Throughout my career, working in both financial institutions and fintech companies, one consistent theme has been the use of "Task Managers" (or "Case Managers"). At their core, these systems function as task inboxes, assigned to one or more employees and often following a structured workflow. Despite their importance, you might expect task management to be standardized across organizations, but the reality is much more fragmented. Task management is handled by a variety of tools, each serving different purposes: General productivity tools : Such as Outlook’s task manager, Notion, SharePoint, Confluence pages, and often even shared Excel files. Specific productivity tools : Such as Officient or Personio for HR tasks or JIRA, which is often used by Product and IT departments. Custom-built solutions : Many companies develop bespoke task management systems or extensively customize tools like JIRA to fit their unique needs. Complex BPMS solutions : High-end Business Pro
Authorization is a vital part of any software system. Once a user is authenticated, the next step is determining what that user is allowed to do. This process, known as authorization, ensures that users can only access the data, functionalities and outputs that their roles or permissions allow. While authorization is essential, it’s often highly complex. Each system tends to reinvent the wheel instead of leveraging reusable checklists and frameworks. Authorization isn’t solely about internal business requirements. External factors — such as legal obligations or licensing constraints — add layers of complexity to the process. For instance, software licenses might limit the number of users, API calls, or functions that can be accessed. Authorization spans also several levels, such as data segregation, functional segregation, and output segregation . Each of these levels contributes to the overarching complexity of building a secure system: Data Segregation : This ensures that use