Depending on the scope of the research agenda and the range of required skills and knowledge, some portion of the work will likely have to be outsourced. Cooperating with civil society and academia in this context is particularly relevant, as domestic or international academic institutes, think tanks, and civil society organizations may already be involved in generating relevant data and analysis. In addition, ACAs may wish to dedicate their internal diagnostic research capacities to process restricted information sources that are not open to external actors. With outsourcing, ACAs nevertheless need to have a minimum level of capacity for research design and analysis in order to manage and evaluate the quality of the research performed by other entities, and to integrate the findings into the policy formulation process.
A particular type of diagnostic, distinct from corruption measurements, is represented by corruption risk assessments, corruption vulnerability assessments, integrity assessments, and integrity audits. They are distinct in that they focus on preventing corruption by assessing systemic, institutional and procedural vulnerabilities, as well as anti-corruption safeguards, with the goal to reduce the former and strengthen the latter. Such assessments involve a detailed review of the regulatory framework, organizational set-ups and business processes to detect areas of vulnerability.