Policy Attestation / Acknowledgement
To watch a training video on attestation, click here.
When you add a new policy or set of procedures, you may want do more than just send links of articles to staff. You may need certain staff to acknowledge that they have read the policy, understand it, and accept it. Additionally, you can require staff to watch videos in policies or procedures that have them. All acknowledgements will be tracked in each stage and can be reviewed for verification.
This process is also known as attestation.(Learn more: What is attestation?)
How To Send Attestation Requests
To send an acknowledgement request, you can click the action dropdown menu in the article and select "Request Acknowledgement".
This will show the following form:
Similar to the Send To form, here you can select which users will need to acknowledge the policy or article you are viewing.
At the very top you can select the frequency at which the attestations will be sent, which defaults to "Just This Once". If you select a different frequency, it will automatically create an attestation group that maintains the attestation for a list of articles, for a list of users.
You can also select "Since", which lets you specify a date from which new attestations will be sent. If a user already has an attestation completed since the given date, then a new attestation will not be sent. Note that this will be set automatically if you select a Frequency above.
If the article has a video , you may require staff to watch it in full as part of the acknowledgement process, by clicking "Require Watch Video". This will pinpoint several markers in the video that the recipient must watch through in order for the article to be considered fully read.
There is also an option to request the user pass quizzes at that location. If this is checked, then the user will not be able to acknowledge that page without passing the quiz on that page, which would include all the quizzes in child-articles. If the quiz on the specified page is set to only appear when requested, having an outstanding acknowledgement on a page will make the quiz appear. For attestations sent out from attestation groups (ie. with a specific period), the quiz must be take within the last period. So, for example, if a user passed the quiz last year and has to re-attest this year, they will have to take the quiz again to sign-off on the attestation.
And if there is a checklist on the page, there is an option to "Require Complete Checklist". This will require them to have submitted a checklist on the page before they are able to complete the attestation. This can be useful if there is more information required from them, such as submitting evidence of certification completion. Again, the checklist must be completed once in each period the attestation is requested.
Note: If you attempt to send the article to a user who does not have permission to view that article, you will get an error.
Once the request is sent, it will automatically notify users by email with a link to view the page. (To learn how to customize the message that is sent, click here). That page will contain a red message at the top telling them that it is waiting for their acknowledgement:
Once they click that link, it will pop up with the acknowledgement and signature form:
This is then recorded against the article. You can view which users have acknowledged, including their signature and information on when the acknowledgement was done, by clicking Explore at the bottom of the article. You can then click the "Acknowledgements" tab at the bottom of the screen, and there you will see a list of all users requested for acknowledgement.
Note: If "Record Views" is set for your system, it will check that you have read any sub-articles before being able to perform the attestation.
If a user has multiple outstanding attestations for the same page they have not yet done, and then acknowledge one of them, it will mark all outstanding attestations for that same page as being done, with a special flag of "Incomplete" for any except the most recent.
Security
The acknowledgement is recorded securely. A digital "fingerprint" is recorded which incorporates information about the specific version of the page they were viewing, the date/time, the user, and the image of their signature. This fingerprint is tamper proof. Every time the Acknowledgement is viewed, the system will validate that fingerprint to ensure it is still valid and that it has not been tampered with.
Any form of tampering - such as modifying the signature, modifying the specific page they were viewing at the time of the signing, or changing the date/time of the signature, will all cause the validation to fail and an error message to be displayed.
Internally this fingerprint is created using a highly secure encrypted checksum digest, which is very difficult to break and should provide peace of mind that the data is intact and secure.
Reporting
You can also find out what acknowledgements have been issued, and which have been signed, through a system report. To access this report, go to the Dashboard, click Reports and then select "Acknowledgements Detail" or "Acknowledgements Summary". Note: there are additional reports you can run that are described here.
Note: You will need to be a Wiki Manager to access these reports.
This will display a PDF report of all articles that have had acknowledgements, along with when it was issued and when (or if) it was signed. Any outstanding acknowledgements will be shown in red. The Detail report displays the status of each individual user, whereas the Summary report will show percentages for each article.
You can also see when the article was last updated, which can be useful for determining if new acknowledgements need to be issued.
There is also an Outstanding Acknowledgements report which will show only those attestations that haven't yet been completed.