@ALG719 There is really no concrete concept of being enabled for mfa - other than per user mfa status being set to "Enabled" / "Enforced"
Since Conditional Access and per user MFA are two different means of getting users to register for MFA, not seeing MFA status as enabled in O365 portal for CA users is expected .
You can use MSGraph API to shows that all users are already registered for MFA and they will be able to perform MFA should there be a need for it.
To change the MFA status to enabled, the admin can run a PowerShell script https://learn.microsoft.com/en-us/azure/active-directory/authentication/howto-mfa-userstates#change-state-using-powershell
The following Graph Query would give you the number of users in your tenant who are capable of performing MFA. :
https://graph.microsoft.com/beta/reports/credentialUserRegistrationDetails?$filter=isMfaRegistered eq true