HOME | THE DIAGNOSTIC
Five conditions.
One threshold that holds
across 97 years of cases.
The HSRL diagnostic tests whether the five structural conditions present in every documented resilient case — and absent in every documented failure — exist in the system you are assessing. Free, public, and anonymous. No account required. No expertise required.
○ Free — no cost to run ○ Anonymous — no account, no login ○ Public — run it on any system
○ Instant results — no waiting ○ Evidence-cited — every finding sourced to the dataset
THE FIVE CONDITIONS
The same five gaps
in every documented failure.
Zero exceptions.
Across 380 documented cases spanning 97 years, 22 domains, and 75 types of automated systems, every failure shares the same five missing structural elements. Every resilient case has all five. The diagnostic tests each one.
C1
Named Accountable Owner
One named individual — not a department, committee, or shared role — with documented authority to halt system outputs and invoke the accountability protocol. The authority must be written down, assigned to a specific person, and current. When that person leaves without a named successor, C1 degrades immediately.
Absent in 240 of 260 documented failures
C2
Independent Validation
Pre-deployment validation by a party with no financial relationship to the deploying organization, tested against the specific population and use context — not the vendor's general test conditions. Vendor IP claims that restrict validation scope score C2 ABSENT, not PARTIAL. There is no middle position when the validation cannot be conducted independently.
Absent in 249 of 260 documented failures · IP restriction present in 80 cases
C3
Structured Ongoing Monitoring
A named reviewer, a defined review cycle, documented findings, and logged anomalies. The monitoring obligation must be continuous, assigned to a specific person, and on a schedule that is written down. Dashboard access does not substitute for a named monitoring obligation.
Absent in 241 of 260 documented failures
C4
Accountability Protocol
A documented protocol — written before deployment — specifying what happens when the system produces a harmful output. It names the person with authority to invoke it, how affected people are notified, and how harm is corrected. When C4 is absent at the time of the first harm event, the median additional harm window is 3 years. When C4 is present, that window is zero.
C4 absent → 3yr median additional harm · C4 present → 0yr
C5
No Active Suppression
No documented suppression of internal signals, external concerns, or independent findings. A protected reporting channel must bypass both the vendor and the supervisory chain whose metrics depend on the system continuing. C5 is the last line of defense when C1–C4 fail. Its absence adds approximately 4 years to the median harm window.
Suppression present in 83% of all failures · 97% of algorithmic failures
HOW SCORING WORKS
Three tiers. One threshold
that wasn't decided; it was found.
The 0.6 threshold separating RED from CLEAR was not set by committee or convention. It was identified in the dataset: the score below which every documented failure falls, and above which every documented resilient case sits. 100% classification accuracy. No exceptions in 380 cases.
0–0.5
⚠ RED — Governance Warning
One or more critical conditions absent. The governance structure does not meet the minimum threshold to protect the people affected by this system. Every documented harmful failure scores in this range.
260 of 260 documented failures score below 0.6 · Median harm window: 4yr deploy-to-discovery
0.6–0.79
◎ CAUTION — Partial Governance
Above the failure threshold but below full certification. Some conditions present, some partial or absent. Systems in this range have reduced risk but are not structurally sound. No documented resilient case operates permanently at this range.
Transition zone — found in early-phase resilient cases completing governance build · Not a stable operating state
How each condition scores
Each condition scores 0, 0.5, or 1.0 — absent, partial, or present. The five scores are averaged to produce the GPWS governance score. C2 has no partial state — if independent validation cannot be conducted due to vendor IP restrictions, C2 scores 0.0 regardless of any other documentation.
A partial score (0.5) means the structural element exists but does not meet the full verification standard. Partial scores are not a safe operating state.
C1 · Named Accountable Owner12 triggers
C2 · Independent Validation11 triggers
C3 · Structured Ongoing Monitoring11 triggers
C4 · Accountability Protocol12 triggers
C5 · No Active Suppression11 triggers
Total triggers57
0.8–1.0
✓ CLEAR — Governance Present
All five conditions present and verified. Governance structure meets or exceeds the threshold found in every documented resilient case. At this score, the system qualifies for GCR-001 pre-deployment certification by an HSRL-certified practitioner.
