# Configuring Extensible Controlled Copy (Document Control)

<!--- Comment:  If anyone updates this article for a feature, ping the corresponding Quality writer because the code is still (mostly) shared. --->

[QualityOne Vaults](/en/lr/78612/) allow you to track specific content copies outside of Vault, or prepare copies with specific overlays for specialized use. The [Extensible Controlled Copy](/en/lr/78808/) feature provides special objects and fields to support the preparation, download, and distribution of controlled copies.

When downloaded, Vault assigns each controlled copy a unique identification number and creates a _Controlled Copy Trace_ object record, allowing users to track the status of those copies outside of the Vault. With a dedicated lifecycle for these object records, users can manage both the distribution and the reconciliation of these copies according to their organization's needs. You may also configure and apply specialized overlays or choose to attach signature pages on the content when users download controlled copies. Depending on the document lifecycle state, there may be zero (0), one (1), or many controlled copy actions, for example, _Request Laboratory Reference Copy_ and _Request Facility Posting Copy_.


<div class="note-border alert-info">
  <div class="alert alert-info" role="alert">
    <div><i class="far fa-info-circle"></i></div>
    <div class="alert-text">
      <p><strong>Note</strong>: The functionality in this article refers to object-based Extensible Controlled Copy. To determine if your Vault uses Extensible Controlled Copy, navigate to <strong>Admin &gt; Configuration &gt; Objects</strong> and look for the <em>Controlled Copy User Input</em> and <em>Controlled Copy Trace</em> objects. If you don’t see these objects, your Vault uses <a href="/en/lr/78806/">legacy controlled copies</a>.</p>
    </div>
  </div>
</div>



## About Extensible Controlled Copy Downloads {#vault-downloads}

When a user selects the _Download Controlled Copy_ [user action][4], Vault opens the _Create Record_ page for the _Controlled Copy User Input_ object in the dialog. Users enter data in the fields you configured. When a user completes the request to download the controlled copy, Vault generates the appropriate documents in a ZIP file and sends the requesting user a notification with a link to download the file.

Vault also processes the _Controlled Copy User Input_ record, populates any system-managed fields, and automatically creates associated _Controlled Copy Trace_ records for each document copy requested, copying data from any user-entered fields on the _Controlled Copy User Input_ record into identical fields on the _Controlled Copy Trace_ record. Vault automatically sets the _Released from Vault_ field checkbox on the _Controlled Copy Trace_ record after a successful document download. Vault does not set this if an error occurred while attempting to download the controlled copy. You can then use the _Controlled Copy Trace_ record to view, report on, and reconcile controlled copy data.

## Extensible Controlled Copy Objects {#objects}

QualityOne uses the following objects to support Extensible Controlled Copy:

* **Controlled Copy User Input** (`controlled_copy_user_input__v`): This object captures information from the user who requests to download a controlled copy. Your organization can add, edit, or remove fields to customize the data collected. Vault creates these object records when a user selects a controlled copy user action, and then processes these to generate _Controlled Copy Trace_ records and download the requested content for the user. This object supports object types with both standard and custom fields, and you can adjust object page layouts to include all relevant fields for data capture.
* **Controlled Copy Trace** (`controlled_copy_trace__v`): This object houses trace records for all controlled copy files generated for your Vault. _Controlled Copy Trace_ supports object types with both standard and custom fields. Vault creates each record and auto-populates many fields when the user completes the controlled copy request. Users cannot manually create or delete _Controlled Copy Trace_ records; only Vault can create these when a user downloads a controlled copy.

## Enabling Extensible Controlled Copy {#enable}

Contact your Veeva Representative to enable Extensible Controlled Copy in your Vault. If you are using [legacy controlled copies](/en/lr/78806/), enabling Extensible Controlled Copy effectively replaces all legacy document-based controlled copy functionality and disables all existing controlled copy actions and configurations, with the exception of the [_Distribution_ report](/en/lr/78806/#dist-reports). The report allows you to finish reconciling legacy controlled copies while you transition to Extensible Controlled Copies, but prevents you from generating new legacy controlled copies or adding new entries to the _Distribution_ report.

