Compliance
Formal approvals and segregation of duties
Configure approval gates with digital signatures and immutable records.
7 min · Process owners, Compliance
Every approval decision in Cadenio is immutably recorded with the approver's identity, the timestamp, any comment, and an optional digital signature.
Features
How approvals work
ANY and ALL policies
Flexibility for every process
- •ANY: a single approver from the list is sufficient to complete the step.
- •ALL: every listed approver must act before proceeding.
- •Mix both policies for multi-level approvals.
Digital signature
Legal proof of decision
- •Require a cryptographically signed signature with each approval decision.
- •The signature ties the user's legal identity to the record.
- •Timestamps and hashes are immutably preserved in the trail.
Rejection with automatic return
No manual unblocking
- •Rejected approvals can route the run back to a previous step automatically.
- •Or stop and notify the process owner with the rejection comment.
- •Each rejection is logged with reason, return step, and new assignee.
Advanced controls
Segregation of duties
The executor cannot be the approver
Configure approval gates so the user who executed the task cannot approve it. This enforces separation of responsibilities required by frameworks such as SOX, ISO 27001, and GDPR.
External approvers
Approval without a Cadenio account
Send the approval link by email to an approver outside the organization. The link expires after the action and access is restricted to that specific decision.
Events recorded on approval
| Event | What is recorded |
|---|---|
| Approval requested | Timestamp, run owner, list of approvers |
| Approval decision | Approver, decision (approved/rejected), comment, timestamp |
| Signature collected | Signature hash, signatory identity, timestamp |
| Rejection with return | Reason, return step, new assignee |
| Deadline escalation | Original approver, newly notified, escalation timestamp |
Can an Admin approve on behalf of someone else?
No. Only the configured approvers for the step can make the decision. This is intentional for compliance.
Can the approval list change mid-run?
Yes. Managers can edit the list on an active run and the change is logged in the audit trail.
What happens if an approver leaves the company?
A manager can reassign the approval ownership to another user on the active run.
Is a comment required on approval?
Optional by default, but can be made mandatory in the approval gate configuration in the Flow editor.
Is a digital signature legally valid?
It creates a tamper-evident record tied to user identity. For validity in specific jurisdictions, consult your legal team.
Need approvals with full traceability?
Configure approval gates with signatures and see the audit trail in real time.