I. INTRODUCTION

Once an adversary or competitor acquires critical information, significant harm or damage may occur to an operation or program. To acquire this damaging critical information the adversary may choose to indirectly acquire pieces of sensitive information (possibly unclassified or unclassifiable) and then infer and aggregate. Hence, it is important to protect both critical and sensitive information from adversaries. To be effective, one must first determine which information is indeed critical or sensitive. This manual presents a step-by-step procedure to aid a decision maker in determining the critical information and the sources of sensitive information for which he' has responsibility by identifying:

A. Organization
B. Operations
C. Adversaries, Goals, and Objectives
D. Generic Operation Categories
E. Critical Information Components
F. The Critical Information (an aggregation from step 5)
G. Sources of Information
H. Major Vulnerabilities
1. Sources of Sensitive Information (Indicator Categories).

Sections II and 111 contain the procedure and an example scenario, and Section IV includes tips from the discipline of Operations Security (OPSEC). The two appendices are an important reference for the procedure.

The steps for determination of Critical and Sensitive Information are:

1. Set the organizational boundaries. Determine which organization, organizations, or suborganization uses the information whose sensitivity is in question. Call this group the Organization-occasionally called the Good-Guy.

2. Determine the Operations. Determine which of the Organization's operations, projects, programs, and so forth, will be considered. One possibility is to consider all of the Organization's operations. Another possibility is to choose only one. Call the set of all of those chosen as the Operations.

In the next step, step 3, the reader is asked to determine the Adversaries. To fully understand who the Adversaries to an Operation are, the decision maker needs to know the intentions of any entity that is a possible Adversary. Because intentions (goals and objectives) usually are known only through capabilities, detailed information may be needed to understand capabilities and analyze into intentions. The decision maker may need further help in gathering and analyzing possible Adversary information to complete step 3: consultation with personnel having intelligence expertise may be in order.

3. Determine each Adversary, his Goals, and Objectives. An Operation may have several Adversaries. An Adversary ÷occasionally called the Bad-Guy÷is a group, country, set of countries, company, set of companies, and so forth whose Goals are in conflict with the Good-Guy's goals. Furthermore, an Adversary's knowledge of an objective of one of the Good-Guy's Operations might result in short-term or long-term harm or damage to the Operation or might result in short-term or long-term loss of operational effectiveness. Call these results the Adversary's Objectives.

4. Fit each combination of Operation and Adversary into the best Generic Operation Category. Appendix I has a list of Generic Categories into which an Operation might fall [Appendix I may not list all Generic Operation Categories - imagination may be required). For each combination of a Good -Guy Operation and an Adversary with a Bad -Guy Objective to impact the Operation, choose the best Generic Category. If the Operation-Adversary pair fits into several Generic Categories, choose just those Generic Categories that are really critical to the effectiveness of the Operation. If several Generic Categories of the Operation-Adversary pair are chosen, then split the Operation into Operations (same Adversary) with just one Generic Category. Appendix I may suggest additional Operations; if so repeat steps 3 and 4 for each new Operation.

The author is aware of at least three ways that the term "Critical Information " is used by OPSEC professionals. Hence, for the sake of clarity the terms "Critical Information Components" and "The Critical Information" are introduced in the next two steps. Also in the next step, the reader is asked to determine Critical Information Components of an Operation Adversary pair using Appendix II. Readers with an intelligence background will notice that these components are similar to the steps in a Hostile Intelligence Service Collection Strategy - HOIS Collection Strategy. In fact, the components listed in Appendix 11 probably look like a generalized statement of a HOIS Collection Strategy.

5. Determine the Critical Information Components of each Operation-Adversary pair. For each Operation-Adversary pair consider all those Critical Information Components (CIC) under the chosen Generic Operation Category (in Appendix 11) that actually apply to the Operation; it may be helpful to answer the following question about a possible CIC:

Could knowledge of this Critical Information Component (CIC) about this Good-Guy Operation be of value to the Adversary in causing any Bad-Guy Objectives?

The CICs in Appendix II are intended only as a guide. Do not use ClCs that do not apply to this Good-Guy Operation. There may be additional ClCs of an Generic Operation Category. Include any other ClCs that also yield a positive response to the question above. Please notice that this appendix may not always cover the situation; imagination may be required. The completed set is known as the Set of Critical Information Components (similar to HOIS Collection Strategy).

