> ## Documentation Index
> Fetch the complete documentation index at: https://docs.conformly.ai/llms.txt
> Use this file to discover all available pages before exploring further.

# Review Actions

> Understanding Conformly.ai's four core review actions for compliance analysis

<style>
  {`
      p, li {
        text-align: justify;
        text-justify: inter-word;
      }
    `}
</style>

## Overview

Conformly.ai provides four core review actions that work together to ensure comprehensive compliance analysis. Each action serves a specific purpose and addresses different aspects of compliance verification.

## Review Actions Summary

| Review Action            | Purpose                                   | What It Detects                                               | Primary Value                                        |
| ------------------------ | ----------------------------------------- | ------------------------------------------------------------- | ---------------------------------------------------- |
| **Gap Analysis**         | Detect missing content vs. standards      | Missing arguments, missing requirements, incomplete decisions | Reduces major audit findings, ensures readiness      |
| **Completeness Check**   | Ensure required document sections exist   | Empty sections, missing artefacts, incomplete templates       | Improves document maturity and saves review time     |
| **Traceability Check**   | Enforce requirement flow across lifecycle | Broken links, missing upstream/downstream connections         | Improves ASPICE/FuSa compliance and evidence quality |
| **Checklist Validation** | Enforce internal rules consistently       | Fail/pass of checklist items, deviations                      | Standardizes reviews and improves supplier maturity  |

***

## 1. Gap Analysis

### What It Does

Gap Analysis identifies missing or insufficient content in a work product by comparing it against the specific expectations of the chosen standard (ASPICE, ISO 26262, ISO/SAE 21434) and the organization's internal guidelines.

### How It Works

* Checks for missing mandatory sections
* Identifies absent safety/security arguments
* Flags unaddressed requirements from upstream artefacts
* Detects inconsistencies (e.g., safety goals defined without corresponding functional safety requirements)
* Highlights weak or ambiguous statements

### Why It Matters

* Prevents incomplete documents from going into assessments
* Improves engineering maturity
* Reduces findings from FuSa/CS/ASPICE assessors
* Catches issues early when they are still easy to fix

### Real Example

TSRs (Technical Safety Requirements) provided with no traceable decomposition from FSRs (Functional Safety Requirements) or missing rationale → flagged as gaps.

***

## 2. Completeness Check

### What It Does

Completeness Check evaluates whether the work product contains all the elements required by the relevant process, work-product definition, or internal template.

### How It Works

* Compares document content against expected structure (e.g., safety plans, safety concepts, system requirements)
* Verifies presence of required artefacts (e.g., hazard lists, rationales, assumptions, verification plans)
* Assesses if each section is minimally populated with meaningful engineering content
* Identifies "empty templates," placeholders, or superficial content

### Why It Matters

* Ensures teams don't submit half-complete documents to reviewers
* Reduces rework and return-loops
* Ensures review readiness before internal or external audits
* Raises document quality across teams and suppliers

### Real Example

A Safety Plan missing itemized confirmation measures and qualification strategies → flagged as incomplete.

***

## 3. Traceability Check

### What It Does

Traceability Check analyzes connections between requirements and artefacts and identifies missing, broken, or illogical links across the lifecycle.

### How It Works

* Tracks links across the chain (SG → FSR → TSR → Design → Test)
* Detects missing upstream or downstream artefacts
* Checks for one-to-many or many-to-many inconsistencies
* Identifies "dangling" requirements that are not implemented or verified
* Highlights traceability breaks that violate ASPICE or ISO 26262 chain-of-evidence requirements

### Why It Matters

* Ensures audit-ready traceability
* Reduces major ASPICE findings (which often focus on broken trace links)
* Strengthens safety argumentation and verification completeness
* Enhances supplier maturity and consistency

### Real Example

A system requirement linked to two technical requirements but no corresponding verification case → flagged for missing test traceability.

***

## 4. Checklist Validation

### What It Does

Checklist Validation uses organization-specific checklists to evaluate work products against internal quality and compliance criteria.

### How It Works

* Loads the company's internal ASPICE, FuSa, or Cybersecurity review checklists
* Applies each checklist item to the content of the uploaded document
* Generates a compliance result for each line item (Pass / Fail / Missing / Not Applicable)
* Produces structured review output aligned to corporate review practices
* Supports frozen checklists or dynamic/supplier-specific ones

### Why It Matters

* Standardizes reviews across all teams and suppliers
* Replaces subjective human interpretation with consistent AI evaluation
* Accelerates formal compliance assessments
* Ensures alignment with OEM-specific development rules

### Real Example

Volvo's internal SYS.2 review checklist for requirement quality applied automatically to a supplier's system specification.

***

## Using Review Actions Together

These four review actions work best when used together:

1. **Start with Gap Analysis** to identify missing content
2. **Run Completeness Check** to ensure all required sections exist
3. **Perform Traceability Check** to verify requirement links
4. **Apply Checklist Validation** to enforce internal standards

This comprehensive approach ensures your work products are:

* Complete and well-structured
* Properly linked across the lifecycle
* Aligned with industry standards
* Compliant with internal quality criteria

<Card title="API Reference: Analysis" icon="code" href="/api-reference/analysis">
  Learn how to use these review actions via the API
</Card>

<Card title="Quickstart Guide" icon="rocket" href="/quickstart">
  Get started with your first compliance analysis
</Card>

***

## UX Notes (Current Implementation)

* The Reports page shows four engine tabs (Gaps, Completeness, Traceability, Checklists). The active tab is highlighted in its engine color for clarity.
* The Gaps tab includes filters (severity, status, standard) and a two‑column layout on large screens: left for triage list, right for analysis history.
* Each gap’s status chip is actionable (Open / In progress / Resolved / Accepted) via a small menu.
* The Gap Analysis Viewer provides:
  * One‑time onboarding banner describing how to navigate findings and export
  * “Click to highlight” guidance and side‑by‑side document/finding panels
  * Structured export optimized for Print to PDF, including a “Prioritized Action Plan” section
  * For small 3‑page documents, recommendations are de‑duplicated and capped by default, with a toggle to show all
