UK RAG Rating System: Red-Amber-Green Framework Guide

The RAG rating system is a Red, Amber, Green status framework used across UK government, project management, compliance, healthcare, finance and risk management to communicate the health of a project, programme, risk or compliance item at a glance. Red signals critical issues requiring immediate action. Amber signals potential risks needing monitoring and early intervention. Green signals everything is on track and within tolerance. The framework originated in UK government project management practice and is now used worldwide, with particular depth of adoption in the UK public sector, NHS, financial services compliance, and PRINCE2-trained project organisations.

This guide is the definitive 2026 explainer. It covers what the RAG system is, the four levels (including the extended BRAG and RAGB variants), the seven most common types of RAG application across project dimensions, the Red-Amber-Green compliance framework specifically as used in UK regulated industries, real implementation examples, common mistakes, and how RAG compares with other status frameworks.

RAG rating system at a glance

What is the RAG system?

The RAG system is a visual reporting framework that uses three traffic-light colours, Red, Amber and Green, to communicate the status of a project, task, milestone, risk or compliance item. The acronym RAG stands for those three colours. Each colour carries a specific meaning that allows project managers, stakeholders and executives to assess health at a glance, without reading detailed reports.

The mechanics are straightforward. A project lead reviews progress against defined criteria, typically schedule, cost, scope, quality, risk and resource availability. The lead then assigns a Red, Amber or Green status to each dimension and an overall RAG to the project. The status is reported in dashboards, weekly status reports, programme management offices (PMOs), board updates and compliance registers.

The strength of the RAG system is clarity. Executives do not have time to read 30-page status reports. A clear RAG indicator tells them in three seconds whether they need to engage. Its weakness, when used poorly, is oversimplification. The colour alone is not enough; the narrative behind the status matters as much as the colour itself.

No properties found in london.

What is the RAG rating system in the UK?

The RAG rating system in the UK is the same Red-Amber-Green framework as used internationally, with three specific UK characteristics worth understanding.

Origins in UK government project delivery. The RAG system became widely adopted in UK central government and the wider UK public sector through the Office of Government Commerce (OGC) and what is now the Infrastructure and Projects Authority (IPA). The Government Major Projects Portfolio (GMPP) uses a Delivery Confidence Assessment that produces RAG-equivalent ratings (Red, Amber/Red, Amber, Amber/Green, Green) for the UK's largest public projects. Annual IPA reports publish the RAG status of major UK government programmes.

Embedding in PRINCE2. PRINCE2 (Projects IN Controlled Environments), the project management methodology developed in the UK government and now used worldwide, builds RAG reporting into its core highlight reporting and exception management practices. UK PRINCE2-trained project managers default to RAG reporting as the standard status communication method.

Compliance and regulated sector use. UK regulated industries, particularly financial services, healthcare, energy and education, use RAG ratings as the standard way to report compliance status to internal audit teams, regulators and boards. The Financial Conduct Authority, the Care Quality Commission and Ofsted all interact with organisations that present RAG-based compliance dashboards as a matter of routine.

In short, RAG in the UK is not just a project tool. It is the default visual language of management reporting across the public sector, regulated industries and large corporates.

The Red-Amber-Green compliance framework explained

The Red-Amber-Green compliance framework is the application of RAG ratings specifically to compliance and regulatory monitoring. In compliance use, the colours carry specific meanings tied to regulatory obligation:

Red compliance status means the organisation is currently non-compliant with a specific obligation, control or regulatory requirement. There is a current breach, a missed deadline, an expired certification, a failed control test, or an unresolved finding. Red items typically require formal notification to senior management, the audit committee, and in some sectors to the regulator. Examples include: an expired safety certificate, a financial control with a confirmed failure, a missed regulatory submission deadline, or a Data Subject Access Request not fulfilled within the GDPR-mandated timeframe.

Amber compliance status means a compliance issue is emerging or is at risk. The organisation is currently compliant, but a deterioration is visible. A certificate is approaching expiry, a control is showing weakness, a deadline is approaching with delivery uncertain, a known gap exists with a remediation plan in progress. Amber items typically require active management attention and a documented remediation plan with a defined target date.

Green compliance status means full compliance with the relevant obligation. Controls are operating effectively, documentation is current, deadlines are met, and the obligation is being delivered as required.

Compliance RAG frameworks typically sit inside Governance, Risk and Compliance (GRC) platforms such as those used widely in UK financial services, the NHS, and FTSE 350 corporates. They feed into the second-line risk reporting that Boards and Audit Committees rely on for assurance.