6. For each Operation, Generic Operation Category. and Adversary, do a completion check on the chosen Set of Critical Information Components and. hence, develop The Critical Information. The Critical Information for an Operation is information that, if learned by the Adversary, could cause the Objectives from step 3 (short-term or long-term harm or damage to the Operation or short term or long-term loss of operational effectiveness). To complete this step, aggregate the Critical Information Components in one sentence connected with "and's." Edit the sentence so that it is easier to read and to understand. The resulting sentence should be a statement of The Critical Information in this Operation (from this Generic Operation Category) to be kept from this Adversary. Satisfaction of the completion check requires that The Critical Information must be information that satisfies the following question:

Could knowledge of The Critical Information by the Adversary be sufficient to allow the Adversary to initiate actions that would lead to short-term or long-term harm, damage, or loss of operational effectiveness?

If the answer to this question is not yes, then additional Critical Information Components (ClCs) are needed; repeat step 5 to determine additional ClCs. Continue repeating step 5 and this step until (1) each CIC gets a "yes" response to the question in step 5 and (2) the aggregated Set of ClCs, The Critical Information, gets a "yes" response to the preceding question.

7. Determine the Sources of Information for each Operation-Adversary pair. Make a list of the "medium", "event", and "thing" Sources of Information involved in the Operations that might contain or indicate any Critical Information Components about any Operation. Call these the Sources of Information. Examples of Sources of Information are:

Media
i)radio messages (voice and data).
ii)telephone messages (voice, data, FAX),
iii) stored machine data,
iv) paper documents,
v)non-paper documents,
vi) chalk/dry/bulletin boards,
vii) interpersonal conversations including meetings.

Events
viii) predictive activities,
ix) unusual activities.

Things
x)physical signatures and profiles,
xi) physical residuals (includes odors, sounds, seismic waves, and so forth),
xii) intentional and unintentional electromagnetic emanations.

Note that, for the last five Sources of Information, the existence of the Source of Information is, in fact, really information. On the other hand, for the first seven, the information is, in some sense, embedded in or imprinted on the Source of Information.

8. Determine the Major Vulnerabilities to be protected for each Operation-Adversary pair. For each location and functional area where the Operation is conducted, list the Major Vulnerabilities (not known by the Adversary] in the safeguards system protecting the location and functional area from the Adversary (if the Adversary knows the Vulnerability, there is no need to call it "sensitive"). Particular attention should be given to access-control, personnel, and communications Vulnerabilities. Note that a Major Vulnerability exists independent of the strength of the Adversary to exploit the Major Vulnerability. Note also that successful completion of this step may require expertise in the security disciplines of Physical, Personnel, and Communications Security.

9. Finally. determine the sensitive information sources for each Operation-Adversary pair. Using each of the chosen Information Sources from steps 7 and the Major Vulnerabilities from step 8, determine those instances of that Source that indicate a Critical Information Component or a Major Vulnerability as follows:

(1) List the "event" and "thing" Sources of Information.
(2) For each "medium" Source, list that Source but specify the instances of all the "event" and "thing" Sources (again!) from step 7 and the Major Vulnerabilities from step 8.

 These identified items are the Sources of Sensitive Information (in the language of Operations Security, these are categories of "indicators") for the Operation-Adversary pair.

This concludes the procedure; an example of using this procedure follows.

A chemical company is about to start a project to develop a new plastic glove. Following is a breakout of the nine steps in the procedure to determine the critical and sensitive information about project activities that would help a competitor discover the nature of the plastic glove project.

First, the Organization is the project manager, the clerical staff, and the chemists working on the project.

Second, the Operation to be analyzed for critical and sensitive information is only this new plastic glove project even though the chemists are working on many other projects.

Third, all the other plastic glove manufacturers are Adversaries in this Operation; the Goal for each is increase their market-share by cutting into the Good-Guy Organization's market-share. Also, the following are examples of Bad-Guy Objectives against the Good-Guy Operation:

- raw materials made unavailable,
- key personnel made unavailable,
- manufacturing facilities made unusable,
- similar new product released by another manufacturer about the same time as glove release,
- major advertising campaign by another manufacturer to counteract release of the new glove, and
- saturation give-away campaign of gloves by another manufacturer to decrease initial sales.

