How_To_Review_Evidence_From_The_Workflow_Check
About:
The following procedure describes the evidence-reviewing process for a workflow check that requires evidence review. You can indicate that evidence review is required for a workflow check when setting up the details of the check. For more information, see how to add workflow checks.
Note: The person who reviews the evidence and the stakeholder who runs the workflow check cannot be the same.
Prerequisites:
Logged in on Sprinto as an administrator (assigned evidence reviewer).
A workflow check is added on Sprinto, and an evidence review required option is configured. Refer to
or
How to Add Custom Workflow Check?
The configured workflow check is run, and relevant evidence is submitted against the check. Refer to
Procedure:
Step 1. Navigate to Security Hub > Workflow checks.
Step 2. Ensure you have selected the Active tab, click on the workflow check you want to review the evidence. You can use the filters to find the relevant workflow check.
Note: The assigned reviewer receives an email notification once the evidence is submitted for review through the workflow check.
Step 3. On workflow check page, click on Review evidence.
Note: Only the assigned reviewer can perform the evidence review.
Step 4. Click on View evidence to review the uploaded evidence.
Step 5. Based on your evidence review, select one of the following options:
Note: Add review comment in the text box, if any.
Review Action
Description
Approve evidence
The submitted evidence meets the workflow check requirement.
Mark as special case
You can mark the workflow check as a special case for reasons like irrelevant, not applicable, etc., and to be excluded from the security compliance audit.
Reject evidence
The submitted evidence does not meet the workflow check requirement. New evidence needed to be submitted.
Step 6. Click on Finish.
Result:
The option to review the evidence disappears once it has been reviewed and acted upon. The workflow check status is set to “Passing.”