Overview
Conformly.ai provides four core review actions that work together to ensure comprehensive compliance analysis. Each action serves a specific purpose and addresses different aspects of compliance verification.Review Actions Summary
| Review Action | Purpose | What It Detects | Primary Value |
|---|---|---|---|
| Gap Analysis | Detect missing content vs. standards | Missing arguments, missing requirements, incomplete decisions | Reduces major audit findings, ensures readiness |
| Completeness Check | Ensure required document sections exist | Empty sections, missing artefacts, incomplete templates | Improves document maturity and saves review time |
| Traceability Check | Enforce requirement flow across lifecycle | Broken links, missing upstream/downstream connections | Improves ASPICE/FuSa compliance and evidence quality |
| Checklist Validation | Enforce internal rules consistently | Fail/pass of checklist items, deviations | Standardizes reviews and improves supplier maturity |
1. Gap Analysis
What It Does
Gap Analysis identifies missing or insufficient content in a work product by comparing it against the specific expectations of the chosen standard (ASPICE, ISO 26262, ISO/SAE 21434) and the organization’s internal guidelines.How It Works
- Checks for missing mandatory sections
- Identifies absent safety/security arguments
- Flags unaddressed requirements from upstream artefacts
- Detects inconsistencies (e.g., safety goals defined without corresponding functional safety requirements)
- Highlights weak or ambiguous statements
Why It Matters
- Prevents incomplete documents from going into assessments
- Improves engineering maturity
- Reduces findings from FuSa/CS/ASPICE assessors
- Catches issues early when they are still easy to fix
Real Example
TSRs (Technical Safety Requirements) provided with no traceable decomposition from FSRs (Functional Safety Requirements) or missing rationale → flagged as gaps.2. Completeness Check
What It Does
Completeness Check evaluates whether the work product contains all the elements required by the relevant process, work-product definition, or internal template.How It Works
- Compares document content against expected structure (e.g., safety plans, safety concepts, system requirements)
- Verifies presence of required artefacts (e.g., hazard lists, rationales, assumptions, verification plans)
- Assesses if each section is minimally populated with meaningful engineering content
- Identifies “empty templates,” placeholders, or superficial content
Why It Matters
- Ensures teams don’t submit half-complete documents to reviewers
- Reduces rework and return-loops
- Ensures review readiness before internal or external audits
- Raises document quality across teams and suppliers
Real Example
A Safety Plan missing itemized confirmation measures and qualification strategies → flagged as incomplete.3. Traceability Check
What It Does
Traceability Check analyzes connections between requirements and artefacts and identifies missing, broken, or illogical links across the lifecycle.How It Works
- Tracks links across the chain (SG → FSR → TSR → Design → Test)
- Detects missing upstream or downstream artefacts
- Checks for one-to-many or many-to-many inconsistencies
- Identifies “dangling” requirements that are not implemented or verified
- Highlights traceability breaks that violate ASPICE or ISO 26262 chain-of-evidence requirements
Why It Matters
- Ensures audit-ready traceability
- Reduces major ASPICE findings (which often focus on broken trace links)
- Strengthens safety argumentation and verification completeness
- Enhances supplier maturity and consistency
Real Example
A system requirement linked to two technical requirements but no corresponding verification case → flagged for missing test traceability.4. Checklist Validation
What It Does
Checklist Validation uses organization-specific checklists to evaluate work products against internal quality and compliance criteria.How It Works
- Loads the company’s internal ASPICE, FuSa, or Cybersecurity review checklists
- Applies each checklist item to the content of the uploaded document
- Generates a compliance result for each line item (Pass / Fail / Missing / Not Applicable)
- Produces structured review output aligned to corporate review practices
- Supports frozen checklists or dynamic/supplier-specific ones
Why It Matters
- Standardizes reviews across all teams and suppliers
- Replaces subjective human interpretation with consistent AI evaluation
- Accelerates formal compliance assessments
- Ensures alignment with OEM-specific development rules
Real Example
Volvo’s internal SYS.2 review checklist for requirement quality applied automatically to a supplier’s system specification.Using Review Actions Together
These four review actions work best when used together:- Start with Gap Analysis to identify missing content
- Run Completeness Check to ensure all required sections exist
- Perform Traceability Check to verify requirement links
- Apply Checklist Validation to enforce internal standards
- Complete and well-structured
- Properly linked across the lifecycle
- Aligned with industry standards
- Compliant with internal quality criteria
API Reference: Analysis
Learn how to use these review actions via the API
Quickstart Guide
Get started with your first compliance analysis
UX Notes (Current Implementation)
- The Reports page shows four engine tabs (Gaps, Completeness, Traceability, Checklists). The active tab is highlighted in its engine color for clarity.
- The Gaps tab includes filters (severity, status, standard) and a two‑column layout on large screens: left for triage list, right for analysis history.
- Each gap’s status chip is actionable (Open / In progress / Resolved / Accepted) via a small menu.
- The Gap Analysis Viewer provides:
- One‑time onboarding banner describing how to navigate findings and export
- “Click to highlight” guidance and side‑by‑side document/finding panels
- Structured export optimized for Print to PDF, including a “Prioritized Action Plan” section
- For small 3‑page documents, recommendations are de‑duplicated and capped by default, with a toggle to show all