Skip to main content

Documentation Index

Fetch the complete documentation index at: https://docs.coverbase.com/llms.txt

Use this file to discover all available pages before exploring further.

A workflow is a sequence of triggers, conditions, and actions that runs against a primary object.

Triggers

A trigger is the event that starts a workflow. Triggers fall into three groups.

Object events

A primary object is created, updated, or transitions state. Examples include a new vendor being created, an assessment moving to completion, a contract entering its renewal window, or an evaluation being flagged as a finding.
A workflow runs on a recurring schedule. Examples include quarterly reassessment of all critical vendors, annual SOC 2 refresh, or monthly checks for expiring contracts.
An external system explicitly invokes a workflow through the API. This is the integration path most relevant to procurement and GRC tooling.See Triggering workflows from external systems for the three patterns.

Conditions

Conditions branch the flow. They evaluate fields on the primary object or its related objects. Common patterns include:
  • IRQ score above or below a threshold
  • Data classification (PII, PHI, PCI, or none)
  • Hosting model (SaaS, on-prem, or hybrid)
  • Geographic jurisdiction
  • Vendor tier or criticality
  • Whether prior assessment evidence exists
  • Whether a specific document type is present
Conditions can be composed with AND or OR logic and nested arbitrarily.

Actions

Actions execute work. The available actions:

Create or update an assessment

Send a questionnaire to a vendor contact

Request specific evidence types

Run Copilot against uploaded evidence

Run Inspect against a vendor's public surface

Run Contract Guardian against an agreement

Transition a vendor or assessment lifecycle state

Assign a task to an internal owner

Wait for human review

Fire a webhook to an external endpoint

Every action that runs in the UI is also exposed as an API endpoint. Anything that can be configured as part of a workflow can also be invoked directly from outside the workflow engine.