EU AI Act Article 50 — 20 days to seal | Get passport
Co-pilot buyer activation × nurture

No-Reply Nurture Calendar

A 90-day DEFONEOS no-reply calendar for public-sector buyer threads: four useful touches, one proof object per touch, clean CRM evidence, explicit stop conditions, and no spam behaviour.

90dmax window
4touch cap
7cadence gates
0spam scripts
Use now: open this page immediately after a buyer reply or a validation request. Classify the signal, choose the smallest proof object, keep the owner gate clear, and log the action in the DEFONEOS CRM.

Why a nurture calendar exists

Silence after a first contact is normal in UK public-sector buying. The sovereign move is not to chase harder. It is to keep the record clean, send only useful updates, and stop when the buyer gives no route.

90-day no-reply calendar

WindowActionObjectCondition
Day 0Send the promised artefact only. No added sales copy.Meeting promise link or evidence-room bundle.Buyer asked for it.
Day 1If no acknowledgement, send a one-line correction opportunity.Did I capture your constraint correctly?Positive meeting only.
Day 7Send one useful public object tied to their remit.Risk register, route map, or governance crosswalk.No guilt language.
Day 14Send a route-confirmation close-out.Should I close this or route it to a colleague?No more than one cc.
Day 30Send a substantive update only if something changed.New evidence room, updated SoW, live demo improvement.Must be real new value.
Day 60Send a procurement-calendar note if relevant.Upcoming DASA, DIANA, CCS or G-Cloud timing.Public source only.
Day 90Archive politely unless the buyer engaged.Closing the loop. Happy to reopen if useful.Stop pursuit.

Useful-update library

Only send one of these if it genuinely fits the buyer remit.

Buyer remitUseful updateWhy it is safe
AI assuranceJSP 936 control-map update and evidence-room shelf.Governance evidence, no operational data.
ProcurementDSP, DASA, G-Cloud or procurement-vehicle route page.Public route guidance, owner must verify current link.
Technical ownerTechnical validation agenda and byte-verified public artefact.No classified system details.
Budget owner90-day SoW, pricing card and risk register.Draft commercial model, not a quote unless owner approves.
Civil resilience999 integration and public-source demo boundary.No personal surveillance.
Prime partnerWork-package framing and supplier-on-ramp bundle.No exclusivity or endorsement claim.

No-reply templates

Day 7 useful update
I am keeping this light. One public artefact may be useful for [buyer problem]: [single link]. If this is not in your remit, I will stop here unless you point me to the better route.

Day 14 close-out
I do not want to add noise. Should I close this record, or is there a better owner for UK-sovereign AI assurance pilots? Either answer is fine.

Day 30 substantive update
A material update since the last note: [one concrete update]. It may help your [remit] because [one sentence]. If not useful, no reply needed and I will keep the record dormant.

Day 90 archive
Closing the loop on this thread. DEFONEOS remains available as a public-source, sovereign-by-design assurance pilot route, but I will not keep chasing without a live route.

Calendar governance

The calendar is an evidence trail. It shows restraint, relevance and respect for the buyer inbox.

RuleReasonCRM evidence
Four touches maxAvoid spam and preserve trust.touch_count field.
One proof objectAvoid dumping the estate.proof_object_sent field.
One askMake response easy.next_action field.
No weekend sendsRespect public-sector cadence.scheduled_at field.
Archive at 90 daysStop stale pursuit.state DORMANT.
Manual owner sendExternal comms remain human-gated.owner_sent true or false.

Weekly nurture review

Every Friday at 16:00 BST, run this review before the next week starts.

Do-not-send list

These messages damage trust and are forbidden in the DEFONEOS lane.

Nurture queue worksheet

The nurture queue is a low-noise operating list. Each buyer has a next useful object, a stop date and a reason for receiving the next note. If the reason is weak, the note is not sent.

FieldPurposeExample
buyer_idStable record key without unnecessary personal data.dstl-ai-assurance-2026-07
last_touchPrevents accidental over-contact.2026-07-14 09:10 BST
next_useful_objectForces the message to carry value.Technical validation agenda or procurement route map.
reason_to_sendExplains why the buyer should care now.New evidence-room map or public call deadline.
stop_conditionDefines when pursuit ends.No reply after Day 90, explicit no-fit, or no named route.
owner_gateMarks whether Nick must verify or send.Yes for all external comms.

Monthly useful-object plan

The calendar below gives the owner a non-spam reason to stay visible only when there is real substance.

MonthUseful objectUse only whenStop if
JulyEvidence room, pricing card, 90-day SoW.The buyer had a first conversation or asked for proof.No authority or no remit.
AugustTechnical validation agenda and acceptance criteria builder.The buyer asked how the pilot would work.They require classified data before a route exists.
SeptemberProcurement route map and public call calendar.The buyer asked how to buy or route internally.Procurement restriction blocks the route.
OctoberGovernance update and red-line register.The buyer has an assurance function or risk concern.They asked for no further updates.
NovemberClose-out summary with one reopening condition.There has been no engagement for 90 days.Any explicit no-contact request exists.

Operator note

This additional operator note exists to make the page self-contained when opened without the rest of the DEFONEOS pack: if the owner cannot explain the next action in one sentence, the correct move is to pause, classify the buyer state again, and send nothing until the proof object is clear.

12-framework crosswalk

Use this crosswalk when the buyer asks whether the operating artefact can become assurance evidence. It keeps the page honest: designed controls are named as designed, live proof is named as live, and owner-gated claims remain gated.

FrameworkHow this page maps
EU AI ActHuman oversight, transparency, risk management, logging, technical documentation and post-market monitoring vocabulary.
GDPRData minimisation, lawful basis, purpose limitation, retention boundary, access logging and contact-note minimisation.
JSP 936UK defence AI assurance framing, safety case discipline, human responsibility, evidence pack, review gate and escalation path.
JSP 440Protective security discipline for information handling, marking, distribution and no-sensitive-data public-pilot boundary.
NIST AI RMFGovern, Map, Measure and Manage actions tied to buyer signals, evidence quality, risk owners and response cadence.
ISO 42001Management-system responsibilities, review cadence, audit trail, competence, roles and continuous improvement loop.
NIST PQCMigration-aware crypto language, no promise of final PQC certification, signature and ledger route designed for future algorithm agility.
NATO STANAGInteroperability mindset, common vocabulary, coalition-safe evidence, no national endorsement claim.
AUKUS Pillar IIDesign-compatible dual-use AI assurance language, no partnership claim without signed letter.
OSCALControl evidence can be exported into a machine-readable SSP later; this page is the human operating sheet.
Five Eyes ITAR §734.7Public-domain and open-source evidence boundary; no controlled technical data, no classified material.
C2PA 2.0Future media provenance route for screenshots, demos and proof bundles; public page links remain the low-friction evidence trail.

Honesty register

The register below is deliberately explicit so the artefact stays usable in a UK-sovereign procurement conversation without overclaiming.