Fourth, there are two possibilities. The Operation clearly fits Generic Category 111: "Research, Development, Testing, Evaluation (RDT&E), and Production of Sensitive Technology." Also, the lead chemist is virtually irreplaceable in this project; therefore, the Operation also fits into Generic Category Xla: "Safety of Important Personnel - Permanent Site." However, even though the safety of the chemist is extremely important, this person can be replaced (and there is an insurance policy ); therefore, Generic Category 111 is the best choice.

Fifth. from the suggested Critical information Components in Appendixing preliminary list is considered: research, development, testing, evaluation, and production project.

WHO - the company, and, in particular, the project manager, clerical staff, and chemists

TYPE - a plastic glove project

LOCATION - a suite on the third floor of Building 3 in the company's main complex in the Midwestern city of Metrotown

LOCATION'S TIME FRAME - from now until product release in six months

CONCEPTUAL DESIGN - none

CAPABILITY - thinness of the new plastic glove (The value of thinness is better tactile sensitivity, in particular for health care professionals. The new glove will probably capture the market.)

VULNERABILITY- none

BREAKTHROUGH - the use of a new catalyst, Catalyst Y. extracted from the root of a somewhat rare Philippine shrub, in the manufacturing of the plastic. (Plastic gloves manufactured with Catalyst Y are twice as thin as any known plastic glove, cost about the same, and have the same properties of gripping, strength, and so forth, as the best selling gloves.)

INTEGRATION TECHNIQUE - none

MANUFACTURING TECHNIQUE - none

QUANTITY - 20,000,000

PRICE - $1.99 per pair

TARGET MARKET - eastern United States

MARKETING STRATEGY - saturation publicity campaign

UNRELIABLE/LOST PRODUCTION - not applicable

CUSTOMER LOSS - not applicable

Next, the preceding list is reviewed for criticality relative to the following tailored question:

Could knowledge of this Critical Information Component (CIC) about the new plastic glove project be of value to any of the competitors in hurting the release and sales of the new plastic gloves?

The possible ClCs - QUANTITY - is excluded because it would not be of value to the competitors to know that the quantity of gloves produced is 20,000,000.

Sixth, aggregation of the list of Critical Information Components yields a possibility for The Critical Information:

(1) There is a research, development, testing, evaluation, and production project
(2) The project manager, clerical staff, and chemists are doing the project
(3) The project is a plastic glove research, development, testing, evaluation, and production project
(4) The location of the Organization's project is a suite on the third floor of Building 3 in the company's main complex in the Midwestern city of Metrotown
(5) Product release is in six months
(6) The product is twice as thin as any industry product
(7) Catalyst Y from the root of a somewhat rare Philippine shrub is the new feature of the manufacturing process
(8) The price will be $1.99 per pair
(9) The target market is the eastern seaboard.
(10) The marketing strategy is a saturation publicity campaign. 

The edited version of this possibility for The Critical Information is:

In the company suite the project manager, clerical staff, and chemists are engaged in the research, development, testing. evaluation, and production of a new plastic glove. The plastic glove is twice as thin as any other industry product due to manufacturing with Catalyst Y-- from the root of a somewhat rare Philippine shrub. The saturation publicity campaign of the two-dollar glove will be in six months.

Checking this possibility against the following bon:

Could knowledge by competitors of this information be sufficient to allow them to initiate actions leading to damaging our projected glove release?

yields a "YES", and the preceding is a statement of The Critical Information.

Seventh, the Sources of Information that exist due to the plastic glove project are:

 Media
(1) telephone messages,
(2) FAX messages,
(3) stored machine data stored machine data in two computers and on floppy disks,
(4) paper documents,
(5) vugraphs,
(6) chalkboards, dryboards, and bulletin boards,
(7) interpersonal conversations including meetings,

Event
(8) unusual activities, and

Thing
(9) physical residuals.

Eighth, the Major Vulnerabilities in the safeguards system protecting the suite from the competitors are:

a. Rear laboratory emergency door - Any visitor, repairperson, or so forth, could unlock this door for future or accomplice access to the lab; furthermore, there is no provision for escorts or monitoring of this door. Upon access through this door, a knowledgeable competitor could easily discover The (complete) Critical Information (an Adversary targeting the Lab probably already knows Critical Information Components 1, 2, and 3).

b. Lead scientist's alcohol problem - A competitor knowing Critical Information Components 1, 2 and 3 could join this chemist at a bar, buy drinks, and easily elicit other Critical Information Components.

