The eSign Audit Trails behind USDA APHIS’s E-Signature Processes
As more and more electronic and digital signature use becomes the norm at the US Department of Agriculture’s (USDA) Animal and Plant health Inspection Service (APHIS), the concept of non-repudiation and records audit trails is increasingly vital.
APHIS is a regulatory agency, and that makes compliance and tracking extremely important. One of APHIS’s many signing processes involves tracking the movement of livestock across borders. APHIS plays a significant role in keeping U.S. livestock and poultry healthy. There are millions of animals crossing U.S. borders annually. They may be in transit across state lines, going from Mexico through to Canada, or leaving the U.S. for international destinations.
Audit trails are extremely important to the import/export process. Animal health authorities have to be able to trace animal movements when animal disease incidents occur. Plus, there are many internal and external signers involved – employees of USDA, livestock importers, customs officers and brokers, etc., and it’s essential to have a record of everyone involved in the process and each time they touched a document, what their involvement was, how the e-forms were presented to them in a web or mobile browser, what information each signer entered into the form, and exactly what was authorized or agreed to when they applied their signature to the document.
The ability to trace who made decisions and who e-signed each document was a key requirement for APHIS. e-SignLive meets this requirement by capturing a comprehensive audit trail, along with a digital signature and timestamp for each individual signature as it is applied to a document.
e-SignLive enables financial institutions to focus on their customers, instead of chasing after signatures and lorem.
In addition, all of the e-signed records – meaning both the tamper-proof e-signed document and the document audit trail – get archived in USDA’s system, which gives them vendor independence. In the event of a disease outbreak, USDA officials can pull their records in minutes and trace an animal back through the supply chain. The end result is much stronger compliance and tracking than they ever had on paper.
Dual audit trail protection
The main reason organizations require an e-signature audit trail is to demonstrate compliance to auditors. To do that, you need two things: a document audit trail and a process audit trail. In other words, a record of what was signed and how it was signed.
When you get documents signed electronically, you need a tamper-proof copy of what was signed. You also need an audit trail that proves who signed that document, using what authentication method, on what day, at what time, from what IP address. That’s a document audit trail.
In addition that that, e-SignLive captures an extra audit trail. It’s called a process audit trail, and it’s basically a free insurance policy that we include with our service. It captures the context for the signing process, meaning everything the signer experienced. The benefit is that if an auditor wants to know that you executed the process correctly, you can show them screen-by-screen exactly what took place.
Hear the USDA story firsthand
To hear the USDA story firsthand from Patrick McFall, Director, Software Services & Delivery, USDA APHIS, watch this webcast: How Secure E-Signatures Enable Online Permitting.