Security Class Invoices

What are security class invoices? How can security class invoices be added to Dooap?

Security class invoices contain classified information in the invoice image that should not be visible to every user. Therefore, the permission to view security class invoice images in Dooap is limited. The invoice classification will apply through the whole invoice lifetime in Dooap.

A Secured Invoice

A security class invoice will be recognized while imported to Dooap. Security class invoices are recognized by a TEAPPS 2.7 / 3.0 format <Header >/ <Security details> / <Secrecy class> element.

Automatically recognized security class invoices can't be declassified by users.



After the security class invoice is imported to Dooap, there are two different indications of protection displayed.

  1. An icon on the invoice row.
  2. An icon the right side of the invoice image which is highlighted in red.

security_invoice_marks

 

Manual Marking of Security Class

 

All users in the workflow can manually mark the invoice as classified. This action will hide the invoice image from everyone outside the workflow of the invoice.

Only the person who manually classified the invoice can declassify it, except for admins, who can declassify all invoices via impersonation.

Actions related to classifying or declassifying will be recorded in the invoice's history log.

In addition to the history log, you can see who classified an invoice if it was manually classified by hovering the mouse cursor over the classified icon in the invoice row.

Who classified

Follow these instructions to manually mark an invoice as classified:

  1. Click the classifying icon on the right side of the invoice image. Declassifying can be done by clicking the same icon. 

    marking_manually

  2. Click Confirm in the confirmation pop-up to proceed with the action.

confirm

 

User Access Restrictions and Invoice Visibility

 

There are a few restrictions regarding the access to see the invoice image.

  • Account payable: All account payable users can see the security class invoice image before the account payable task is assigned. The task will be assigned automatically to the AP user who approves invoice to workflow.
  • Reviewers and approvers: Reviewers and approvers in the workflow can see the invoice image.
  • Delegates: The delegate can see the invoice image because they have the same rights as the original handler has (delegator can also view the invoice image later). Delegates can also see previously handled security class invoices that are handled by the delegator.
  • User groups: When using user groups in the workflow, the invoice image is visible to all members of the group. Even after the invoice has been approved by one member, the image remains accessible to other group members.
  • Admin: Admin users with sufficient rights can view the security class invoice images via impersonation.
  • Other users: Other users outside of the workflow can only see the invoice header information and coding lines.