A) Confidence tiers — evidence strength at a glance
| Tier | What you’ll see | Evidence basis | Typical interval | Suitable for | Minimum controls (standards) |
|---|---|---|---|---|---|
| A++ (Audited & Replicated) | A++ badge beside metric | Independent replication by a second national/regional node and external audit opinion | CI95 (frequentist) and CrI90 (Bayesian) | Finance- and policy-grade KPIs | [SR] signed runs (SLSA v1, in-toto/Sigstore); [2N] dual attestation; [REP] third-party rerun; [PROV] lineage (W3C PROV, DCAT 3); audit letter (ISAE 3000/AT-C 205) |
| A+ (Verified & Reproduced) | A+ | Internal reproduction by an independent team; high completeness | CI95 or BCa bootstrap; sensitivity table | Quarterly performance, adoption, SLA | [SR], internal rerun; drift checks; [PROV] lineage present |
| A (Verified) | A | Primary sources + traceable transforms; reviewer checks | CI90–95 / Wilson score (rates) | Training hours, participation, accessibility | [SR] or checksum manifest; reviewer sign-off; [PROV] minimal |
| B (Modelled/Estimated) | B | Model-based estimate; priors and assumptions disclosed in model card | CrI80–90; fan bands | Readiness shares, avoided-loss estimates | Model card (ISO/IEC 42001 / 23894 alignment); backtest fit; scenario definitions |
| C (Exploratory/Indicative) | C | Early indicator, partial data, or scenario bound | Range or scenario envelope | Emerging risks; horizon scans | Limitations stated; no policy without uplift to A/B |
Notes: CI = confidence interval; CrI = credible interval; BCa = bias-corrected & accelerated bootstrap.
B) Uncertainty taxonomy — what the bands and ranges mean
| Source | Definition | How we display it | Typical placement |
|---|---|---|---|
| Aleatoric (statistical noise) | Random variability/measurement error | CI95, prediction intervals (PI90) | Attendance, SLA timing, defect rates |
| Epistemic (knowledge/model limits) | Uncertain parameters, sparse data | CrI90 with priors; fan charts | Readiness ratios, avoided-loss |
| Scenario/path dependence | Divergent futures given policy/climate/market paths | 50/80/95% fan bands; named scenarios | Finance mobilisation; roll-out sequencing |
| Bias/coverage | Missingness, selection, geospatial bias | Data-quality annotation; completeness note | Early cohorts; language/access metrics |
| Operational/governance | Legal authority, consent, grievance efficacy | Assurance icons (Section C) | Activation readiness |
| Temporal drift | Distribution shift vs baseline | Drift flags; re-baselining markers | ML performance; index comparability |
Prose discipline:
- Observed = direct measurement.
- Estimated = measurement ± model adjustment (interval required).
- Modelled/Projected = scenario-based; read assumptions + fan bands.
C) Assurance icon set — professional, standards-mapped
Monochrome codes appear in square brackets; each is a binary control enforced via the Nexus Validation Machine (NVM).
| Icon | Label | What it guarantees | Canonical standards/protocols referenced |
|---|---|---|---|
| [SR] | Signed-Run | Code, configs, environment, and data hashes signed and immutably recorded; artifact ID linked | SLSA v1.0, in-toto, Sigstore/cosign, build SBOM (SPDX 2.3 / CycloneDX 1.5), runtime attestation |
| [2N] | Dual Verify | Two independent national hosts attested the result; logs are tamper-evident; decisions reversible | Zero-trust verification (NIST SP 800-207); append-only attest ledger |
| [REP] | Replicated | A distinct team re-ran with fresh pulls and reproduced within tolerance | Reproducible research checklist; container pinning; seed control |
| [DPIA] | DPIA & Consent | DPIA on file; lawful basis and consent/withdrawal paths operational | GDPR, ISO/IEC 27701, ISO/IEC 27560:2023 (consent records) |
| [ACC] | Accessible | Public touchpoints compliant with WCAG 2.2 AA | W3C WCAG 2.2; ISO 30071-1 |
| [CYS] | Cyber SLA | Sev-1 patch latency within target; SBOM & VEX (CSAF); change log current | NIST CSF 2.0; SP 800-53 r5; OWASP SAMM; CSA CCM |
| [SAFE] | Safety Case | Structured argument with evidence approved; controlled rollback tested | Safety-case method; ISO 31000, ISO 22301; change-control (ITIL/ISO 20000) |
| [RED] | Grievance/Redress | Independent office; ack ≤ 24h; median resolution ≤ 14 days; public reporting | UNGPs effectiveness criteria; ISO 37002 (whistleblowing management) |
| [ETH] | Ethics Review | Independent ethics board review completed; conditions tracked | AI governance ISO/IEC 42001, human-subjects norms; do-no-harm |
| [PROV] | Provenance | End-to-end lineage recorded and published | W3C PROV-O, DCAT v3, OpenLineage |
| [AUTH] | Authenticity | Content and advisories have traceable provenance/signatures | C2PA (origin/provenance), CAdES/XAdES |
| [OBS] | Observability | Telemetry, traces, logs linked to the metric/exhibit | OpenTelemetry, CloudEvents 1.0 |
Rule of thumb: A++ metrics typically carry [SR][2N][REP][DPIA][PROV][AUTH]. Absence of [REP] usually downgrades to A+; absence of [2N] to A.