120 of 120 documented resilient cases score above 0.6 · All GCR-001 certifications require 0.8+
What "found, not decided" means
Before the 0.6 threshold was identified, the dataset was scored across all 380 cases. The distribution showed a clean separation: all 260 documented failures clustered below 0.6; all 120 documented resilient cases scored above it. No case straddled the line. The threshold was not set to achieve this result — the result revealed the threshold.
This matters for how findings are used. A RED finding is not a judgment call or a risk estimate. It is a statement that the system's governance profile matches every documented harmful failure in the dataset and none of the documented resilient cases.
When a practitioner issues a GCR-001 at 0.8+, they are certifying that the governance profile matches the documented resilient cases — not that harm cannot occur, but that the structural conditions that prevented harm in comparable systems are present and verified.
What the diagnostic
actually asks.
Each condition is assessed through a structured set of triggers — specific, answerable questions that determine whether the condition is present, partial, or absent. A representative sample from each condition's trigger set.
*EXPANDED DIAGNOSTICS AVAILABLE FOR FULL YELLOW AND RED RISK SYSTEMS. PUBLIC VERSIONS AVAILABLE Q4 2026.
C1 · 12 Triggers
Named Accountable Owner
Is there a written document naming a specific individual as accountable for this system?
Does that document specify their authority to halt system outputs?
Is the named individual currently in their role?
Is there a succession plan if they leave?
Does the accountability extend to third-party vendor components?
Has the named individual accepted the accountability in writing?
Is the accountability document dated and version-controlled?
+ 5 additional triggers in full diagnostic
C2 · 11 Triggers
Independent Validation
Was pre-deployment validation conducted by a party independent of the vendor?
Did the validator have no financial relationship with the deploying organization?
Was validation conducted against the specific population this system affects?
Were vendor IP restrictions imposed on the validation scope?
Is the validation documentation available for review?
Has the system been materially changed since validation?
Is the validator's methodology documented and reproducible?
+ 4 additional triggers · No partial state for IP-restricted validation
C3 · 11 Triggers
Structured Ongoing Monitoring
Is there a named individual responsible for ongoing monitoring?
Is there a written monitoring schedule with defined intervals?
Are monitoring findings documented and retained?
Is there a defined escalation path for anomalous findings?
Does the monitoring include outputs affecting real people, not just system performance metrics?
Is there a threshold that triggers mandatory escalation?
Has monitoring occurred on the defined schedule?
+ 4 additional triggers · Dashboard access ≠ named monitoring obligation
C4 · 12 Triggers
Accountability Protocol
Does a written accountability protocol exist, dated before first deployment?
Does the protocol name a specific individual with authority to invoke it?
Does the protocol specify how affected people are notified?
Does the protocol specify how harm is corrected or remediated?
Has the protocol been tested or rehearsed?
Is the protocol current with the system's current deployment context?
Is the protocol accessible to the people responsible for invoking it?
+ 5 additional triggers · Pre-deployment date required — post-harm protocols score ABSENT
C5 · 11 Triggers
No Active Suppression
Is there a reporting channel that bypasses the vendor and the system's supervisory chain?
Are staff aware the channel exists?
Does the channel route to someone with authority to act on reports?
Is there documentation of signals that were received and acted on?
Is there documentation of signals received and not acted on?
Has any external concern been suppressed or dismissed without documented review?
Are there incentive structures that discourage reporting problems?
+ 4 additional triggers · Channel must bypass BOTH vendor and supervisory chain
What the Diagnostic Produces
A score. A finding.
Case matches. A record that belongs to you.
Every diagnostic run produces four things: a GPWS governance score between 0 and 10; a RED / CAUTION / CLEAR finding; a case match — the three to five documented cases from the 380-case dataset that most closely resemble the system's governance profile; and a downloadable result you can save, share, or use immediately.
The free diagnostic produces an unverified finding — generated from your inputs, not reviewed by HSRL staff. If you need a finding that holds up in a procurement review, a regulatory submission, an OIG complaint, or a legal proceeding, you need a practitioner-verified GCR. The self-service documents are the middle path: structured, evidence-cited, and formatted for institutional use, but clearly marked as user-generated.
