CASE STUDY OF ADMINISTRATIVE PROCESS AUTOMATION IN HIGHER EDUCATION INSTITUTIONS FROM ROMANIA

: Romanian Universities and those from the entire East-European Region are undergoing a long and arduous transition. Significant amount of money, coming from their own funds, the Government or from European funds, are being invested in order to increase the quality of the education and research. Considering that the changing processes require giving and receiving feedback from all the institutional actors, we have observed in the course of time that students’ interaction with the administrative departments has declined in what concerns both the popularity and the satisfaction. The aim of this article was to introduce to the academic community an analysis, layout, and implementation of an, apparently simple, administrative workflow. This, in turn, will be emulated in an electronic environment, thus permitting to highlight the main functional and organizational problems of the social infrastructure present in Alexandru Ioan Cuza University of Iasi, Romania. The research methods used include the functional analysis of the existing administrative process, designing the most appropriate implementation using content management tools including digital certificates, and an adequate method to manage the entire process. The efficiency of the solution is derived from the fact that the development is quite rapid; it implies the exploitation of common applications (for all the actors), such as e-mail services of web browsers and, last but not least, the fast adaptability of the workflow specific to the implementation used without using compiled code.


Introduction
When finishing a specific program of study, the graduate has to accomplish a series of procedures in order to acquire the documents that certify the completion of his or her studies. Because this is not the only academic process affected by bureaucracy, we consider this article as a change to the way we perceive the relationship between students and administration.
Termination form is a document that proves the student bears no outstanding liability, in material or financial form, toward any department of the University or its affiliates. The current process, described in Figure 1, represents the actual path a student has to follow in order to collect all the signatures required. Depending on the individual, the distance covered can add up to 5-6 kilometers. In essence, the student takes a printed form that he has to fill, from the university, and goes to different departments of the university to obtain various signatures and stamps. After this process is complete, he or she has to return the form to the university administration employee in order to obtain a document that certifies the completion of his or her study. Even though this process is a formal one, we could say, ironically, that for some of the graduates, this is the best way to interacte with the institutions they should have interacted with during their studies.
The purpose of this article was to highlight how different, simple methods and procedures, provided by SharePoint technologies, could automate this process. At the same time, we will try to describe the most important technological shortcomings, as well as the limitations of the university information system and also offer possible solutions to the listed problems.
In most large information systems (Klamm, 1998;Stachokas, 2009), each flow that has been established between the various departments requires the existence of a centralized authentication system (Prilop, 2012) permitting users to use the same username and password while accessing the information about or within the institution or its activities.

Possible solutions
This article excludes the option of filling out a document template and sending it to a specific e-mail address in order to obtain a signature and pproval (Lanzén, 2008). We will also exclude the possibility of using the function Incoming e-mail from SharePoint (Estrada, 2002) that permits the user to configure the document libraries and allowing saving attachments for a number of reasons: 1. External users will ignore the conventions concerning the names of the folders and filenames (Terry, 1984).
2. It will be difficult to inform them about the progress of the approval or even the ending of flow related to the signatures and approvals.
3. Some of the users will send several e-mails because there is no feedback system available.
4. Users might have not installed, on their personal computers, dedicated applications like Excel or Word, or they do not know how to fill in a Word document that contains configured fields.
E-mailing is, after all, a manual process. A user receives a document attached to an e-mail, checks, signs it, and then forwards the e-mail to another department. This requires knowledge of the next recipient in the workflow, depending on the types of documents and specific exceptions. The problem with these flows, based on e-mails, is much more serious than a manual flow if we were to consider the fact that an e-mail can end up in the Junk folder, i.e. it does not arrive at its destination. There is also a management issue related to the identification of the status of this process (the one related to signing a document) because the classical method, using the phone, can be counterproductive. Finally, the main problem that we are facing when using e-mail workflows to approve or sign a document is that one cannot exceed the limits in handling approval and signing of a document.
From a technical standpoint, flows inevitably result in overloading the e-mail server database with redundant information, for instance, one single file in SharePoint version versus x copies from the email version. For most institutions, the e-mail system is a critical business component, involving backing up almost in real time, so the redundancy caused by the circulation of documents through email becomes a waste of resources and mismanagement.
The idealistic version of the implementation of an electronic workflow is a complete electronic, webbased form that supports electronic signature and circulates in a relatively short time between the institutional departments. The solution that we propose, given the context of this case study, has its bases on the use of InfoPath Services and involves the publication, the access, and the signature directly from the browser, plus a flow in order to notify the user responsible for the signing and checking of the document-through e-mail. There is a slight problem when using this kind of flow. If the graduates want to get the documents after a longer period (more than 3-6 months), their accounts will not be active anymore when using a centralized authentication system. If they choose to access the SharePoint platforms anonymously, the users will not be able to add or create documents within the libraries from the public sites. They can only add entries to the existing list. The great advantage of using forms is that electronic signature is available directly from the browser (Mechelke, 2014;O'Connor, 2014).
Without a centralized authentication system and/or policies to access the system containing graduates' information after a period of time, the most likely solution is to initiate the process of filling out a form provided by SharePoint technologies. In this case, a custom list-InfoPath-is used, but the main disadvantage of this method is the impossibility of integrating electronic signature system with the forms. As a process of internal traceability, the electronic document does not require a qualified electronic signature to be considered authentic.

