1. General

1. OPSEC planning is accomplished through the use of the OPSEC process. This process, when used in conjunction with the joint planning processes, provides the information required to write the OPSEC section of any plan or order. OPSEC planning is done in close coordination with the overall C2W planning effort and with the planning of the other C2W components.

2. The OPSEC process consists of five distinct actions. These actions are applied in a sequential manner during OPSEC planning. In dynamic situations, however, individual actions may be revisited at any time. New information about the adversary's intelligence collection capabilities, for instance, would require a new analysis of threats.

3. An understanding of the following terms is required before the process can be explained:
   (1) Critical Information: Specific facts about friendly intentions, capabilities, and activities vitally needed by adversaries for them to plan and act effectively so as to guarantee failure or unacceptable consequences for friendly mission accomplishment.

   (2) OPSEC Indicators: Friendly detectable actions and open- source information that can be interpreted or pieced together by an adversary to derive critical information.

   (3) OPSEC Vulnerability: A condition in which friendly actions provide OPSEC indicators that may be obtained and accurately evaluated by an adversary in time to provide a basis for effective adversary decisionmaking.

1. OPSEC Action 1--Identification of Critical Information
   (1) While assessing and comparing friendly versus adversary capabilities during the planning process for a specific operation or activity, the commander and staff seek to identify the questions that they believe the adversary will ask about friendly intentions, capabilities, and activities. These questions are the essential elements of friendly information (EEFI). In an operation plan or order, the EEFI are listed in Appendix 3 (Counterintelligence) to Annex B (Intelligence).

   (2) Critical information is a subset of EEFI. It is only that information that is vitally needed by an adversary. The identification of critical information is important in that it focuses the remainder of the OPSEC process on protecting vital information rather than attempting to protect all classified or sensitive information.

   (3) Critical information is listed in the OPSEC portion of an operation plan or order. Some general categories of critical information are provided in Appendix A.

2. OPSEC Action 2--Analysis of Threats
   (1) This action involves the research and analysis of intelligence information, counterintelligence, reports, and open source information to identify who the likely adversaries are to the planned operation.

   (2) The operations planners, working with the intelligence and counterintelligence staffs and assisted by the OPSEC program personnel, seek answers to the following questions:

   (a) Who is the adversary? (Who has the intent and capability to take action against the planned operation?)

   (b) What are the adversary's goals? (What does the adversary want to accomplish?)

   (c) What is the adversary's strategy for opposing the planned operation? (What actions might the adversary take?)

   (d) What critical information does the adversary already know about the operation? (What information is it too late to protect?)

   (e) What are the adversary's intelligence collection capabilities?

   (3) Detailed information about the adversary's intelligence collection capabilities can be obtained from the command's counterintelligence and intelligence organizations. In addition to knowing about the adversary's capabilities, it is important to understand how the intelligence system processes the information that it gathers. Appendix B discusses the general characteristics of intelligence systems.

3. OPSEC Action 3--Analysis of Vulnerabilities
   (1) The purpose of this action is to identify an operation's or activity's OPSEC vulnerabilities. It requires examining each aspect of the planned operation to identify any OPSEC indicators that could reveal critical information and then comparing those indicators with the adversary's intelligence collection capabilities identified in the previous action. A vulnerability exists when the adversary is capable of collecting an OPSEC indicator, correctly analyzing it, and then taking timely action.

   (2) Continuing to work with the intelligence and counterintelligence staffs, the operations planners seek answers to the following questions:

   (a) What indicators (friendly actions and open source information) of critical information not known to the adversary will be created by the friendly activities that will result from the planned operation?

   (b) What indicators can the adversary actually collect?

   (c) What indicators will the adversary be able to use to the disadvantage of friendly forces? (Can the adversary analyze the information, make a decision, and take appropriate action in time to interfere with the planned operation?)

   (3) See Appendix C for a detailed discussion of OPSEC indicators.

4. OPSEC Action 4--Assessment of Risk
   (1) This action has two components. First, planners analyze the OPSEC vulnerabilities identified in the previous action and identify possible OPSEC measures for each vulnerability. Second, specific OPSEC measures are selected for execution based upon a risk assessment done by the commander and staff.

   (2) OPSEC measures reduce the probability of the adversary either collecting the indicators or being able to correctly analyze their meaning.

   (a) OPSEC measures can be used to:
   1. Prevent the adversary from detecting an indicator.

   2. Provide an alternative analysis of an indicator.

   3. Attack the adversary's collection system.

   (b) OPSEC measures include, among other actions, cover, concealment, camouflage, deception, intentional deviations from normal patterns, and direct strikes against the adversary's intelligence system.

   (c) More than one possible measure may be identified for each vulnerability. Conversely, a single measure may be used for more than one vulnerability. The most desirable OPSEC measures are those that combine the highest possible protection with the least effect on operational effectiveness. Appendix D provides examples of OPSEC measures.

   (3) Risk assessment requires comparing the estimated cost associated with implementing each possible OPSEC measure to the potential harmful effects on mission accomplishment resulting from an adversary's exploitation of a particular vulnerability.
   (a) OPSEC measures usually entail some cost in time, resources, personnel, or interference with normal operations. If the cost to mission effectiveness exceeds the harm that an adversary could inflict, then the application of the measure is inappropriate. Because the decision not to implement a particular OPSEC measure entails risks, this step requires command involvement.

   (b) Typical questions that might be asked when making this analysis include:

   1. What risk to effectiveness is likely to occur if a particular OPSEC measure is implemented?

   2. What risk to mission success is likely to occur if an OPSEC measure is not implemented?

   3. What risk to mission success is likely if an OPSEC measure fails to be effective?

   (c) The interaction of OPSEC measures must be analyzed. In some situations, certain OPSEC measures may actually create indicators of critical information. For example, the camouflaging of previously unprotected facilities could be an indicator of preparations for military action.

   (4) The selection of measures must be coordinated with the other components of C2W. Actions such as jamming of intelligence nets or the physical destruction of critical intelligence centers can be used as OPSEC measures. Conversely, deception and PSYOP plans may require that OPSEC measures not be applied to certain indicators in order to project a specific message to the adversary.

5. OPSEC Action 5--Application of Appropriate OPSEC Measures
   (1) In this step, the command implements the OPSEC measures selected in Step 4 or, in the case of planned future operations and activities, includes the measures in specific OPSEC plans.

   (2) During the execution of OPSEC measures, the reaction of adversaries to the measures is monitored to determine their effectiveness and to provide feedback. Planners use that feedback to adjust ongoing activities and for future OPSEC planning. Provisions for feedback must be coordinated with the command's intelligence and counterintelligence staffs to ensure the requirements to support OPSEC receive the appropriate priority. In addition to intelligence sources providing feedback, OPSEC surveys can provide useful information relating to the success of OPSEC measures.