EP365 CONTROLLED DOCUMENTS

Compliance & governance documentation in M365 · v 1.5

Employee Handbook. H&S. Always with a provable trail.

Name: EP365 Controlled Documents
Price: 4000 CZK

Distribution of key company documents with an NIS2 / ISO 27001 audit trail. Publisher drafts, approver signs off, recipients acknowledge — you have proof. Everything in your M365 tenant's SharePoint, no external backend.

Provable

Timestamp, version, IP and User-Agent. NIS2 and ISO 27001 audits pass.

Controlled

Publisher drafts, approver signs off. Nothing goes live unapproved.

Inside M365

Data stays inside your SharePoint. No additional external system.

Book a demo Request pricing NIS2 · ISO 27001 · per tenant

HR · V 1.3

Employee Handbook. Effective from 1 May 2026.

Audit trail · 4 records

Anna Nováková

2026-05-08 09:42

Jan Svoboda

2026-05-08 11:15

Martin Dvořák

2026-05-09 14:08

Petra Kovalová

awaiting confirmation

NIS2 · audit timestamp → EXPORT REPORT

5 roles

publisher · approver · manager · admin · employee

≤ 4 h

typical deployment (without training)

100 %

data inside your M365 tenant

7 years

default audit log retention (5 / 10 / forever configurable)

What companies wrestle with · 3 / 3

Three pains every manager knows.

01 · SCATTERED

Documents everywhere and nowhere

Employee Handbook in Teams, GDPR in OneDrive, H&S in email. When a new hire joins, nobody really knows what to send them — and which version was the last approved one.

02 · AUDIT PANIC

NIS2 / ISO inspector visit

An inspector or ISO auditor asks: "Prove that every employee saw the Handbook v1.3." HR opens Excel and starts calling people. That's the problem.

03 · NO TRAIL

Document arrived, but…

You sent out a new policy in a bulk email. Did anyone open it? Read it? Understood it? You have no idea. And in 3 years you won't be able to find out either.

Who it's for / not for

For companies that must prove compliance.

Who it's for

You need NIS2 / ISO 27001 audits and provable records that employees acknowledged each policy.
You have 50+ employees and key documents (Handbook, GDPR, H&S, IT security) that everyone must know.
You want to control distribution through roles — publisher → approver → recipients — with a full trail.
You work in Microsoft 365 and want to keep data inside your own tenant, not in a third-party cloud.
HR director, Compliance officer or H&S technician needs a management dashboard with compliance %.

Who we're NOT for

— You're looking for a certified DMS (DocuWare, OpenText, M-Files) for regulated industries. Our app is governance, not a certified document management system.
— You need a qualified electronic signature (PKI) — this is a functional audit record, not a digital signature.
— Workflow with parallel approvers or multi-level approval. EP365 has one approver per category (overridable per document).
— You don't have SharePoint Online. EP365 Controlled Documents runs as an SPFx webpart inside M365 only.

Key features · 6 / 6

Six things that make compliance finally make sense.

Workflow with 5 roles

Employee (implicit), Publisher, Approver, Manager, Administrator. You manage membership in the app or via SP groups. Multiple roles stack additively.

EP365_Docs_PublishersApprovers · ManagersAdmin override

Audit trail with timestamps

For each acknowledgement: UPN, display name, ISO timestamp, document version, optional note. In strict mode also IP and User-Agent. Records are immutable.

Immutable logNIS2 strict modeRetention 5 / 7 / 10 / forever

Targeting from 3 sources

Build recipients from EP365 distribution groups (local), Entra ID groups (M365 / cloud, transitive members) and individuals (people picker).

EP365 groupsEntra ID security + M365People picker

Re-distribute a new version

Change the attachment? Auto bump (1.0 → 1.1), distribute again. Old confirmations get reset, a new audit cycle is launched with new EP365 Hub tasks and emails.

Auto version bumpReset confirmationsFresh audit cycle

Management dashboard

Compliance % per category, top 5 at-risk documents, publishing timeline, recipient stack bar. Managers see compliance for their team via Entra `directReports`.

Compliance %Per categoryManager view

Auto-archive + retention

Once `EP365ValidTo` lapses, documents auto-archive. Audit records remain under retention (default 7 years). Audit report print to PDF straight from the browser.

Auto-archivePrint for NIS2 auditCSV / PDF export

In practice · 4 real scenarios

What people do with it day to day.

Employee Handbook for 250 people

PUBLISHER SAYS

"Publishing the Handbook v1.3. Targeted at the Entra group 'All employees'. 21-day confirmation deadline."

Workflow: HR publisher → HR approver → distribution
Audit trail: who, when, which version (NIS2-ready)
Managers see compliance for their team

H&S

Annual H&S training

PUBLISHER SAYS

"Periodic H&S training per Czech Act 309/2006. Targeted at all production staff, 30-day deadline."

Annual version re-distribution (resets old confirmations)
'H&S' category with its own icon palette
After deadline: email reminder from the document detail

GDPR

Internal GDPR policy

PUBLISHER SAYS

"DPO publishes the Internal GDPR Policy. Targets the EP365 group 'Employees with PII access'."

Local group outside Entra ID (DPO manages it themselves)
Optional acknowledgement note ("I agree to the retention rules")
Central report for DPO / GDPR auditors

ISO 27001

ISMS policies and SoA

PUBLISHER SAYS

"CISO publishes 18 ISMS policies. Targets the Entra group 'Active consultants' — transitive member sync."

Transitive members sync for large Entra groups
Re-certification audit passed with no findings
Management dashboard for the ISMS team lead

How it's built

Four layers. All inside your M365.

