Evidence Collection
Each control specifies exactly what evidence you need: documents, policies, and tests. Provide evidence by uploading files, linking to external systems, or connecting existing records like risk assessments and consultations. The system tracks expiration dates and notifies you before evidence needs renewal.
Flexible Options
Upload files, add links, or connect system records
Every evidence requirement can be fulfilled three ways: upload files directly (PDFs, photos, certificates), provide external links to other systems (SharePoint, Google Drive, your LMS), or link to existing records already in ReFresh (risk assessments, consultation records, incident reports, survey results). Link existing records to avoid duplicate data entry. Your completed risk assessment becomes evidence automatically.
Proof of action
Capture documents that prove compliance activities
Document evidence shows that something happened: training completion records, meeting minutes, risk assessment reports, consultation records, incident investigations. Upload training certificates from your LMS, link to consultation meeting notes, or connect your completed risk assessment records. Each document requirement specifies what's needed and when it expires.
Governance Documents
Manage organizational policies with version control
Policy evidence is distinct from document evidence. Policies are organizational rules (Anti-Bullying Policy, Code of Conduct, WHS Policy, Return to Work Policy) that define how your organization operates. Track policy versions, upload the current document, and maintain review schedules. When policies are updated, the system preserves previous versions for the audit trail. Policies follow their own governance cycle separate from transactional documents.
Verification Checks
Verify compliance with automated tests and attestations
Test evidence verifies that requirements are actually being met. Automated tests check external systems (LMS completion rates, survey response rates). Manual tests require someone to perform and record results. Attestations let managers certify completion ("I confirm all staff completed training"). Test results become evidence automatically, with clear pass/fail status and remediation tracking when tests fail.
Compliance Ready
Maintain audit-ready evidence files
Keep all control evidence organized and accessible for audits and compliance reviews. Generate complete evidence packages for specific controls, risks, or time periods. Demonstrate regulatory compliance with comprehensive documentation that's ready when auditors arrive.
Expiration Tracking
Stay ahead of evidence expiration
Evidence expires based on renewal frequency: daily, monthly, quarterly, yearly, or ongoing (no expiration). Status changes automatically: "ok" when valid, "due soon" at 30 days before expiration (with reminders at 14 and 7 days), and "overdue" when expired. Control status reflects the worst evidence status, so one overdue document makes the whole control overdue. Replace expiring evidence without losing historical records.
Build the evidence trail your audits demand
From implementation proof to effectiveness monitoring, connect all your evidence directly to controls. Create the comprehensive documentation that demonstrates compliance and keeps you audit-ready.
