How to read a risk report: what 'sourced' actually means

A trustworthy risk report has three properties a confident guess never does: every claim can be traced to a primary source, the agreement between sources is shown rather than asserted, and the judgements that were rejected are on the record. If a report can’t show you those three things, you are reading an opinion, however fluent.

What does “sourced” actually mean?

Sourced does not mean “has links.” It means each material claim names its originator — the person or body that actually said the thing — separately from the publication that merely carried it. A wire service repeating a local official is a publication; the official is the originator. Confusing the two is how a single voice gets mistaken for many.

Why isn’t more sources always better?

Because volume is not corroboration. Ten outlets repeating one anonymous post is one source amplified ten times, not ten independent ones. What raises confidence is triangulation: independent originators, who did not get it from each other, arriving at the same fact. A good report shows you the count of independent originators and flags contradictions instead of hiding them.

What should a red-team add?

Before a conclusion reaches you, someone should argue against it — looking for the single-language source base, the convenient assumption, the missing counter-evidence. A report worth trusting tells you that this happened and what the challenge found, even when the conclusion survived.

The simplest test

Pick any conclusion in the report and try to walk it backwards: conclusion → reasoning → triangulated sources → the primary itself. If you can make that walk, the report is doing its job. If the trail goes cold, the confidence is decorative.

This is the discipline Aegilo applies to every report — and the reason the audit trail, not the headline, is the product.