A steel structure repaired component archive public link exposure checklist helps EPC teams control one of the most common archive risks: a link created for quick review remains open after final closeout. Public links can expose repair photos, NCR closeout files, accepted limitations, engineering dispositions, and internal review notes to users outside the approved archive access matrix.
The goal is not to block final owner retrieval. The goal is to replace public access with controlled owner, quality, site, or engineering access while preserving the final repaired component record.
1. Find every public link path
Public link exposure can appear in more than one place. Do not check only the final archive index. Review transmittals, comments, email references, issue logs, handover trackers, and migrated folders.
- Search archive indexes for anyone-with-link URLs or open cloud sharing indicators.
- Check old review transmittals and comment logs for public links to repair evidence.
- Check migrated folders for inherited public sharing from the source workspace.
- Check photo packages and NCR closeout folders that were shared during review.
- Check whether public links still open after owner handover or account closure.
For general shared-link control, use the archive shared link checklist.
2. Classify what the public link exposes
A public link to a final acceptance record may require one type of correction. A public link to internal engineering dispositions or draft comments requires tighter correction. Classify the exposed record before closing or replacing the link.
| Exposed item | Exposure risk |
|---|---|
| Final repair record | May be acceptable for owner users, but should still move to controlled role access. |
| NCR closeout evidence | Can expose quality findings, repair scope, or internal closeout notes. |
| Engineering disposition | Should be limited to approved technical reviewers unless contract scope says otherwise. |
| Draft comments or internal notes | Should usually be removed from public access and separated from final handover. |
| Transferred item records | May expose unresolved or owner-assigned closeout actions if linked publicly. |
For over-broad access checks, use the archive over open access checklist.
3. Replace public links with controlled access
Public links should not be the normal access route for final repaired component archives. Replace them with controlled links tied to named users, approved groups, owner handover accounts, or technical reviewer roles.
- Create a controlled final archive route before disabling the public link.
- Use owner handover groups for final accepted records that must remain retrievable.
- Use quality or engineering roles for restricted repair evidence or dispositions.
- Avoid replacing one public link with another temporary public link.
- Update archive indexes and handover trackers with the controlled route.
For access rules, use the archive access control checklist.
4. Disable or expire old public links
After controlled access is confirmed, old public links should be disabled, expired, or documented as intentionally retained for a defined reason. Leaving the old route active defeats the purpose of the correction.
- Disable anyone-with-link access after final controlled access is tested.
- Set expiry dates for temporary review links that still need a short overlap period.
- Remove public links from final archive indexes and current handover trackers.
- Record historical links that cannot be edited because they are part of transmittal evidence.
- Check whether disabled public links still open through cached redirects or copied URLs.
For expiry controls, use the archive link expiry checklist.
5. Retest public and controlled access
Correction is complete only after both sides are tested: the public route should fail, while the controlled route should still open for the approved role. This protects the archive without breaking final retrieval.
| Retest case | Expected result |
|---|---|
| Anonymous or unapproved user opens old public link | Access denied or link expired. |
| Owner handover user opens controlled archive link | Final accepted repair record opens correctly. |
| Engineering reviewer opens restricted link | Technical record opens through approved reviewer access. |
| Expired review user opens old review folder | Access denied or expired according to closeout rule. |
For role-based retesting, use the archive access retest checklist.
6. Record the exposure correction
Every public link correction should leave a record. This is important because old links may remain inside historical transmittals or emails, and future users need to know where the controlled record moved.
- Record exposed public link, source document, component mark, and repair reference.
- Record exposed file type and whether it included restricted or draft information.
- Record replacement controlled link, approved access group, and archive owner.
- Record disabled or expired link date, correction owner, and approval owner.
- Attach retest evidence showing public access is closed and approved access works.
For audit history, use the repaired component audit trail checklist.
7. Prevent future public link exposure
Public link exposure is usually a process issue, not a one-time mistake. Teams should define when public links can be used, who can approve them, when they expire, and how they are removed from final archive records.
- Limit public links to temporary review windows only when project rules allow them.
- Require an expiry date and owner before issuing any temporary public link.
- Separate final archive folders from working review folders.
- Review public links before final archive acceptance and after folder migration.
- Train document controllers not to use public links in final handover indexes.
For permission governance, use the archive permission review checklist.
Final public link exposure checklist
Before closing a public link exposure issue, confirm:
- Public links were checked in archive indexes, transmittals, comments, migrated folders, and handover trackers.
- The exposed record type was classified before correction.
- Controlled access was created before disabling required final retrieval routes.
- Old public links were disabled, expired, or documented with a defined reason.
- Anonymous or unapproved access was retested after correction.
- Approved owner, quality, site, or engineering access still works after correction.
- The exposure, replacement route, approval, and retest result were logged.
Red flags in public link exposure
- Anyone with the link can open repair photos, NCR closeout files, or engineering dispositions.
- Final archive indexes use public links as the normal access route.
- Public links remain active after comment closure or owner handover.
- Old transmittals contain public links with no replacement route recorded.
- A quick access fix creates a new public link instead of controlled role access.
- No retest proves that public access is closed after correction.
Buyer note: Public link exposure should be corrected before repaired component archives are accepted. EPC buyers should require link discovery, exposure classification, controlled replacement, public-route retesting, and a correction log.