Setting item compliance project options
You can enable historical information logging, detailed audit trail logging, and electronic signatures to meet compliance requirements when items are changed.
To enable audit trail logging and electronic signatures for baselines, see Setting baseline compliance project options.
Note: If your organization uses an identity provider for logging in to Helix ALM clients, make sure you review important information about configuring the provider to make sure electronic signatures are valid. See the license server help for information.
1. Choose Tools > Administration > Project Options.
The Project Options dialog box opens.
2. Select an item type from the Compliance category.
3. Select Enable historical information logging to log historical information. Users can view what changed in an item, who made the change, and when the change was made on the item History tab.
Historical logging records the fields that change when an item is modified. It does not record the values that change. Changes to folders, such as items added and removed in folders and folder location changes, are also recorded.
4. Select Enable detailed audit trail logging to enable the audit trail, which records the information modified when an item is added, edited, or deleted or when a public folder or items in a public folder change.
When this option is enabled, the date and time is stored and logged in the audit trail. Helix ALM compares the last modification date to the date and time audit trail logging was enabled. The entire item is logged if the last modification date is earlier than the date and time that audit trail logging was enabled. When audit trail logging is enabled for an existing project, a record is logged the first time an item is edited and saved. The audit log is stored in its own project table and contains changed values. See Managing audit trails.
Note: Historical information and audit trail logging must be enabled to view change reports on the item History tab. See Viewing change reports.
5. If audit trail logging is enabled, select a Log Changes option.
- Only log changes to items only includes details about the fields that changed after the item was created.
- Log all item record data in the audit trail adds the entire item, including all fields with data, to the audit trail when a change is made. This option is useful if you need to view the entire item when a change was made, but it uses more server storage space.
6. Select any Electronic Signature options. Audit trail logging must be enabled to select electronic signature options.
When a user creates, modifies, or deletes an item, they are prompted to enter an electronic signature and an optional reason. When the item is saved, the change reason and a message indicating the change was electronically signed are stored with the item. Some actions do not prompt users for electronic signatures. See Electronic signature exceptions.
Note: Electronic signatures are validated by comparing the password with the username and password. For Active Directory and LDAP users, the electronic signature is validated through the Helix ALM License Server and the Active Directory/LDAP server. Users who log in using an identity provider must authenticate with the provider to validate their signature.
- Select Electronic signatures are required to require an electronic signature when changing an item.
- Select Signature Components options to specify if users are required to enter their password or their username and password. This setting is ignored if authentication through an identity provider is used.
- Select Signature meaning required to require users to enter a reason for changing an item.
Tip: To require electronic signatures only for specific workflow events, Enable detailed audit logging must be selected and Electronic signatures are required must be cleared.
7. If you are setting options for manual test runs, select any enhanced compliance options. See Setting enhanced manual test run compliance project options.
8. Click OK to save the changes.
Users are not prompted to enter an electronic signature when performing the following actions:
- Creating items using email import.
- Creating items using SoloSubmit.
- Modifying items using the Helix ALM REST API and SOAP-based SDK.
- Automatic changes to items performed through an escalation rule.
- Attaching source control files and fixing issues from Surround SCM, except when adding or editing items from the Helix ALM Browser dialog box.
- Attaching source control files to items from a provider that uses the Helix ALM source control CGI (ttextpro.exe), such as Helix Versioning Engine triggers or Git.
To ensure compliance, make sure to disable commands in security groups to prevent users from adding, editing or deleting items using these actions. See Editing security groups.