Sequential approval

Named approvers, in defined order, with role-based routing — every step logged, every version tied to the approvals that produced it.

Approval is where document management either earns its keep or reveals its weakness. Every regulated organization — and every well-run unregulated one — eventually needs to prove who approved what, against which version, when, and on what grounds. Email chains and paper signatures cannot answer that question reliably; a defensible approval workflow can. Sequential approval is the central feature of docs365.ai, and the reason most of our customers chose the product in the first place.

Stage 2 · Approve Business: Included Enterprise: Included Premium: Included Diamond: Included

✓

Illustration placeholder

At a glance

What you get

Four properties make this approval engine defensible under ISO 9001, 21 CFR Part 11, and HIPAA audits. Each one addresses a specific requirement that looser workflow tools (Power Automate, email-based approvals, "send for review" buttons) tend to miss.

Steps execute in order

Approver 1 first, then approver 2, then approver 3 — no parallel or state-based branching, by design.

Named approvers per step

Each step names a specific Entra identity and a role (Quality, Author, Director) — not a group, not a pool.

Automatic check-out

The document is locked for editing the moment approval starts — no changes can slip in during review.

Complete audit trail

Every step records who approved or rejected, in which role, against which version, with timestamp and comments.

How it works

From submission to published PDF

Approvals are started directly from the document, from SharePoint's context menu — no separate application, no switching to a workflow tool. The author picks the approvers and roles for this specific document, and the flow launches. Each step is timed, named, and captured; the audit log reflects reality, not intention.

Launch approval from the document

From the library's context menu, the author picks approvers (name + role) and kicks off the flow.

Approver 1 receives an email

The first approver is notified by email with a direct link; they read, add comments, and approve or reject.

Each step executes in order

On approval, the next step starts automatically; on rejection, the flow halts and the document returns to draft.

Final approval issues major version

When the last step completes, the document moves to a new major version and auto-publishes as PDF.

Before / after

What changes when this is on

The approval failures that surface in audits are almost always failures of evidence — the approval happened, but the documentation is thin. Sequential approval produces the evidence as a byproduct of the workflow, so the evidence is always there when the auditor asks.

Without it

With intranet.ai

✗ "Who approved this?" — reconstructed from email chains, Teams screenshots, and people's memories

✓ The audit log names every approver, their role, the version, and the timestamp — immediately queryable

✗ Approvers edit the document during review, breaking the "what was actually approved?" evidence

✓ Automatic check-out locks the document during the flow; the approved version is exactly what was reviewed

✗ Approval flows that skip steps, run out of order, or execute in parallel without a defined policy

✓ Sequential execution is enforced by design — every step completes in its defined position, in order

✗ Surveillance audits that take weeks of evidence-gathering because the approval history isn't centralized

✓ The approval history is in the audit log, attached to every document, accessible in 30 seconds

Availability

Plan availability

Sequential approval is the core of the product and is included on every DMS plan. The approval engine is the same across tiers; higher plans add features like DocuSign integration (for PAdES signatures) and Power BI reporting (for aggregate approval analytics).

business

enterprise

premium

diamond

✓ Included

Sequential approval is the core approval engine on every DMS plan. Premium and Diamond add DocuSign PAdES signing on top; Enterprise and above unlock the Power BI approval-analytics dashboard.

Keep exploring

Related features

Sequential approval is the hub around which the approve stage revolves. These three adjacent features either feed into approvals, produce evidence from them, or extend them with cryptographic signing.

Stage 2 · Approve

Fixed approvers

Mandatory pre- and post-flow approvers per document type — the roles that must always sign off, captured automatically every time.

Stage 4 · Govern

Audit log

Every action, every approval, every version — captured against a named user, accessible in 30 seconds.

Stage 3 · Publish

PDF publication

Word becomes immutable PDF the moment approval completes — automatically, without a human deciding.

Deep dive

Read the full narrative

For the buyer who wants the full detail — compliance context, edge cases, adjacent workflows.

Named approvers, in order, with automatic check-out and a complete audit trail.

Approval is the stage where document management either earns its keep or reveals its weakness. Every regulated organization — and every well-run unregulated one — eventually needs to prove who approved what, against which version, when, and on what grounds. Email chains and paper signatures cannot answer that question reliably. A defensible approval workflow can. It’s the central feature of docs365.ai.

