Understanding the Calculation Process Behind Your Compliance Score

The Compliance Score is a vital indicator of your adherence to various standards and regulations. Behind the scenes, a sophisticated calculation process determines this score, ensuring accuracy and reliability.

Data Collection and Aggregation

The first step in calculating your Compliance Score involves gathering data from all cloud accounts connected to OpsCompass. This data encompasses a wide range of parameters, including configuration settings, security policies, and resource usage. 

Benchmarking Against Compliance Frameworks

Once the data is collected, it's benchmarked against relevant compliance frameworks. These frameworks serve as a reference point, outlining the standards and regulations that organizations must comply with.  Compliance frameworks used include NIST, FedRAMP, and the CIS benchmarks. 

Scoring Algorithm

The heart of the calculation lies in the scoring algorithm. This algorithm analyzes the collected data in-depth, assigning numerical values based on the degree of compliance with each framework. Factors such as rule violations, misconfigurations, and security gaps are considered during this process.  Specifically, the calculation does the following: 

  • Calculates weighted checks by multiplying the number of checks by the high severity multiple, providing the weighted impact of checks on the final score. 
  • Calculates total weight by adding the weighted checks to the weight of severity issues. 
  • Normalizes the score to ensure that the final score is proportional to the checks in comparison to severity issues. 
  • Scales to 1600 range, representing the final compliance score. 

Score Breakdown

On the dashboard the overall compliance score is generated by looking at all the cloud accounts you have attached to OpsCompass and benchmarking them to the compliance frameworks you're being scored against. The scoring breakdown is below. 

Image of a half circle graph with a large number reading 1332. There is a subtitle below it that reads "Good"

OpsCompass scores your environment from 0 - 1600 and breaks down as follows:  

1550 - 1600: Exceptional 

1490 - 1549: Very Good  

1300 - 1489: Good  

1155 - 1299: Okay  

1001 - 1154: Fair  

0 - 1000: Poor 


Users can explore different segments of the graph to gain insights into their compliance performance. 

Licensing Data Exclusion

The calculation of the Compliance Score does not include licensing data. This deliberate exclusion ensures that the score remains focused on relevant compliance metrics, providing users with actionable insights without unnecessary complexity. 


The Compliance Score in OpsCompass is more than just a number; it's the result of a comprehensive and rigorous calculation process. By understanding how this score is calculated, users can gain deeper insights into their compliance status and take proactive steps to improve it. 


Note: You can turn on or off rules for specific cloud accounts if needed.  Just visit Admin -> Manage Accounts and click to enable or disable scanning for each account.