Clarity in Chaos. Insight in Action.

This layer anchors the framework in internationally recognized standards and professional competencies. It ensures that all analysis and recommendations are legitimate, defensible, and aligned with duty of care obligations.

ISO 31000 Risk Management

ISO 31000 provides globally recognized principles and processes for risk management. We apply its guidelines to ensure consistency, transparency, and continuous improvement in all assessments and decision-making processes.

INSSA Core Competencies

The International NGO Safety and Security Association (INSSA) defines the professional competencies required for effective security risk management in humanitarian and development contexts. By aligning with INSSA, we ensure that staff skills, organizational systems, and governance structures meet international best practice.

CC-Security Risk Management (CC-SRM)

This competency framework, developed for humanitarian operations, integrates duty of care with operational realities in fragile and conflict-affected environments. It emphasizes practical application of standards in high-risk contexts where staff safety and organizational reputation are at stake.

Integrating Standards and Competencies

These frameworks form the governance spine of the CSRF. By embedding ISO, INSSA, and CC-SRM principles, we ensure that risk management is not only methodologically sound but also accountable, ethical, and aligned with donor and stakeholder expectations.

Decision Outputs

• Risk management processes that comply with international standards.
• Competency-based training and guidance for staff and partners.
• Governance structures that reinforce duty of care and accountability.
• Clear audit trails that satisfy donor, board, and partner requirements.

Outcome for clients: a standards-driven foundation that legitimizes analysis, strengthens governance, and ensures compliance with international duty of care obligations.

In this layer, we assess the broader environment and systemic resilience factors that shape risks, opportunities, and stability. We use internationally recognized frameworks to ensure that no critical driver is overlooked.

PESTELS Framework

PESTELS expands analysis across seven dimensions of the operating environment:

• Political – governance, institutions, leadership, and policy direction.
• Economic – growth, trade, employment, financial stability.
• Social – demographics, inequality, education, health, and social cohesion.
• Technological – digital transformation, cyber risks, innovation.
• Environmental – climate, natural resources, disasters, sustainability.
• Legal – rule of law, human rights, regulatory frameworks.
• Security – threats, conflict, terrorism, crime, and resilience capacity.

This structured lens ensures that political and security analysis is grounded in the wider system context.

Positive Peace Framework (Institute for Economics & Peace)

Positive Peace identifies the attitudes, institutions, and structures that build and sustain peaceful societies. The eight pillars are:

1. Well-functioning Government
2. Sound Business Environment
3. Equitable Distribution of Resources
4. Acceptance of the Rights of Others
5. Good Relations with Neighbors
6. Free Flow of Information
7. High Levels of Human Capital
8. Low Levels of Corruption

These pillars serve as both diagnostics and benchmarks, highlighting systemic strengths and weaknesses across societies.

HALO Systems Thinking (IEP)

The HALO (Holistic Analytical Lens for Outcomes) model from the Institute for Economics & Peace applies systems thinking to Positive Peace. It recognizes that the eight pillars are interdependent and mutually reinforcing — changes in one pillar affect others, sometimes in unexpected ways. By mapping these interactions, HALO helps identify leverage points where interventions will have the greatest long-term impact.

Outcome for clients: a holistic understanding of context, resilience factors, and systemic risks that enables smarter planning, more resilient programs, and improved foresight into conflict and peace dynamics.

This layer translates context into prioritized, decision ready risks. We combine a structured, threat aware scoring model with bias resistant analytic techniques to identify what is most at risk, why it is vulnerable, and which interventions will have the greatest impact.

CARVER Method

CARVER is a quantitative model that prioritizes targets, assets, and vulnerabilities that can be adapted for any risk assessment scenario. We integrate CARVER with the ISO 31000 compliant risk matrix to evaluate likelihood and impact. Each factor is scored and combined to create a ranked risk profile. This ranking process allows decision-makers to clearly see where resources, mitigation, and monitoring should be focused for the greatest risk reduction.

• Criticality - how essential the asset or function is to operations or mission success.
• Accessibility - how easily an adversary can reach or affect the target.
• Recuperability - how quickly capability can be restored after disruption.
• Vulnerability - how susceptible the target is to specific attack modes or hazards.
• Effect - magnitude and scope of impact if compromised.
• Recognizability - how easy it is to identify and locate the target in the real world.

How we apply CARVER: define assets and processes, map plausible threat modes, score each factor on a consistent scale, apply weights aligned to mission priorities, then visualize results in a ranked register and heat map. This yields clear, defensible priorities for mitigation and protection.