What are the 4 levels of RAG?

The 4 levels of RAG refer to the extended RAG status models that add a fourth colour beyond the standard three. The two most common extended frameworks are:

RAGB (Red, Amber, Green, Blue): The most widely used 4-level extension. Blue signals completed items, meaning a project, milestone, action or risk that has been fully delivered and closed out. Adding Blue to RAG creates a clear distinction between work in progress (Red/Amber/Green) and work that is finished, which improves portfolio-level reporting.

BRAG (Blue, Red, Amber, Green): The same four colours, ordered differently. Some organisations use Blue as the starting state for projects that have been approved but not yet started, before any meaningful Red/Amber/Green status can be assigned.

RAG with Black added: Some frameworks include Black as a fourth level signalling halted, cancelled or unrecoverable. Black items have ended without delivery and require formal closure documentation. UK government and large transformation programmes occasionally use this extension to clarify the status of paused or cancelled projects without conflating them with active Red items.

A second interpretation of "4 levels of RAG" worth knowing: some UK frameworks, particularly the IPA's Delivery Confidence Assessment, use a 5-point scale (Red, Amber/Red, Amber, Amber/Green, Green). Within this scale, the four sub-levels between Red and Green (Red, Amber/Red, Amber, Amber/Green) are sometimes described as the "four levels of risk" the framework identifies. This sub-level approach gives finer granularity than the standard 3-colour RAG.

For most practical UK reporting, the 4 levels of RAG that matter are: Red, Amber, Green plus one extension (most commonly Blue for completed). Organisations adopting BRAG or RAGB should document the meaning of each colour in their reporting standards so stakeholders interpret the dashboards consistently.

What are the 7 types of RAG?

The 7 types of RAG refer to the seven most common dimensions or applications of RAG status reporting across project, programme and compliance management. Each type assesses a different aspect of project health, and a comprehensive project status report typically includes a RAG indicator for each.

1. Schedule RAG. Assesses whether the project is on time against its baseline plan. Red indicates missed critical-path milestones or significant slippage. Amber indicates emerging delays or risks to the schedule. Green indicates delivery aligned with the timeline.

2. Budget RAG. Assesses financial performance against the approved budget. Red indicates significant overspending (typically beyond a defined tolerance such as 10%) or unfunded scope changes. Amber indicates emerging cost pressure. Green indicates spend in line with plan.

3. Scope RAG. Assesses whether the project is delivering its approved scope. Red indicates major scope deviation, unapproved scope changes, or undeliverable scope. Amber indicates scope changes under review. Green indicates scope on track.

4. Quality RAG. Assesses whether deliverables are meeting their quality criteria. Red indicates failed quality gates, defects above tolerance, or unresolved quality issues. Amber indicates emerging quality concerns. Green indicates quality on plan.

5. Risk RAG. Assesses the residual risk profile of the project after mitigation. Red indicates critical risks materialising or unmitigated high-impact risks. Amber indicates active risks requiring management. Green indicates a risk profile within tolerance.

6. Resource RAG. Assesses people, skills, equipment and supplier capacity for the project. Red indicates critical resource gaps that will impact delivery. Amber indicates emerging resource constraints. Green indicates resourcing as planned.

7. Stakeholder / Communications RAG. Assesses stakeholder engagement and confidence. Red indicates stakeholder disengagement, loss of sponsorship, or communications failure. Amber indicates stakeholder concerns being managed. Green indicates strong stakeholder support.

A complete project RAG dashboard reports all seven types and an overall RAG status that aggregates them. Some organisations add additional types specific to their sector, such as Compliance RAG, Sustainability RAG, Benefits Realisation RAG, or Health and Safety RAG, which expand the framework to 8, 9 or 10 dimensions for industry-specific use.

How RAG ratings are assigned

The accuracy of a RAG report depends entirely on the criteria used to assign the colour. Best practice in UK project management defines numerical tolerances for each colour:

For schedule RAG, a common approach is: Green = on schedule or within 5% slippage; Amber = 5-15% slippage; Red = more than 15% slippage or any critical-path milestone missed.

For budget RAG, common tolerances are: Green = within ±5% of forecast; Amber = ±5-10%; Red = beyond ±10% or any unfunded scope.

For risk RAG, tolerances are typically expressed as residual risk scores from a risk matrix: Green = low residual risk; Amber = medium; Red = high or extreme.

