The compliance command automates compliance assessment, not remediation. The command is used to list, generate, and delete assessments and reports. Any user can access compliance reports. To manage assessments and generate reports requires rights. For more information, see the compliance (1M) man page.
The compliance command checks local files only. If your system mounts file systems, you must separately test the compliance of the clients and the servers. For example, if you mount user home directories from central servers, run the compliance command on the user systems and on every server that exports the home directories.