0.0 Scope & Use

1) Purpose and Audience

This section defines the reporting perimeter, intended use, and assurance posture for the GCRI Impact Report covering 2024 to 2026. It is written with standards so that ministers, IFI task team leaders (TTLs), risk committees, and capital providers can make readiness—not performance—decisions with the same discipline applied to bankable infrastructure.

Primary users

• Government & Regulators: PMO, Finance/Planning, DRM/Home Affairs, Health, Digital, Utilities.
• Multilaterals/DFIs: World Bank/IMF/MDB TTLs; fiduciary, safeguards, and legal teams.
• Institutional & Insurance Capital: asset owners/managers, reinsurers, guarantors, structured-finance desks.
• Operators & Civil Society: cities, agencies, science networks, implementers, community partners.

2) Reporting Perimeter (What Is Covered)

Period: 2024 to 2026.
Status: Build/Readiness only. The report evidences design, assembly, training, and controlled demonstrations. It does not claim live early-warning operations or disaster-risk finance (DRF) disbursements within the period.

In scope—capabilities and artifacts

1. Nexus Ecosystem (8 modules). NXSCore (HPC/GPU), NXSQue (orchestration), NXSGRIx (standardization/benchmarking), NXS-EOP (AI/ML & simulations), NXS-EWS (advisory architecture), NXS-AAP (anticipatory playbooks), NXS-DSS (dashboards/briefs), NXS-NSF (standards & finance integration).
2. Planetary Nexus Governance (PNG). Small-world lattice with six Continental Steward Nodes and, under each, a six-node national mesh hosted across the quintuple helix (+ standards/finance host) to provide zero-trust verification and rapid escalation.
3. Nexus Validation Machine (NVM). Readiness gates, certification procedures, signed-run catalogs, safety cases, transparency portal, and rollback playbooks.
4. Civic OSINT Infrastructure. Open EO/GIS pipelines (provenance/lineage), model commons and audit ledger (assumption ledgers, model cards), and edge communications for last-mile/low-bandwidth delivery using open protocols.
5. Capacity & Reach. National Working Groups (NWGs); UN Volunteer onboarding (avg. ~10 per eligible country); weekly cohort training; Competence Cells and Community Response Teams (CRTs) with localization kits.
6. Standards & Alignment. UNDRR/Sendai P1–P4 curriculum, EWEA cross-walk, KPI dictionary, clause/trigger libraries, evaluator/actuarial templates, DPIA/consent/grievance frameworks, and cybersecurity posture (SBOM, patch SLAs, rollback).
7. Finance-Readiness Blueprints. Sovereign Parametric Resilience Pool (SPRP) and Outcome-Based Resilience Facility (OBRF)—term-sheet outlines, basis-risk approach, KPI→cash mapping, dispute/verification concepts. (Designs only; no live financings or payouts in period.)

Out of scope

• Production early-warning activations; live parametric triggers; financial disbursements.
• Any commitment substituting for national law, UN mandates, regulator approvals, or MDB safeguards.
• Securities offering, procurement solicitation, or legal opinions.

3) How to Use This Report (By Role)

• Heads of Government/Ministries: Use Parts II–IV (governance, Nexus stack, civic infrastructure) and Part XIV (Roadmap) to confirm institutional fit, legal prerequisites, and pilot sequencing.
• World Bank/IMF/MDB TTLs: Use Part XI (Country Operations & IFI Alignment) to map assets into IPF/PforR/DPF/Cat-DDO/MPA and relevant IMF RSF/SDFP/DLP interfaces; rely on Appendices F–H for safeguards, fiduciary, and fiscal dossiers.
• Institutional/Insurance Capital: Use Parts XII–XIII to evaluate instrument structure, risk allocation, basis-risk treatment, hedging/liquidity, monitoring and disclosure rights.
• Cities/Agencies/NGOs: Use Parts V–VIII & X for operating kits, training, edge connectivity, ethics/rights, localization.

