# Workflow Checks

Workflow Checks in Sprinto are periodic, time-driven checks that ensure specific compliance actions or processes are completed within defined intervals.

Unlike system checks, which continuously monitor configuration states in real time, workflow checks activate on a schedule to uphold organisational compliance standards.

### Benefits of Workflow Checks

* **Timely compliance notifications** – workflow checks remind users to complete pending compliance actions within specified timeframes.
* **Evidence collection for auditing** – supporting documents can be attached, helping streamline audits.
* **Delegation of responsibilities** – checks can be assigned to administrators or designated users, allowing Infosec responsibilities to be distributed effectively.

### How Workflow Checks Work

The lifecycle of a workflow check can be understood in two stages:

#### 1. Configuring Workflow Checks

* You can configure workflow checks from the dedicated **Workflow Checks** section in the **Data Library**.
* Some workflow checks are preconfigured automatically when you enable a compliance framework. These can be modified if required.
* You can also configure checks within specific compliance areas, such as:
  * People
  * Vendors
  * Access
  * Vulnerabilities
  * Infrastructure
  * Staff devices
  * Reviews
* For detailed setup, refer to the guides on **adding a workflow check** or **adding a custom workflow check**.

#### 2. Resolving Workflow Checks

Once active, workflow checks appear with statuses such as **Due**, **Critical**, or **Failing**, depending on the time elapsed since activation.

You can resolve them in the following ways:

* **Run a workflow check** – upload evidence (via template or manual upload) to demonstrate that the required process has been completed.
  * *Example*: A workflow check for staff device health requires uploading a Mobile Device Management (MDM) report showing device compliance status.
* **Mark as a special case** – if a check is irrelevant or cannot be completed, you can mark it as a special case. This passes the check for the cycle and categorises the submission under “Special Cases”.

### Use Cases

<table><thead><tr><th width="143.24609375">Use Case</th><th>Description</th><th>Example Evidence</th></tr></thead><tbody><tr><td>Staff device compliance</td><td>Validate that all in-scope devices meet organisational security requirements.</td><td>Screenshot or report from an MDM tool.</td></tr><tr><td>Disaster recovery</td><td>Demonstrate that disaster recovery plans are reviewed and tested periodically.</td><td>Tabletop exercise notes or simulation test reports.</td></tr><tr><td>Privacy policy review</td><td>Show that organisational privacy policies are periodically updated and approved.</td><td>Revised policy document with approval notes.</td></tr><tr><td>Vendor due diligence</td><td>Confirm that critical vendor assessments are performed as required.</td><td>Vendor risk report or completed security questionnaire.</td></tr><tr><td>Employee onboarding checks</td><td>Ensure hiring evaluations and background checks are performed for new employees.</td><td>HR records, evaluation forms, or training logs.</td></tr></tbody></table>


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.sprinto.com/data-library/workflow-checks.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.