CONTINUOUS COUNTRY RISK MONITORING
This is a standing monitoring subscription on one or more countries or regions: it defines the risk indicators/tripwires (political instability, sanctions/designation changes, civil unrest, natural disaster, infrastructure disruption, economic crisis), the collection and reporting cadence, the escalation routes, and the service levels under which we keep the client current over the term. It does NOT cover one-off baseline country risk assessments (Country Risk Assessment), nor staffed emergency-response operations. Prescriptive throughout: this is what we watch, how often, and what we do when a tripwire fires - not an analytic judgment of country stability.
Document Control
| Field | Value |
|---|---|
| Service name | [ ] |
| DID | OSINT-036 |
| Country / region(s) monitored | [ ] |
| Client / sponsor | [ ] |
| Classification & handling | [e.g., classification + caveats + dissemination control] |
| Version | [ ] |
| Author / service owner | [ ] |
| Effective date | [ ] |
| Term / period of performance | [e.g., start–end, auto-renew terms] |
| Seeding product (baseline) | [e.g., reference to the Country Risk Assessment that establishes the watch list] |
Scope, Authorities & Limitations
State the authorized scope (which country/countries, which lawful source lanes, which risk domains), the engagement authority/consent basis, and what is explicitly out of scope; reproduce the verbatim caveats below; name the sibling products this service routes to.
This is a monitoring/operational service, not an investigation, a guarantee of detection, or legal advice. Collection is limited to lawful, authorized sources within the agreed scope; no unlawful access, intrusion, pretexting, or surveillance of non-consenting third parties is performed. Alerting is best-effort within the stated SLA and does not warrant prevention of any event.
| Boundary | Statement |
|---|---|
| In scope | [ ] |
| Out of scope | [ ] |
| Authority / consent basis | [ ] |
| Routes to (seeding product) | [e.g., Country Risk Assessment] |
| Routes to (advisory/response) | [e.g., escalation to Decision Support / executive advisory sibling] |
1. Scope & Watch Criteria / Tripwires
Enumerate every country-risk indicator monitored; per the load-bearing rule each row MUST bind a tripwire (the observable threshold that fires it), implicitly a cadence (§2), and an escalation route (§4). Risk-score each watch item with the L×I key reproduced in §4. No row may omit a tripwire or an escalation route.
| # | Risk domain | Indicator / watch item | Observable tripwire | Likelihood (1–5) | Impact (1–5) | L×I (1–25) | Severity tier | Escalation route (→ §4) |
|---|---|---|---|---|---|---|---|---|
| [ ] | [e.g., political instability] | [ ] | [e.g., the threshold/condition that fires the alert] | [ ] | [ ] | [ ] | [ ] | [ ] |
| [ ] | [e.g., sanctions/listing changes] | [ ] | [ ] | [ ] | [ ] | [ ] | [ ] | [ ] |
| [ ] | [e.g., civil unrest / protests] | [ ] | [ ] | [ ] | [ ] | [ ] | [ ] | [ ] |
| [ ] | [e.g., infrastructure disruption] | [ ] | [ ] | [ ] | [ ] | [ ] | [ ] | [ ] |
| [ ] | [e.g., economic crisis indicators] | [ ] | [ ] | [ ] | [ ] | [ ] | [ ] | [ ] |
2. Collection Cadence & Sources
Specify each lawful collection lane keyed to the watch items above, its method, its collection cadence, the expected source grade (Admiralty, see Annex A), and the owning collector. Free/browser-first lanes before escalation-tier platforms; no live tool names here - describe the lane.
| Source / lane | Risk domain(s) served | Collection method | Cadence | Expected source grade (Admiralty) | Owner |
|---|---|---|---|---|---|
| [ ] | [ ] | [e.g., description of the lawful collection method] | [e.g., continuous / hourly / daily / weekly] | [e.g., A–F × 1–6] | [ ] |
| [ ] | [ ] | [ ] | [ ] | [ ] | [ ] |
| [ ] | [ ] | [ ] | [ ] | [ ] | [ ] |
3. Reporting Cadence & Product Format
Define each recurring product the service emits, what triggers it (scheduled cadence or tripwire-driven), its format, recipient, and delivery channel. Distinguish the routine cadence product from the on-tripwire alert product.
| Product | Trigger / cadence | Format | Recipient | Channel |
|---|---|---|---|---|
| [e.g., routine country-risk summary] | [ ] | [ ] | [ ] | [ ] |
| [e.g., tripwire alert] | [e.g., on tripwire fire, per §1] | [ ] | [ ] | [ ] |
| [e.g., periodic service-health report] | [ ] | [ ] | [ ] | [ ] |
4. Escalation & Notification Triggers
Map severity tiers to trigger conditions, the party notified, the notification method, and the acknowledgement target. Each tier must correspond to severity bands derived from the L×I key below; every §1 watch item routes to a tier here.