A brief analysis on the definition of roles
At the faculty level, depending on the internal organization and its size, there may be secretaries for each level of education or each specialization, a secretary on several specialties or one secretary for entire faculty responsible for the initiation, verification, and signing administrative forms. In addition, there may be several secretaries on the same specialization, making it difficult to organize the implementation of role(s).
Traditionally, the access to resources is performed differently, depending on the permissions or the roles, through groups, thereby ensuring that each department/secretarial/faculty will have access only to its own records from a global list of electronic forms that have to be verified and signed. One of the most common mistakes when designing security roles within applications that contain workflow is to define distinct roles for each condition, resulting in a complexity increase in security management (Kim, 2015). Keeping in mind the reality described in the first paragraph of this section, the distribution of roles is implemented globally, for certain groups, and uniformly for each type of resource.  The method that we suggest for solving this particular problem, one that can also be generalized for similar problems, is by eliminating the groups that only have access to a certain type of resource and implement them in an external data source. Even if it can be seen as a de-normalization, given the fact that the relationship between Item Type (specialization) and User (Secretary) is often many-to-many, the operation gives a dynamic effect to the codeless solutions and can be implemented through the use of columns type "People" available in SharePoint.
When the graduate wants to fill out a new termination form, he or she will choose a certain specialization (Item Type) from a resource list depending of the faculty graduated from; meanwhile, the form will dynamically attach the Secretary (User) for the specialization he or she has chosen.
A specific problem in electronic flows is related to its initiator and the proper order of approval or signature. There are two ways of executing it: parallel (specific to the classic flow) in which any of the roles can start any of the process of signing the document, and serial that defines strictly the steps in which each actor is involved throughout the process.

Proposed electronic workflow
For justification of the rapid development of the workflow and its cost, we have designed a BPMN model presented below, adapted to specific workflow solutions in SharePoint. The main instrument for designing workflows, Visio, allows the export in a reusable format. This export is imported in SharePoint in order to generate the pseudocode that helps implement the workflow.
The diagram contains activities and generalized conditions that will be personalized to match the SharePoint list implemented through the pseudocode. Considering the fact that SharePoint technology has detailed language packs, the pseudocode generated in SharePoint Designer is in Romanian, allowing the high-level interpreter to translate the executable instructions into the native language. The process designed to verify and approve the requests is a combination of serial and parallel actions; the user receives information, regarding the status and the steps executed, through the e-mail service. The advantage of this type of workflows is the fact that they invoke automatically. After a certain period of time, e-mails will be generated to inform the user of a delay in the completion of an activity (overdue).
The History of workflow execution can be tracked in a centralized manner by both the responsible factors and the originator of this stream. This is accomplished by SharePoint's reporting tools, using Excel in order to calculate the average duration of the verification and approval process, and also its global instruments used for metering and reporting the execution time.

The balance between security and functionality
As mentioned earlier, the version that has the highest chances to be implemented is the one that provides anonymous access for filling the form. Because anonymous users cannot create or upload documents to a document library, so the available option is by using lists.
When filling out an electronic form, a new element in the list of records is created that should enter the verification and approval process as described in the previous flow.
Anonymous access to a computer system and posting of items to trigger automatic approval processes can present a major security risk. Launching a workflow supposes, in addition to writing records in the basic list rights, also the right to create entries in the list of tasks associated with the workflow and in the execution history. The main risk in this model is the fact that someone could try to insert a maliciously large number of applications in the system triggering a massive influx of e-mails to those responsible for verification and approval. At the same time, setting up the possibility of adding entries in the Task section dedicated to those responsible for verification and approval would also generate dissatisfaction and unjustified order of operations that have to be executed.
Risk mitigation implies the introduction of unique elements in the form, such as the registration number and the e-mail of the graduate.
However, if we want to permit anonymous users to initiate a workflow automatically, various technical sources available on the Internet specify that they should be entitled to edit the list items; this way would cause other security issues.
Considering the fact that the users are completely anonymous, this kind of permissions should not be granted, even though we limited access to the default view of the elements. For users that access the system using a username and a password, the advanced option is available-create and edit usercreated elements unenforceable to those that access the system anonymous. Morphing the URL of a list item by changing the record's ID provides anonymous user access to edit any records, compromising the integrity of the records. To mitigate this risk, the content of the form can be customized, using InfoPath, so that data can no longer be changed, but enabling a possibility of entering in Datasheet view and overcoming the limitations of a custom form with specific formatting rules. In addition, the deactivation of Datasheet View is possible, but an experienced user of SharePoint technologies could identify a method of accessing personal data of graduates using this system, which represents a source of information for social engineers (Greavu, 2014).
Given this complex context, the best option for implementing electronic flows that permit anonymous access is by allowing them to fill out forms while the approval process must be initiated by a secretarial role, which is also the one that ends the execution loop of the verification and approval process.
Other features and configurations, for securing the flow, are related to filtering the lists in order to prevent the elements visualization from outside or without authentication. This also allows access for each secretary or member of the departments involved only to the files or records they have to process.

Conclusion
This article is a case study related to the reliability of some administrative and academic processes. In Romania, most universities and government entities have implemented SharePoint technologies through different projects financed with European funds or similar Collaborative technologies. This would permit a strategic alignment of the technology lines, allowing a common development of all types of forms for enrollment in higher education, transfers between institutions, centralized reporting or research performance indicators, and processes related to the graduation.
The benefits of automating these processes can be classified as follows:  Economiclow costs for the development and implementation;  Positive image of the universitiesthe inconvenience in the students' experience spurred from having to carry a printed piece of paper to various places in order to get it signed versus the convenience of completing online forms, which are on also available also mobile devices;  Managerial -Real-time tracking of the flow execution and quantitative reporting of activities;  Strategicthe informational content can be migrated to the public cloud or private cloud, enabling extended benefits provided by these technologies;  Technicalthe integration between disparate departments or institutions, collaborative technologies enabling the integration of heterogeneous platforms through web services, Office applications, and many others.
Today's technologies allow an improvement in the quality of professional or work experiences, but the main key is the decision factors from all institutions.