D) Intervals, fans, and construction methods
- Proportions (e.g., NVM-ready share): Wilson CI95; show
nand denominator. - Means/medians: Normal-approx CI95 with normality tests; if skewed, BCa bootstrap (≥10k resamples).
- Forecasts: Bayesian posterior with CrI90; fan charts (50/80/95%); priors & likelihoods summarised in model cards; calibration published (reliability plots, Brier).
- Prediction intervals: Where the “next observation” matters (e.g., time-to-brief), include PI90 alongside the point estimate.
Caption pattern used:41% (CI95: 36–46; n=72) A+ [SR][2N][DPIA][PROV]
E) Data classes & reuse posture
| Class | Typical sources | Rights & reuse |
|---|---|---|
| Open | Earth observation, hydromet, public budgets, admin boundaries | Open license; checksums + license posted; FAIR/CARE tags |
| Shared (Trusted) | Health, education, utility data under data trusts | Aggregated/DP; fiduciary governance; DPIA; access logs |
| Restricted | Sensitive ops, cyber logs, grievance narratives | On-prem/enclave only; outputs via audit letter; retention policy |
| Derived | Indices/composites produced from multiple inputs | Full lineage + weights; method notes; versioned schemas |
Geo/EO conventions (where relevant): COG, Zarr, Parquet/Arrow; STAC 1.0 catalogs; OGC API – Features/Tiles/EDR.
F) Claims grammar — verbs and modals signal evidence strength
- Observed → A++/A+ with [SR] (and typically [2N]).
- Estimated → A/A+ with interval; [PROV] required.
- Modelled/Projected → B with fan bands; model card cited.
- Indicative → C with explicit limitations.
Modals map to tiers: “will” (A++/A+ + enforceable covenants), “likely” (A/B), “plausible” (C).
G) Calibration, drift, and re-baselining
- Forecast calibration: reliability diagrams + Brier scores; quarterly targets ≤ 0.20 (binary triggers) and ≤ 0.15 (≤6-month horizons).
- Drift: flagged when divergence (e.g., KL) exceeds thresholds; mitigation via re-training or feature roll-backs recorded in [OBS] telemetry.
- Re-baselining: old vs new baselines co-displayed for two quarters; change log linked via [PROV].
H) Red-flag conditions & escalation protocol
A [WARN] tag is shown when a required control is missing:
- Missing [SR] or [PROV] for a headline KPI
- Missing [DPIA] where personal/operational data are processed
- Missing [SAFE] for activation-claims exhibits
- [RED] inoperative for community-affecting advisories
Escalation path: Exhibit Owner → National Node Lead → Regional Steward Board → Chief Steward—Assurance. Public management letters are posted to the Transparency Feed.
I) Reading examples
NVM-ready share (countries)41% (CI95: 36–46; n=72) A+ [SR][2N][DPIA][PROV][AUTH]
Meaning: 41% of participating countries passed all NVM gates; strong verification and data-rights in place; 95% CI 36–46. Decision-grade.
Anticipatory-action readiness (modelled)58% (CrI90: 49–66; fan 50/80/95%) B [ETH][PROV]
Meaning: Model-based estimate with ethics review; scenario-dependent; use for sequencing, not compliance.
Time-to-brief (operational)2h 45m (PI90: 1h30–4h10) A [SR][CYS][OBS]
Meaning: Signed operational metric with cyber SLAs and observability; prediction interval anticipates next event variance.
J) Accessibility & publication conventions
- Color-blind safe palettes; line styles (solid/dash/dot) differentiate bands in monochrome.
- WCAG 2.2 AA conformance at national entry points; all figures include alt-text (≤120 chars) and methods notes.
- Monospace icon codes (
[SR][2N]…) print cleanly and survive photocopy/scan.