<div class="note-border alert-important">
  <div class="alert alert-important" role="alert">
    <div><i class="far fa-exclamation-circle"></i></div>
    <div class="alert-text">
      <p><strong>Important</strong>: Once enabled, you cannot disable <em>Extensible Controlled Copy</em>.</p>
    </div>
  </div>
</div>



### Extensible Controlled Copy Migration from Legacy {#migration}

If your Vault uses legacy controlled copy and is transitioning to Extensible Controlled Copy, before turning on the feature for QualityOne, contact your Veeva Representative to discuss the best approach to migrate your Vault from the legacy controlled copy configuration to the new Extensible Controlled Copy model.

## Configuration Overview {#overview}

<div class="note-border alert-info">
  <div class="alert alert-info" role="alert">
    <div><i class="far fa-info-circle"></i></div>
    <div class="alert-text">
      <p><strong>Note</strong>: We strongly recommend that you work with your Veeva Representative to configure Extensible Controlled Copy in your Vault.</p>
    </div>
  </div>
</div>



If you choose not to work with your Veeva Representative to configure Extensible Controlled Copy initially or to migrate from [legacy controlled copy](/en/lr/78806/) configurations in your Vault, you must complete the following steps:

1. [Configure identical object types on the _Controlled Copy User Input_ and _Controlled Copy Trace_ objects][1] for any type of controlled copy you may need. You must configure page layouts for these object types too, but they do not need to be identical.
2. [Configure the _Controlled Copy Trace_ lifecycle][7] to allow Vault to manage and track downloaded controlled copies.
3. [Configure or update user and entry actions on the applicable document lifecycles][14] to allow users to download controlled copies and automate the process of recalling controlled copies.
4. [Configure Atomic Security on the _Controlled Copy Trace_ object fields][3] to prevent users from accidentally updating important fields. Vault does not automatically apply security to fields on the _Controlled Copy Trace_ object.
5. If applicable, [update any overlays that supported legacy controlled copies][5] to reference new Extensible Controlled Copy tokens.
6. Optional: [Create a custom tab so users can easily access controlled copies][8].
7. [Configure user permissions][9].
8. If applicable, [update any permission sets that supported legacy controlled copies][6] to grant appropriate users _Create_ permission on any _Controlled Copy User Input_ object types and _Read_ permission on any _Controlled Copy Trace_ object types.

<div class="note-border alert-info">
  <div class="alert alert-info" role="alert">
    <div><i class="far fa-info-circle"></i></div>
    <div class="alert-text">
      <p><strong>Note</strong>: Depending on your Vault’s creation date and which features are currently enabled and configured, some of the steps described in this article may be unavailable or already complete in your Vault.</p>
    </div>
  </div>
</div>



## Configuring Controlled Copy Objects & Object Types {#object-types}

In order for users to download controlled copies, you must configure matching [object types](/en/lr/32857/) on the _Controlled Copy User Input_ and _Controlled Copy Trace_ objects. The two (2) object types must include identical _Labels_, _Plural Labels_, and _Names_ (public keys). You can create multiple object types for the various types of controlled copies needed in your Vault.

The fields you select or create when configuring these object types define the fields users populate when downloading a controlled copy. For example, we recommend creating fields on each object to capture details such as _Reason or Justification_, _Requested For_, and _Audience Details_.


<div class="note-border alert-info">
  <div class="alert alert-info" role="alert">
    <div><i class="far fa-info-circle"></i></div>
    <div class="alert-text">
      <p><strong>Note</strong>: Users will not see the configured <a href="/en/lr/61202/#user-action"><em>Download Controlled Copy</em> user actions</a> in the document <strong>All Actions</strong> menu if the object type <em>Names</em> (public keys) are not identical for the <em>Controlled Copy User Input</em> and <em>Controlled Copy Trace</em> objects.</p>
    </div>
  </div>
</div>



### About Controlled Copy Object Fields {#about-fields}

In order for Vault to capture data and correctly populate fields on the _Controlled Copy Trace_ record when a user downloads a controlled copy, you must create identical fields on both the _Controlled Copy User Input_ and _Controlled Copy Trace_ object types. The _Controlled Copy Trace_ object type can include fields that are not on the _Controlled Copy User Input_ object type, although there is no way for a user to populate these.

