Range for Actions set to a schedule, meaning the Edit function is no longer responsible for editing or deleting scheduled actions.

  Benefit: The Action Details can be edited separately from the Recurrence Schedule.
  
   

• Users can schedule and manage Actions’ due dates by the minute when the Hourly Schedule is enabled.

  Benefit: This enhancement allows users to track the time difference for when a Scheduled Action is due. The HH:MM display will be set to the timezone of the company and will only appear if the Action is Scheduled hourly. It will appear in the Action Register Due Date column, on the Action Details page in the Due Date value field, and any places where Action Due Date will be displayed (i.e., widgets).
  
   

• New Role Permissions and Business Rule Fields were created for Scheduled Actions.

  Benefit of new Role Permissions: The Schedule Action role permissions allow administrators to limit access to which users can edit the schedule (recurrence range and pattern) on scheduled actions.

  Benefit of new Business Rule Fields: The new BR Field, Show Original Action for Scheduled Action, will display a link in the Action Description field. When this new field is enabled, users will have access to edit the original Action and they will be allowed to adjust the schedule of any future actions.

New Online Documentation Site

Mitratech’s new Client Success Portal drives user engagement with new features to ensure you can quickly get the information you need and get back to accomplishing your tasks.

The new success portal leverages all of our existing User Help and knowledge-base articles in one location. Likewise, the site’s fully responsive design allows users to access the help efficiently from multiple devices. Along with these features, users also get the following benefits:

• Robust search and filtering capabilities
• Instant PDF creation from any page
• Direct-to-team feedback
• Smart, user-centered suggestions

New, online user help guides are housed in the CMO Client Success Center. These comprehensive guides details processes, business rules, and how-to articles centered around modules found in the Best Practice Web, iOS, Android, and Windows applications.

New, online Support-based articles, or CMO Solutions, are also housed in the Client Success Center. These Support-driven quick tip guides contain how-to articles on how to perform specific actions within the CMO Web, iOS, Android, and Windows applications.

Database Refactoring

Significant changes were made to the CMO Compliance database which improve the stability of major objects, including workflows, template permissions, and historical object tracking. This benefits site administrators because now, they can look at the database and see where the data is stored and how it’s interacting with other data. This greatly benefits maintenance teams who work within the database often.

Document Security

CMO Compliance has been completely refactored regarding the way documents are stored within the database and file storage servers. These new storage methods dictate a more secure method of file names and overall storage methods, which provides clients with better security against traversal attacks. File references and database references to files have also been completely refactored to provide a more relational model with superior performance.

SAML 2.0

The CMO web application has added support for SAML 2.0 and Single Sign On (SSO).The same credentials will be used in their system infrastructure, meaning clients will be able to move between CMO services securely, uninterrupted, and without having to re-enter their credentials.

.NET Framework

CMO Compliance web application is now compatible with and utilizes Microsoft .NET Framework 4.7. This Framework is a programming model that supports building and running of Windows, Windows Server, Windows Phone, Microsoft Azure, and XML Web services software applications.

The benefits of using .NET Framework include, but are not limited to: less coding for developers and an ability to reuse code more frequently; increased security through safeguard features such as role-based and code-access security, and greater application performance and reliability.

Visit the official Microsoft website for further detail on the benefits of .Net Framework 4.7.

Human Resources API Capability

CMO Administrators can audit all changes that have occurred within CMO HR feed since the last time it was run. This assists in monitoring and auditing any changes that occur in any exported or updated records, and allows HR representatives to make sure the feeds are successfully run.

HR API is compatible with multiple environments, which gives site administrators the ability to populate data (Users, Org Units, and Entities) in multiple environments within the company. Previous to this enhancement, the HR API only let users add to the top level environment. Now, user records updated or created in child environments will be linked to the user's account in the parent environment. This allows users to toggle between environments while using the same account.

See the HR Integration Brief documentation for further detail.

No More Pop-up Windows

Pop-up windows in several modules were converted to in-screen dialog boxes (also referred to as an .aspx window). Whenever a New or Edit command is clicked in the Auditee, Event, User, Org Unit, (Form) Question, (Form) Section, or (Form) Response Type modules, an in-screen .aspx window will appear rather than a pop-up.
 

The new .aspx in-dialog windows benefit users in the following ways:

• Enhances Security: Before this enhancement, the New and Edit screens would be blocked by company firewalls which caused users to disable security features in order to use the software. The new in-application window allows users to freely move through the application without disabling their organization’s pop-up blocker.
• Better Usability: The in-dialog windows appear in full-screen mode and they allow all functionality even if a pop-up blocker is enabled by an organization. The new, modern page controls ensure a smooth, responsive, and stable experience.

Removed Business Rules

The following Business Rules no longer exist in CMO:

• Only Allow Billing in Whole Days
• Allow import Event from Service
• Show red background on Billing Indicator
• Allow Check Receipt
• Allow LiMs Integration
• Stimulsoft Custom Reporting

Relocated Business Rules

Certain Business Rules were removed from their Global Setting location within the Admin module. Removing them from an Admin-only module and relocating them to individual templates allows users to control their own permissions and allows them to apply rules to individual templates. Each Business Rule that was moved is detailed below.

• The Default Sync Status rule was moved to the Edit Form window.
  
   

• The Allow Scheduling by the Hour/Minute rule was moved to the Edit Form screen.
  
  Additional Detail: When enabled, the Event Date, Start Date, and End Date fields will display the date and time when users create or edit an Event with the respective Form template. When disabled, then the Event Date, Start Date, or End Date fields will only display the date. This permissions is turned off by default.
  

Improves Quality by Reducing Defects

The number and severity of defects that escape QA will continue to decrease as CMO operates according to Mitratech’s high QA standards.  Serious defects related to new development are increasingly unlikely because of the robust test cases (regression tests, automated core functionality tests, and automated tests for new feature development) written and executed for all bug fixes, improvements, and new features. Lastly, the development team uses a tool called Sonar to continually analyze the code quality which assists in determining test case coverage and areas in the application that might need attention.

Continuous Security Testing

The CMO Compliance application went through security testing every two weeks using the following industry-standard tools:

• Checkmarx – directly analyzes the source code for security vulnerabilities.
• AppScan – performs penetration testing on an instance of the application to identify vulnerabilities.

Each of these tools produces a report that is analyzed and actioned by the engineering team.

Adjustments to User Acceptance Testing

In the past, User Acceptance Testing (UAT) was functional testing performed by the client to verify that the product meets their business needs. Moving Forward, functional testing of the code base will be done by Mitratech’s QA engineers and configuration testing will be done by Mitratech Support / Services before the traditional client UAT testing. For the client, this means the UAT process will be much shorter due to the thorough testing by QA and Services.

Test Case Development

QA Engineers created test cases for all new development and for existing functionality.

• New Features and Product Improvements: Clear requirements removed ambiguity and guesswork from testing and enabled the QA team to verify that the new features and improvements met the clients’ needs.
  • Test Cases were written from user stories that are based on client requirements.
  • Acceptance criteria (from the user stories) become validation points for tests.
     
• Existing Functionality: Improving the quality of testing for existing core functionality is the largest task associated with QA improvements.
  • Short-term goal: Regression tests for each critical functionality in each area of critical or high business use modules.
  • Long-term goal: Create a comprehensive suite of regression tests for each functional area of the application.