Skip to main content

Overview

The Compliance Matrix Risksheet implements a 9-column, 2-level hierarchy structure organized by standard section and individual compliance requirements. Each row represents a compliance objective that must be satisfied through documented evidence, with automatic color-coding by compliance status. Key characteristics:
  • Risk type: complianceRequirement
  • Task type: task with implements role (not riskControl)
  • Scope: Project-wide (no systemElementId binding)
  • Document template: RiskTemplates/ComplianceTemplate

Column Structure and Header Groups

The Compliance Matrix organizes 9 columns into 4 header groups:
Header GroupColumnsPurpose
Standard2 columnsStandard name and section reference
Requirement2 columnsCompliance objective title and full requirement text
Compliance2 columnsCurrent status and evidence type classification
Evidence3 columnsEvidence record ID, source item, and verification status

Standard Section

Column NameTypeDefaultDescription
Standard NameTextName of the aerospace standard (e.g., DO-178C, ARP 4761, MIL-STD-882E)
Section ReferenceTextStandard section, table, or objective number (e.g., “Table A-1”, “Section 6.3.1”)

Requirement Definition

Column NameTypeDefaultDescription
Requirement TitleTextShort title of the compliance objective or requirement
Requirement TextText (Long)Full requirement description from the standard, often containing specific objectives or constraints

Compliance Status

Column NameTypeDefaultDescription
Compliance StatusEnumerationNot ApplicableCurrent compliance state: Compliant (green), Partial (yellow), Non-Compliant (red), or Not Applicable (grey)
Evidence TypeEnumerationClassification of evidence supporting compliance: Document Reference, Test Result, Analysis Report, Inspection Record, or Waiver Approval

Evidence Records

Column NameTypeDefaultDescription
Evidence Record IDLinkReference to work item (document, test report, or analysis artifact) providing evidence
Evidence Source ItemTextSpecific section, table, or item number within the evidence record
Evidence StatusEnumerationNot VerifiedVerification state of the evidence: Approved, In Review, or Not Verified

Compliance Status Color Coding

The Compliance Matrix uses 4-state color coding applied to the row header and Compliance Status column for instant visual feedback on standards compliance: diagram Color coding enables quick scanning during compliance audits and certification reviews. The row header color changes automatically based on the Compliance Status value.

Views and Navigation

The Compliance Matrix provides 4 purpose-built views to support different compliance workflows:
View NamePurposeUse Case
Full MatrixComplete standards compliance overviewComprehensive audit of all objectives across all standards
Compliance OverviewSummary view grouped by standardIdentify which standards have complete coverage vs. gaps
Evidence TrackingDetailed evidence records with verification statusTrack evidence collection and review progress
Gaps OnlyNon-compliant and partial items onlyFocus remediation efforts on areas needing rework

Gaps Only View Details

The Gaps Only view is specifically designed for non-compliance remediation workflows. It displays:
  • Full requirement text (not just title) for clarity on what must be satisfied
  • Current evidence records with status
  • Space for adding or updating evidence
This focused view allows compliance teams to efficiently identify what evidence is missing and track corrective actions.

Configuration Schema

The Compliance Matrix Risksheet configuration in risksheet.json defines:
{
  "risksheetsConfig": {
    "complianceRequirement": {
      "columns": [
        {
          "id": "standardName",
          "header": "Standard",
          "type": "text",
          "width": 120
        },
        {
          "id": "sectionRef",
          "header": "Section",
          "type": "text",
          "width": 100
        },
        {
          "id": "requirementTitle",
          "header": "Requirement",
          "type": "text",
          "width": 200
        },
        {
          "id": "requirementText",
          "header": "Text",
          "type": "textarea",
          "width": 300
        },
        {
          "id": "complianceStatus",
          "header": "Status",
          "type": "enumeration",
          "values": [
            "Compliant",
            "Partial",
            "Non-Compliant",
            "Not Applicable"
          ],
          "cellStyler": "complianceStatusColor"
        },
        {
          "id": "evidenceType",
          "header": "Evidence Type",
          "type": "enumeration",
          "values": [
            "Document Reference",
            "Test Result",
            "Analysis Report",
            "Inspection Record",
            "Waiver Approval"
          ]
        },
        {
          "id": "evidenceId",
          "header": "Evidence ID",
          "type": "itemLink",
          "multiItem": true,
          "linkRole": "implements"
        },
        {
          "id": "evidenceSource",
          "header": "Source",
          "type": "text",
          "width": 150
        },
        {
          "id": "evidenceStatus",
          "header": "Status",
          "type": "enumeration",
          "values": [
            "Approved",
            "In Review",
            "Not Verified"
          ]
        }
      ]
    }
  }
}

Hierarchy and Row Organization

The Compliance Matrix uses a 2-level hierarchy:
  1. Level 1 (Header): Standard name — groups all requirements from a single standard
  2. Level 2 (Detail): Individual compliance requirements — each tracked separately
diagram