Without defined tolerances, RAG ratings become subjective. The same project assessed by two different managers can produce different colours, undermining the framework's value. UK PMOs that take RAG seriously document tolerance criteria in their reporting standards and require status owners to justify the colour with brief evidence.

The other essential discipline is honest reporting. Project managers under pressure sometimes "watermelon" their reports: Green on the outside, Red on the inside. The pattern undermines stakeholder trust and ultimately produces worse outcomes than honest Red reports would. UK government project management training explicitly emphasises honest RAG reporting as a discipline.

Where the RAG system is used in the UK

The Red-Amber-Green framework is used across most major UK sectors:

UK Government and Public Sector. The Infrastructure and Projects Authority (IPA) publishes annual reports on the Government Major Projects Portfolio using a RAG-based Delivery Confidence Assessment. Every UK government department uses RAG reporting in some form for its portfolios.

NHS. NHS trusts use RAG ratings for clinical safety reporting, financial position, performance against the NHS Constitution standards, and CQC compliance. RAG is the default visual language of NHS Board reporting.

Financial Services. UK banks, insurers, asset managers and other regulated firms use RAG ratings extensively for risk and compliance reporting. The Senior Managers and Certification Regime (SMCR) has made RAG-based assurance reporting effectively a regulatory expectation.

Education. UK universities, colleges and schools use RAG ratings for departmental performance, regulatory compliance with the Office for Students (OfS), Ofsted readiness, safeguarding and risk management.

Construction and Infrastructure. Large UK construction programmes (HS2, Crossrail, Lower Thames Crossing, nuclear new-build) use RAG-based programme management reporting at all levels.

IT and Technology. UK enterprise IT projects, particularly those delivered under government frameworks, default to RAG-based status reporting as the standard.

Real RAG examples

A short set of examples to make the framework concrete.

Example 1: NHS Trust Financial RAG. A trust's monthly financial position is reviewed. Year-to-date spend is 8% over budget. The trust has identified £4 million of in-year savings to bring the position back to within tolerance, with implementation underway. The Financial RAG is reported as Amber with a narrative explaining the savings plan.

Example 2: GDPR Compliance RAG. An organisation reviews its GDPR compliance. A Data Subject Access Request received 32 days ago has not been responded to (the regulatory deadline is 30 days). The compliance officer rates this item Red, notifies the Data Protection Officer, and the response is prioritised for immediate completion.

Example 3: Construction Schedule RAG. A major construction project has fallen 8 weeks behind its baseline schedule out of a 24-month project. Mitigation actions are in place to recover four weeks. The Schedule RAG is Amber with a documented recovery plan.

Example 4: University OfS Compliance. A university's compliance team reviews progress against the Office for Students' Condition B (Quality and Standards). All requirements are met. The RAG is Green.

How the RAG rating system affects students

If you are a student in the UK, the RAG framework shapes your academic life more than you might realise. Your university reports its overall performance to the Office for Students (OfS) using RAG-based dashboards covering teaching quality, student outcomes and access to higher education, which directly influences your course's funding and reputation. Your school or college receives Ofsted ratings that map closely to RAG logic (Outstanding/Good = Green, Requires Improvement = Amber, Inadequate = Red), and these affect the value of the qualification on your CV. If you study nursing, medicine, education or social work, your placement provider is rated through CQC, NHS or Ofsted RAG systems that determine where you can train. Even your student accommodation is RAG-rated internally for fire safety compliance, maintenance backlogs and safeguarding standards under university duty-of-care obligations. And when you graduate and apply for jobs in the UK public sector, NHS, financial services or major corporates, you will be reading, writing and reporting RAG statuses from your first week on the job. Understanding RAG is not just project management theory; it is a working language of UK institutions that will follow you from your university dashboard to your first board pack.

RAG framework limitations to be honest about

The RAG system is not without critics, and the honest reality is that poorly implemented RAG reporting can do more harm than good. The main limitations:

Oversimplification. Reducing a complex project to a single colour loses nuance. Two Red projects may be in very different states, requiring very different interventions.

Subjectivity without tolerances. Without defined criteria, RAG ratings can be assigned inconsistently across reports, projects and teams. The same situation can be Red, Amber or Green depending on who is assigning the colour.

Watermelon reporting. Green-outside-Red-inside reporting is a well-documented dysfunction, particularly in cultures where reporting Red has career consequences for the project manager.

False precision. A precisely-defined RAG status can suggest more certainty than the underlying data supports. Stakeholders may treat a Green status as a guarantee rather than a snapshot.