If field configurations don't match across the _Controlled Copy Trace_ and _Controlled Copy User Input_ objects, Vault can't create the _Controlled Copy Trace_ record when a user downloads a controlled copy. Common errors include:

* A field that is required on the _Controlled Copy Trace_ object does not exist or is not required on the _Controlled Copy User Input_ object.
* Corresponding fields across the _Controlled Copy Trace_ and _Controlled Copy User Input_ objects have different field types.
* Corresponding text fields across the _Controlled Copy Trace_ and _Controlled Copy User Input_ objects do not have the same _Maximum Length_.
* Corresponding number fields across the _Controlled Copy Trace_ and _Controlled Copy User Input_ objects do not have the same _Minimum value_ and _Maximum value_.
* Corresponding fields across the _Controlled Copy Trace_ and _Controlled Copy User Input_ objects have different Dynamic Reference Constraints configured.

For example, you could make an _Intended Use_ field required on the _Controlled Copy User Input_ object type, but optional on the _Controlled Copy Trace_ object type. Vault automatically copies the field value to the _Controlled Copy Trace_ object. However, if you made the _Intended Use_ field optional on the _Controlled Copy User Input_ object type but required on the _Controlled Copy Trace_ object type, a user downloading a controlled copy could forego entering data in the _Intended Use_ field, and Vault could not create the associated _Controlled Copy Trace_ record.

### Controlled Copy User Input Object Required Fields {#required-fields}

You must add the _Vault Document_ (`vault_document__v`) field on all _Controlled Copy User Input_ object types. You should not add this field to the _Controlled Copy User Input_ [object page layouts][2], as it could cause errors when users request controlled copies from multiple documents via [bulk action](/en/lr/18822/#generate_controlled_copy).

### Controlled Copy Trace Object Required Fields {#obj-req-field}

You must add the following fields on all _Controlled Copy Trace_ object types, although we do not recommend adding these fields to _Controlled Copy Trace_ [object page layouts][2]:

* _Autonumber Prefix_ (`autonumber_prefix__v`)
* _Autonumber Prefix Pattern_ (`autonumber_prefix_pattern__v`)
* _Migrated_ (`migrated__v`)
* _Vault Document_ (`vault_document__v`)

### Object Page Layouts {#page-layouts}

After you set up the _Controlled Copy User Input_ and _Controlled Copy Trace_ object types, you can [configure the object page layout](/en/lr/26387/) for each type to define the fields that the user sees and populates in the _Controlled Copy User Input_ dialog when downloading a controlled copy, and in the _Controlled Copy Trace_ object record detail page.

## Controlled Copy Trace Lifecycle {#cct-lifecycle}

This lifecycle is associated with the _Controlled Copy Trace_ object and allows organizations to manage and track _Controlled Copy Trace_ records representing documents removed from the Vault. The _Controlled Copy Trace_ lifecycle includes the following states by default:

* **Active in Use**: This controlled copy is currently outside of the Vault.
* **In Recall**: This controlled copy is currently in use outside of the Vault, but a recall exists to discontinue it.
* **Recall Confirmed**: This controlled copy is removed from use outside of the Vault.

You may update these states, [configure Atomic Security][3], or utilize various object lifecycle and workflow actions (such as automatic recall) to create a robust process that represents how your organization accounts for content after it has left your Vault.

## Configuring Controlled Copy Actions {#cc-actions}

The Controlled Copy user and entry actions allow users to download controlled copies and automatically recall the controlled copies of documents that enter an obsolete or superseded state while their controlled copies are in circulation. 

