Knogin
[Developers]

Action Management

An investigator discovers a critical piece of evidence linking two suspects but needs three separate approvals before the material can be shared with the prosecution team. Without a structured task system, that approval

Back to All Modules
Category: Api DomainsLast Updated: Feb 5, 2026
api-domainsaireal-timecomplianceblockchain

Overview#

An investigator discovers a critical piece of evidence linking two suspects but needs three separate approvals before the material can be shared with the prosecution team. Without a structured task system, that approval chain lives in email threads, spreadsheets, or verbal agreements, none of which survive a court challenge. Action Management solves this. It gives every team a centralized, auditable system for creating, assigning, and tracking work items from the moment they're raised to the moment they're closed.

Actions cover the full spectrum of operational work: routine tasks, formal approvals, peer reviews, and urgent escalations. Each carries a priority level, a reference to the entity it concerns, and a complete history of every status change, logged to the tamper-evident audit trail automatically.

Key Features#

  • Action Tracking: Centralized system for managing all work items across your organisation, from simple tasks to complex approval workflows.
  • Smart Assignment: Assign actions to individual users or bring in multiple team members to collaborate on shared work items.
  • Reference Linking: Connect actions to cases, alerts, evidence, and other entities to maintain full context and traceability.
  • Status Lifecycle Management: Track actions through a complete lifecycle from creation to completion, with support for cancellation workflows.
  • Priority-Based Workflows: Four priority levels (critical, high, medium, low) enable effective triage and ensure urgent items receive immediate attention.
  • Organization-Scoped Security: Multi-tenant isolation ensures each organisation's actions remain private and inaccessible to other tenants.
  • Real-Time Tracking: Monitor action status, assignments, and completion metrics as they happen.
  • Programmable API Access: Full API support for creating, querying, and managing actions programmatically.

Action Types#

  • Task: General work items requiring completion, such as reviewing evidence, updating case notes, or contacting witnesses.
  • Approval: Actions requiring explicit approval or rejection, often tied to compliance or legal requirements.
  • Review: Quality assurance tasks for peer-reviewing investigation findings or AI-extracted data.
  • Escalation: Urgent issues requiring management attention, automatically prioritized and flagged for immediate response.

Use Cases#

Law enforcement teams create actions to route warrant requests through a documented approval chain, giving prosecutors a clear record of who authorised what and when.

Financial crime units assign evidence review tasks to specialist analysts, track completion against case deadlines, and maintain a full audit trail that satisfies anti-money-laundering compliance requirements.

Intelligence agencies use escalation actions to surface time-critical findings to cleared personnel without relying on informal communication channels.

Critical infrastructure operators track multi-step approval processes for access authorizations, ensuring every permission grant is documented and accountable before a technician enters a controlled area.

  • Case Management Workflows: Create and assign actions as part of investigation case management, ensuring every step is tracked and accountable.
  • Approval Processes: Route warrant requests, report sign-offs, and data access authorizations through structured approval workflows.
  • Evidence Review Tracking: Assign review tasks to specialists, track completion, and maintain an audit trail of all review activities.
  • Team Collaboration: Enable multiple team members to collaborate on shared investigations with clear task ownership and status visibility.

Integration#

The Action Management module integrates with other Argus modules:

  • Case Management: Actions can reference and link to active cases, providing task context within investigations.
  • Alert Management: Alerts can trigger action creation for follow-up tasks and escalations.
  • Evidence Management: Evidence review and chain-of-custody tasks are tracked as actions with full reference linking.
  • Audit Trail: All action creation, assignment, and status changes are logged for compliance and accountability.

Open Standards#

  • GraphQL (June 2018 specification): all Action Management queries, mutations, and real-time subscriptions are exposed through a typed GraphQL API, enabling interoperability with any compliant client or federation gateway.
  • RFC 6455 (WebSocket Protocol): status changes, assignments, and bulk operations broadcast live update events over persistent WebSocket connections so connected clients receive changes without polling.
  • RFC 7519 (JSON Web Token) / RS256: every API request is authenticated by a signed JWT validated against the platform JWKS endpoint, ensuring cryptographically verified identity before any action data is read or written.
  • OAuth 2.0 (RFC 6749): bearer-token authorisation follows the OAuth 2.0 framework, with scoped permissions carried in token claims and enforced at the resolver layer for each action operation.
  • RFC 4122 (UUID): all action, assignment, template, and organisation identifiers are Universally Unique Identifiers, guaranteeing collision-free references across distributed tenants.
  • ISO 8601 (Date and Time): all timestamp fields, creation, update, due date, and completion, are serialised in ISO 8601 format, ensuring unambiguous exchange with external case management and compliance systems.
  • ArcSight Common Event Format (CEF): the tamper-evident audit trail that records every action lifecycle event can be exported in CEF format for ingestion by SIEM platforms such as Splunk, Microsoft Sentinel, and IBM QRadar.

Last Reviewed: 2026-02-05 Last Updated: 2026-04-14

Ready to Build?

Get started with our APIs or contact our integration team for support.