Document lifecycle in Conformio
Review and Approve functions
Great! You have finished the document. Now it is time to send it to your reviewer to make sure everything looks good.
It is important that, prior to submitting your document for review or approval, you define the users who should review/approve the document. You can select the users who should review/approve the document in the Properties tab of each document. Just select the job title of the person you want to review the document from the offered list, or type it in yourself.
Reviewing the document
Now it is time to send the document for review. When you click on “Submit for review,” you can define how much time the reviewers will have to review the document. After the deadline has passed, the reviewers won’t be able to access the document and you will be allowed to continue editing your document.
You can also describe what you changed in the document, and the change log will be saved under the version of the document you are working on in Conformio. Later on, you can check the versions in the Change History section of each document.
The reviewer needs to review the document. The notification for the review of the document will be sent to the reviewer’s email, and a task will be created for them in Conformio. The reviewer will see a task called Review the [specific document] in their My Work section. The task contains a link to the document needing review, along with the deadline you defined when sending the document for review.
Once the link is clicked, the document will open and the reviewer will be able to perform the review.
Everybody in the review process can easily communicate within Conformio by leaving comments on specific paragraphs, or for the whole document.
Clicking on “End Review,” or marking the task as done, will mark the document as reviewed.
Approving the document
Great, now your document is reviewed. You can check the remaining issues, if any, and when you finish the document, you can send it for approval. The approval request will be sent to the person you defined as the approver in the document’s Properties tab.
The approver will get a notification by email or via Slack, and a task will be created for him or her in My Work.
During the approval of the document, the approver can leave comments on the document, much like in the review. Additionally, he can also see the responsibilities related to the document in the left sidebar, which Conformio suggests according to what you defined in the document. Conformio already set the assignee and the deadline for the responsibilities, and all the approver needs to do is to decide whether they should be activated or not.
The approver can approve the document, or reject it if there is a need for corrections. In any case, the author and owner of the document will get a notification about the outcome.
When the document is rejected, the document author is obliged to make changes and again send the document for review and/or approval.
Once the document is approved, you can access the document from the step in the ISO 27001 Main Steps, or you can access it through the “Documents” section, where you can download the document in PDF form.
Withdrawing the document
You are also able to withdraw the approved document. Conformio will warn you about possible consequences when withdrawing a particular document, e.g., if it will have an effect on your Statement of Applicability.
Editing the document after approval
Conformio allows you to edit the document again after it is approved. In fact, in order to remain compliant with the standard, Conformio reminds you to review and update the document periodically if needed.
You can check all versions and change history in the Document wizard for each document at any time.
If you need a hand, let us know at: firstname.lastname@example.org