Configure your Vault to include the following actions for Controlled Copy:

* [_Download Controlled Copy_ user action][4]
* [_Recall Controlled Copy_ entry action][15]

### Configuring the Download Controlled Copy Action {#user-action}

To allow users to download controlled copies, you'll need to [configure a user action](/en/lr/12339/#create) on the applicable document lifecycle state. The user action type for Extensible Controlled Copy is _Download Controlled Copy_. There are several fields available for configuration:

* **Controlled Copy Type**: Indicates which controlled copy object type the user is requesting. _Controlled Copy User Input_ object types that do not have a matching _Controlled Copy Trace_ object type do not appear in the drop-down.
* **Autonumber Prefix**: Indicates the token pattern Vault uses for autonumbering _Controlled Copy Trace_ records of the selected type. Vault includes a default pattern, or you can [create your own][13].
* **Overlay**: Indicates the [overlay templates][5] Vault applies to the content when a user downloads a controlled copy. This selection overrides the lifecycle state-based overlay selection. As a best practice, we recommend selecting a single overlay. However, you can select up to five (5) templates, which Vault applies together.
* **Include signature page**: Specifies whether or not Vault includes a [signature page](/en/lr/8975/) with the content when a user downloads a controlled copy. If a signature page exists, Vault applies it for that specific document. If not selected, the controlled copy omits the signature page, regardless of whether there are signatures applied.

When configuring new controlled copy actions, be sure to check that the [lifecycle state security settings](/en/lr/2572/) grant the [_Distribute Controlled Copy_][9] permission to users with appropriate document lifecycle roles. For example, no user could access a _Download Controlled Copy_ action on the _Approved_ document lifecycle state if that state's security settings do not grant the appropriate permission to at least one (1) document lifecycle role.


<div class="note-border alert-info">
  <div class="alert alert-info" role="alert">
    <div><i class="far fa-info-circle"></i></div>
    <div class="alert-text">
      <p><strong>Note</strong>: If you <a href="/en/lr/61202/#migration">migrated</a> your Vault’s legacy controlled copy configurations to Extensible Controlled Copy, you must manually update all legacy controlled copy user actions.</p>
    </div>
  </div>
</div>



#### Autonumber Prefix {#autonumber}

Vault applies the autonumber prefix to _Controlled Copy Trace_ records. You can include [tokens](/en/lr/6382/) in your autonumber prefix that reference fields on the _Controlled Copy User Input_ object using the syntax: `${VCC__fieldname__v}`. For example, the token `${VCC__name__v}` references the name of the _Controlled Copy User Input_ record. Vault also supports the following legacy controlled copy tokens in Vaults with Extensible Controlled Copy enabled:

* ${docNumber}: Document Number
* ${docMajor}: Document Major Version Number
* ${docMinor}: Document Minor Version Number

We recommend that you replace "CC" in the default Controlled Copy autonumber prefix format with a value that corresponds to the menu label, for example, _FPC-${docNumber}-${docMajor}-${docMinor}-_ for the menu label _Request Facility Posting Copy_. If you use the same number format, for example, _CC-{####}_, for two (2) separate user actions, they share the numbering value so that it is impossible to create two (2) controlled copies with exactly the same copy number.

### Configuring the Recall Controlled Copy Action {#entry-action}

When a document is superseded or made obsolete while its controlled copies are in circulation, your organization may require a recall process to harmonize the controlled copies.

You can configure the _Recall Controlled Copies_ entry action on a document lifecycle state to automatically place _Controlled Copy Trace_ object records associated with an _Obsolete_ or _Superseded_ document into an _In Recall_ state. You can also configure the state change to trigger a workflow for the appropriate personnel to start a recall process.

Configuring the _Recall Controlled Copy_ action involves the following steps:

* [Configure the _Recall Controlled Copies_ entry action][16] to ensure that all related _Controlled Copy Trace_ records enter an _In Recall_ state when their associated document enters an _Obsolete_ or _Superseded_ state.
* [Configure an auto-start workflow on the _In Recall_ state][17] to automatically notify key personnel and include participants in a recall workflow.