No additional system. Documents, acknowledgements and the audit trail stay inside your SharePoint. From our side, only a licence-check runs.

INTERFACE

Web part on a SharePoint page

Drops onto any page in your SharePoint. Five roles: Publisher, Approver, Manager, Administrator, Employee — each sees only what they need.

DATA – SP LISTS

Documents and audit inside your SharePoint

Files, metadata, distribution groups and audit records — all in SharePoint Lists inside your M365 tenant. An employee sees only their own acknowledgements, a manager sees their team, an administrator sees everything.

NOTIFICATIONS & TASKS

Emails and tasks in the EP365 Hub

Notifications for approvals and pending acknowledgements go out straight from Microsoft 365. Tasks show up in the EP365 Hub, connected across all EP365 apps. No Power Automate — everything runs straight from the browser.

LICENCE

The only contact with our server

Used solely to verify your licence is active. No documents, acknowledgements or personal data ever flow through here.

How we compare

Where EP365 Controlled Documents has the clearer advantage.

Feature

EP365 Controlled Documents

DocuWare

Microsoft Syntex

Custom SP lists

Data inside customer's M365 tenant

✓

✗no

✓

NIS2 audit trail out-of-the-box

✓

~partial

✗no

Role-based workflow

✓

~partial

✗no

Entra ID group integration

✓

~partial

✓

~partial

Hub tasks across EP365 apps

✓

✗no

Deployment in hours, not weeks

✓

✗no

~partial

✗no

Per-tenant pricing (not per user)

✓

✗no

✓

No external backend

✓

✗no

✓

Security and compliance

Arguments that convince both CISO and Compliance officer.

NIS2 audit trail, ISO 27001, GDPR minimal principle, data sovereignty. No external backend.

NIS2 audit trail

Timestamp, version, UPN, IP in strict mode. Minimum 5-year retention.

ISO 27001 / 9001

Documented distribution control with version history and acknowledgements per version.

Immutable audit log

Records in `EP365_Docs_Confirmations` cannot be edited. Permanent proof.

Data sovereignty

Data in your M365 tenant region (EU for European customers). No cross-border transfer.

No external backend

Everything runs in M365 (SharePoint + Graph). Licence Azure Functions verify only.

GDPR — minimal principle

Audit contains only UPN, display name, time, (optionally) IP. Retention controlled by settings.

No customer data ever leaves the customer's M365 tenant. The app has no backend of its own for business logic — everything runs in SharePoint, Graph and Entra inside the tenant.

Pricing

Monthly licence by company size + customer-side implementation.

The monthly subscription scales with the size of your organisation — the total number of users in your Microsoft 365 environment. Unlimited recipients and documents within each tier.

Licence

How we price the licence

Up to 25 users

4,000 CZK / month

26 – 70 users

6,000 CZK / month

71 – 150 users

8,000 CZK / month

More than 150 users

I'm interested in licensing

Extended support

Support price

2,000 CZK / hour

Consulting, environment tweaks or end-user support.

How we count support

Support is billed in 15-minute increments. The customer is informed of the expected scope of work in advance.

Deployment

Customer-side implementation

30,000–80,000 CZK one-time

Installation, 2-hour admin workshop, category design for your organisational structure, first distribution groups, NIS2 strict mode setup.

Not included

Migration of existing documents from legacy DMS (extra service), UI / branding customisation beyond palette settings, Power Automate flows for advanced automation.

Prices exclude VAT

Case study

What it looks like in real operations.

Manufacturing · 250 employees

"The inspector saw the list of all acknowledgements with timestamps and versions — without a single phone call."

MANUFACTURING

250 employees

DOCUMENTS

32 controlled

What HR directors, CISO and IT ask.

Is this a qualified electronic signature?

No. EP365 Controlled Documents is not a qualified e-signature (QES) — it's a functional audit record of document acknowledgement. For most internal scenarios (NIS2, ISO 27001, H&S, GDPR) that's enough. If you need QES, look for products with PKI integration (Sign Anywhere, DocuSign).

How long does deployment take?

Typically 2–4 hours technically: upload `.sppkg` to the App Catalog, approve Graph permissions, drop the webpart on the target SP page, auto-provisioning on first load. Plus a 2-hour admin workshop and a 1-hour video for publishers. No dedicated training needed for employees (the UX is self-explanatory).

Does it work on mobile?

Primarily optimised for desktop and tablet (admin / publisher view). Employees can confirm a document on mobile via a deep link from email, but the full UX (compliance dashboard, manager view) is desktop. Mobile optimisation is on the roadmap for Q3 2026.

How much does it cost including implementation?

Licence: monthly subscription scaled by company size — from CZK 4,000 / month for companies up to 25 users, CZK 6,000 for 26–70, CZK 8,000 for 71–150. Above 150 users priced individually. Customer-side implementation (installation, training, customisation) is an extra service — typically CZK 30,000–80,000 one-time depending on scope. We'll send detailed pricing after a quick call.

What if we want to migrate from DocuWare or another DMS later?

Migration of existing documents from old systems is an extra service. Typically: export PDF + metadata from DocuWare → bulk import into EP365 → set up recipients and re-distribution. We can't automatically migrate audit records from the previous system — fresh start in EP365.

NEXT STEP

What exactly do you want to discuss?

Pick what's burning most right now. We'll get back to you, walk through your situation and propose next steps, including an indicative price.

I want a 30-minute app demo

We'll walk through a specific workflow and show you possible solutions.

I want a quick SharePoint health check

In an online meeting we'll name the main risks and recommend a solution.

I want to know if we're ready for Copilot

In a short audit we'll reveal which sensitive data AI could reach.

I want an indicative price

Within 24 hours of the intro call we'll give you the budget range.