• Documentation
    • Search documentation
    karat

    +

    K

    API Reference ↗
    Security & governanceCheckpointsReview checkpoint records

    Review checkpoint records

    Once created, checkpoint records can be reviewed by various users on the platform. Typically, this may include a data protection officer or other data governance users.

    The Checkpoints application enables all users to review checkpoint records created on the platform.

    The Review tab of the Checkpoints application presents a table of records, Filters to refine the contents of that table, and a Details panel that reveals additional information stored in the record selected in the table. The following information is available for each record:

    • The user who created the record.
    • The timestamp of when a record was Created.
    • The Checkpoint Type of the record.
    • The Checkpoint Language, which includes the Checkpoint Title, Checkpoint Prompt, and Checkpoint Description. These values are inherited from the checkpoint configuration but are static; they always reflect the text shown to a user in the checkpoint and will not be updated if the underlying checkpoint configuration is edited or deleted.
    • The Justification a user provided.
    • Checkpointed Items for the action: For checkpoint types that describe an action taking on a resource or other entity in the platform, references to those resources or entities will be saved in the record. For example, if you attempt to export a resource and submit a checkpoint generated from a configuration of type Compass export, then the record will contain a checkpointed item reference to this resource.
    • A Checkpoint RID uniquely identifying each record.
    • The Checkpoint Configuration RID uniquely identifying the checkpoint configuration the checkpoint was generated from.

    Self-review

    All users can review their personal checkpoint records by selecting the Self-review filter. All checkpoint records a user has submitted will be accessible in the table, though some components of checkpoint records may be redacted if the user does not have permission to access or view that item.

    Screenshot of self review workflow in checkpoints application

    Resource-based review

    If a user has certain permissions on a resource, they can review checkpoint records that reference that resource as a checkpointed item by selecting the Resource filter, then Select resource. This permission is granted by the Review records by resource (checkpoints:review-records) operation on a resource. By default, this operation is not granted to any roles in the default role sets; you will need to create or modify roles to grant this operation.

    Screenshot of resource-based review workflow in checkpoints application

    Some resources or users recorded in a record may be redacted if the user does not have permission to access or view that item. Any records made by users in an Organization that the reviewer cannot discover will not be shown.

    Organization administrator review

    Users can be granted permission to review checkpoint records submitted by all users in an Organization. To do so, you will need the Data governance officer role for that organization in Control Panel.

    Screenshot of checkpoints organization administrator review workflow in checkpoints application

    Users with this permission have access to additional filters:

    • Organization: Show records created by users in a given Organization.
    • Space: Show records with checkpointed items located in the specified space at the time of record creation.
    • Checkpoint type: Filter of records by their checkpoint type.
    • User: Replaces the Self-review filter and filters records based on the submitting user.

    Some resources or users recorded in a record may be redacted if the user does not have permission to access or view that item.