Getting Started

Set up and manage compliance standards

Use the Standards module to adopt a compliance programme for your site, assign owners to each requirement, attach evidence, and keep review dates current. This article walks through the full workflow from adoption to activation and ongoing monitoring.

Before you start

You need the Manager or Admin role for the Standards module at the site where you want to set up the standard.

Adopt a standard at your site

  1. Open the Standards Library and select the standard you want to adopt.

  2. Click Adopt at This Site. The adoption wizard opens.

  3. Confirm the version, answer the adoption parameters, and choose a grading mode. The Default Owner you select here will be pre-filled on each requirement.

  4. Review your choices and click Adopt Standard. The standard is created on your site in the Adopting status.

For a detailed walkthrough of the adoption wizard, see Adopt a Standard at This Site.

Review requirements and assign owners

While the standard is in Adopting status, open the standard detail page and work through the requirement tree.

  1. Review each requirement. Requirements that are not yet configured show as Not Started or In Progress.

  2. For each requirement, set the Assignment Path to Site Role or Direct Party, then choose the owner. Only users who have Standards access at this site can be assigned as an owner.

  3. Confirm that every in-scope requirement is marked Ready before you activate the standard.

For more details on requirement configuration, see Configure Standard Requirements and Set a default owner for a standard.

Attach evidence to requirements

Each requirement that needs proof of compliance must have evidence linked to it.

  1. On the requirement detail page, open the Evidence section and click Add Evidence.

  2. Choose the evidence type: documents, distributions, risk assessments, work schedules, files, or manual confirmations.

  3. Complete the form and submit to create the link.

The requirement tree shows how many required evidence slots are linked and warns you when any are missing. For detailed steps, see Link Evidence to a Standard.

Track review dates and keep attestation current

When a requirement needs periodic review, the standard tracks whether the review is up to date.

  • During adoption, the Next Review Due date shows Starts when standard is activated and the Last Reviewed date shows Not yet started.

  • After activation, the requirement shows an attestation health indicator: Up to Date, Due Soon, Overdue, or Initial Review Due.

  • Complete the linked review policy or perform an ad-hoc review to update the Last Reviewed date and advance the Next Review Due date.

If a requirement is not yet linked to a review policy, the health indicator shows Not Configured. Map a review policy to the requirement so the system can track due dates automatically. For more on attestation health and review intervals, see Reviews and Attestation in Standards.

Activate the standard and monitor compliance

When every in-scope requirement is ready, activate the standard so it moves to Active status and begins tracking live compliance.

  1. On the standard detail page, activate the standard. The status changes to Active and the compliance health labels begin to update.

  2. Open the Our Standards page to see the summary strip: Adopted Standards, Compliant Requirements, and Obligation Gaps.

  3. Drill into an active standard to see the compliance ring and requirement-level statuses: Compliant, Non-compliant, or Remediating.

For dashboard and monitoring details, see Standards Dashboards and Site Home and Understanding Compliance in Standards.

Common questions

Can I change the default owner after adoption?

Yes. The default owner is pre-filled when you adopt, but you can assign different owners to individual requirements later using the requirement detail page.

Why can’t I assign a particular user as an owner?

Only users who have Standards access at this site can be assigned as an owner. If the user is not listed, check their site role in Settings > User Management.

What happens if a requirement is out of scope?

Out-of-scope requirements are visually de-emphasised in the requirement tree and do not affect the compliance score. You do not need to configure them before activation.

For a deeper walkthrough of each phase, see Adopt and manage a standard at a site.

Was this helpful?