QDMS Application Layer
The application layer houses the core functionalities of QDMS and contains the system's business logic. This layer is completely modular and consists of several modules such as:
- Document Management Module: Used for creating, revising, managing, and controlling documents. Research shows that this module can intelligently manage thousands of documents, reducing error rates to zero.
- Audit Activities Module: Automates audit processes and generates reports.
- Customer Complaints Management Module: Manages internal and external customer complaints and supports corrective and preventive actions.
- Training Planning Module: Facilitates the submission and monitoring of training records in accordance with the requirements of the Ministry of Labor and Social Security.
- Risk Analysis Modules: Includes environmental risk analysis, occupational safety risk assessment, and information security risk assessment, ensuring that hazard sources are submitted to the ministry. These modules can be implemented starting from the system infrastructure definitions (basic module) and document management module and can be activated in any order or as needed. Research indicates that this modular structure provides flexibility and scalability for businesses. The presentation layer offers a user-friendly interface with multi-language support. The displays can be customized to align with company-specific terminology, enhancing the user experience. The data layer stores all data in a central database protected by secure access controls.
The following table summarizes the functions of some modules in the QDMS application layer:
Module Name Functionality Document Management Creation, revision and control of documents Audit Activities Automation and reporting of audit processes Customer Complaints Management Management of complaints and follow-up of corrective actions Training Planning Submission and follow-up of training records Environmental Risk Analysis Analysis of environmental dimensions and impacts OHS Risk Assessment Evaluation and reporting of occupational safety risks
Security Layer Analysis The security layer is designed to ensure that QDMS data and transactions are protected. Research confirms that this layer complies with ISO 27001 standards and supports information security management. Key security features include:
- Role-Based Access Control (RBAC): Users can only access information and perform actions within the scope they are authorized to do. This is supported by function and registration-based permissions. For example, a user can only access documents that are relevant to their department.
- Secure Document Management: Provides controlled access to documents with change tracking. Research shows that this feature prevents document loss and preserves institutional memory.
- Information Security Management: ISO 27001 compliance ensures the confidentiality, integrity, and availability of information, which is critical for protecting sensitive data.
- Secure Communication: As a web-based application, QDMS likely uses secure communication protocols like HTTPS to protect data transmission.
- Integration Security: Integration with SMTP/POP3-compatible mail systems ensures a secure channel for notifications. Additionally, integration with external applications via Web Services is supported by security mechanisms such as API keys or OAuth.
The following table summarizes the key features of the security layer:
Safety Feature Description Role-Based Access Control: Restricts access based on user permissions Secure Document Management Controlled access to documents with change tracking ISO 27001 Compliance Supports information security management, ensures confidentiality Secure Communication protects data transmission using protocols like HTTPS Integration Security Secure integration with SMTP/POP3 and Web Services
Overall Evaluation of Application Architecture The application architecture of QDMS follows a standard web-based model, consisting of presentation, application, and data layers. Research shows that this structure contributes to corporate memory and saves time and labor. The modular design allows for customization and scalability based on business needs. The security layer with ISO 27001 compliance increases the reliability of the system.
General App Security QDMS is an application that complies with OWASP standards. TR Identity Number, Password and personal data in the exam module are kept encrypted in the database. Compliance with the scope of KVKK is ensured with various encryption values in QDMS parameters. In addition, authorization limits have been imposed on QDMS users with parameter authorization values.