We’re experiencing an issue where non-conformance records become completely locked after manager approval in our workflow. The problem occurs at the approval transition state - once the manager signs off, even quality engineers who need to add corrective actions are blocked from editing.
Our workflow state machine shows the transition from ‘Under Review’ to ‘Approved’ status, but the revision branching rules seem to trigger a hard lock. We’ve checked role-based permissions in the locked state configuration, but the settings appear correct for QA Engineer roles to have edit access.
Workflow State: APPROVED
Revision Status: LOCKED
Error: "Record is locked for editing - approval cycle complete"
User Role: QA_ENGINEER (should have edit rights)
This is blocking our corrective action process since we can’t attach CAPA records or update findings after management review. Has anyone dealt with approval cycle state transitions that preserve editing capabilities for specific roles?
The real issue is understanding how Arena handles role-based edit permissions in locked states versus workflow state permissions - they’re two different systems that interact. Here’s what you need to do:
Workflow State Machine Configuration:
Navigate to Admin > Workflow Designer > Non-Conformance Workflow. In the APPROVED state properties, you need to add an ‘editableBy’ section that explicitly lists roles allowed to modify the record:
Revision Branching and Locking Rules:
Go to Admin > Object Management > Non-Conformance > Revision Policy. Disable ‘Hard Lock on Approval’ and enable ‘Conditional Lock with Role Exceptions’. Add QA_ENGINEER to the exception list. This allows approved records to be edited by authorized roles while maintaining the approved revision as the baseline.
Approval Cycle State Transitions:
The key is configuring the transition FROM ‘Under Review’ TO ‘Approved’ to NOT trigger automatic revision locking. In your workflow transition properties, set ‘lockRevisionOnTransition’ to false and instead rely on field-level locks for critical data like approval signatures and dates.
Role-Based Edit Permissions:
For each field in your non-conformance form, configure field-level permissions. Lock fields like ‘Manager Approval Date’ and ‘Approval Signature’ but keep ‘Corrective Actions’, ‘CAPA Links’, and ‘Follow-up Notes’ editable by QA_ENGINEER role even in APPROVED state.
This approach maintains approval integrity for audit compliance while allowing necessary post-approval work. The approved version remains in the revision history, and any changes create a proper audit trail. Test thoroughly in your sandbox environment before deploying to production - you want to verify that the approval signature fields remain locked while corrective action fields are editable.
Don’t forget about the revision branching rules - they’re separate from workflow permissions. Even if your workflow allows edits, the revision control policy might be enforcing a lock. Check if ‘Auto-lock on approval’ is enabled in your revision policy settings.
You have a couple of options here. First approach: modify the APPROVED state to allow specific roles to edit certain fields (like corrective actions, CAPA links) while keeping critical fields locked. Second approach: add an intermediate state ‘Approved - Pending CAPA’ that sits between approval and final closure. The intermediate state approach is cleaner for audit trails because it shows the record was approved but still requires follow-up actions. Most regulated companies I work with use the intermediate state pattern.
Thanks for the suggestions. I found the workflow state machine config and the APPROVED state does have role restrictions, but I’m not sure how to modify it without breaking the approval integrity. Should I be looking at creating a new workflow state like ‘Approved - In Progress’ that allows edits before final closure?
The revision branching and locking rules are key here. In Arena QMS 2022.1, you need to enable ‘controlled branching’ for non-conformance records. This allows you to create a new revision branch after approval while keeping the approved version locked for audit purposes. Go to Admin > Document Control > Revision Policies and look for the non-conformance object type. There should be a setting for ‘Allow Post-Approval Modifications’ with role-based controls.