runbookify
← All plans
Compliance, Quality & Risk / Policy Acknowledgment

Quiz-Gated Policy Acknowledgment: Proof They Actually Understood It

Turn 'I scrolled to the bottom' into real evidence of understanding — readers must pass a short comprehension quiz before their policy sign-off counts, with the policy owner approving the question bank and threshold first.

IntermediateA weekendBuilds onNext.jsSupabaseResend
What you'll build

A web tool where you load a policy and a question bank, the policy owner approves the questions and pass threshold, readers study the policy and take a randomized quiz, a pass records a binding acknowledgment tied to the exact policy version, fails route to retake or coaching, and you email results to the owner and export an acknowledgment + scores CSV.

Gated download

Enter your email — the plan downloads instantly and a copy lands in your inbox.

By submitting your email you'll also receive the weekly runbookify newsletter. You can unsubscribe at any time.

Before you start

  • A Supabase account (free)
  • A Vercel account (free)
  • A Resend account (free)
  • Your policy document (PDF, Word, or markdown)
  • A question bank CSV/Sheet (question, options, correct answer, pass threshold)
  • Claude Code or any AI coding agent

The problem this kills

Your policy acknowledgment process records a single thing: that someone clicked "I agree" at the bottom of a page. It does not record whether they read a word of it. For a holiday-party memo, fine. For a safety procedure, a data-handling policy, or a financial-controls rule — where a misunderstanding turns into an injury, a breach, or a failed audit — "I scrolled to the bottom" is not evidence, and everyone in the room knows it.

When the auditor or the incident review asks "can you prove your people understood this?", a wall of checkboxes won't cut it. You need to show that each person was tested on the parts that matter, hit a threshold you set on purpose, and signed off against the exact version of the policy that was live that day. Building that by hand — quizzes in one tool, sign-offs in another, scores in a spreadsheet — is a mess. You don't need to live like this, and you don't need to be a developer to fix it.

What you'll build

A simple internal web tool. You load a policy document and a small question bank (question, answer options, the correct answer, and the pass threshold) from a CSV or Google Sheet. The policy owner reviews and approves the question bank and the threshold before the quiz ever goes live. Then each reader logs in, studies the policy, and takes a short comprehension quiz with the questions in randomized order. Pass the threshold and the tool records a binding acknowledgment stamped to that exact policy version, the person, the date, their score, and the attempt. Fall short and they're prompted to retake; after a capped number of failed attempts, they're routed to the owner for coaching follow-up instead of endless re-tries. The owner gets results emailed via Resend and can export an acknowledgment + scores CSV for the audit file.

What's inside the Implementation Plan

The downloadable plan is a step-by-step file you paste into an AI coding agent. It opens by interviewing you about your business — which policies you're gating, who owns and approves the questions, how strict the pass threshold needs to be, how you version policies today, how many people take it and when, your retake and escalation rules, and your messy edge cases — and then it tailors the data model, the quiz logic, and every later step to your answers. This is not a generic template; the agent reflects a short spec back to you and waits for your thumbs-up before it builds anything. From there it walks the agent through loading the policy and question bank, the owner's approve-the-bank gate, the study-and-quiz flow with randomized questions, scoring and the binding acknowledgment, the retake cap and coaching route, the results email, and the CSV export — each step with a ready-to-copy prompt. There's also a fallback so you can build and run the whole thing today from a Google Sheet, even with no integration to your HR or LMS system.

The governance it includes (this is the point)

This is real compliance tooling, so it ships with the controls a risk or training team needs: login so only your team and your readers can use it, row-level security so each organization only ever sees its own policies and sign-offs, a complete audit trail of who approved which question bank, who attempted the quiz, and what they scored and when, a hard human-approval gate so no quiz goes live and no failed reader is silently cleared until the owner signs off, and duplicate guards keyed on person + policy version so the same acknowledgment can't be double-recorded. Every acknowledgment is bound to the specific policy version the reader actually studied — so when the policy changes, the proof doesn't quietly carry over.

Who it's for

Compliance leads, quality managers, and training owners responsible for high-stakes policies — safety, data protection, financial controls — where it genuinely matters that people understood, not just clicked. If you can describe which policy you need real proof on and write a handful of questions about it, you can build this.

You've got this — start with the plan, paste the first prompt, answer the interview, and you'll have a working quiz-gated sign-off you can defend in an audit by the end of the weekend.

Gated download

Enter your email — the plan downloads instantly and a copy lands in your inbox.

By submitting your email you'll also receive the weekly runbookify newsletter. You can unsubscribe at any time.