Protiviti / SharePoint Blog

SharePoint Blog

November 09
Client Story: Policy/Procedure LIbrary & Approval Process Automation

Client Challenge:

An International Finance Company turned to Protiviti to automate their document approval process and create a centralized location for all of their policy and procedure documents for their compliance department.

Previously, their approval process was done manually and faced a number of issues. All Policies and Procedures were stored in different document libraries on a variety of sites. Therefore, all users of these documents were not able to easily find their documents. There was no version control process in place when multiple individuals were editing documents offline and emailing reviewers their updated versions. Lastly, there was an unorganized, sometimes non-existent, historical trail of approvals which was becoming an issue during audits.

Our client asked for a solution that would comply with a list of regulations. They needed these documents to only be accessible to particular groups based on their department. The metadata about these documents could only be updated by their Compliance Department and was expected to change on a regular basis. Each approval needed to occur on a scheduled review date or on an adhoc basis. The approvers would vary based on the document. During a review process, the draft versions would only be accessible to reviewers and approvers, but they needed to ensure the draft submitted for approval could not be edited during the process. If approved, general users needed to easily find these documents. Once completed, the approval and versions of the document needed to be recorded and easily accessible. 

Solution Provided:

After considering all of the client’s needs, we were able to create a solution using OOTB features of SharePoint 2013 and Nintex Workflows/Forms.

To manage security and searchablitiy of these documents, we created two document libraries for Policies and Procedures. These libraries included department folders where documents were uploaded and inherited the permissions of the folder. Each document was tagged with a managed metadata term for their department to easily search for their documents within the libraries. All additional metadata, including approvers for the document, was updated by the Compliance Department in a Master list. To sync the metadata with a document, we used a list lookup for the title field and workflows to bring in all data for that document title. 

The approval process involved enabling content approval and versioning on the library and using Nintex workflows. When content approval was enabled, a user was able to “publish” a document, to submit for an approval. When a user published the document as a major version, an adhoc approval workflow began involving multiples approvals. We used versioning to check out the document to a service account. This check out ensured no users were able to edit the document during the review. Once approved, the document became published as a major version in the library and was visible to all users. A similar process was used during a scheduled review but was automatically started based off of the “Next Review Date” column in each library. A site workflow ran every day to compare each documents “Next Review Date” with today. 


Our team successfully created a solution which complied with all of the client’s regulations and helped to solve their previous pain points. Since we used OOTB SharePoint and Nintex Workflows, each approval had a clear historical trail of all versions and approval processes. The client reported positive feedback during their annual audit with the new system. The client later requested to add additional features such as an Effectiveness Review Form. Moving forward, this process can easily be replicated for other clients that face similar issues with their document approvals.

Quick Launch

© Protiviti 2021. All rights reserved.   |   Privacy Policy