37Act Guide

Governed reporting workflows for sensitive public pension data

Security and governance positioning for 37 Act reporting software: access controls, audit trails, retention, review history, and evidence management.

37Act should not sound like a lightweight template app. It should sound like a serious reporting operations platform for sensitive public pension workflows.

The security and governance story should focus on what the product can credibly support: access controls, source lineage, version history, review notes, approval states, export history, and organized evidence. Those controls are valuable because they help administrators explain where numbers came from and how reporting materials were reviewed.

Related pages: implementation, integrations, audit evidence workflows, and GASB 67/68 reporting.

Trust architecture

The governance layer behind board-ready reporting.

For a pension administrator, visual polish matters — but trust comes from controls, traceability, and review discipline.

01
RBAC

Role-based access

Separate intake, review, approval, export, and administrative responsibilities by role.

02
LINE

Source lineage

Track where a file came from, which fiscal year it belongs to, who reviewed it, and which outputs it supports.

03
VERS

Version history

Preserve imports, assumptions, adjustments, comments, and export revisions across reporting cycles.

04
EVID

Evidence binder

Tie workpapers, notes, reviewer comments, and approvals to the final schedule or board material they support.

05
EXP

Controlled exports

Record what was exported, when, by whom, and for which actuarial, audit, GASB, finance, or board use.

06
RET

Retention-ready structure

Organize reporting work by fiscal year and cycle so the history can be found again when questions arise.

Trust language

Use credible governance language without overclaiming.

Current state

Too risky

  • !Guaranteed compliance with every reporting requirement.
  • !Automatically certifies audit-ready statements.
  • !Replaces professional review and signoff.
  • !Officially approved by government agencies.

With 37Act

Credible and useful

  • Supports governed reporting workflows and evidence organization.
  • Preserves source lineage, review notes, approvals, and export history.
  • Helps teams prepare defensible materials for professional review.
  • Designed around the operating realities of California CERL systems.

Discuss governance requirements early.

A design-partner implementation should begin with data sensitivity, roles, evidence needs, export controls, and retention expectations.

Request governance review