Configuring baseline compliance settings

You can enable detailed audit trail logging and electronic signatures to meet compliance requirements when baselines are changed. Baselines are only available from the Helix ALM web client. See the web client help for information about baselines.

Note:  If your organization uses an identity provider for logging in to Helix ALM clients, make sure you review important information about configuring the provider to make sure electronic signatures are valid. See the license server help for information.

1. Click Administration.

The Admin Home page opens.

2. Click Compliance.

The Configure Baseline Compliance Settings dialog box opens.

3. Select Enable detailed audit trail logging for baseline changes to enable the audit trail, which records the information modified when a baseline is added, modified, or deleted. The audit trail only includes basic information about the baseline. It does not include the baseline source items or link options.

When this option is enabled, the date and time is stored and logged in the audit trail. Helix ALM compares the last modification date to the date and time audit trail logging was enabled. When audit trail logging is enabled for an existing project, a record is logged the first time a baseline is edited and saved. The audit log is stored in its own project table and contains changed values. See information about audit trails in the desktop client help.

4. Select Electronic signatures are required when changing baselines to require users to enter electronic signatures when changing baselines. If you select this option and Enable detailed audit trail logging for baseline changes is not selected, that option is automatically selected because audit trail logging is required to use electronic signatures.

When a user adds, modifies, or deletes a baseline, they are prompted to enter an electronic signature and an optional reason. When the baseline is saved, the change reason and a message indicating the change was electronically signed are stored with the baseline.

Note:  Electronic signatures are validated by comparing the password with the username and password. For Active Directory and LDAP users, the electronic signature is validated through the Helix ALM License Server and the Active Directory/LDAP server. Users who log in using an identity provider must authenticate with the provider to validate their signature. Users who log in using an external authentication method, such as a swipe card, must use their authentication system credentials to validate their signature.

  • Select Signature Components options to specify if users are required to enter their password or their username and password. This setting is ignored if authentication through an identity provider or external authentication is used.
  • Select Signature meaning is required to require users to enter a reason for changing a baseline.

5. Click Save.