Causonomy — Vocabulary Reference
A domain-independent lexicon for maturity auditing
The concepts required
to audit any normative system
Causonomy audits proceed without domain knowledge. What they require instead is a shared vocabulary: a set of structurally defined terms that apply equally to a hospital, a factory, a logistics network, or a software organisation. Every term below is necessary. None is domain-specific.
Negative Outcome — NO
NO = (a, δ)
A failure formally defined as a measurable deviation δ between a required state R(f) and an observed state O(f) at the boundary of a specific activity a. Every problem in any system is an instance of this form.
Deviation — D(f)
D(f) = R(f) − O(f) ≠ 0
The generalised difference between what the system requires and what it observes. May be structural, quantitative, temporal, existential, or magnitude-based. Deviation is always relative to a stated requirement — not to expectation or habit.
S1–S6 · Form deviations
Structural
The form is of the wrong type (S1), misaligned (S2), incomplete (S3), internally inconsistent (S4), unstable over time (S5), or functionally defective (S6). Captures what the form is.
Q⁻ Q⁺ · Form deviations
Quantitative
The form is present in insufficient (Q⁻) or excessive (Q⁺) number relative to requirement. Captures how many instances exist. Independent of structure — a correct form can still be the wrong quantity.
E · Activity deviation
Existential
The activity did not occur. Required output is absent not because the form is defective but because the producing activity never took place.
T⁻ T⁺ · Activity deviations
Temporal
The activity occurred too early (T⁻) or too late (T⁺) relative to the requirement. A correctly executed activity at the wrong time still constitutes failure.
M · Activity deviation
Magnitude
The activity occurred but operated outside its required range — below or above the required level of intensity, capacity, or rate.
S
Store
Maintain a form across time
M
Move
Transfer a form within the system
A
Acquire
Bring a form into the system
R
Release
Send a form out of the system
T
Transform
Change the identity of a form
C
Check
Evaluate a form against requirement
Every activity in any system is an instance of one of these six. Their Cartesian product with the 12 deviations yields the 72 Negative Outcomes — the complete surface of observable failure.
Governing forms are any artefacts that define what must be true in a system. They do not execute work — they define the conditions under which work must be executed. Every governing artefact in any domain performs one of these six functions.
S · Specification
Defines what
the required form must be
Establishes identity, composition, and acceptable states for a form. Without specification, no activity can determine whether its output is correct. Examples across domains: product drawing, clinical protocol, data schema, contractual requirement.
F · Forecast / Plan
Defines when and how much
is expected over time
Establishes required quantities and timing for activity outputs. Failures here produce quantitative and temporal deviations. Examples: demand forecast, project plan, staffing schedule, capacity plan.
R · Request / Trigger
Defines when to act
activates execution
Initiates an activity based on need or condition. Without a trigger, activities that should occur may not. Examples: purchase order, referral, work order, alert, incident ticket.
C · Constraints
Defines what is permitted
limits or shapes action
Establishes boundaries on what activities may do. Defects here often produce unexpected blockages or inadvertent permissions. Examples: budget limit, regulatory rule, access policy, dosage ceiling.
A · Authorisation
Defines who may act
establishes legitimacy
Grants or restricts the right to perform an action or approve a state. Without authorisation, activity either cannot occur or occurs without legitimate mandate. Examples: approval workflow, signing authority, certification, delegation.
V · Verification
Defines how correctness is assessed
closes the governance loop
Specifies how compliance with required states is established. Without verification, failures may go undetected. Examples: inspection checklist, audit criteria, test specification, acceptance criteria.
Every governing form is internally structured by four and only four primitives. A governing form is structurally complete when all four are present. Any missing primitive is a root-cause position.
R · Reference
What object
Identifies the form to which the requirement applies. Without reference, the requirement has no object and cannot govern anything.
A · Assertion
What must be true
States the required condition of the form. This is the core of the requirement — the claim that must hold for the system to be correct.
C · Condition
When it applies
Specifies the circumstances under which the requirement is active. Without condition, a requirement applies everywhere or nowhere — both produce failure.
E · Evidence
How compliance is shown
Defines the basis on which satisfaction of the assertion is established. Without evidence criteria, verification cannot be performed.
A governing form may be structurally complete yet exist in an illegitimate lifecycle state. Lifecycle illegitimacy is the dominant causal condition — structural content is irrelevant if the form does not participate correctly in the system.
Legitimate
Inactive
Finished prematurely
Extended
Substituted
Phantom
Abandoned
Neglected
Legitimate
Valid and active
The governing form is correctly specified, currently applicable, and actively governing the activity it was designed to govern.
Inactive
Not yet triggered
Structurally sound but not yet activated. It should have been activated — its absence from active governance is a deviation, not an intended state.
Finished prematurely
Closed too early
The governing form was withdrawn before its scope was complete, leaving activities ungoverned.
Applied beyond its valid scope — governing activities or forms it was not designed to cover.
Substituted
Replaced informally
Another governing form is de facto governing in its place, without formal replacement. Creates ambiguity about which requirement applies.
Phantom
Referenced but absent
The system references a governing form that does not actually exist. Activities governed by it have no real requirement — the most dangerous state.
Abandoned
Exists but not followed
The governing form exists and is nominally active but is systematically disregarded in practice. Governance is illusory.
Neglected
Outdated but still used
The governing form has not been maintained and no longer reflects current system reality. Its assertions are stale and its conditions may no longer apply.
POTD — Operational supports
Process · Organisation · Tools · Data
The four necessary conditions for any activity to produce a required outcome. Each is itself an activity and can fail in three modes: it may not exist (E), operate at insufficient magnitude (M), or occur at the wrong time (T). Their combination with the 72 NOs yields 864 operational causal positions.
|POTD × EMT| = 4 × 3 = 12 failure modes per NO
MNAD — System structure
Network of Activities and Dependencies
A directed graph G = (A, E) representing the flow of forms between activities. Defines which activities are connected and therefore which causal effects can propagate from one boundary to another. A defect can only cause a failure if there exists a path between them in the MNAD.
G_MNAD = (A, E) — connectivity determines reachability
Structural Reduction Matrix — SRM
SRM(g, no) = 1 ⟺ Projection(g, no) ∧ Connectivity(g, no)
The pre-computed mapping between governing defects and Negative Outcomes. A causal relation is admissible if and only if two conditions hold simultaneously: Projection — the governing defect acts on the relevant deviation dimension — and Connectivity — a path exists in the MNAD from the defect's locus to the activity boundary where the deviation is observed. The SRM collapses the 1,152 root-cause positions to a finite admissible set for any given failure, before any evidence is examined.
All reasoning within Causonomy is a traversal of the same structure in different directions. No new machinery is introduced across operations.
NO → GF
Diagnosis
From an observed failure, identify the admissible governing defects. Proceeds by elimination within GF_adm(no) — the finite set the SRM defines in advance.
GF → NO
Prediction
From a known governing defect, identify all Negative Outcomes it can produce. Determines structural risk before failure occurs.
GF_sys → NO_sys
Stress testing
Enumerate all failures admissible given the system's current governing structure. Reveals latent exposure including failures that have not yet manifested.
GF_sys → GF′_sys
Preventive design
Modify governing forms to reduce the admissible outcome set. Prevention acts on structure, not on events — making certain failures impossible rather than unlikely.