Ninth, the Sources of Sensitive Information (Indicator Categories) are by category:

Event
1. delivery of packages from the Philippines,

Thing
2. manufacturing waste liquids contain traces of Catalyst Y.

Media
3. telephone messages that mention any Critical Information Component, the Philippine packages, the traces of Catalyst Y in waste liquids, the rear lab door problem, or the lead scientist's alcohol problem,

4. FAX messages that transmit any Critical Information Component, or a reference to the Philippine packages, the traces of Catalyst Y in waste liquids, the rear lab door problem, or the lead scientist's alcohol problem,

5. computers or floppy disks that store any Critical Information Component or a reference to the Philippine packages, the traces of Catalyst Y in waste liquids, the rear lab door problem, or the lead scientists alcohol problem,

6. paper documents that mention any Critical Information Component, the Philippine packages, the traces of Catalyst Y in waste liquids, the rear lab door problem, or the lead scientist's alcohol problem,

7. vugraphs that mention any Critical Information Component, the Philippine packages, the traces of Catalyst Y in waste liquids, the rear lab door problem, or the lead scientist's alcohol problem,

8. chalkboards, dryboards, and bulletin boards that mention any Critical Information Component. the Philippine packages, the traces of Catalyst Y in waste liquids, the rear lab door problem, or the lead scientist's alcohol problem, and

9. interpersonal conversations including meetings that mention any Critical Information Component, the Philippine packages, the traces of Catalyst Y in waste liquids, the rear lab door problem, or the lead scientist's alcohol problem.

This completes an example illustrating the method for determining critical and sensitive information and the sources of sensitive information. Some tips from the discipline of Operations Security (OPSEC) follow.

The discipline of operations security (OPSEC) offers the following perspectives to aid in effectively using the Sources of Sensitive Information (step 9) for protection of Critical Information Components (step 5) and their aggregation, The Critical Information (step 6):

First, in the dissemination of information in a sensitive operation, two factors surface as reasons for allowing this dissemination to an individual working on the operation: (1) "need to know" and (2) "accepted accessibility" - the realization that the individual will be exposed to the information because of physical working proximity and unacceptably high costs of resources to attempt to deny disclosure of the information.

The decision maker may want to order dissemination of (1) each Critical Information Component, (2) the time frame of protection of that Component, and (3) and Sources of Sensitive Information to each employee working on the sensitive operation with the following restriction:

Each Critical Information Component and each Major Vulnerability will be disseminated only to those workers who have a "need to know" or who the decision maker determines must be granted "accepted accessibility."

In the latter case a non-disclosure statement may be helpful.

A second tip is about the fact that timing or phasing of an operation may change the critical and the sensitive information in the operation. In particular, as the operation progresses through time, certain Critical Information Components may be discovered, exposed, leaked, and so forth; trying to protect this information afterwards may be deemed unwise. This piece of information would no longer be "critical" nor would any information referring to this former Critical Information Component be sensitive.

Also, the use of this manual gives a perspective at a "slice in time"; the decision maker may want to evaluate the operation using this manual's procedure at appropriate times during the operation.

Finally, experience has shown that the best time to start protecting critical and sensitive information is in the planning stages of an operation. This author highly recommends that the decision maker develop a plan for such protection during operation planning stages.

A useful planning technique used by Operations Security (OPSEC) practitioners is to put the different phases of the operation next to a time line. Then, as each Critical Information Component is determined, the time frame during which protection of that Component is needed is also marked. The resulting graph is a presentation of how the Critical information Components in the Operation changes over time.

Being able to effectively identify the instances of sensitive information that "mention" or "refer" to Critical Information Components, Sources of Information, or Major Vulnerabilities is not a simple task. In fact, it takes Operation Security (OPSEC) practitioners years of study and practice to become proficient in this identification (usual training also includes evaluation of Adversary strength and suggestion of countermeasures against a strong Adversary). The decision maker who needs further help in protection of critical and sensitive information should contact an OPSEC practitioner for assistance.