Standards Covered

The Aerospace Safety Solution Compliance Matrix supports tracking requirements from multiple aerospace standards:
StandardScopeTypical Count
DO-178CSoftware airworthiness assurance objectives per DAL~19 objectives (Table A-1 through A-5)
DO-254Hardware design assurance objectives per DAL~18 objectives (Table A-1 through A-5)
ARP 4761Safety assessment processes (FHA, FMEA, etc.)~8–12 requirements
ARP 4754ASystem development assurance~15–20 processes
DO-326AAirborne cybersecurity threat assessment~10–15 threat categories
MIL-STD-882EHazard analysis and safety requirements~12–16 safety standards
DO-160GEnvironmental and functional safety qualification~6–8 test categories
The actual number of compliance requirements may vary based on project scope, applicable DAL level, and customer-specific requirements. Import only the standards and sections applicable to your program.

Project-Wide Scope

Unlike the FHA and FMEA riskhseets which are bound to specific system elements via systemElementId, the Compliance Matrix is project-scoped:
  • No systemElementId: Compliance requirements apply to the entire system, not individual subsystems or components
  • Single document per project: All standards compliance is tracked in one Compliance Matrix risksheet (e.g., COMPLIANCE-001)
  • Cross-standard comparison: View compliance status across multiple standards in one place
This project-wide scope enables compliance leads to track progress toward certification across all applicable standards without navigating separate documents.

Task Integration: Implements Role

Compliance requirements link to evidence through the implements role, distinct from the mitigates or allocatesTo roles used in FHA and FMEA:
complianceRequirement --implements--> task (evidence record)
  • Task type: task (generic work item)
  • Link role: implements
  • Multiplicity: Multiple evidence records per requirement (multi-item link)
This pattern allows one compliance requirement to be satisfied by multiple evidence records (e.g., document references, test reports, inspection records).

Example: DO-178C Compliance Row

Below is a sample Compliance Matrix row tracking a DO-178C software assurance objective:
StandardSectionRequirement TitleRequirement TextStatusEvidence TypeEvidence IDSourceVerification
DO-178CTable A-1 (DAL B)Software Processes”The applicant shall establish a plan for developing software and shall verify that the software processes and activities follow the plan or justify changes made to the plan”CompliantDocument ReferenceDOC-SW-001Section 2.1Approved
In this example:
  • The requirement is taken directly from DO-178C Table A-1, which lists software assurance objectives per DAL
  • Evidence is provided by document DOC-SW-001, Section 2.1
  • Status is Compliant because the evidence document addresses the requirement
  • Verification status is Approved, meaning the compliance lead has reviewed and accepted the evidence

PowerSheet Alternative: Objectives Compliance Matrices

For detailed compliance tracking by Design Assurance Level (DAL), Aerospace Safety Solution also provides PowerSheet-based compliance matrices such as the DO-178C Objectives Compliance Matrix and DO-254 Objectives Compliance Matrix. These PowerSheets add DAL-specific status columns (one per DAL level A–D) and support per-DAL filtering. See reference/powersheet-configs.md for PowerSheet configuration details.
  1. Open the Full Matrix view to assess overall project compliance
  2. Use Gaps Only view to identify non-compliant or partial requirements
  3. Add evidence records via the Evidence Tracking view
  4. Update Compliance Status when evidence is approved
  5. Export the matrix for certification authority submission

See Also

This page documents Compliance Matrix risksheet configuration based on limited source coverage. For complete details on custom columns, advanced formulas, or per-project configuration variations, please consult the Aerospace Safety Solution user guide or verify in your active Polarion project.
Code: modules/RiskTemplates/ComplianceTemplate/attachments/risksheet.json (0.74) · .polarion/nextedy/sheet-configurations/DO-178C Objectives Compliance Matrix.yaml (0.69) · modules/Risks/COMPLIANCE-001/module.xml, modules/Risks/MIL-STD-882E-HTS-001/module.xml, modules/Risks/SEC-THREAT-001/module.xml, modules/Risks/SFMEA-SUB-001/module.xml, modules/Risks/SFMEA-SUB-002/module.xml, modules/Risks/SFMEA-SUB-003/module.xml (0.67) · modules/RiskTemplates/RiskControlPlanTemplate/attachments/risksheet.json (0.62) · modules/RiskTemplates/PSSATemplate/attachments/risksheet.json (0.61) · modules/RiskTemplates/FHATemplate/attachments/risksheet.json (0.60) · modules/RiskTemplates/SSATemplate/attachments/risksheet.json (0.60) · .polarion/nextedy/sheet-configurations/DO-254 Objectives Compliance Matrix.yaml (0.59) · modules/RiskTemplates/CCATemplate/attachments/risksheet.json (0.59) · modules/RiskTemplates/HazardTrackingTemplate/attachments/risksheet.json (0.58)