CMO Compliance is a process-driven, data management and analysis engine. Its fundamental structure is fully configurable, and so can fit any GRC and HSE data or process requirement. Users interact directly with the system using web browsers, email and mobile interfaces.
The CMO Compliance web application differs from other web applications, as it is not designed and implemented with specific processes and data objects in mind. In such applications, changes to processes and data structures often require re-implementation by software engineers or other qualified staff. However, using simple graphical interfaces, the processes and data structures within the CMO Compliance web application can be remodeled at any time by non-technical users who understand the processes being modeled rather than the technical issues.
The dynamic nature of the data structures and processes encompassed by CMO Compliance presents many challenges to the underlying software. We solve these challenges by reducing the requirements down to a simple premise: everything is an "object". What is stored depends on the type of object, and how the system behaves depends on the relationships between those objects. This abstract model is then fleshed out by the various layers and services in the software to allow the real world data model and processes to be presented.
CMO Compliance is built in an object- and service-oriented model, based on strict separation of objects to provide security, reliability and extensibility in all areas.
Architectural Challenges, Choices, and Benefits
With every paradigm shift comes a new set of technical challenges, and SaaS is no different. Further, CMO Compliance is truly dynamic and flexible, allowing any business objects and processes to be modeled and implemented within the system.
Key architectural areas that deal with the complexities of such a dynamic and flexible system are:
|Data Query Builder||Can query different database types to match user requirements.|
|Mapping Engine||Maps relational database structures to the generic objects used within the system, and manages changes to object structures dynamically rather than relying on fixed build-time mappings.|
|Framework||Allows management, localisation, audit and security of the generic business objects and actions.|
|Referencing||Allows for the creation of relationships between objects.|
Choices & Benefits
Key architectural choices provided by CMO COMPLIANCE and their advantages are:
Configuration: One key aspect of the architecture is the highly configurable nature of CMO COMPLIANCE based on business rules configurable by the end user. One of the goals was to remove the imposition of structures and behaviour as much as possible, allowing users to configure environments to their own requirements, or indeed provide prepackaged configurations for solutions to specific GRC problems. The advantages of this are:
- End User Configurable
Integration: XML is the primary mechanism for passing information between CMO COMPLIANCE and third party system elements. The advantages of this are:
- Widely understood format within IT community
- Many tools available for manipulation
- Used for definition of web based standards
- Easily machine-readable
To decrease the cost of delivering the same application to many different sets of users, an increasing number of applications are multi-tenant rather than single-tenant. With CMO Compliance’s unique EHS Software as a Service Model (SaaS), a service can be offered to clients via a Cloud Edition. In addition, a Private Cloud Edition is provided allowing the application to run on a visualized cloud data center inside client’s firewall, or from a private space dedicated to a client within a data centre if client’s requirements dictate this. Whereas a traditional single-tenant application requires a dedicated set of resources to fulfill the needs of just one organization, a multi-tenant application can satisfy the needs of multiple tenants (companies or departments within a company, etc.) using the hardware resources and staff needed to manage just a single software instance.
Tenants using a multi tenant service operate in virtual isolation from one another: Organizations can use and customize an application as though they each have a separate instance, yet their data and customizations remain secure and insulated from the activity of all other tenants. The single application instance effectively morphs at run-time for any particular tenant at any given time. Multi tenancy is an architectural approach that pays dividends to both application providers and users. Operating just one application instance for multiple organizations yields tremendous economy of scale for the provider. Only one set of hardware resources is necessary to meet the needs of all users, a relatively small, experienced administrative staff can efficiently manage only one stack of software and hardware, and developers can build and support a single code base on just one platform (operating system, database, etc.) rather than many.
The economics afforded by multi tenancy allow the application provider to offer the service at a lower cost to customers. Benefits of multi tenancy include improved quality, user satisfaction, and customer retention. Unlike single-tenant applications, which are isolated silos deployed outside the reach of the application provider, a multi tenant application is one large community that is typically hosted by the provider itself. This design shift lets the provider gather operational information from the collective user population (which queries respond slowly, what errors happen, etc.) and make frequent, incremental improvements to the service that benefit the entire user community at once. Two additional benefits of a multi tenant platform-based approach are collaboration and integration. Because all users run all applications in one space, it is easy to allow any user of any application varied access to specific sets of data. This capability greatly simplifies the effort necessary to integrate related applications and the data they manage.