The integrity security objective states that data and documents must not be changed without authorization. All changes to a document must be traceable.
DocuWare guarantees the integrity of archived documents with the following measures (valid for DocuWare Cloud and DocuWare as an on-premises system):
The rights system makes it possible to block documents for users generally or to make them accessible only to authorized users.
You can also generally allow access to documents, but you can restrict it, for example by assigning users the right to read documents, but not the right to edit them. Read more in the article Permission concept of DocuWare.The Automatic Version Management file cabinet function allows you to check at any time whether a document has been changed.
The integrity of documents stored in a file cabinet is checked with hash values. You can use a checksum in DocuWare Web Client to determine whether a document has been changed at the file level. Documents that have been signed in document trays or in a file cabinet with a signature stamp can also be checked with hash values. The Sha-256 algorithm is used for the checksum.
DocuWare can transparently log all user-related processes within a DocuWare system.
Document Version Management
If the Automatically create new versions function is enabled for a file cabinet, a changed document is saved as a new version in the same file cabinet. Every change of a document automatically leads to a new document version.
Both current and older versions are then located in the file cabinet. Older versions can be viewed in the version history which shows also the version numbers, the status, the storage date, any comments, and the user who saved the document.
The document being processed is checked out of DocuWare and locked. Other users can view the document, but cannot edit it until the document is checked in again as a new version. Only the current version can be edited.
It is also possible to set up version management so that individual documents are checked out manually and saved as new versions. Then, of course, the integrity of all documents in a file cabinet is not guaranteed.
More information about Version Management
Audit Reports
Audit reports give you full transparency of what is happening in your DocuWare system. With the appropriate permission, you can see, for example, who modified what configurations, or stored documents when.
All audit reports can be downloaded in universal CSV format and used for evaluations in many programs. Audit reports help you to evaluate activities in DocuWare and demonstrate compliance with compliance guidelines.
Examples of events logged at each level, including date, time, and user:
Document: Store, index change with old and new value, display, print, annotate, etc.
File cabinet: New index fields, changes to search and store dialogs as well as result lists, new file cabinet profiles etc. Also all document events within the file cabinet.
Organization: New configurations and changes to existing configurations, user login and logout (disabled by default)
System: Changes to schedules for automatic processes such as transfer, deletion policies, synchronization