a lot of records (e.g. Risk Treatment table, or SoA) that should be created and managed should be according to templates in pdf format. I understand that. But there is a version history in Office365, so that we can check whether they were some unauthorized changes. Is that enough, I mean storing the records in Excel or Word form, not pdf, but with a version history turned on?