How to Run a Compliance Report
The Compliance Report is the final validation artifact — a comprehensive audit of all DLC controls across your project’s artifacts.
When to Run
Section titled “When to Run”- Before declaring a feature or sprint complete
- When preparing for a compliance audit or review
- After completing all validation checks for a release
Prerequisites
Section titled “Prerequisites”- Ideally, all four DLC phases should have artifacts (Intent → Architecture → Construction → Validation)
- At minimum, an Intent Brief and ARC should exist
Running the Report
Section titled “Running the Report”cat-compliance-reportVera, the QA Lead, scans all artifacts in _cat/artifacts/ and produces a 10-control compliance matrix.
The 10 Compliance Controls
Section titled “The 10 Compliance Controls”| # | Control | What It Checks |
|---|---|---|
| 1 | Intent Capture | Intent Statement or Brief exists with required fields |
| 2 | Scope Definition | In/out scope clearly defined with measurable criteria |
| 3 | Architecture Contract | ARC exists with enforceable constraints |
| 4 | AI Governance | AI governance section present in ARC |
| 5 | Constraint Traceability | ARC constraints trace to business needs |
| 6 | Bolt Decomposition | Features decomposed into bolts with ARC mapping |
| 7 | Construction Compliance | Bolt executions reference and satisfy ARC constraints |
| 8 | Code Review | Code reviews completed against ARC and AI governance |
| 9 | Adherence Verification | ARC adherence check completed post-construction |
| 10 | Acceptance | Work acceptance validates against intent criteria |
Reading the Report
Section titled “Reading the Report”The report shows each control as:
- ✅ Pass — Control fully satisfied with evidence
- ⚠️ Partial — Some evidence exists but gaps remain
- ❌ Fail — No evidence or critical gaps
- ⬜ N/A — Not applicable (with justification)
Output: _cat/artifacts/validation/compliance-report.md
Improving Your Score
Section titled “Improving Your Score”If controls show gaps:
| Gap | Fix |
|---|---|
| Missing Intent artifacts | Run cat-intent-statement or cat-quick-intent |
| No ARC | Run cat-arc-builder or cat-quick-arc |
| Missing AI governance | Run cat-arc-edit to add AI governance section |
| No adherence check | Run cat-arc-adherence-check |
| No work acceptance | Run cat-work-acceptance |
See Also: Compliance Controls · Run ARC Adherence Check · Validation Phase