Skip to content Skip to main navigation Skip to footer

FAQs

Getting Started

User ID is not case-sensitive. However, password is case-sensitive. Be sure to input your password correctly and check your Caps Lock and Num Lock keys while doing so.

The system will automatically log users out after a period of inactivity. This is to ensure security and prevent unauthorized access.

To re-login, simply hit the ‘refresh” button on your web browser and proceed to login with your credentials. If the problem persists, you may need to clear your cookies and cache in the web browser.

We recommend using modern browsers such as Google Chrome, Microsoft Edge, Firefox and Safari to access KRIS.

  1. Type the KRIS URL in your web browser address bar
  2. Log into the KRIS web portal with your credentials.
  3. Once in, you are able to file and browse records.

Your company admin should provide you with both of the above.

Other than the KRIS portal, you can also file records using the KRIS Desktop Integration (DI) and the KRIS Smart Mail Organiser (SMO) Outlook integration. Check with your company admin on these alternatives and convenient channels.

Check if the internet connection is disrupted by opening another webpage. If connected to the internet, check with your administrator that the URL link to the KRIS system is correct.

Using KRIS

To ensure best security standards for the system, KRIS has some restriction on the characters that can be used.

For all input texts on the web portal, KRIS blocks these characters: 

  • ” (double quote)
  • ‘ (single quote)
  • < (less than)
  • > (greater than)

For names of Group Role, Role and Cabinet, KRIS also blocks these following characters besides those stated above: 

  • * (asterisk)
  • = (equal)
  • + (plus)
  • \  (backslash)
  • | (vertical bar or pipe)
  • [ (left square bracket)
  • ] (right square bracket)
  • ; (semicolon)
  • : (colon)
  • , (comma)
  • ? (question mark)

KRIS also uses a third party tool to check for Regular Expression to verify whether an expression is threatening. So, for instance, certain combination of texts may also be prohibited.

Typically, documents that contain evidence of business transactions, events or activities should be filed. Some examples are:

  • Business Expense Receipts
  • Minutes of Meeting
  • Contracts & SLA
  • Project plans
  • Emails
  • Other important supporting documents

In general, records are needed to provide evidence and ensure accountability. You should keep the records that support your business dealings and manage them appropriately.

The fastest way is to use Universal Search bar.

You can find this at the top of KRIS. Just key in the search term and the KRIS search engine will find matching records, whether the term is found on the file name, metadata or within the content of the document.

KRIS is a role-based system. It grants access to users based on the role of the user within the organization. Certain records may require Roles with higher security grading or access clearance.

The greyed out disabled icons simply means access is restricted due to your organization’s policy and standard.

You may check with your administrator to clarify or update your access rights.

Filing

Yes, as long as you have access to Edit Document for the file reference (folder), you can upload a new version of a record. Both versions will be kept in KRIS and can be retrieved easily in the future.

You can file using the channels below:

  • Web upload via KRIS portal
  • File emails directly from within MS Outlook via Smart Mail Organiser (SMO)
  • Drag and drop a file into the KRIS Desktop Integration (DI)
  • Direct from Office Application – “Save As” function

The common file extensions (such as pdf, docx, pptx, xlsx, jpeg, tiff etc) can be filed into the system.

However, only certain file types of records are searchable with Content Search. Content search is a feature of KIS that allows you to search for a keyword within the content of the document. These are MS Word, MS Excel, MS Powerpoint, PDF, Text and HTML formats.

Yes, you can. Simply copy & paste or drag & drop the document from your computer drive (e.g. My Documents) to the KRIS Desktop Integration (DI) icon on your desktop.

A record profile form will pop up, prompting you to fill in and indicate the file reference (folder) that the record is to be saved.

Yes. you can file the email with attachments into the system. The most convenient way of filing emails will be through the KRIS Smart Mail Organiser (SMO) plugin for Microsoft Outlook.

If you have filed an incorrect document, the next best action is for you to mark the document for deletion, then re-upload the correct document into the system.

  • If you do not see the icon for the document, it means that you do not have the access rights to delete the document. In this case, please inform your User Administrator (UA) in writing that you have filed a record wrongly, and put in the request to remove and delete the wrongly-filed record. The User Administration will then help to mark the record for deletion.

If you have filed into the wrong file reference (folder), you may refile (i.e. move) the document into the appropriate folder.

By default, the Personal Assistant (PA) is registered as the author by the system.

However, the PA is allowed to change the author to his/her boss. The PA will still be displayed under “Registered by” to show that he/she was the person who filed (i.e. registered) the record.

By default, the maximum size of the document that can be filed is 20MB per document. An attachment is also considered as one document, i.e. the maximum size for each attachment is 20MB.

However, this maximum filing size can be adjusted by System Administrators to fit your organisations’ needs.

Yes, it can be filed more than once provided that the document is being filed into a different file reference (folder).

The document cannot be filed if it already exists in the same file reference (folder).

The internet connection may be disrupted. Check if the internet connection is available by opening another webpage.

The record will not be deposited into KRIS System when uploading is not complete. You may need to re-upload the record when there is an internet connection.

Yes, you can temporarily file your working or draft document into KRIS.

Nevertheless, it is recommended that we only file the final copy of the document as a record after it has been approved, or a decision has been made, or if it has a legal implication, and or it has accountability values.

For example, only file approved minutes of a meeting, approved purchase requests, press releases, etc.

Searching

In Advanced Search, you can specify to search by a record’s content using “Exact Phrase”, “All of these Words” and “Any of these Words”.

By using Content Search, you can use these keywords to help you search the record accurately. simply type the keyword you are searching for into the search bar at the top of KRIS.

