For my engagement letters and consents to disclose, they are stored on my secure portal (Citrix ShareFile), in a folder that only my login currently has access to.
My process is, after the document is prepped:
1) upload to portal, send to client for e-signature via Citrix RightSignature.
2) client e-signs the document, an executed copy is automatically uploaded to the same folder, I receive an email notification.
It is streamlined and efficient, the way I like it. The audit trail is also strong. I don't send paper engagement letters and haven't had any push back from clients over this. Citrix is responsible for maintaining the original and executed copies. They don't contain sensitive client data other than names and addresses, so I'm not too worried about having these offsite.
Sometime I plan to examine integrating this into Citrix's workflows to further increase efficiency. Inefficiency and too much input from me is one of my pain points that I'm working to steadily resolve as I scale.