Setting compliance project options

If electronic signatures are enabled, users are required to enter an electronic signature and optional change reason when an item is created, modified, or deleted. You can specify the maximum number of attempts users have to enter the correct electronic signature password before they are automatically logged out and a certification message to display with the electronic signature to meet compliance requirements.

See Setting item compliance project options for information about enabling the audit trail and electronic signatures for issues, requirements, requirement documents, test cases, manual test runs, and folders. See Setting baseline compliance project options for information about enabling the audit trail and electronic signatures for baselines. See Setting automated testing compliance project options for information about enabling the audit trail for unprotecting and manually deleting builds. See Setting configuration compliance project options for information about enabling the audit trail for project configuration changes.

If your organization uses an identity provider, such as SAML or OpenID Connect, to authenticate Helix ALM logins, make sure you review important information about configuring the provider to make sure electronic signatures are valid. See the license server documentation for information.

1. Choose Tools > Administration > Project Options.

The Project Options dialog box opens.

2. Select the Compliance category.

3. Select the Maximum attempts before logging out a user to specify the number of attempts users have to enter the correct electronic signature password before they are automatically logged out. Any unsaved changes are discarded when the user is logged out.

If users use an identity provider to log in to Helix ALM clients, failed authentication attempts in the identity provider indicate that the Helix ALM License Server timed out when waiting for the provider to return a successful login. If the user attempts to authenticate in the provider multiple times within 60 seconds, the license server only logs one failed login attempt. If the user leaves their computer without authenticating with the provider, the license server gets the same return status of a failed login attempt. The number of failed login attempts is used when counting the maximum login attempts.

4. Enter a Certification and testimony message to display in the Signature Required dialog box.

This read-only message is displayed in the dialog box to explain the purpose of the signature, which is required for FDA Part 11.100 Subpart C Paragraph 2 compliance.

5. Click OK to save the changes.