Loading
Table of Contents
Filter by (0)Add
Select Filters

          No results
          No results
          Here are some search tips

          Check the spelling of your keywords.
          Use more general search terms.
          Select fewer filters to broaden your search.

            Search all of Salesforce Help
            Search all of Salesforce Help
            Review and Close Evidence Requests for IT Compliance

            You are here:

            1. Salesforce Help
            2. Docs
            3. Agentforce IT Service

            Review and Close Evidence Requests for IT Compliance

            Verify submitted evidence artifacts by previewing files, checking completeness, and setting each artifact's status to Accepted or Rejected. Once all artifacts are verified, mark the evidence request as Accepted to close out the request.

            Required Editions

            Available in: Lightning Experience
            Available in: Enterprise, Performance, and Unlimited Editions with Agentforce IT Service.
            User Permissions Needed
            To review and verify evidence artifacts: Compliance Admin permission set

            Reviewing evidence is the quality control gate in the audit workflow. Artifacts submitted by fulfillers move to Submitted status and wait for a compliance reviewer to inspect them. Reviewers preview the files inline, confirm the evidence meets the request's acceptance criteria, and either accept the artifact or reject it with feedback explaining what needs to be corrected.

            1. From the App Launcher, open the Evidence Hub app and go to the Compliance Evidence Requests tab.
            2. Open the evidence request you want to review.
            3. Go to the Artifacts tab and open an artifact with status Submitted.
            4. Preview the attached files to verify the evidence.
              1. Go to the Files tab on the artifact record.
              2. Open a file to launch the evidence artifact previewer.
                The file renders inline in the previewer dialog. You can navigate multi-page documents, zoom images, and play video files without downloading them.
              3. Review the file's content against the original evidence request instructions to confirm the artifact satisfies the requirement.
              4. Close the previewer and repeat for each file attached to the artifact.
            5. Set the artifact verification status based on your review.
              • If the artifact is complete and accurate, set Status to Verified - Accepted. The artifact record and all attached files lock immediately. No further edits are allowed. The artifact is now part of the official audit record and external auditors can review it with confidence that it hasn't been altered since your verification.
              • If the artifact is incomplete or incorrect, set Status to Verified - Rejected and fill in the Observation Statement field. Explain clearly what's missing or incorrect so the fulfiller knows exactly how to fix the issue. If notifications are configured, the fulfiller receives a notification with your feedback. They can create a new artifact or correct the existing one and resubmit for review.
            6. Repeat steps 3 through 5 for each artifact linked to the evidence request.
            7. Once all artifacts on the request are verified and accepted, mark the evidence request as accepted.
              1. Open the evidence request record.
              2. Set Status to Accepted.
                All linked artifacts remain locked, and the request is ready for external audit review.
            Example: reviewing evidence for an offboarding SLA audit
            Example: reviewing evidence for an offboarding SLA audit

            Rachel Anderson, an IT compliance analyst at Cumulus Bank, is reviewing the End-to-End Offboarding SLA Report (Access Revocation) evidence request. She opens the first artifact, HRIS (Workday) Employee Termination Log (Last 30 Days), and clicks the Files tab. Opening the attached PDF launches the evidence artifact previewer. Rachel scans the termination log and confirms that the official termination dates and IT system deactivation timestamps align, proving that access was revoked within the 24-hour SLA. She closes the previewer and sets the artifact status to Verified - Accepted. The artifact and the PDF lock immediately.

            Moving to the second artifact, Rachel notices that the uploaded screenshot is blurry and doesn't clearly show the identity provider's user status. She sets the artifact status to Verified - Rejected and fills in the Observation Statement: Screenshot resolution is too low to confirm user suspension. Please resubmit with a clear screenshot showing the user's status and the suspension timestamp. The fulfiller receives Rachel's feedback and uploads a corrected screenshot.

            After verifying all four artifacts on the request and accepting each one, Rachel opens the parent evidence request and sets its status to Accepted. The request closes out, and the audit program manager can see on the audit's Evidence tab that this phase of the audit is complete.

            External auditors with read access to the compliance records can now review the verified artifacts. Because the artifacts are locked at the moment of verification, the evidence external auditors see is exactly what your compliance team accepted, preserving the chain of custody through the audit lifecycle.

             
            Loading
            Salesforce Help | Article