This appendix contains a listing of different Generic Categories of Operations. There may be additional Generic Operation Categories (please forward to the author any new Generic Categories discovered). The Organization may not do Operations from every Generic Category; consider only those included in the scope.

For each combination of a Good-Guy Operation and an Adversary with a Bad-Guy Objective to impact the Operation, choose the best Generic Category. If the Operation-Adversary pair fits into several Generic Categories. choose just those Generic Categories that are really critical to the effectiveness of the Operation. If several Generic Categories of the Operation Adversary pair are chosen, then split the Operation into Operations (same Adversary) with just one Generic Category. As an example let's say that the Operation is the protection of a General or Admiral departing an airport; one of the threats is a terrorist attack. Both Generic Categories V (Protection at Transportation Stations) and XIb (Safety of Important Personnel at a Temporary Fixed Site) apply; however, the latter is a closer statement of the Operation mission. Hence, only Generic Category Xlb would be chosen for this Operation. The Generic Operation Categories are:

I. Interception and Interdiction of Adversary (Mobile Operation)
II. Sensitive Movement of Personnel, Vehicles, or Materials (Troops, Planes, Hostage Rescue, Hostage Taking, Assassination)
III. Research, Development, Testing, Evaluation, and Production of Sensitive Technology (or Commodities)
IV. Operational Strategic or Sensitive Military Weapons
V. Protection at Transportation Stations or Nodes
VI. Communications Network Relationship
VII. Undercover Personnel
VIII. Conduct of Sensitive Negotiations
IX. Intelligence Gathering
X. Presence of Important Personnel at a Site
XI. Safety of Important Personnel
a. Permanent Site
b. Temporary Fixed Site (Conference Center. Hospital, Airport, Hotel)
c. Fixed Route Mobile Tour (and Safe Movement of Sensitive Materials)

 This appendix contains a list of possible Critical Information Components for each of the Generic Operation Categories listed in Appendix 1. It is divided into sections: a section for each Generic Operation Category followed by a list of possible Critical Information Components of that Generic Operation Category. The list may not be complete; there may be Critical Information Components for the Operation-Adversary pair that are not listed under that Generic Operation Category (please forward such discoveries to the author). Also, there may be listed Critical Information Components that are not of value to the Adversary in causing Bad-Guy Objectives to the Operation. Choose only those listed Critical Information Components for which "YES" is the answer to the question:

Could knowledge of this Critical Information Component (CIC) about this Good-Guy Operation be of value to the Adversary in causing any Bad-Guy Objectives?

Interception and Interdiction of Adversary (Mobile Operation)

1. EXISTENCE - The existence of an mobile force to intercept and interdict the adversary
2. WHO - Organizations that have an objective to intercept and interdict the Adversary
3. SCENARIOS - List of the situations involving the Adversary under which the Organization is authorized to move assets for possible interception and interdiction
4. SCENARIO DETECTION ABILITY - Capability of the Organization's surveillance system to detect one of the SCENARIOs
5. ADVERSARY IDENTITY - Organization's intelligence findings in identifying Adversary personnel and assets
6. POSITION DETECTION - Capability of the Organization's surveillance system to discover the location of the Adversary relative to a DETECTED SCENARIO
7. ASSET LOCATION - Location of the Organization's assets that could be used to intercept and interdict the Adversary
8. ASSET QUANTITY - The quantity of the Organization's assets that could be used to intercept and interdict the Adversary
9. TIME TO INTERCEPT - Amount of time needed to move assets to Adversary's DETECTED POSITION
10. CHASE SPEED - Velocity of Organization's assets during chase
11. CHASE AGILITY - Agility of Organization's assets during chase in changing directions, velocity, and so forth
12. WEAPON CAPABILITY - The capability of the Organization's weapons that could be used to interdict the Adversary
13. ACCESS CAPABILITY - The capability of the Organization to gain rapid physical access to the place where the Adversary is present
14. CAPABILITYTO DETECT SPOOFING - The capability. including sources and methods, of the Organization to detect Adversary spoofing
15. INTELLIGENCE ABOUT SPOOFING - The intelligence gathered about Adversary spoofing
16. INTERDICTION REGULATIONS - Regulations affecting the Organization's ability to interdict, confiscate, arrest, and successfully prosecute the Adversary after an Interception

