Skip to content

How do I keep track of compliance status?

Requires Pro

You read the compliance status directly off the module’s two lists: under Policies, you see each entry’s framework and status (Draft, Active, Review, Archived); under Risks, the risk level and review date. This gives you an at-a-glance view of which requirements are active, which are up for review, and which risks are critical. For metrics that span tiers, fetch the lists via the API and evaluate them yourself.

Compliance is a Pro feature. There is no dedicated “status” report — the evaluation happens through the existing lists and their filters.

  1. Review policies by status/framework. Open Compliance → Policies. The list shows each policy’s framework, reference ID, and status. Watch for entries with the status Review — they’re due for review — and drafts, which aren’t yet in effect.

    Evaluating policies by framework and status.
  2. Review risks by level and review date. Switch to the Risks tab. The list is sorted by creation date and shows risk level, likelihood, impact, and review date. This lets you find critical and high risks, as well as assessments whose review date is overdue.

    Evaluating risks by level and due review date.
  • No aggregate endpoint: The Compliance module returns raw lists, not a ready-made status metric. You evaluate them through filters (GUI) or the list response (API) — which keeps it flexible and precise.
  • Your tenant only: Both lists are scoped to your tenant; metrics never mix in data from other tenants.
  • Sorting: Policies come sorted by title, risks by creation date (newest first).
  • Status as a maturity level: The policy status (draftactivereviewarchived) is the key lever for audit preparation: “How many controls are active?” is answered directly from it.