A steel structure repaired component archive access retest checklist helps EPC teams prove that the right users can open final repair records and the wrong users cannot. Archive links may still exist after closeout, but access can change when project groups are removed, owner accounts are created, engineering records are restricted, or temporary review users expire.

This checklist focuses on role-based access retesting. It should be used after migration, permission review, link expiry, broken-link correction, account closure, and owner handover updates.

1. Define the access roles to retest

Retesting should start with the actual archive users. Avoid testing only with a document controller or administrator account. Each role should be tested against the files that role is expected to use after project closeout.

  • Owner handover users who need final repair records and acceptance evidence.
  • Quality users who need inspection reports, NCR closeout, and release records.
  • Site users who need repair notes, limitations, transferred items, and installation status.
  • Engineering reviewers who need controlled access to dispositions and technical decisions.
  • Expired external users who should no longer open temporary review folders or restricted files.

For the broader access matrix, use the archive access control checklist.

2. Match access roles to record types

Each role should be tested against the correct record set. A user may have valid access to general handover files but still be blocked from a required repair record or accidentally allowed into a restricted technical record.

Role Records to retest
Owner handover Final repair package, acceptance record, closeout evidence, and limitations.
Quality Inspection evidence, NCR closeout, photo records, and release records.
Site Repair notes, transferred item status, installation limitations, and receiving records.
Engineering Restricted dispositions, calculations, technical comments, and accepted conditions.
Expired external user Old review links should be denied or expired according to the closeout rule.

For access review timing, use the archive permission review checklist.

3. Retest after permission changes

Permission changes can solve one problem and create another. A restricted folder may become too open, or an owner handover user may lose access to final acceptance evidence. Retest access immediately after changing roles, groups, owners, or folder inheritance.

  • Confirm owner users can open final records without access to internal draft comments.
  • Confirm quality users can open inspection evidence and NCR files needed for audit.
  • Confirm site users can open only the records required for site execution and maintenance.
  • Confirm engineering records remain limited to approved technical reviewers.
  • Confirm expired or removed users cannot open old review links.

For link-level retesting after permission changes, use the archive link retest checklist.

4. Confirm the correct file opens for each role

Access retesting should verify both permission and record accuracy. A user may successfully open a file, but the file may be the wrong revision, wrong component, or wrong repair package.

  • Opened file matches the component mark and repair reference in the archive index.
  • Revision status matches the final accepted record or is clearly marked as historical.
  • NCR number, inspection number, and acceptance record match the repaired component package.
  • Transferred item status is visible where the receiving owner or site team needs it.
  • Restricted technical records are not exposed through ordinary owner or site access.

For relationship checks, use the repaired component audit trail checklist.

5. Record denied access results

Denied access can be correct or incorrect. The retest record should distinguish between expected denial for expired users and unexpected denial for owner, quality, site, or engineering users.

Denied result How to record it
Expected denial Record role, link, restriction rule, and approval owner.
Unexpected denial Record required role, missing permission, affected record, and correction owner.
Wrong group access Record inherited folder permission and the target permission rule.
Over-open access Record exposed file type, user group, corrective action, and retest result.

For broken or incorrect access routes, use the archive broken link checklist.

6. Retest after owner handover

Access that works before handover may fail after project accounts are closed. A post-handover access retest should confirm the owner can still retrieve final repair records without asking the EPC team to resend files.

  • Owner handover account can open final repaired component package from the archive index.
  • Owner can find records by component mark, repair number, NCR number, or acceptance record.
  • Owner cannot open internal draft comments or restricted records outside the agreed scope.
  • Old temporary project accounts are disabled or removed.
  • Post-handover access evidence is stored with the final archive record.

For final archive evidence, use the final archive closeout checklist.

7. Keep an access retest register

The register should show who was tested, what was tested, whether access was expected, and what correction was made. This keeps the access decision auditable after project teams change.

  • Record user role, test account, linked record, component mark, and repair reference.
  • Record trigger event, such as migration, permission change, expiry, or handover.
  • Record expected access, actual result, test date, tester, and evidence reference.
  • Record correction owner and retest result for failed or over-open access.
  • Store the register with the repaired component archive and handover records.

For issue history, use the transmittal record checklist.

Final archive access retest checklist

Before accepting the access retest, confirm:

  • Owner, quality, site, engineering, and expired-user roles were considered.
  • Each role was tested against the records it should or should not access.
  • Retesting was performed after migration, permission change, expiry, or handover update.
  • Opened files were checked for correct component, repair reference, revision, and status.
  • Denied access was classified as expected or unexpected.
  • Unexpected denial and over-open access were corrected and retested.
  • The access retest register is stored with the final archive.

Red flags in access retesting

  • Only document control or administrator access is tested.
  • Owner users can open final records before handover but not after project account closure.
  • Expired external users still open old review folders.
  • Engineering dispositions are exposed through general handover access.
  • Access is marked as passed without checking the exact repaired component file.
  • No evidence shows who retested access after permission changes.

Buyer note: Access retesting protects the archive from both missing access and over-open access. EPC buyers should require role-based retesting before accepting repaired component archive records after handover or permission changes.