Annual Conflict-of-Interest / Code-of-Conduct Attestation Drive

The problem this kills

Once a year you have to get every single employee to read the code of conduct, confirm the conflict-of-interest policy, and accept the IT acceptable-use rules - and you have to prove it. So you live in a swamp of spreadsheets: one tab tracking who's been emailed, another guessing who actually responded, a third where you copy-paste "yes, I have a disclosure" replies out of your inbox and try to figure out who needs to see them. You send the same reminder five times to people who already finished. You can't answer "what's our completion rate in Finance?" without an afternoon of filtering. And the sensitive disclosures - the ones that are the whole point of the exercise - end up sitting in a shared folder anyone can open.

The survey tools you've tried don't branch properly, don't keep disclosures private, and give you a flat export that doesn't match the register your auditors want. So every year it's manual, stressful, and impossible to audit cleanly.

What you'll build

A single internal web app that runs the entire annual cycle end to end. You define an attestation set (the policies and the yes/no questions), pick your audience, and hit launch. Staff log in, read each policy, attest, and - if they answer "yes" to a disclosure question - get dropped straight into a short detail form. The tool chases everyone who hasn't finished, shows you a live completion dashboard broken down by department, and routes every disclosure into a private triage queue that only compliance can see. When you're done, you export two clean CSVs: the completion register and the disclosures list.

What's inside the Implementation Plan

The plan opens by interviewing you about your actual attestation process - your policies, your real disclosure questions, how your audience list is shaped, your department naming, your reminder cadence, and your messy edge cases (new hires mid-cycle, leaves of absence, contractors, people who attest but whose disclosure needs follow-up). It reflects a short tailored spec back to you, gets your thumbs-up, and only then starts building - so the tool fits how your company actually runs attestations, not a generic template.

From there it walks you, one copy-paste prompt at a time, through:

• Standing up the app, login, and a database with row-level security so people only see what they should.
• Building the attestation set, the audience import, and the launch flow.
• The attest screen with a yes/no disclosure question that branches to a detail form on "yes."
• Automatic reminders to non-responders only.
• A completion dashboard with percentages by department.
• A private compliance triage queue with a human approval gate on every disclosure.
• The two separate CSV exports and the "close the cycle" step.

The governance it includes (this is the point)

This isn't a survey - it's an audit-grade compliance tool, and the governance is built in from the first prompt:

• Login so only your team and your staff can use it.
• Row-level security so an employee sees only their own attestation, and disclosure detail is access-restricted to compliance.
• A complete audit trail - who attested, who disclosed, who triaged, and exactly when.
• A human-in-the-loop approval gate: the cycle is never auto-closed. Compliance reviews every "yes, I have something to disclose," approves how each one is routed and resolved, and signs off on the completion + disclosures report before the cycle closes.
• Duplicate guards keyed on person + attestation-cycle, so nobody can attest twice and no disclosure gets double-counted.

Who it's for

Compliance officers and HR teams who run mandatory annual attestations - code of conduct, conflict of interest, IT acceptable use - across hundreds or thousands of staff, and who need a defensible record at the end without living in spreadsheets for a month.

You've got this - paste the first prompt and let the agent interview you.