Risk scoring key (reproduce verbatim): Likelihood (1–5) × Impact (1–5) = 1–25; 1–5 Low · 6–10 Moderate · 11–15 Elevated · 16–20 High · 21–25 Critical.
| Severity tier | L×I band | Trigger condition | Notify | Method | Acknowledgement target |
|---|---|---|---|---|---|
| [e.g., Critical] | [e.g., 21–25] | [ ] | [ ] | [ ] | [e.g., time-to-acknowledge target] |
| [e.g., High] | [e.g., 16–20] | [ ] | [ ] | [ ] | [ ] |
| [e.g., Elevated] | [e.g., 11–15] | [ ] | [ ] | [ ] | [ ] |
| [e.g., Moderate/Low] | [e.g., 1–10] | [ ] | [ ] | [ ] | [ ] |
5. Service Levels (SLA)
Bind measurable service-level commitments to the cadence (§2/§3) and escalation timing (§4): detection/refresh timeliness, alert-delivery time per tier, product-delivery punctuality, availability, and the remedy when a target is missed. Every target must be measurable and have a measurement method.
| Metric | Target | Measurement method | Reported | Remedy / credit on miss |
|---|---|---|---|---|
| [e.g., alert delivery time by tier] | [ ] | [ ] | [ ] | [ ] |
| [e.g., routine product punctuality] | [ ] | [ ] | [ ] | [ ] |
| [e.g., monitoring availability / coverage] | [ ] | [ ] | [ ] | [ ] |
| [e.g., false-positive / quality bound] | [ ] | [ ] | [ ] | [ ] |
6. Review & Renewal
State the cadence of formal service review, the change-control process for adding/removing watch items or adjusting cadence, and the renewal, re-scoping, and termination terms.
| Item | Specification |
|---|---|
| Service-review cadence | [ ] |
| Watch-list change-control | [e.g., process to add/retire a §1 watch item] |
| Cadence / scope adjustment process | [ ] |
| Renewal terms | [ ] |
| Termination / offboarding terms | [ ] |
Annex A - Source & Watch-List Register (graded)
Register every standing source and watch item with its current Admiralty grade. Reproduce the scales verbatim; grade each sourced datum as a two-character code (e.g., B2).
NATO Admiralty source reliability (A–F): A Completely reliable · B Usually reliable · C Fairly reliable · D Not usually reliable · E Unreliable · F Reliability cannot be judged. NATO Admiralty information credibility (1–6): 1 Confirmed by other sources · 2 Probably true · 3 Possibly true · 4 Doubtful · 5 Improbable · 6 Truth cannot be judged.
| Source / watch item | Lane (→ §2) | Reliability (A–F) | Credibility (1–6) | Grade | Last verified | Notes |
|---|---|---|---|---|---|---|
| [ ] | [ ] | [ ] | [ ] | [e.g., B2] | [ ] | [ ] |
| [ ] | [ ] | [ ] | [ ] | [ ] | [ ] | [ ] |
Annex B - Onboarding / Offboarding & Data-Handling Checklist
Capture the standing-up and tearing-down steps and the data-handling regime over the term: authorization capture, baseline ingest, collection standup, retention/destruction, and offboarding.
| Step | Phase | Owner | Status |
|---|---|---|---|
| [e.g., capture authority/consent + scope sign-off] | [e.g., onboarding] | [ ] | [ ] |
| [e.g., ingest seeding baseline (Country Risk Assessment)] | [e.g., onboarding] | [ ] | [ ] |
| [e.g., stand up collection lanes + tripwires] | [e.g., onboarding] | [ ] | [ ] |
| [e.g., data retention / destruction schedule] | [e.g., steady-state] | [ ] | [ ] |
| [e.g., offboarding + data return/purge] | [e.g., offboarding] | [ ] | [ ] |
END OF SERVICE PLAYBOOK
Model wiring
Generated from cell frontmatter at publish time.