Governance operating layer
Risk register, action plans, assurance packs, reviews, and oversight — in one connected operating layer. Built to evidence CQC Regulation 17.
The tools most care providers use for governance were never built for it.
Risk registers in Excel have no link to compliance posture. A high-risk entry does not change what happens on the rota or in the dashboard.
Action plans managed in email threads have no immutable record. Who changed what, and when, is not traceable in a way CQC will accept.
Assurance evidence scattered across folders and drives is assembled under pressure after an inspection notification — not structured in advance.
From risk identification to governance review evidence — four connected steps that produce a traceable CQC Regulation 17 record.
A compliance risk is entered with a likelihood × impact rating and assigned to a named owner. Entering an open or escalated risk immediately updates the compliance posture score.
CQC Regulation 17 — risk management evidenceDBS renewal lapsed for 3 care assistants
Medication storage protocol not reviewed
Nurse-to-resident ratio breach during night shift
Safeguarding training lapsed for 2 staff
Agency staff not on approved list
Manual handling refresher overdue
Right to Work checks incomplete
Actions are created from the risk and assigned to a named owner with a due date. Every state transition — open, in progress, awaiting closure, closed — is timestamped and immutable.
CQC Regulation 17 — traceable response to every identified riskReview and reinstate nurse staffing levels on night shift
Linked to Risk — R-019
Update medication storage protocol document
Linked to Risk — R-022
Complete DBS renewal for 3 lapsed care assistants
Linked to Risk — R-024
Book safeguarding refresher for affected staff
Governance Review — Q1
Verify agency worker compliance documentation
Linked to Risk — R-018
Update right to work file for 2 employees
Linked to Risk — R-021
Risk entries, action plans, and governance records are assembled into a pre-structured assurance pack. Sign-off freezes the evidence at a point in time.
CQC Regulation 17 — inspection evidence available before CQC asksCQC Regulation 17
Compliance incidents
From Compliance
4 incidents
28 Mar 2026
Enforcement overrides
From Compliance
1 override
15 Mar 2026
Staffing risk
From Governance
3 assessments
31 Mar 2026
Credential gaps
From Compliance
6 records
29 Mar 2026
Action plans
From Governance
8 actions
2 Apr 2026
Governance reviews
From Governance
2 reviews
25 Mar 2026
Risk register
From Governance
7 entries
30 Mar 2026
Policy coverage
From Compliance
12 policies
20 Mar 2026
Regular governance reviews are scheduled, conducted, and signed off within the platform. The attendance record, decisions, and follow-up actions are retained in full.
CQC Regulation 17 — scheduled governance activity evidencedQuarterly Governance Review — Q1 2026
Monthly Clinical Governance Review — Apr 2026
Annual Quality Assurance Review — 2026
Monthly Staffing Review — Mar 2026
CQC Notification Response Review
Each capability is connected to the others. Risk register entries link to action plans. Action plans link to assurance packs. Packs reference governance reviews.
Track open, escalated, mitigated, and closed risks with a full Kanban workflow and audit trail.
Create, assign, and close actions with deadline tracking and immutable audit evidence.
Structure evidence in packaged form for CQC inspection readiness — ready before you are asked.
Schedule and evidence regular governance review cycles with SLA tracking.
Score active controls against identified risks. Evidence that your governance layer is working.
Compare governance health across multiple service locations in a single view.
Governance records are not siloed. Each module feeds the shared compliance layer.
Risks feed into live compliance scoring. Open and escalated risks change your inspection readiness state.
Every action state change — open, in progress, closed, reopened — is traceable evidence for CQC.
Pre-packaged by theme or standard. When CQC requests evidence, the pack is already structured.
Regulatory context
Regulation 17 requires that registered persons maintain effective oversight, identify risks, take action to improve, and produce evidence that quality and safety are being managed effectively.
The governance operating layer in Statixs is built specifically to produce the evidence Regulation 17 expects — risk register entries, action plan trails, assurance packs, and governance review records — in a format that can be presented to CQC without assembly under pressure.
Governance does not operate in isolation. It is connected to the compliance, staffing, and workforce layers.
Hours → Minutes
Time to assemble CQC inspection evidence when using assurance packs
Real-time
Compliance posture and governance health scoring — updated as records change, not on a schedule
Reg 17
Every governance module — risk register, action plans, assurance packs, reviews — maps directly to CQC Regulation 17
What care providers ask about the governance operating layer.
Book a demonstration tailored to your governance requirements — your risk register, your assurance structure, your CQC context.