Compliance
Compliance statuses
Purpose Purpose
Statuses are the answer options on a Compliance board. Every question answer at every site must use one of the statuses configured for that board.
Statuses do three important things:
- They define the words users see when answering questions.
- They determine how site compliance is calculated.
- They can control who is allowed to set sensitive statuses.
Because statuses affect both daily work and reporting, they should be designed before large teams start updating answers.
Status examples Status examples
Statuses are flexible. A board can use compliance language, a simple yes/no model, a review workflow, or internal work-management terms.
| Example setup | Possible statuses |
|---|---|
| Simple checklist | Yes, No, Not applicable |
| Compliance review | Compliant, Non-compliant, Not applicable, Not answered |
| Work management | To do, In progress, Blocked, Done |
| Review workflow | Draft, Awaiting review, Completed, Rejected |
The best status names are the names your users already understand. Avoid creating too many statuses unless each one changes how people work or how results are reported.
Status fields Status fields
Each status has configuration that controls how it appears and behaves.
| Field | What it controls |
|---|---|
| Name | The label users select when answering a question. |
| Color | The color used in the matrix, site view, tables, and summaries. |
| Open, Closed, or Ignore | Whether answers with this status count as open work, closed work, or are excluded from compliance calculations. |
| Default | Whether the status is used for new answer items when new questions or sites are added. |
| Include in default view | Whether answers with this status appear in the default work views. |
| Restricted message | The message shown when a user tries to set a restricted status they are not allowed to use. |
Open Closed Ignore Open Closed Ignore
The most important part of a status is whether it is configured as Open , Closed , or Ignore .
| Behavior | What it means |
|---|---|
| Open | The answer is included in the total and counts as work that is not closed. |
| Closed | The answer is included in the total and counts as closed work. |
| Ignore | The answer is excluded from the total. Use this for statuses such as Not applicable. |
This behavior is how 21RISK calculates how compliant a site is.
Compliance percentage = closed questions / (total questions - ignored questions)
Examples:
| Site answers | Calculation | Compliance |
|---|---|---|
| 10 total questions, 9 closed, 1 open, 0 ignored | 9 / (10 - 0) | 90% |
| 15 total questions, 5 closed, 5 open, 5 ignored | 5 / (15 - 5) | 50% |
The name of a status does not calculate compliance by itself. The Open, Closed, or Ignore behavior does. For example, a status named Completed should normally be Closed, while a status named Not applicable should normally be Ignore.
Status rules Status rules
Status rules control who can use a status. They are useful when a status represents an approval, verification, or authority that should not be available to everyone.
For example, a board can use these statuses:
| Status | Behavior | Who should use it |
|---|---|---|
| Awaiting review | Open | Site users who believe the requirement is complete but need approval. |
| Completed | Closed | Reviewers, managers, or organization owners who are allowed to close the answer. |
With status rules, Awaiting review can remain public while Completed is restricted to a specific set of users.
Public and restricted statuses Public and restricted statuses
Status access works like this:
- If a status has no enabled rules, it is public and can be set by anyone who can update the answer.
- If a status has one or more enabled rules, it is restricted.
- For a restricted status, the user must match at least one enabled rule.
- If the user does not match any enabled rule, 21RISK blocks the status change and shows the restricted message if one is configured.
Organization owners can be included in rules by using the Is organization owner condition.
Rule conditions Rule conditions
A status rule is built from filter groups and conditions.
Within one group, all conditions must match. Between groups, only one group needs to match. In practical terms, this means:
- Conditions inside a group use AND logic.
- Alternative scenarios use OR logic.
Available condition types include:
| Condition | Use it for |
|---|---|
| User is a member of | Allow users in selected user groups to use the status. |
| Name | Match answer item names by text filters. |
| External ID | Match answer item external IDs by text filters. |
| Is organization owner | Allow or deny based on whether the user is an organization owner. |
Example rule design:
| Rule | Meaning |
|---|---|
| User is a member of Reviewers | Any member of the Reviewers group can use the status. |
| Is organization owner is true | Organization owners can use the status. |
| User is a member of Fire Safety Reviewers AND Name contains Fire | Fire Safety Reviewers can use the status only for matching answer items. |
Recommended setup Recommended setup
For most boards, start simple:
- Create a default Open status, such as Not answered or To do .
- Create one or more Open statuses for work in progress, such as In progress or Awaiting review .
- Create Closed statuses for accepted completion, such as Completed or Compliant .
- Create Ignore statuses for answers that should not affect compliance, such as Not applicable .
- Add rules only to statuses that require authority, such as Completed , Approved , or Accepted .
- Configure a restricted message that tells users what to do instead, such as "Only reviewers can set Completed. Please use Awaiting review."