Coverage Is Not the Hard Part

Walk into almost any detection program and you can see where the attention went. It went into the instruments: their sensitivity, their alarm thresholds, their ability to identify what they have detected. And it went into coverage: how many, placed where, watching what. These are real problems, and they are largely solved problems. An organization can spend its entire budget here and arrive at something that looks, by every measure an inspection applies, complete.

The most sophisticated programs go further still, investing in the ability to characterize an indication and not merely register it. It is rarely noticed that this can cut against them. Identification data arrives with a confidence attached, and low-confidence data handed to the person who must act can make the decision harder, not easier. We will return to why.

And then an alarm sounds, and the program discovers what it actually is.

The moment a detector alarms, the program stops being a technical system and becomes a human one. Someone has to decide what the reading means and what happens next. That decision is the program. Every sensor, every dollar of coverage, exists only to carry a human being to that moment. And that moment, the resolution of the alarm, is almost never designed with the same seriousness as the hardware that produces it.

We call the space where this fails the adjudication gap. It is not one problem. It is a family of them, and they share a single root: the program designed the detection and never designed the decision.

The edge cannot act

Begin with the most common version. An operator is watching the instruments. An alarm fires. The operator is trained, sees the reading, and understands what it means: the location, the nature of the indication, the stakes if it is real.

And then the operator does nothing, because there is nothing the operator is permitted to do.

The action that would actually slow or stop the threat, to hold, to divert, to halt an operation, to commit resources, belongs to someone else. Someone with the authority to absorb the consequences of being wrong. In a well-run organization, that person exists and is on duty. The failure is subtler than absence. The person with the authority is usually present, and not at the position. They are across the room. Down the hall. In a meeting about something unrelated. Handling a personnel matter two floors up. They are in the building, fully engaged in their job, and they are not standing where the decision has to be made at the instant it has to be made.

This is the failure that a staffing chart cannot see. The program is fully manned. Everyone is present and doing their work. And there is still no one at the decision point when the alarm fires, because having the authority in the building is not the same as having it at the position, and no one designed for the difference.

Escalation defeats the clock

Sometimes the operator at the edge can close the alarm alone. A trained screener, working a routine encounter, gets an indication, works the steps, and resolves it on the spot, most of the time. The edge is more capable than people expect.

But not always. When the edge cannot close it, resolution has to escalate to a more specialized resource: better training, better equipment, the ability to answer a question the first operator cannot. And that resource is somewhere else. Blocks away. Counties away. The alarm is now a race between the time it takes that resource to arrive and the time the threat needs to pass.

Here the gap reveals something uncomfortable about how these decisions actually get made. Confront two operators with an identical reading, same indication, same ambiguity, same competence, in two different jurisdictions, and the authorized response can be opposite. In one, the rules permit holding the situation in place until the specialist arrives, because that delay is judged reasonable. In another, that same delay would be a firing offense. The reading is identical. The authorized action is contradictory. And the difference is determined not by any decision the program made, but by whatever local rules happened to already exist.

That is the tell. When the response to a given reading varies by accident of geography, it means the decision architecture was never designed at the program level at all. It was inherited.

The decision was never scripted

Underneath both of these is the deepest version of the gap, and it is the one that explains the rest.

The operator should not be deciding at all.

In a program that has actually designed its adjudication, an alarm does not pose a question to the person at the edge. It triggers an action: pre-scripted, decided in advance, in the calm, by the people with the authority and the expertise to weigh it properly. The operator's job at the moment of alarm is not to think. It is to execute a decision that was already made.

What happens instead, in program after program, is that the alarm arrives as a question. There's an alarm, what do I do? The operator turns to a colleague. What do you think? Seconds pass in deliberation that should have happened months earlier, at a conference table, with no clock running. And the unscripted alarm fails in both directions at once.

It fails toward the threat: while the edge deliberates, the real thing passes through.

And it fails toward the false alarm: the edge, unsure, decides it might have something, and triggers a costly response, a shutdown, an evacuation, an interruption to the lives of thousands, only to spend the next hours establishing that there was never a threat at all. An indication that should have been resolved in seconds becomes an expensive, disruptive, self-inflicted event, because no one had scripted what a reading of that kind, in that context, actually authorizes.

This is also why the answer is not simply to give the operator more information. We left a question open earlier: why can better identification data make a decision worse? Here is where it is paid. A characterization carries a confidence with it, and a low-confidence reading delivered to a person under a running clock fails in both directions at once. It is trusted more than it deserves to be: a possible is heard as a probable, and the operator anchors on an answer that may be wrong. And it injects an ambiguity that is harder to act on than a clean reading or none at all, it might be this, it might be that, forty percent, so the operator hesitates, waiting for a certainty that is not coming. Over-trust and hesitation, from the same data, at the same moment. More information did not make the decision better. It made it heavier. A decision made in advance does not carry this weight, because it is built to state what a reading of a given confidence actually authorizes, before anyone is standing in front of it.

A program can have near-complete detection of exactly the thing it is looking for and still produce this outcome. The detection was the part they engineered. The decision was the part they left to a person standing at a gate with seconds to spare.

Capability that does not survive its own resolution path

Consider what happens when every component works exactly as designed, and capability evaporates anyway.

The alarm fires. The generalist on watch, trained for a few hours, no technical depth, there to follow a procedure, does precisely what the procedure asks: collects all the relevant information about the alarm, carefully and correctly. Then the procedure says to reach the one individual who can actually interpret that information and adjudicate it. So the resolution path runs.

And the resolution path has no awareness of its own state. It is a list: names and numbers, in order. It does not know who is reachable. It does not know who is on leave today. It does not know who actually understands this system and who has merely heard that it exists. It routes by position, not by competence.

So when the one person who can read the data is unreachable, the path does not find the next most competent node. It finds the next name. And when the names at the operator's own level run out, it escalates upward, into the chain of command, toward people who are more senior and less able to use what has been collected. The carefully gathered information, the readings and the context the generalist dutifully recorded, becomes meaningless the moment it leaves the one head that could read it. Each step up the ladder is a step away from the competence the decision requires. Eventually someone with real authority and no understanding is asked the only question that matters, do we stop everything, or not?, with data that might as well be in a foreign language.

Notice what failed here. Not the detector; it worked. Not the operator; the data was collected correctly. Not the procedure; it was followed to the letter. The program was fully functional in every component and structurally incapable as a whole, because it concentrated all real adjudication competence in a single node and then built a resolution path that could not guarantee that node, and degraded toward incompetence precisely when the node was missing.

That is capability that existed on paper and evaporated at the decision point. It is the adjudication gap in its purest form.

What this costs, and why it persists

The adjudication gap survives for an unglamorous reason: it cannot be procured. You can buy a sensor and show it on an inventory. You cannot buy a decision, and you cannot put we have thought carefully about who resolves an alarm, with what authority, on the worst night of the year onto a capabilities list. Coverage is visible to inspection. Adjudication is invisible until it is tested, and most programs are never tested in the way that would reveal it. They are tested for whether the instruments detect, not for whether the organization decides.

So the gap stays hidden, and the organization carries a belief about its own capability that the first real alarm will correct.

Coverage is not the hard part. It is the part that can be bought, measured, and shown to an inspector. The hard part is the architecture of the human moment: who decides, with what authority, against what pre-made script, along a path that routes to competence rather than to rank. That architecture is what determines whether everything upstream of it was worth the investment.

A detection program is not the sum of its instruments. It is the quality of the decision its instruments exist to deliver.

Threshold Research is the published thinking of LGE. We do not name our people or our clients; the work takes place in environments where discretion is part of the discipline. We are content to be known by our thinking.