Sensitive Movement of Personnel, Vehicles, or Materials (Troops, Planes, Hostage Rescue, Hostage Taking, Assassination)

1. EXISTENCE - The existence of an operation to secretly move personnel, vehicles, or materials
2. WHO - The organization to whom the personnel. vehicles, or materials belong or with whom they are associated
3. IDENTITIES - The identities of the transported items -personnel, vehicles, or materials (may need to be specific)
4. QUANTITY - Quantity of identified (previous component) transported items
5. PLANNED ROUTE TO DESTINATION - The route planned for transportation of the personnel, vehicles, or materials to the destination
6. METHOD OF TRANSPORT TO DESTINATION - Type of carrier [boat, car, plane, and so forth) for the personnel, vehicles, or materials to the destination
7. PLANNED ROUTE FROM DESTINATION - The route planned for transportation of the personnel, vehicles, or materials away from the destination
8. METHOD OF TRANSPORT FROM DESTINATION - Type of carrier (boat, car, plane, and so forth) for the personnel, vehicles, or materials away from the destination
9. IDENTITY OF TRANSPORT - Identity of particular carriers of the personnel, vehicles, or materials
10. ROUTE SECURITY - Security in place to protect personnel, vehicles, or materials along the Planned Route
11. DEPARTURE TIME - Time of departure of personnel, vehicles, or materials
12. ITINERARY - Time at which the personnel, vehicles, or materials will be expected to be points along the Planned Route
13. DESTINATION - The final destination of the moved personnel. vehicles, or materials

Research, Development, Testing, Evaluation (RDT&E), and Production of Sensitive Technology for Commodities)

1. EXISTENCE - The existence of a research, development, testing, evaluation (RDT&E), and production project of sensitive technology (or commodities)
2. WHO - Organizations who are involved in the RDT&E process
3. TYPE - The type of RDT&E product for instance, weapon, vehicle, computer, software, and so forth (wheat, beef}
4. LOCATIONS - Locations of the Organization's work areas on the RDT&E and production project
5. LOCATIONS' TIME FRAMES - Time frame during which the Organization is working on the RDT&E and production project at each LOCATION
6. CONCEPTUAL DESIGN - Engineering, science, computer science, and mathematics used as conceptual framework for the RDT&E and production project genetics)
7. CAPABILITIES - Technological (growth, resistance) capabilities of the produced RDT&E project (may be several)
8. VULNERABILITIES - Known or discovered technical vulnerabilities in the performance, effectiveness, and reliability of the RDT&E and production project
9. BREAKTHROUGHS - Technological breakthroughs in the RDT&E and production project that will make the item better or be produced faster and so forth (insecticide, growth hormone)
10. INTEGRATION TECHNIQUE - A new method of integrating two or more technologies
11. MANUFACTURING TECHNIQUE -A new or special manufacturing process for producing the sensitive technology (planting, fertilizing, applying insecticide)
12. QUANTITY PRODUCED - Quantity of particular pieces of sensitive technology produced at particular times
13. PRICE - Price or volume price of each piece of sensitive technology at particular times
14. TARGET MARKET - Prospective customers of the sensitive technology
15. MARKETING STRATEGIES - Strategies used by Organization to try to sell a sensitive technology
16. UNRELIABLE/LOST PRODUCTION - Production of the sensitive technology diminished or unreliable due to unreliability or loss of factors such as resources, suppliers, technical expertise
17. CUSTOMER LOSS - Loss of customers of the sensitive technology

Operational Strategic or Sensitive Military Weapons

1. EXISTENCE - The existence of operational strategic or sensitive military weapons
2. WEAPON LOCATIONS - Location where the Organization positions its weapon assets
3. TARGET LOCATIONS - Adversary's locations at which the Organization's weapons are targeted
4. VULNEABILITIES - Known or discovered vulnerabilities in the performance, effectiveness, and reliability of the weapons
5. TYPES - Types of strategic weapons used by the Organization against the Adversary
6. WEAPON CAPABILITY - Capabilities of each TYPE of weapon used by the Organization against the Adversary
7. QUANTITY- Quantity of each TYPE of weapon used by the Organization against the Adversary
8. TIME OF DELIVERY - The time at which weapons are delivered or fired toward the Adversary
9. DELIVERY PROCEDURES - The delivery or firing procedures for weapons used against the Adversary
10. DELIVERY CONTROL PROCEDURES - The procedures for the authorization and the procedures for the communication of the authorization for the delivery of weapons used against the Adversary