#### Configuring the Recall Controlled Copies Entry Action {#recall-action}

To configure the _Recall Controlled Copies_ entry action:

1. Navigate to **Admin > Configuration > Object Lifecycles > Controlled Copy Trace Lifecycle > State Types** and add states to [state types](/en/lr/30683/#state-type) in the _Controlled Copy Trace_ object lifecycle.
   * For the _Controlled Copy In Use_ state type, assign the [_Active In Use_][7] state for copies issued to locations outside Vault, such as a manufacturing floor. Your organization's labels for states may differ.
   * For the _Controlled Copy In Recall_ state type, assign the [_In Recall_][7] state for issued copies that need to complete a recall process.
2. Add the _Recall Controlled Copies_ entry action to a [state in a document lifecycle](/en/lr/2357/):
   1. Navigate to **Admin > Document Lifecycles > [Lifecycle] > States > Obsolete or Superseded state > Entry Actions** and click **Edit**. 
   2. Click **Create Entry Action**.
   3. Select **Always** or **Perform with conditions** as appropriate for your process.
   4. Select the **Recall Controlled Copies** action from the drop-down.
   5. Use the **Object Type** drop-down to specify if the action is available on all _Controlled Copy Trace_ object types or only on certain object types.

After the action runs, you can verify that all in-use controlled copies were successfully recalled by running a [report](/en/lr/51842/) on the _Recall System Details_ field of the _Controlled Copy Trace_ object.

#### Notifying Participants in a Recall Process {#recall-process}

Once you have configured the action, you can create a [report](/en/lr/51842/) to let the appropriate personnel know they need to reconcile the _Controlled Copy Trace_ records.

You can further automate the recall process by configuring an [auto-start workflow](/en/lr/52892/) on the _In Recall_ state and assigning a recall process task to a chosen role on the _Controlled Copy Trace_ record. You can determine how Vault populates this role in multiple ways:

* Add the _Add User to Role_ entry action to the _In Recall_ state of the _Controlled Copy Trace_ object. For this option, ensure you have [Dynamic Access Control](/en/lr/33946/) enabled for the _Controlled Copy Trace_ object. This entry action must run before the _Start Workflow_ entry action. To configure, do the following:
   1. Navigate to the _In Recall_ state on the _Controlled Copy Trace_ object lifecycle.
   2. Click **Edit** on the _Entry Actions_ section.
   3. Click **Create Entry Action**.
   4. Select **Always** or **Perform with conditions** as appropriate for your process.
   5. Select the **Add User to Role** action from the drop-down.
   6. Specify the **User Field** and **Role** from the drop-down. Vault adds the value of the selected _User Field_ (for instance, "Requested By") on the _Controlled Copy Trace_ record to a lifecycle role selected from the _Role_ drop-down.
* Use [Custom Sharing Rules](/en/lr/25494/) or [Matching Sharing Rules](/en/lr/36122/) to populate the role.

## Configuring Atomic Security for Extensible Controlled Copy {#atomic-security}

The _Controlled Copy Trace_ object is intended to be a record of truth for tracking controlled copies after they leave Vault. You are responsible for configuring [Atomic Security](/en/lr/47850/#Atomic_Security_Fields) on all fields representing content that has left the Vault. As a best practice, we recommend applying Atomic Security on all fields, following these general guidelines:

* If Vault copies a field from the _Controlled Copy User Input_ record to the _Controlled Copy Trace_ record, Atomic Security for that field should be _Read Only_ for all roles in all states of the _Controlled Copy Trace Lifecycle_.
* If the field is unique to the _Controlled Copy Trace_ object and represents information captured during the reconciliation process or another custom process in your Vault, you can apply Atomic Security at your discretion based on your organization's needs.

## Configuring Overlays {#overlays}

With Extensible Controlled Copy, you can include tokens that reference _Controlled Copy Trace_ object fields in overlay templates.


