Rules & Conditions
Learn how to configure the conditional logic and scoring rules that route workflow execution and produce automated decisions.
Rules and conditions are the logic layer in RiskOS™ workflows. They evaluate signals from enrichments, input data, and computed values to determine how an evaluation is routed and what decision is reached.
Conditions
A condition evaluates one or more expressions to true or false and branches the workflow accordingly.
Condition structure
Each condition expression has three parts:
| Part | Description | Example |
|---|---|---|
| Left operand | The value to evaluate | sigma_identity_fraud.score |
| Operator | The comparison logic | greater than |
| Right operand | The threshold or reference value | 0.85 |
Operand sources
| Source | Description |
|---|---|
| Input data | Fields from the evaluation request payload |
| Enrichment data | Values returned by Enrichment steps |
| Output fields | Results from Transformation, Condition, Rule Scorecard, or Tag steps |
| Aggregation | Velocity counters and entity-level aggregations |
Operators
| Category | Operators |
|---|---|
| Equality / comparison | equals, not equals, greater than, less than, greater or equal, less or equal |
| String | contains, not contains, starts with, ends with, matches regex, in, not in |
| Array | contains, not contains, has any of, has all of |
| List | in Allow List, in Deny List |
| Presence | is set, is not set |
| Reason code | has reason code, does not have reason code |
Grouping
Combine multiple conditions using:
- AND — all conditions must be true
- OR — at least one condition must be true
The workflow follows the True path if the condition group evaluates to true, and the False path otherwise.
Rule types
RiskOS™ uses the term "rule" in several workflow step contexts. Each serves a different purpose:
| Rule type | Step | Purpose | Output |
|---|---|---|---|
| Condition rule | Condition | Routes the workflow based on boolean logic | True/False branch |
| Score rule | Rule Scorecard | Assigns a numeric risk score (-100 to 100) when a condition is met | Summed score value |
| Decision rule | Decision Rules | Combines a condition with a decision outcome in a single step | ACCEPT, REJECT, REVIEW, or step-level values (RESUBMIT, CANCEL), or Manual Review |
| Matrix rule | Matrix Rule | Evaluates a tabular set of conditions | Row-level match |
| Grouped rules | Grouped Rules | Evaluates collections of related rules together | Group-level outcome |
Rule Scorecards
A Rule Scorecard assigns numeric risk scores based on rule evaluations:
- Each score rule defines a condition and a score value (-100 to 100).
- Rules that evaluate to
truecontribute their score. - The final output is the sum of all matching scores.
- Downstream Condition or Decision steps reference the scorecard output to make routing decisions.
Decision Rules
A Decision Rules step combines condition evaluation with decision assignment in a single step:
- Each rule maps a condition to an outcome — the standard API decision values (
ACCEPT,REJECT,REVIEW), step-level values (RESUBMIT,CANCEL), or Manual Review routing. - Rules are evaluated top-to-bottom; the first matching rule applies.
- A fallback (Else) path handles cases where no rule matches — it can either continue without a decision or assign a default decision.
This is the only workflow step that can both issue a final decision and continue execution via a fallback path.
How conditions and rules drive decisions
flowchart TD
ENRICH["Enrichment signals"] --> COND["Condition step"]
COND -->|True| SCORE["Rule Scorecard"]
COND -->|False| DR["Decision Rules"]
SCORE --> THRESHOLD{"Score > threshold?"}
THRESHOLD -->|Yes| ACCEPT["Decision: ACCEPT"]
THRESHOLD -->|No| REVIEW["Decision: REVIEW"]
DR -->|Rule 1 match| REJECT["Decision: REJECT"]
DR -->|No match| FALLBACK["Fallback: continue"]
Related concepts
- Workflows — Where rules and conditions are configured
- Signals & Attributes — The data taxonomy that rules evaluate (signals, attributes, derived values)
- Decisions — The outcomes that rules produce
- Enrichments — The data services that provide signals for evaluation
- Evaluations — The runtime execution context
- Statuses & Lifecycle — How rule outcomes affect evaluation state transitions
- Terminology Governance — Canonical naming for rule types
- Workflow Steps: Condition — Condition step reference
- Workflow Steps: Decision Rules — Decision Rules step reference
- Workflow Steps: Rule Scorecard — Scorecard step reference
Updated 5 days ago