The unverified finding is still useful. It tells you exactly which conditions are present, partial, or absent — and which documented cases your system most closely resembles. It tells you precisely what governance gaps need to be filled before a practitioner could certify the system clean.
Free Diagnostic Result
GPWS Score & Finding
Governance score, RED/CAUTION/CLEAR finding, condition breakdown, and top three case matches from the 380-case dataset. Instant, anonymous, no account required.
Free Public · Anonymous
DOC-01 · Self-Service
Governance Condition Snapshot
Single-page structured summary: five condition scores, overall GPWS rating, top-matched cases. Formatted for procurement review or internal briefing. Instant PDF download.
$45 Pay per document
DOC-02 · Self-Service
Structural Governance Assessment Report
Full 57-trigger output across all five conditions. Evidence citations, condition-specific findings, case match appendix, GPWS tier determination, and estimated harm window where applicable.
$195 Pay per document
DOC-03 · Self-Service
Procurement & Oversight Letter
HSRL letterhead format. Structured finding formatted for submission to a procurement office, OIG, legislative committee, or legal team. Condition findings, threshold comparison, case evidence.
$295 Pay per document
GCR-001 · Practitioner-Verified
Governance Certification Record
SHA-256 signed, immutable pre-deployment governance record issued by an HSRL-certified practitioner. The only HSRL document suitable for regulatory submissions, OIG complaints, litigation support, or congressional inquiries.
$2,500–$12,000 Practitioner-issued
⚠ Self-service documents (DOC-01 through DOC-03) are generated from user-provided inputs and are not reviewed or certified by HSRL staff. They do not constitute a verified HSRL finding. For verified findings suitable for regulatory use, contact a certified practitioner.
Case Database
380 cases.
Every one scored. Every score defensible.
THE CASE COMPARISON ENGINE
Your result isn't abstract.
It matches specific documented cases.
When the diagnostic produces a finding, it tells you which documented cases your system's governance profile most closely resembles — and how closely. If your benefits eligibility system scores 0.1, the comparison engine tells you it most closely matches Robodebt (0.0), Toeslagenaffaire (0.1), and Michigan MiDAS (0.1). Not based on what the system does — based on how its governance is structured.
This matters because it makes the finding concrete. A score of 0.1 is abstract. "Your governance profile most closely matches a system that generated 500,000 false debt notices before a Royal Commission found it unlawful" is not. It also documents what happened in comparable cases — how long they ran, who discovered the problem, how long remediation took, and what it cost.
The comparison engine is included in the free diagnostic. The self-service Assessment Report includes a full case match appendix with condition-by-condition comparison for the top five matches.
AFTER THE DIAGNOSTIC
The diagnostic tells you what's missing.
What you do with that depends on who you are.
If the finding is RED
The Remediation Pathway
A RED finding means one or more critical conditions are absent. The next step is a practitioner-issued Remediation Pathway Document — a condition-by-condition specification of exactly what governance infrastructure needs to be built, at what standard, and how it will be verified at re-audit. The organization builds the infrastructure. The practitioner verifies it.
If you need a verified record
Practitioner-Issued GCR
If the diagnostic is being used for procurement documentation, regulatory compliance, OIG submission, or litigation support, you need a GCR — a practitioner-verified, SHA-256 signed governance certification record. A self-service diagnostic result is not a GCR. The path from diagnostic to GCR runs through an HSRL-certified practitioner.
If you're an agency
Agency SGL Integration
If you're running diagnostics on multiple systems, or want your governance records tracked, scheduled, and accessible in real time — not delivered as PDFs — the Agency Structural Governance Ledger gives you a live governance accounting system with practitioner credential access built in.
Run the diagnostic.
Free. Anonymous. Now.
The diagnostic takes approximately 15 minutes for the full 57-trigger assessment. No account. No login. No cost. Your result is yours immediately.
Public diagnostic launching April 2025 · Case database launching April 2025 · Practitioner access Q3 2025