Intelligence Domain
The Intelligence domain captures and structures the intelligence-gathering activities of an organization. It spans routine business reporting through to sophisticated competitive and geopolitical intelligence, enabling organizations to maintain an adaptive and informed operating model.
Schema Version: 2.1
Schema Location: /schemas/intelligence.schema.json
Specification: JSON Schema Draft-07
Overview
What is the Intelligence Domain?
The Intelligence domain captures structured approaches to gathering and analyzing internal and external intelligence, enabling evidence-based decision making. The domain covers:
- Business Reporting — Internal reporting and dashboarding
- Competitive Intelligence — Monitoring competitor activity
- Market Intelligence — External market trends and insights
- Regulatory Surveillance — Monitoring regulatory developments
- Security Intelligence — Physical and cybersecurity threats
This domain extends the Orthogramic Metamodel by providing frameworks for modeling intelligence sources, analysis processes, and application areas.
Purpose and Value
The Intelligence domain enables architects and planners to:
- Structure intelligence activities — Organize gathering and analysis
- Map sources — Catalog intelligence sources and reliability
- Support decisions — Enable evidence-based strategic planning
- Manage risks — Provide early warning for emerging risks
- Drive performance — Recalibrate KPIs based on real-world signals
For Data Engineers
The Intelligence domain maps to analytics and BI concepts:
- Intelligence Report → Report/dashboard entity
- Intelligence Source → Data source/connection
- Analysis → Analytics pipeline
- Intelligence Type → Report category/classification
- Application → Consumer/downstream system
Core Components
The Intelligence domain uses an intelligence cycle:
- Planning: Define requirements and priorities
- Collection: Gather from sources using methods
- Analysis: Process and synthesize information
- Dissemination: Distribute reports and briefings
- Application: Support decisions and actions
Domain Attributes
Core Attributes
| Attribute | Type | Description | Required |
|---|---|---|---|
intelligenceID | String | Unique identifier | ✓ |
title | String | Name of intelligence report/activity | ✓ |
description | String | Description of intelligence content | ✓ |
purpose | String | Purpose of intelligence activity | |
owner | String | Responsible individual or team | |
orgUnitTitle | String | Organization unit accountable | |
sources | Array[Object] | Intelligence sources used | |
intelligenceType | Enum | Type of intelligence | |
frequency | Enum | Update frequency | |
legalAndEthicalConsiderations | String | Legal/ethical restrictions | |
confidentialityLevel | Enum | Classification level | |
performanceIndicators | Array[String] | KPIs for usefulness | |
risks | Array[String] | Risks in collection or use | |
improvementOpportunities | Array[String] | Enhancement suggestions | |
strategicAlignment | String | Link to strategy | |
applications | Array[Object] | Application areas |
Enumeration Values
Intelligence Type (intelligenceType)
| Value | Description | Example |
|---|---|---|
Business Reporting | Internal reporting and dashboards | Financial reports |
Competitive Intelligence | Competitor monitoring | Competitor analysis |
Market Intelligence | Market trends and insights | Market research |
Regulatory Surveillance | Regulatory monitoring | Compliance updates |
Security Intelligence | Security threats | Cyber threat intel |
Insider Threat Monitoring | Internal risk detection | Behavioral analytics |
Geopolitical Analysis | Political developments | Country risk |
Corporate Espionage | Competitor secrets | Trade secrets |
Agency Intelligence Feed | Government intelligence | Agency bulletins |
Social Media and OSINT | Open source intelligence | Social listening |
Dark Web Monitoring | Hidden internet sources | Threat monitoring |
Frequency (frequency)
| Value | Description |
|---|---|
Continuous | Real-time updates |
Daily | Daily updates |
Weekly | Weekly cycles |
Monthly | Monthly cycles |
Quarterly | Quarterly reports |
Annually | Annual reporting |
Event-driven | Triggered by events |
Ad-hoc | On-demand |
Confidentiality Level (confidentialityLevel)
| Value | Description |
|---|---|
Public | Freely available |
Internal | All employees |
Confidential | Select personnel |
Restricted | Certain executives |
Secret | High sensitivity |
Top Secret | Highest sensitivity |
Source Type (sourceType)
| Value | Description | Example |
|---|---|---|
Public Data | Freely available | News, filings |
Paid Research Services | Purchased data | Bloomberg, Gartner |
Regulatory Filings | Mandatory disclosures | SEC filings |
Informal Networks | Industry contacts | Personal networks |