Structured Analytic Techniques

To reduce bias and increase traceability, we apply SATs alongside CARVER. Techniques are selected to match the decision problem and available evidence.

• Key Assumptions Check - surfaces and tests the assumptions that drive risk estimates.
• Analysis of Competing Hypotheses - evaluates multiple explanations against the evidence to avoid confirmation bias.
• Indicators and Signposts - defines early warning indicators and decision thresholds for ongoing monitoring.
• Scenario Analysis and Cone of Plausibility - explores credible futures to stress test plans and contingencies.
• Red Team and Pre mortem - challenges plans from an adversary viewpoint and identifies failure modes before they occur.

Decision Outputs

• Prioritized risk and vulnerability register mapped to assets, locations, and processes.
• Targeted mitigation options with cost, feasibility, and expected risk reduction.
• Early warning indicators and triggers for escalation or contingency activation.
• Clear audit trail of evidence, assumptions, and methods to support donor and governance requirements.

Outcome for clients: a defensible, ranked picture of what matters most, where it is most vulnerable, and which actions will measurably reduce risk.

This layer examines the underlying causes, triggers, and dynamics of conflict. By combining internationally recognized frameworks, we ensure analysis is systematic, comparable, and aligned with donor standards.

Conflict Assessment Framework (CAF 2.0)

CAF provides a structured approach to identify root causes, proximate drivers, and conflict triggers. It helps map how grievances, capacity, and opportunities interact to sustain or reduce violence.

UN Conflict Analysis Practice Note

The UN framework emphasizes “do no harm” principles and integrates cross-cutting issues such as human rights, gender, and inclusion. It enables a shared language across international, governmental, and NGO stakeholders.

Conflict Assessment System Tool (CAST)

Developed by the Fund for Peace, CAST is a quantitative and qualitative tool that measures a state’s vulnerability to conflict and fragility. It triangulates three data streams — quantitative datasets, media/content analysis, and expert assessments — to score twelve risk indicators grouped into four categories: Cohesion, Economic, Political, and Social. CAST underpins the annual Fragile States Index and provides early-warning insights used by governments, multilaterals, NGOs, and private sector actors.

Integrating Frameworks

By combining CAF, UN, and CAST, we create a conflict systems map that captures structural causes, immediate triggers, fragility scores, and feedback loops. This integration produces a robust diagnostic that balances qualitative insights with quantitative measures.

Decision Outputs

• System maps that visualize conflict drivers, actors, triggers, and fragility indicators.
• Identification of resilience factors that can reduce risks and promote stability.
• Shared analytical baselines that support donor reporting and cross-agency coordination.
• Evidence-based recommendations for program design, policy engagement, and early warning.

Outcome for clients: a clear and measurable understanding of the causes and dynamics of conflict, grounded in internationally accepted frameworks, that informs more effective strategies and interventions.

We use strategic interaction theories and frameworks to analyze the dynamic relationships between actors and stakeholders in complex contexts. This helps us anticipate how decisions, signals, and behaviors influence one another in conflict and security environments.

Outcome for clients: clear insight into negotiation dynamics, power plays, and influence pathways that shape risks and opportunities.

This layer moves analysis into action. We translate insights into practical security, crisis, and resilience measures that can be adapted as conditions evolve. Our focus is on preparedness, adaptability, and continuous learning.

OODA Loop

We apply the Observe–Orient–Decide–Act cycle to help organizations adapt quickly in complex and fast-changing environments. By shortening the decision cycle and embedding continuous feedback, leaders can stay ahead of emerging risks.

Crisis & Contingency Planning

We design plans and playbooks that cover prevention, preparedness, response, and recovery. This ensures that organizations are ready for high-impact, low-probability events while maintaining operational continuity during day-to-day disruptions.

Monitoring, Evaluation, and Learning (MEL)

We integrate MEL frameworks so that every intervention generates lessons learned. This creates a feedback loop that strengthens resilience, informs strategy, and supports donor and governance reporting requirements.

Decision Outputs

• Adaptive decision-making cycles with clear triggers and thresholds for action.
• Practical contingency and crisis management plans aligned to international standards.
• Training and exercises to validate readiness and build staff confidence.
• Embedded learning systems that continuously improve resilience over time.

Outcome for clients: a tested and adaptable resilience framework that allows organizations to respond effectively under pressure, recover quickly, and continuously strengthen their ability to operate in volatile environments.