You can then narrow your search by using the available filters.

Digital Signatures

What is a digital signature?

A digital signature simply uses a numeric string that is attached to documents to authenticate/validate an identify.

When you digitally sign something you use cryptographic key to leave a digital signature – that string of numbers – on whatever it is you’re signing. The signature is then hashed along with the file and both the signed file and the hash value forwarded along. When the intended recipient receives the signed file, it’s going to perform the same hash function that signer performed. Hashing takes data of any length and then outputs a fixed-length hash value.

For instance, SHA-256, the hashing algorithm associated with most SSL certificates outputs hash values that 256 bits in length, this is usually represented by a 64 character hexadecimal string. If the hash values match, the signature is authentic and the file’s integrity intact.

What is a digital certificate?

A digital certificate is an X.509 certificate that asserts endpoint identity and facilitates encrypted connections—at least in the context of SSL. We use digital certificates for all range of things, everything from web servers to IoT devices. For the sake of this discussion, let’s stick to SSL/TLS and how they work in that context.

When a browser arrives at the website, it receives a copy of the SSL certificate that’s installed on that server (for the respective site) and performs a series of checks to ensure that the certificate is authentic. The certificate asserts the identity of the server (and possibly organization information depending on certificate type). It also facilitates secure connections between the sites and its users by helping to establish the parameters of the connection (what ciphers and algorithms will be used).

How do Digital Signatures and Digital Certificates differ?

Well, as we’ve just established a digital signature is a string of decimals that is affixed to a file to assist with identifying the signer and ensuring its integrity. A digital certificate is itself a file that is used to assert identity and to facilitate encrypted connections.

How do digital signatures and digital certificates work together in SSL?

Have you ever wondered how your browser knows whether to trust an SSL certificate? Here’s how it works. Every browser uses a root store, which is a collection of trusted roots that is pre-downloaded on your system. Each one of these roots has trusted status by virtue of being saved on your computer. When an SSL certificate is issued, what’s really happening is you’re sending an unsigned certificate to a trusted Certificate Authority, they then validate the information contained in the certificate and applies its digital signature using one of its roots’ private keys.

Or at least, that’s how it works in theory. In reality, trusted roots are much too valuable to issue directly from. Any issue that caused revocation of the root would end up invalidating every SSL certificate it had ever digitally signed. So instead, CAs spin up Intermediate roots. These Intermediate certificates are digitally signed with one of the roots’ private keys, and then the intermediate’s private key is used to digitally sign end user (or leaf) SSL certificates.

Sometimes CAs spin up Intermediate roots for sub-CAs or just use them to issue themselves. There can be multiple intermediates involved in the certificate chain, too.

In order for a browser to trust an end user SSL certificate, it has to follow the certificate chain. It does this by checking what certificate’s private key was used to digitally sign the certificate. Then it looks at the intermediate certificate to see what certificate’s private key was used to sign that. It continues following digital signatures up to the certificate chain until it links back to one of the roots in its trust store.

If the leaf certificate is descendant from one of the trusted roots, by extension the browser trusts it, too. If not, a browser warning is displayed instead.

The digital signature is crucial for authenticating the digital certificate itself.

Introduction to Records Management

The records that have reached the end of their retention period will still remain in KRIS.

In general, depending on the historical and audit value of the information, records may be kept in KRIS for 5, 7, 10 or 12 years.

A Role is the position/function that the user holds in the organization. E.g. Finance Manager.

Group Role consists of numerous different “Roles” that have common objectives. E.g. the group role is called “Welfare committee” which comprises of users from different departments such as Human Resource and Finance.

Security grading is a range of values which determines the level of access to certain documents. E.g. a document with a high-security grading of “Confidential” requires the user to be of a managerial position and above before he/she can access the document.

Role equals to the functional designation in an organization. Example, Anna is the Corporate Secretary of the Human Relations Department. Therefore, Anna’s role in KRIS can be created as CorpSec HR.

Each user can have one or more roles in an organization, and this also can be reflected in KRIS.

A Cabinet a compartment in KRIS which holds all files belonging to the same business function. Example, files like Payroll, Employee Records, HR Policies, will all belong to the Cabinet called HR Cabinet.

Every user will belong to at least one cabinet. This is to clearly list out the relationship between users and the records.

A Profile Form contains details of the record. E.g. record name, author, and date of registration.

It is the name given to the File. Note that within in the world of Record Management, a file is like a folder that contains records.

E.g. If the file reference is “Events – Marketing”, a record that is related to marketing events will be kept in there.

This method of access control reflects the hierarchical structure of an organization.

A Parent is the Reporting Manager, while a child, subordinate under.

This means that:

  • Child roles (subordinates) cannot access files meant for parent roles (managers) unless exceptional access is specifically granted.
  • If a user is configured with clearance to access the parent record, he/she can also access the child record. I.e. the manager of the department can access records of his/her subordinates.

A file is a collection of records which have common properties. Each file has its own file reference which is unique. The file reference indicates the subject or contexts of the records within it.

A record can be an image, text-based document in electronic or physical format.

Physical Files

It is not advisable to ask another person who is not from your list of allowed users to collect a file on your behalf.

There will be no audit trail when a non-registered person or unauthorised person collects a file on your behalf. It is also a breach of data security when an unauthorized person has access to the file.

When the file is collected by an authorised user, KRIS can capture details such as date of collection and the user who collected the file.

The next immediate user (after you) who has reserved the file may not be in your list of allowed users.

There are two conditions for transferring a file.

  1. The designated user must be the next borrower in the queue.
  2. If there’s no immediate borrower ahead of him/her in the queue, the designated user must have proper access rights to the file.