Third-Party Subscription | Licensed datasets | Data vendors |
Dark Web Sources | Hidden internet | Threat intelligence |
Government Intelligence | Agency sources | Government bulletins |
Surveillance Systems | Monitoring systems | SIEM, DLP |
Intelligence Source Elements
| Attribute | Type | Description |
|---|---|---|
sourceName | String | Name of source |
sourceType | Enum | Type of source |
reliabilityRating | Enum | Source reliability: High, Medium, Low |
collectionMethod | Enum | Method: Manual, Automated, Sensor-based, Third-party |
cost | String | Cost associated |
complianceStatus | Enum | Compliance check outcome |
Intelligence Application Elements
| Attribute | Type | Description |
|---|---|---|
applicationArea | String | Area where applied |
organisationalDecisionsInfluenced | String | Decisions informed |
intelligenceConsumers | Array[String] | Roles using intelligence |
measurableOutcomes | Array[String] | Outcomes from application |
Domain Relationships
The Intelligence domain integrates with other metamodel domains:
| Target Domain | Relationship Type | Description |
|---|---|---|
| Strategy | Input | Enables informed strategic planning |
| Market | Context | Provides competitive awareness |
| Risk Management | Warning | Early warning for risks |
| Performance | Calibration | Enables KPI recalibration |
| Technology | Enablement | Technology enables collection |
| Organization | Ownership | Org units manage intelligence |
| Policy | Compliance | Intelligence policies defined |
| Information | Source | Intelligence as information asset |
| Stakeholder | Analysis | Stakeholder intelligence |
| Customer | Insight | Customer intelligence |
Examples
Example 1: Quarterly Competitor Analysis
{
"intelligenceID": "ORGINT-001",
"title": "Quarterly Competitor Market Share Report",
"description": "Analysis of competitor market activities and positioning across key product segments",
"purpose": "Guide marketing investments for Product Line A and inform competitive response strategies",
"owner": "Head of Corporate Intelligence",
"orgUnitTitle": "Corporate Strategy and Market Intelligence Division",
"sources": [
{
"sourceName": "Industry Market Research Database",
"sourceType": "Paid Research Services",
"reliabilityRating": "High",
"collectionMethod": "Third-party acquisition",
"cost": "$45,000/year",
"complianceStatus": "Compliant"
},
{
"sourceName": "Public Financial Filings",
"sourceType": "Public Data",
"reliabilityRating": "High",
"collectionMethod": "Manual research",
"cost": "No cost",
"complianceStatus": "Compliant"
},
{
"sourceName": "Trade Publication Monitoring",
"sourceType": "Third-Party Subscription",
"reliabilityRating": "Medium",
"collectionMethod": "Automated scraping",
"cost": "$12,000/year",
"complianceStatus": "Compliant"
}
],
"intelligenceType": "Competitive Intelligence",
"frequency": "Quarterly",
"legalAndEthicalConsiderations": "Follows GDPR and privacy regulations. Only public information sources monitored.",
"confidentialityLevel": "Confidential",
"performanceIndicators": [
"Faster response to competitor pricing changes",
"Improved win rate in competitive deals",
"Earlier detection of market entry threats"
],
"risks": [
"Incomplete data on private competitors",
"Potential for analysis bias",
"Information becoming outdated between cycles"
],
"improvementOpportunities": [
"Adopt automated social listening tools",
"Integrate real-time pricing monitoring",
"Expand coverage to emerging market competitors"
],
"strategicAlignment": "Supports Market Expansion Goal 2025 and competitive positioning strategy",
"applications": [
{
"applicationArea": "Strategic planning",
"organisationalDecisionsInfluenced": "Product positioning, pricing strategy, market entry timing",
"intelligenceConsumers": ["CEO", "Chief Strategy Officer", "VP Marketing", "Product Management"],
"measurableOutcomes": [
"15% improvement in competitive win rate",
"30% faster response to competitive threats"
]
}
]
}
Example 2: Regulatory Change Monitoring
{
"intelligenceID": "ORGINT-003",
"title": "Monthly Regulatory Change Digest: Financial Services Sector",
"description": "Structured summary of regulatory updates impacting financial service providers across Australia, UK, and EU",
"purpose": "Ensure ongoing compliance and proactive adaptation to new regulatory requirements",
"owner": "Regulatory Compliance Intelligence Lead",
"orgUnitTitle": "Regulatory Affairs and Compliance Department",
"sources": [
{
"sourceName": "Official Government Gazettes",
"sourceType": "Public Data",
"reliabilityRating": "High",
"collectionMethod": "Manual research",
"cost": "No cost",
"complianceStatus": "Compliant"
},
{
"sourceName": "Thomson Reuters Regulatory Feed",
"sourceType": "Paid Research Services",
"reliabilityRating": "High",
"collectionMethod": "Third-party acquisition",
