ISO 19650 compliance for SharePoint

Your data stays in M365. Your rules get enforced.

Request Demo Why Policy-Driven?
Data stays in your M365 tenant Policy-JSON configuration Partner-ready blueprints

Product Introduction

SharePoint stores documents. It doesn't enforce ISO 19650.

The Problem

Large construction projects need ISO-19650 compliant CDE processes on their existing M365 tenant. But ISO rules (naming, status/revision, approvals) are not enforced — leading to inconsistency and compliance risks.

Our Solution

Flinker ISO 19650 CDE Builder brings standardized ISO processes, naming enforcement, and approval workflows to SharePoint — no heavy setup, no data migration, no external platforms.

Built for the built environment

End Customers

  • General contractors
  • Owners & operators
  • Infrastructure owners
  • Planning departments

Users

  • Document controllers
  • BIM managers
  • Project leads
  • Quality managers

Partners

  • BIM agencies
  • Microsoft partners
  • CDE consultants
  • Project controllers
Features

Turn SharePoint into an ISO 19650 CDE

Policy-JSON Configuration

Define all ISO rules in a single configuration file stored in SharePoint. Schema-validated with clear error messages.

  • Portable blueprints
  • Partner-customizable
  • Version controlled

Naming Convention Enforcement

Pattern-based validation checks filenames automatically. Mode per area: off in WIP, warn in Shared, enforce in Published.

  • Clear user guidance on failure
  • Auto-extract metadata from filename
  • Compliance issues logged

Metadata Compliance

Required fields per action (submit, approve, publish). Status, Revision, Discipline, Originator — all validated.

  • Block publish if incomplete
  • Status catalog (S0, S1, A, B)
  • Revision scheme enforcement

Release Gate (State Engine)

Guided process: WIP → Shared → Published → Archive. Only compliant files can be published.

  • Approval workflows
  • Automatic status transitions
  • Visibility control per area

Audit & Compliance Logging

Every action logged: attempts, blocks, approvals, publications. Compliance issues tracked in SharePoint lists.

  • App-level event journal
  • Microsoft Purview integration
  • KPIs and reporting

Permission Management

Full SharePoint permission control built-in. Manage internal users, external partners, and groups at any folder level.

  • Excel-based permission templates
  • External user access with notifications
  • Bulk & quick editing
Permissions

Full access control, built in

User & Group Management

Assign permissions to internal users, external partners, or groups. Create user groups for teams with identical access levels.

Folder-Level Access

Customized access controls for each folder. Define who can view, edit, or share at any directory level in your CDE.

External Access

Grant access to external organizations with automatic notifications. Control what external partners can see and do.

Permission Templates

Excel-based templates for rapid, secure setup. Define ISO 19650 role templates (Owner, Approver, Contributor, Reader) once, reuse everywhere.

Bulk & Quick Editing

Change access settings across multiple folders at once. Single-click actions for groups, authorization levels, and areas.

Access Reports

See all shared folders in one report. Full oversight of access rights across your SharePoint sites and Teams.

View Permission Docs

Approval Workflow

Compliant filename structure

Your schema, your rules — column names, field count, and metadata are fully configurable.

PRJ1-ORIG-VOL1-L01-DR-ARC-0123_B_Rev03.ifc
PRJ1
Project Code
ORIG
Originator
VOL1
Volume/System
L01
Level/Location
DR
Type (Drawing)
ARC
Discipline
0123
Number
B_Rev03
Status & Revision
S0 WIP S1 Shared A Review B Published

Dedicated CDE vs. SharePoint + Flinker

Traditional CDE

  • Data sovereignty External
  • Naming enforcement
  • Approval workflows
  • Metadata compliance
  • Customizable policies Limited
  • Partner customization
  • Permission management Basic
  • Extensibility Closed
  • M365 integration

SharePoint + Flinker

  • Data sovereignty Your M365
  • Naming enforcement
  • Approval workflows
  • Metadata compliance
  • Customizable policies
  • Partner customization
  • Permission management Advanced
  • Extensibility Open
  • M365 integration Native

Read more: Policy-Driven vs. Power Automate approach

Pricing Plans

Choose the right plan for your team

Most Popular

Free

Basic permission management

€0

forever
  • Role-based permissions
  • Basic compliance checks
  • External user management

Pro

Full ISO 19650 compliance

Contact

for pricing
  • Everything in Free
  • Policy-JSON configuration
  • Naming & metadata enforcement
  • Approval workflows
  • Audit & issue logging

Enterprise

Full enforcement + advanced features

Custom

pricing
  • Everything in Pro
  • Hard enforcement (all paths)
  • Transmittals suite
  • Advanced reporting
  • Priority support

Frequently asked questions

Can't find an answer? Contact support

All rules are defined in a single configuration file stored in SharePoint. This includes naming patterns, metadata requirements, approval workflows, area structure (WIP/Shared/Published/Archive), and role definitions. Partners can export, import, and customize blueprints.

The user receives clear guidance on what's wrong and how to fix it. Depending on the mode (warn/enforce), the file is either flagged with a warning or blocked from proceeding. A compliance issue is logged for tracking.

Files can only move from Shared to Published if they pass all compliance checks: correct naming, required metadata present, and approval granted (if required). Pro enforces this at the UI/process level. Enterprise adds hard enforcement for all upload paths (sync, API, third-party).

Yes. Compliance issues are logged in a dedicated SharePoint list. Audit events (policy loaded, action attempted, action blocked, approved, rejected, file moved) are tracked automatically. Long-term retention integrates with Microsoft Purview.

Partners can create, export, import, and version blueprints (JSON). Build a country-specific or client-specific profile once, then deploy to multiple projects. Customizing without code — change the JSON, redeploy.

Pro: Process gate enforcement. Validates at release actions (submit, approve, publish). Users can upload files, but non-compliant files won't pass the release gate.

Enterprise: Hard enforcement on all upload paths. Blocks non-compliant files immediately. Plus transmittals suite, advanced reporting, and priority support.

Ready to get started?

Book a demo or reach out to discuss your project.

Book a Demo Email Us