Lack of trend. A single RAG status does not show whether the situation is improving or deteriorating. Effective dashboards report current status plus a trend arrow (improving, stable, deteriorating).

Best-practice UK organisations counter these limitations with: clear tolerance definitions, narrative justification for each status, trend reporting alongside current status, regular calibration sessions to align status owners on consistent criteria, and a culture that rewards honest Red reporting.

RAG vs other status frameworks

A short comparison with other approaches:

RAG vs Earned Value Management (EVM). EVM provides a quantitative analysis of project performance using Cost Performance Index (CPI) and Schedule Performance Index (SPI). RAG is the qualitative shorthand; EVM is the underlying maths. Mature project organisations use both.

RAG vs Agile burndown charts. Agile projects often use burndown or burnup charts to show progress against sprint or release goals rather than RAG status. Some Agile teams use RAG at the programme level while burndowns operate at the team level.

RAG vs Balanced Scorecard. The Balanced Scorecard is a strategic performance framework that can incorporate RAG ratings for each scorecard metric. The two complement rather than compete.

RAG vs traffic-light KPI scorecards. Functionally the same. RAG is one form of traffic-light KPI reporting, and the terms are often used interchangeably.

FAQs

What is the RAG rating system in the UK?

The RAG rating system in the UK is a Red, Amber, Green status reporting framework used widely across UK government, the NHS, financial services, education and other sectors to communicate the health of a project, programme, risk or compliance item. Red indicates critical issues, Amber indicates risks requiring monitoring, and Green indicates everything is on track. The system originated in UK government project management practice and is built into PRINCE2.

What is the RAG system?

The RAG system is a visual reporting framework using three colours, Red, Amber and Green, to communicate the status of a project, task, milestone or compliance item. Red signals critical problems, Amber signals at-risk items needing attention, and Green signals delivery on plan. It is used across project management, compliance, risk management and performance reporting worldwide.

What are the 7 types of RAG?

The 7 types of RAG are the seven most common dimensions of RAG status reporting: 1) Schedule RAG, 2) Budget RAG, 3) Scope RAG, 4) Quality RAG, 5) Risk RAG, 6) Resource RAG, and 7) Stakeholder/Communications RAG. A comprehensive project dashboard reports all seven plus an overall aggregate RAG status.

What are the 4 levels of RAG?

The 4 levels of RAG refer to extended RAG models that add a fourth colour to the standard Red, Amber, Green. The most common extension is Blue (completed), giving the RAGB or BRAG model. Some frameworks instead add Black (halted or cancelled). A second interpretation is the IPA Delivery Confidence Assessment, which uses a 5-point scale with four sub-levels between Red and Green: Red, Amber/Red, Amber, Amber/Green, Green.

What does Red-Amber-Green compliance framework mean?

The Red-Amber-Green compliance framework is the application of RAG ratings specifically to regulatory and policy compliance. Red indicates current non-compliance with a regulatory or policy obligation. Amber indicates compliance is at risk and requires remediation. Green indicates full compliance. The framework is used widely in UK financial services, the NHS, education and other regulated sectors.

Who uses RAG ratings in the UK?

UK government departments, the NHS, banks and insurers, universities and schools, construction and infrastructure programmes (HS2, Crossrail, nuclear new-build), enterprise IT projects, and most large UK corporates use RAG ratings as standard reporting practice. The Infrastructure and Projects Authority publishes annual RAG ratings for the Government Major Projects Portfolio.

What is the difference between RAG and BRAG?

RAG uses three colours: Red, Amber, Green. BRAG adds a fourth colour, Blue, typically used to signal completed items. Both communicate status visually; BRAG provides a clearer distinction between in-progress work and finished work.

Is the RAG system part of PRINCE2?

Yes. PRINCE2, the UK-developed project management methodology now used worldwide, uses RAG reporting in its highlight reports and exception management process. PRINCE2-trained project managers default to RAG-based status reporting.

What is watermelon reporting in RAG?

Watermelon reporting refers to a project reported as Green on the outside (in formal status reports) but Red on the inside (in the underlying reality). It is a well-documented dysfunction in cultures where Red reports carry career consequences, and it undermines the trust that makes RAG reporting valuable.

How are RAG colours assigned?

RAG colours are assigned by comparing project performance against defined tolerances for each dimension. For example, schedule RAG: Green = within 5% of plan, Amber = 5-15% slippage, Red = more than 15% slippage. Best-practice UK organisations define explicit numerical tolerances to remove subjectivity from RAG assignments.

Read Also: What is a CAS Letter for UK Student Visa?