"cost": "$12,000/year",
"complianceStatus": "Compliant"
}
],
"intelligenceType": "Regulatory Surveillance",
"frequency": "Monthly",
"confidentialityLevel": "Internal",
"performanceIndicators": [
"Reduction in non-compliance incidents by 30% YoY",
"Zero regulatory fines post-implementation"
],
"strategicAlignment": "Supports Compliance Excellence Program",
"applications": [
{
"applicationArea": "Risk management",
"organisationalDecisionsInfluenced": "Product compliance checks, internal policy updates",
"intelligenceConsumers": ["Chief Risk Officer", "Head of Legal", "Compliance Managers"],
"measurableOutcomes": [
"100% policy updates within 10 days of regulatory publication",
"Reduction of manual compliance audits by 40%"
]
}
]
}
Example 3: Cybersecurity Threat Intelligence
{
"intelligenceID": "ORGINT-004",
"title": "Insider Threat Behavioral Monitoring: Weekly Report",
"description": "Early detection report on anomalous behavioral indicators within high-risk departments",
"purpose": "Support protection of sensitive intellectual property and reduce internal fraud risks",
"owner": "Chief Security Intelligence Analyst",
"orgUnitTitle": "Enterprise Security Operations Centre (ESOC)",
"sources": [
{
"sourceName": "Endpoint User Activity Monitoring System",
"sourceType": "Surveillance Systems",
"reliabilityRating": "High",
"collectionMethod": "Sensor-based collection",
"cost": "$35,000/year licensing fee",
"complianceStatus": "Compliant"
},
{
"sourceName": "Dark Web Monitoring Service",
"sourceType": "Dark Web Sources",
"reliabilityRating": "Medium",
"collectionMethod": "Third-party acquisition",
"cost": "$18,000/year",
"complianceStatus": "Compliant"
}
],
"intelligenceType": "Insider Threat Monitoring",
"frequency": "Weekly",
"legalAndEthicalConsiderations": "Complies with employment law and privacy regulations. Employee notification provided.",
"confidentialityLevel": "Restricted",
"performanceIndicators": [
"Reduction in data exfiltration incidents by 70%",
"Zero successful insider fraud cases"
],
"strategicAlignment": "Supports Enterprise Risk Framework and data protection objectives",
"applications": [
{
"applicationArea": "Security operations",
"organisationalDecisionsInfluenced": "Investigation prioritization, access control adjustments",
"intelligenceConsumers": ["CISO", "HR Director", "Legal Counsel"],
"measurableOutcomes": [
"Early detection of 95% of potential insider threats",
"50% reduction in investigation time"
]
}
]
}
Implementation Guidelines
Intelligence Program Best Practices
- Define requirements — Align intelligence needs to business objectives
- Validate sources — Assess reliability and compliance
- Analyze systematically — Apply consistent analytical frameworks
- Disseminate appropriately — Match classification to distribution
- Measure value — Track intelligence impact on decisions
Intelligence Maturity Framework
| Level | Description | Characteristics |
|---|---|---|
| 1 - Ad-hoc | Reactive intelligence | No formal process |
| 2 - Developing | Basic capabilities | Some formal collection |
| 3 - Defined | Structured program | Documented processes |
| 4 - Managed | Measured program | KPIs and metrics |
| 5 - Optimizing | Continuous improvement | Predictive capabilities |
Source Reliability Assessment
OpenMetadata Integration
For Data Platform Teams
When integrating with OpenMetadata, map Intelligence entities as follows:
| Orthogramic Element | OpenMetadata Entity | Notes |
|---|---|---|
| Intelligence Report | Dashboard | Intelligence dashboards |
| Intelligence Source | Database Service | Data source connections |
| Analysis | Pipeline | Analytics pipelines |
| Intelligence Type | Tag | Classification tags |
| Application Area | Glossary Term | Business context |
# Example: Map Intelligence to OpenMetadata Dashboard
def create_intelligence_dashboard(intel):
"""
Map Orthogramic Intelligence to OpenMetadata Dashboard
"""
return {
"name": intel["intelligenceID"].lower(),
"displayName": intel["title"],
"description": intel["description"],
"dashboardType": "intelligence",
"owner": {"name": intel.get("orgUnitTitle", ""), "type": "team"},
"tags": [
{"tagFQN": f"IntelligenceType.{intel['intelligenceType'].replace(' ', '_')}"},
{"tagFQN": f"Confidentiality.{intel['confidentialityLevel']}"},
{"tagFQN": f"Frequency.{intel['frequency']}"}
],
"charts": [
{
"name": source["sourceName"].lower().replace(" ", "_"),
"displayName": source["sourceName"],
"chartType": "source"
}
for source in intel.get("sources", [])
]
}
Schema Reference
- Repository:
Orthogramic/Orthogramic_Metamodel - Schema Location:
/schemas/intelligence.schema.json - Version: 2.1
- Specification: JSON Schema Draft-07
- License: Creative Commons Attribution-ShareAlike 4.0 (CC BY-SA 4.0)
Previous: Social Change Domain | Next: Manufacturing Domain