<img height="1" width="1" style="display:none" src="https://www.facebook.com/tr?id=229461991482875&amp;ev=PageView&amp;noscript=1">

The ability to effectively track, monitor and mitigate any risks associated with both contracts and vendors is the key to business continuity.

We’ve previously written about a number of elements that help to reduce contract issues and risk. There are plenty of moving parts such as:

Gatekeeper’s comprehensive reporting suite enables customers to track all aspects of their contracts and vendors.

In addition to these configurable reports, Gatekeeper also allows customers to make use of what we term “RAG Status” or Red / Amber / Green across their accounts.

This flexible methodology can be applied in a variety of ways to contract and vendor records to give your users a greater level of understanding and to provide focus for where action should be taken.

In this article, we explore what RAG Status is and how it can be applied within Vendor and Contract Lifecycle Management (VCLM).

What is RAG Status ?

RAG is an acronym that stands for Red, Amber and Green and is based on a traffic light system. These colours, like those in (UK) traffic lights, are used to denote the status of a contract or vendor in a way that relates specifically to your business objectives and priorities.

RAG Project Status in Vendor and contract management 

Below is an example of how a RAG Project Status can be applied in contract management: 

  • A Red Status could represent a lack of compliance as a result of expired documents
  • An Amber Status could indicate that documents are reaching their expiry date and there is potential for non-compliance
  • A Green Status could indicate that all documentation is up-to-date. 

Below is an example of how a RAG Project Status can be applied in vendor management:

  • A Red Status might signify major issues with a vendor, such as significant delays in delivery or breaches in service level agreements.
  • An Amber Status could indicate cautionary signs, like a vendor's recent performance dip or minor issues in meeting contractual obligations, suggesting the need for closer monitoring.
  • A Green Status would represent smooth sailing, where the vendor consistently meets or exceeds expectations, maintaining excellent service and delivery standards.

How does RAG Project Status work?

RAG Status provides your business with a summary of information. At a basic level Green means good, while Amber and Red colours alert you to the fact that action is required in some way.

It is not enough to simply apply colours to different scenarios across the contract and vendor portfolio. A RAG Analysis and Action Plan should also be defined to turn Reds and Ambers and Ambers into Greens. This will create accountability across the business to take corrective action as soon as possible. RAG Status reporting will allow business to keep track of issues and remedial action. 

Visualise vendor risk by using RAG Status in a dashboardRAG Status applied in Gatekeeper

How to define RAG Status within your business

The subjective nature of RAG Status is what makes it so widely adopted across Gatekeeper’s customers. How you define each warning colour will depend entirely on what your business’s priorities are and whether you’re working at a vendor or contract level.

RAG Status can be applied to entire contracts or vendors, but it can also be applied to more specific areas such as:

For RAG Status methodology to have true meaning throughout your business, there needs to be agreement about what defines each alert level and the actions that should be taken off the back of it.

Adding a RAG Narrative to each Status can help to justify responses, build trust around the methodology, establish understanding around risk mitigation efforts and standardise internal processes when actions need to be taken.

RAG Project Status examples

At Gatekeeper, we work with customers who use the subjective nature of RAG Status and apply it in completely different ways. The colour-coded system can also be used differently at the vendor and contract level too. We’ve outlined some RAG Status examples that are applied most commonly by the business we work with.

RAG Status for contracts

Status Green Amber Red
Renewals The business is happy with the contract and likely to renew. The business plans to terminate this contract. Notice has been served on the contract and is waiting to expire.
Data capture during onboarding Data is fully captured and fine. Data may be incomplete and needs reviewing. Data is missing or out of date and requires immediate attention.
Pricing performance Good cost-to-value ratio, no action required. Expected cost-to-value ratio, the business could benefit from completing a market review. Poor cost-to-value ratio, escalation needs to take place and alternative options considered.
Delivery of contract obligations All obligations are being fulfilled, no action required. A small percentage of obligations aren’t being fulfilled, corrective action required. A consistent failure of obligation fulfillment. Escalation required immediately.
Data Collection type None required or N/A. Third Party Data. Third Party and Customer Data.


Rag Status for Vendors

Status Green Amber Red
Compliance All certificates are up-to-date and the vendor is compliant with current regulations. No action required. Key certificates or documentation are coming up to their expiry date. The Vendor Owner should reach for updated documentation. Key certificates or documentation have expired and the vendor is failing to comply with current regulations. Immediate action is required to update documents.
Vendor criticality Business continuity easily achievable if vendor is no longer used/ceases to exist. Some disruption expected if the vendor is no longer used/ceases to exist. Nurturing required. Business operations could fail/be suspended if the vendor is longer used/ceases to exist. Priority should be given to this vendor.
Litigation issues No lawsuits/
investigations. No action required.
Pre-defined acceptable number of cases is being reached. Prepare to look for a new vendor. Pre-defined acceptable number of cases is being exceeded. Escalation and corrective action required immediately.
Vendor supply chain ratings Supply chain health is good and vendor should be expected to meet contractual obligations. Some supply chain issues. Be prepared for potential disruption. Poor supply chain health and contract obligations likely to be unmet. Escalation required.
Vendor health Contract raised with no issues. No action required. Payment received late more than once. Extra monitoring and comms required. Service not being provided and terms under dispute. Satisfactory resolution required.