4) Evidence Base and Method Integrity

• Primary artifacts: design specifications; sprint/test plans; issue logs with resolution rates; training rosters; UNDRR/EWEA curriculum maps; signed-run exemplars from controlled environments.
• Data integrity: all demonstration pipelines carry provenance & lineage, cryptographic checksums, and reproducible notebooks. Where empirical outputs are pending, clearly labeled modeled placeholders illustrate method and scale.
• Baselines: 2025 is the common baseline for the future Risk-Reduction Balance Sheet (tail-risk reduction, avoided losses, equity weighting, trigger-to-service times).

5) Materiality Thresholds and Confidence Tiers

To avoid “impact theater,” the following thresholds apply to every claim:

Operational Readiness (OR) threshold

• NVM gates passed at ≥80% of national criteria.
• Table-top and red-team exercises completed within 30 days.
• Rollback rehearsed and documented.

Data Quality threshold

• Completeness ≥95%; ingest timeliness ≤24h (advisory pipelines).
• 100% lineage at file/object level; reproducibility pack present.

Confidence tiers (displayed against each KPI/claim)

• Tier A – Assured: independently rerunnable; two verifications; signed artifacts.
• Tier B – Verified: internal rerun + external methods review.
• Tier C – Provisional: documented method; awaiting external rerun or sample expansion.

6) NVM Readiness Gates and Use Constraints

Activation is withheld where any of the following persist: unresolved DPIA; unsigned artifacts; missing rollback; no independent grievance channel; unpatched Sev-1 cyber CVEs; accessibility below population thresholds; or absent legal authority.
All advisories circulate only with uncertainty statements, assumption ledgers, and audit trails intact.

7) Legal, Regulatory, and Sanctions Posture

• All onboarding/training adhered to applicable sanctions and local law.
• Cross-border data in pilots remained sandboxed with lawful bases or synthetic data; data minimization and local custody are defaults.
• This document confers no rights over personal data and does not replace statutory approvals.

8) Rights, Inclusion, and Safeguards

GCRI enforces Positive Freedom, Risk Fairness, and Feedback Sovereignty as operating constraints:

• Consent & DPIA templates; revocability and minimization by design.
• Grievance & redress with time-bound SLAs and independent channels.
• Accessibility & language thresholds (WCAG-aligned; multi-language kits).
• Community custodianship & FPIC; recognition of indigenous stewardship.
• Model governance: cards, error budgets, change logs; attested compute for sensitive runs.

9) Standards Alignment (Risk, Security, Continuity)

Run-state design aligns to ISO 31000/22301, ISO/IEC 27001/27701, NIST RMF, SOC 2 families, and UNDRR/Sendai and EWEA pillars. Conformance evidence is referenced and will be completed prior to any operational activation.

10) Limitations and Forward-Looking Statements

• Results are fit-for-readiness appraisal, not live policy execution.
• Forward-looking items (e.g., 2026 gate closures, 2027 coverage targets, SPRP/OBRF evolution) remain contingent on law, safeguards, budget, and third-party approvals.
• Modeled placeholders are non-financial and clearly labeled.

11) Document Control and Change Management

• Version: 1.0 (Impact Report — Build/Readiness)
• Effective date: 16 Oct 2025
• Owners: Chief Steward (governance/operations); Chief Information Security & Assurance (assurance/cyber); Standards & Finance Node (standards/instruments); with Regional Steward Boards and National Node Leads.
• Change governance: Material edits require dual sign-off (CS-Ops + CISA) and are logged to the public transparency feed; appendices maintain checksum histories.

12) Navigation and Data Room

• Where to find what: PNG/NVM (Part II); Nexus modules (Part III); OSINT/edge (Part IV); UNDRR/EWEA (Part VI); readiness/assurance (Part VII); DRR/DRF/DRI (Part VIII); IFI alignment & country ops (Part XI); instruments (Part XII); financials (Part XIII); activation roadmap (Part XIV).
• Data-room index: Appendix K lists every artifact (safeguards drafts; PPSD/STEP snapshots; DPIAs; signed-run exemplars; curricula; issue logs) required for due diligence.

13) Executive Takeaway

This is a readiness prospectus for an auditable, portable, and lawful public-interest risk stack. It tells ministers, TTLs, and investors what exists, how it was tested, what remains gated, and how to move to responsible activation—so a forecast becomes a funded, rights-respecting action before a shock becomes a crisis.