The ACH model is known especially in the Cyber domain of Threat Intelligence when trying to avoid bias of the information during the analyze phase in the CTI life-cycle.

The idea is to come to the most plausible hypothesis by mapping how likely the evidence would support the hypothesis. Instead of trying to fit evidence to a single hypothesis at a time, it is better to do the comparison all at once, as this could help in removing selection bias. This method can also help the analyst to find some hypothesis, that might not normally be considered.

The model can however also be applied with good output during an incident response or investigation engagement of a potential risk,.