How to use RAG Status within Gatekeeper

Many businesses that are familiar with applying RAG Status to vendors and contracts captured in spreadsheets will make use of manual conditional formatting and spend time communicating the changes to relevant teams before any issues can even be escalated, let alone resolved.

RAG Status applied within Gatekeeper creates a far more seamless experience thanks to automation.

A RAG Status that is Amber or Red can be used as a Workflow Trigger within Gatekeeper’s Kanban Workflow Engine. Any of the use cases outlined above can be used to automate entire internal processes where appropriate action needs to be taken.

A notification can be immediately sent to relevant team members and stakeholders when an issue occurs and a RAG status is applied or changed, preventing any delays in escalation and protecting the business from increasing contract or vendor risk.

Any actions that are taken will be captured in a defensible audit trail, making it easy to see how and when an Amber or Red RAG Status was addressed, while creating accountability across the business.

If you want to know more about applying RAG Status to your contracts and vendors, how Gatekeeper can support your risk mitigation efforts or how to automate escalations, contact us or book your Gatekeeper demo today.

Shannon Smith
Shannon Smith

Shannon Smith bridges the gap between expert knowledge and practical VCLM application. Through her extensive writing, and years within the industry, she has become a trusted resource for Procurement and Legal professionals seeking to navigate the ever-changing landscape of vendor management, contract management and third-party risk management.


Contract Management , Control , Vendor Management , Compliance , Contract Lifecycle Management , Contract Management Software , Visibility , Contract Lifecycle , Case Study , Supplier Management , Vendor Management Software , Contract Risk Management , Vendor and Contract Lifecycle Management , Contract Management Strategy , Contract Repository , Risk Mitigation , Regulation , Contract Automation , Workflows , CLM , Contract Ownership , Contract Visibility , Contracts , Procurement , Regulatory compliance , Supplier Performance , Supplier Risk , TPRM , Third Party Risk Management , VCLM , Contract and vendor management , Legal , Legal Ops , Podcast , Risk , Vendor Onboarding , contract renewals , Artificial Intelligence , Future of Procurement , Gatekeeper Guides , Procurement Reimagined , Procurement Strategy , RFP , Supplier Relationships , Business continuity , CLM solutions , COVID-19 , Contract Managers , Contract Performance , Contract Redlining , Contract Review , Contract Risk , Contract compliance , ESG , Metadata , Negotiation , SaaS , Supplier Management Software , Vendor Portal , Vendor risk , webinar , Clause Library , Contract Administration , Contract Approvals , Contract Management Plans , ESG Compliance , Kanban , RBAC , Recession Planning , SOC Reports , Security , Sustainable Procurement , collaboration , AI , Audit preparedness , Audit readiness , Audits , Business Case , Clause Template , Contract Breach , Contract Governance , Contract Management Audit , Contract Management Automation , Contract Monitoring , Contract Obligations , Contract Outcomes , Contract Tracking , Contract Value , DORA , Dashboards , Data Fragmentation , Due Diligence , ECCTA , Employee Portal , Excel , FCA , ISO Certification , KPIs , Legal automation , LegalTech , Market IQ , NetSuite , Obligations Management , Procurement Planning , Redline , Scaling Business , Spend Analysis , Standard Contractual Clauses , Suppler Management Software , Touchless Contracts , Vendor Relationship Management , Vendor risk management , central repository , success hours , time-to-contract , APRA CPS 230 , APRA CPS 234 , Australia , BCP , Bill S-211 , Breach of Contract , Brexit , Business Growth , CCPA , CMS , CPRA 2020 , CSR , Categorisation , Centralisation , Certifications , Cloud , Conferences , Confidentiality , Contract Ambiguity , Contract Analysis , Contract Approval , Contract Attributes , Contract Challenges , Contract Change Management , Contract Community , Contract Disengagement , Contract Disputes , Contract Drafting , Contract Economics , Contract Execution , Contract Management Features , Contract Management Optimisation , Contract Management pain points , Contract Negotiation , Contract Obscurity , Contract Reminder Software , Contract Reporting , Contract Routing , Contract Stratification , Contract Templates , Contract Termination , Contract Volatility , Contract relevance , Contract relevance review , Contracting Standards , Contracting Standards Review , Cyber health , DPW , Data Privacy , Data Sovereignty , Definitions , Digital Transformation , Disputes , EU , Electronic Signatures , Enterprise , Enterprise Contract Management , Financial Services , Financial Stability , Force Majeure , GDPR , Gatekeeper , Healthcare , ISO , IT , Implementation , Integrations , Intergrations , Key Contracts , Measurement , Mergers and Acquisitions , Microsoft Word , Modern Slavery , NDA , Operations , Parallel Approvals , Partnerships , Pharma , Planning , Port Agency , Pricing , RAG Status , Redlining , Redlining solutions , Requirements , SaaStock , Shipping , Spend optimzation , Startups , SuiteApp , SuiteWorld , Supplier Cataloguing , Technology , Usability , Vendor Governance , Vendor compliance , Voice of the CEO , automation , concentration risk , contract management processes , contract reminders , document automation , eSign , enterprise vendor management , esignature , post-signature , remote working , vendor centric , vendor lifecycle management

Related Content


subscribe to our newsletter


Sign up today to receive the latest GateKeeper content in your inbox.

Subscribe to Email Updates