// QUESTION CLASS

What breaks, where, and when?

Actionable is the engine that produces targeting products — not in the kinetic sense, unless the customer is authorized for that, but in the analytic sense: the identification of the specific components, dependencies, and moments where intervention (by any means) would produce disproportionate effect. A Target System Analysis (TSA) in IC tradition, adapted for the analysis the customer actually needs. For a commercial customer this might be the critical path of a supply chain. For a national-security customer it might be the decision-making architecture of a counterpart. The shape of the analysis is consistent; the application is not. The engine's distinctive output is the BowTie Diagram — a formal mapping of threats on one side, consequences on the other, and the barriers between them. BowTie is a methodology used in safety engineering and adapted for intelligence analysis. It is the single most useful visual for communicating "here are the ways this fails, here are what happens when it does, and here is what stands in the way." An Actionable report without a BowTie has not done the work.

Actionable

"Identify the critical nodes in [entity]'s decision-to-execution pipeline for [type of action]. Which components, if degraded, would most reduce the entity's capacity?"

Actionable

"Map the vulnerabilities of [industry / sector]'s supply chain for [critical component]. Characterize threats, barriers, and consequences of failure."

Actionable

"Assess the opportunity windows for [initiative / engagement] with [counterparty]. When is the window open, what opens it, what closes it?"

Actionable

"Produce a TSA of [infrastructure system] with attention to the components whose failure would propagate beyond containment."

// ANATOMY

An Actionable report contains:

An Actionable report is structured around a system, not a narrative. The reader is trying to identify leverage — where in the system does change have disproportionate effect — and the report is optimized for that question. The Target System Map is the first thing the reader sees; everything else is commentary on specific parts of it. The BowTie Analysis appears per critical threat-consequence pairing and is the format the IC and the safety-engineering communities converge on for this kind of work. The analyst does not recommend action; they identify the leverage and name the constraints. The customer decides.

§ 01

Target System Map

The full system, rendered as a graph

§ 02

Critical Nodes

Components whose failure has disproportionate effect

§ 03

Dependencies

What relies on what, explicitly

§ 04

Vulnerabilities

Named weaknesses, with the specific mechanism

§ 05

Opportunity Windows

Timing analysis; when things are open

§ 06

BowTie Analysis

Per critical threat-consequence pairing

§ 07

Recommendations

Analytic, not operational; the analyst does not tell the customer what to do

§ 08

Confidence and Sources

Per-component, per-edge

// THREAT. BARRIERS. CONSEQUENCE.

How the failure modes connect.

BOWTIE DIAGRAM

// VISUAL · PHASE 2B

// WORKED EXAMPLE

From question to brief.

// THE KIQ

"Produce a TSA of [specific infrastructure system] with emphasis on the components whose failure would propagate beyond containment within 72 hours."

// PIPELINE TRACE

// INTAKE
PIOT complete. Population: [system] + components + dependencies
Indicator: propagation-risk nodes · Outcome: targeting study
Timeframe: 72-hour propagation window

// DECOMPOSITION
19 sub-questions:
  · System architecture (4 sub-Qs)
  · Components by function (6 sub-Qs)
  · Inter-component dependencies (3 sub-Qs)
  · Historical failure case studies (4 sub-Qs)
  · Containment and response mechanisms (2 sub-Qs)

// RUN
Sources scanned: 3,688
Sources incorporated: 394
Nodes identified: 47
Edges mapped: 129
Critical nodes (propagation risk > threshold): 6
BowTie analyses produced: 6 (one per critical node)

// OUTPUT
TSA: 4,720 words, 394 footnotes, 1 system graph, 6 BowTies.

// SAMPLE OUTPUT EXCERPT

We identify six nodes in the system whose degradation would produce propagation effects beyond the 72-hour containment window. Node-3 (central coordination authority) is the most significant:¹ its degradation removes the arbitration mechanism that resolves inter-component conflict, which would produce cascading misconfiguration across Nodes 8–14 within 12 hours based on historical case studies.² Node-3's dependencies are themselves load-bearing: it relies on three separate communication paths, of which only one has a documented redundancy.³ The BowTie analysis for Node-3 (below) names six threat pathways and four barrier configurations, of which two are currently degraded…

// TRADECRAFT

Targeting studies earn their weight by being honest about uncertainty in the recommendation, not in the map.

The map is the claim; the map is sourced.

Every node, every edge, every dependency in the Target System Map is sourced individually. A reader who disagrees with the analysis should be able to identify which source is wrong or which inference is flawed. No edges without citations.

ICD 206 · Full source attribution

BowTie is a standard, not a metaphor.

BowTie Analysis is a formal methodology used in safety engineering (petrochemical, aviation, medical) and adopted by parts of the IC for threat-consequence analysis. We use the formal structure: left side = threats, center = hazardous event, right side = consequences, barriers between. Not decorative. The barriers are named and their current state (effective, degraded, absent) is assessed.

BowTie Methodology · CCPS / IChemE tradition

Recommendations are analytic, not operational.

The Actionable engine identifies leverage points and their constraints. It does not tell a customer what action to take — that is the customer's authority, not the analyst's. A report that says "you should do X" has stopped being analysis and started being advocacy. This distinction is the IC standard for actionable products.

ICD 203 · Objectivity + Independence

Often paired with: Foundational (the system-map foundation), Argumentative (pressure-tests critical-node claims).

// AUTHORED BY