Skip to content

Compliance matrix

Compliance-matrix review for a supplier submission

A compliance-matrix review checks the matrix a supplier built to index its submission against the certification basis. It is used by equipment teams who want the matrix verified before it carries a package into review. It tests coverage, that every requirement appears with a method, and currency, that each cited document still exists and supports the claim. You receive a reconciled matrix with each entry confirmed or flagged and a list of the requirements whose citation is stale, missing, or no longer on point.

When this review is needed

  • A matrix is about to carry a submission and the team wants its entries verified first.
  • Document revisions have moved underneath a matrix that was built earlier in the program.
  • Requirements were added late and the team needs to confirm they all reached the matrix.
  • A prior review cited the matrix and the team needs to know which entries no longer hold.

The problem

A compliance matrix is the map an examiner reads first, and it is built early then left to age while the evidence beneath it changes. Document revisions advance, requirements get added, and the matrix keeps pointing at the version it was built against. A citation that was accurate at the time now references a document that has moved on, and the gap between what the matrix claims and what the cited evidence says is the first thing a reviewer trips over.

What gets reviewed

  • Coverage of every requirement in the certification basis by a matrix entry
  • The means of compliance recorded for each requirement
  • The citation behind each entry and whether the document still supports the claim
  • The revision level of each cited document against what the matrix records
  • Traceability between the matrix, the requirements, and the verification evidence
  • Late-added requirements and whether they reached the matrix

Scope this review

Tell us the asset, the event, and the evidence in scope, and we will outline a focused first engagement.

Identify what is missing against the means of compliance.

What gets validated

  • Every requirement in the basis appears in the matrix with a means of compliance
  • Each cited document exists at the revision the matrix records
  • The cited document still supports the claim the entry makes against it
  • Requirements marked met by test or analysis have verification evidence behind them
  • A requirement added late in the program still appears in the matrix
  • The matrix agrees with the requirements set and the means-of-compliance plan

Evidence normally required

  • The current compliance matrix
  • The certification basis and the requirements set
  • The cited evidence documents or an index identifying them by revision
  • The means-of-compliance plan the matrix should agree with
  • The change history of the documents the matrix cites

Common discrepancies

  • Entries citing a document revision that has since been superseded
  • A cited document that no longer supports the claim the entry makes
  • Basis requirements missing from the matrix entirely
  • A late-added requirement that never reached the matrix
  • Met statuses with no verification evidence behind them

What is at stake

A matrix that cites the wrong revision or omits a requirement converts a single review into a chain of clarification requests, each one tracing back to an entry that no longer holds. The schedule slips against the corrections, and the package that was meant to be ready goes back for rework on the index rather than the engineering.

How the work runs

01

Check coverage

Confirm every requirement in the basis has a matrix entry with a means of compliance.

02

Test the citations

Verify each cited document exists at the recorded revision and still supports the claim.

03

Reconcile late changes

Check that late-added requirements reached the matrix and the matrix agrees with the plan.

04

Report the corrections

Deliver a reconciled matrix and a correction list ordered by review risk.

What the buyer receives

  • A reconciled matrix with each entry confirmed or flagged with the reason
  • A list of requirements whose citation is stale, missing, or off the claim
  • A coverage report against the certification basis
  • A prioritized correction list ordered by review risk

Who uses the output

  • Certification leads finalizing the matrix that carries the submission
  • Quality functions confirming the index before release
  • Engineering teams correcting the flagged citations

How the work fits into the transaction or program

The review verifies the matrix that indexes a submission, focused on coverage and citation currency. It is lighter than reading the evidence itself, and it pairs with an evidence review when the artifacts behind the entries also need checking.

Start with a single asset

Reduce finding cycles by checking the package first.

Regulatory limits

The review checks the applicant's matrix and the currency of its citations. It does not make compliance findings on the authority's behalf, accept the matrix, or guarantee that the submission will be accepted.

What this review does not cover

  • Making official compliance findings or accepting the matrix
  • Generating the missing evidence behind the entries
  • Issuing any approval or authorization

Specific to this review

  • Coverage and currency are independent failures: a matrix can list every requirement and still cite documents that no longer hold, so the two have to be checked separately.
  • A citation ages even when nothing in the matrix changes, because the document it points at advances revisions underneath it, which is why a matrix built early is most exposed to stale references.
  • Late-added requirements are a recurring coverage gap, because a requirement added after the matrix was built does not announce itself and is easy to leave out of the index.

Sources

14 CFR Part 21 - Certification Procedures for Products and Articles

U.S. Government (eCFR). Type certificates, STCs (Subpart E), TSO authorizations (Subpart O), PMA (Subpart K), and export airworthiness approvals (Subpart L).

ARP4754B - Guidelines for Development of Civil Aircraft and Systems

SAE International. Development assurance process at aircraft and system level, including requirements capture and validation.

DO-178C - Software Considerations in Airborne Systems and Equipment Certification

RTCA. Objectives and lifecycle data for airborne software assurance, by design assurance level (DAL A-E).

Commission Regulation (EU) No 748/2012 - Part-21 Airworthiness and Environmental Certification

European Union / EASA. EASA design and production certification, STCs, ETSO authorizations, and EASA Form 1 release.

Frequently asked questions

Does a matrix review read the evidence behind each entry?

Not in depth. A matrix review confirms coverage and that each citation still supports its claim at the recorded revision. Reading the qualification, software, and hardware artifacts in detail is the work of an evidence review.

Relevant glossary terms

Compliance Checklist (Compliance Matrix)Acceptable Means of Compliance (AMC/MOC)Compliance Finding (Finding of Compliance)Certification BasisTraceability (Bi-Directional)Software Verification

Related pages

Certification evidence review before authority submittalA certification evidence review reads the qualification, software, and hardware data behind a submission and tMeans-of-compliance mapping for each requirementMeans-of-compliance mapping assigns how each requirement will be shown met, by test, analysis, inspection, or Certification compliance matrix reviewA compliance matrix review checks that every requirement maps to a means of compliance and to evidence that cu

Where this fits

Service: TSO and STC CertificationFor Equipment

Talk to an engineer who has done this work

We will walk through your current state, the records or evidence involved, and a scoped first engagement.

Walk through your situation with an engineer who has done this work.

Request Meeting