Launching an approval

Approvals are started directly from the document itself. From the library’s context menu, the author clicks Publish / Self-Approval and opens the approver-selection dialog. For each approver, they pick:

The person. Chosen from Microsoft 365 users in the tenant — looked up by name or email. External guests can be included if the site is configured to allow guest sharing.
The role. Approver, reviewer, editor, auditor, supervisor — or any custom role the organization defines. Roles appear in the approver’s email and in the audit log.
The order. Approvers are contacted top-to-bottom in the order they’re listed.

The author can add an email subject, a free-text note, and any document-specific context before launching.

Sequential, not parallel

This is the important architectural decision. Approvals run sequentially — the next approver is notified only when the previous one signs off. If an earlier approver rejects, the downstream approvers are never contacted and the document returns to the author.

Why sequential? Because audit evidence is cleaner when the chain is ordered. If the Quality Manager signs off, and then Regulatory Affairs reviews the document specifically on the strength of the Quality Manager’s approval, that dependency is preserved in the audit trail. Parallel approval — where everyone is notified at once — collapses that dependency and makes the evidence harder to interpret later.

The approver’s experience

Each approver receives an email when it’s their turn. The email contains:

The document name and protocol code.
Key metadata (author, effective date, document type).
A link opening the document in read-only mode in SharePoint.
Approve / reject buttons.
A comment field.

Approvers don’t need to log into anything special. The link opens the file in the same SharePoint environment they already use. If they approve, the flow advances automatically. If they reject, the document returns to the author with the comment.

Automatic check-out during approval

The moment an approval flow is launched, the document is automatically checked out. No edits are possible until the flow completes. Approval therefore applies to a specific, unambiguous version — an early approver can’t have their sign-off invalidated by someone modifying the document after the fact.

This integrity property matters for every audit framework. ISO 9001 expects the approved document to be the document that was actually reviewed. 21 CFR Part 11 makes this expectation explicit. The check-out mechanic enforces it by default.

What the audit log captures

Every approval event is written to the document’s audit log with:

Who — named Microsoft Entra (Azure AD) user.
What — approved, rejected, resubmitted, reassigned.
When — timestamped to the minute.
Against which version — the exact minor version under review at that moment.
In what role — approver, reviewer, editor, auditor, supervisor.
What comments — any text left during the approval.

The log is accessible from the document’s context menu — Audit. No separate admin console required.

Fixed approvers per document type

For document types that always need the same sign-off — the Quality Manager on every SOP, the IT Director on every security policy, the CFO on every contract — fixed approvers can be configured at the document-type level. When an author launches an approval flow on that document type, the fixed approvers are inserted automatically. The author never forgets them; the system enforces the default.

DocuSign hand-off for binding signatures

For document types that require a legally binding signature (contracts, NDAs, regulatory submissions), the approval flow hands off to DocuSign at the final step. PAdES simple or PAdES advanced e-signature is supported. The signed PDF returns to the library with the approval and signature history intact.

What this feature prevents

Signature-stuck documents. The CEO waiting three weeks for a contract. The compliance officer discovering an approval was never formally captured. The audit finding that says “no evidence of approval.”
Ambiguous approval state. “I thought legal approved it” vs. “I only approved the prior version” — the audit log and the check-out mechanic remove the ambiguity.
Approver-list drift. Without fixed approvers, the Quality Manager gets added to the chain only when someone remembers. With fixed approvers, the Quality Manager is always in the chain by default.

Fixed approvers — pre- and post-flow enforcement per document type.
DocuSign integration — PAdES e-signature hand-off.
Audit log — the evidence artifact.
Versioning — how versions interact with approval.

Lifecycle stage: Approve →

Deep dive · Pillar guide

The active document lifecycle on SharePoint Online

Why passive document management fails — and what an explicit four-stage lifecycle looks like in practice inside a Microsoft 365 tenant.

22 min read · 5,200 words

Read the full guide

See this feature running on your documents

Thirty minutes. No cost. No obligation. We'll walk through how sequential approval fits into your current document-governance practice.

Book a free assessment or see all features