<div class="note-border alert-info">
  <div class="alert alert-info" role="alert">
    <div><i class="far fa-info-circle"></i></div>
    <div class="alert-text">
      <p><strong>Note</strong>: If you <a href="/en/lr/61202/#migration">migrated</a> your Vault’s legacy controlled copy configurations to Extensible Controlled Copy, you must manually update all tokens referencing legacy controlled copy field values in your standard overlay templates or overlay template overrides. Extensible Controlled Copy tokens must include two (2) underscores (__) following “VCC”.</p>
    </div>
  </div>
</div>



### Standard Overlay Templates {#overlay-temp}

In [overlay template override](/en/lr/6037/), Vault supports the following token syntax for _Controlled Copy Trace_ object reference fields: `${VCC__fieldname__v}`. For example, to reference the record's name, your token would be: `${VCC__name__v}`.

You can select all _Controlled Copy Trace_ object fields as tokens with the exception of system fields, such as _Status_, and long text fields. Vault validates your tokens when you save your overlay template.

### Advanced Overlay Overrides {#overlay-overrides}

When creating an XFA PDF file to use as an [overlay template override](/en/lr/6037/#about-overlay-overrides), you can include tokens referencing the _Controlled Copy Trace_ object. You must use the "Text Field" type to add a Vault field to your XFA PDF, regardless of the field's type in your Vault.

For example, syntax for a token referencing the _Controlled Copy Trace_ object would be: `VCC__fieldname__v`. To reference the record's name in your XFA PDF file, you would include the token: `VCC__name__v`.

All _Controlled Copy Trace_ object fields are supported as tokens with the exception of long text fields. Vault validates your XFA PDF file at upload.

## Configuring a Custom Tab {#tab}

You can configure a [custom tab](/en/lr/23516/) for the _Controlled Copy User Input_ object so users can easily access and create records to request controlled copy downloads.

## Configuring User Permissions {#user-perm}

You must ensure users have the appropriate read and create [permissions](/en/lr/22824/) to access the appropriate objects and object fields in addition to the permissions outlined below:

* For the _Controlled Copy User Input_ object: _Read_ and _Create_ permission.
* For the _Controlled Copy Trace_ object: _Read_ permission.
* For the _Document Role_, grant the permission _Distribute Controlled Copy_ to allow users the ability to access user actions from the document **All Actions** menu to download controlled copies. This permission also controls the ability to download controlled copies in bulk.

## Related Permissions {#permissions}

You can complete all the steps in this article with the standard _System Administrator_ or _Vault Owner_ security profile. If your Vault uses custom security profiles, your profile must grant the following [permissions](/en/lr/22824/):

<table>
  <tr>
    <th><strong>Type</strong></th>
    <th><strong>Permission</strong></th>
    <th><strong>Controls</strong></th>
  </tr>
  <tr>
    <td>Security Profile</td>
    <td>Admin: Configuration: Document Lifecycle: Edit</td>
    <td>Ability to configure document lifecycles and the <em>Download Controlled Copy</em> user action on document lifecycle states, associate an overlay template with a lifecycle state.</td>
  </tr>
  <tr>
    <td>Security Profile</td>
    <td>Objects: Controlled Copy Trace (all object types): Read, Edit, Create</td>
    <td>Ability to make changes to <em>Controlled Copy Trace</em> records.</td>
  </tr>
  <tr>
    <td>Security Profile</td>
    <td>Objects: Controlled Copy User Input (all object types): Read, Edit, Create</td>
    <td>Ability to make changes to <em>Controlled Copy User Input</em> records.</td>
  </tr>
</table>

[1]: #object-types
[2]: #page-layouts
[3]: #atomic-security
[4]: #user-action
[5]: #overlays
[6]: #permissions
[7]: #cct-lifecycle
[8]: #tab
[9]: #user-perm
[10]: #migration
[13]: #autonumber
[14]: #cc-actions
[15]: #entry-action
[16]: #recall-action
[17]: #recall-process