Protection at Transportation Stations

1. PORTALS - The location of each of the entrance and exit portals to the transportation media - ship, airplane, train, automobile (may be several)
2. PORTAL SECURITY - Security in place at each Portal
3. NON-PORTAL SECURITY - Security at places other than Portals
4. BAGGAGE PROCEDURES - Procedures in place to check baggage for unauthorized materials
5. OTHER CHECKING PROCEDURES - Procedures in place to check all non-baggage transported items (mail, food, and so forth) for unauthorized materials
6. BAGGAGE SECURITY - Security in place to protect baggage from unauthorized access
7. SPECIAL EQUIPMENT TYPES - The existence of special detection equipment types
8. SPECIAL EQUIPMENT LOCATIONS - The location of each type of special detection equipment
9. SPECIAL EQUIPMENT CAPABILITY - The technological detection capabilities of each type of special equipment
10. PRESENCE OF HAZMAT - The presence of hazardous materials at the station
11. LOCATIONS OF HAZMAT - The locations of hazardous materials at the station
12. HAZMAT ITINERARY - Time frame during which the hazardous materials will be at the station 

Communications Network Relationship

1. EXISTENCE - The existence of a communications net
2. NET STRUCTURE: - The existing communications links between pairs of nodes in the Network
3. POSITION OF COMMAND NODE - Identification of the Command Node from among the other nodes in the Network
4. IDENTITY OF NODES - Identity of individual members of the Network (may be several)
5. LOCATION OF NODES - Physical location of net nodes
6. NET FREQUENCIES - For radio nets, the frequencies over which the net communicates
7. NET TIME SCHEDULE - The times during which the net communicates
8. VULNERABILITY IN NETWORK - A known vulnerability in the network such as load capability
9. CAPABILITY TO DETECT SPOOFING - The capability including sources and methods, of the Organization to detect Adversary spoofing of the network
10. INTELLIGENCE ABOUT SPOOFING - The intelligence gathered about Adversary spoofing of the network

Undercover Personnel

1. EXISTENCE - The existence of an undercover personnel operation to gain information or evidence
2. TARGETED OPERATION - The specific Adversary operation targeted by the undercover personnel (counter) operation
3. AFFILIATION - The Organization for which the under cover personnel work
4. IDENTITY - The names of the undercover personnel
5. PERSONNEL IMPORTANCE - The positions of the under cover personnel
6. KNOWN INTELLIGENCE - Organization's intelligence findings about the Adversary's operations
7. COMMUNICATION SYSTEM - The method of communication of undercover personnel with superiors
8. SUPPORT SYSTEM - The support system in place to provide logistics, funds, and so forth, to undercover personnel
9. ESCAPE PLAN - Contingency plans for "blown" cover
10. UNDERCOVER REGULATIONS - Regulations or procedures affecting the Organization's ability to gather information about the Adversary, to gather evidence against the Adversary, to arrest the Adversary, and to successfully prosecute the Adversary during an undercover operation

 GENERIC OPERATION CATEGORY VIII:

Conduct of Sensitive Negotiations

1. NEGOTIATORS - Identity of negotiators
2. NEGOTIATORS' LOCATIONS - Locations of the negotiators
3. NEGOTIATORS' ITINERARY - Times at which the negotiators will be at specific locations
4. LOCATIONS' SECURITY - Security in place at the negotiators' locations
5. "BOTTOM LINE" NEGOTIATION POSTURE - The negotiation posture either generated or given to the negotiators by their superiors of the "bottom line" position
6. OTHER NEGOTIATION POSTURE - The negotiation posture, other than "bottom line," either generated or given to the negotiators by their superiors
7. DOCUMENT EXISTENCE - The existence of documents (paper, non-paper, software) containing details of the negotiation posture
8. DOCUMENT SECURITY POSTURE - The procedures, equipment, and so forth, in place to guarantee the security of the documents (paper, non-paper, software) containing details of the negotiation posture
9. INTELLIGENCE SOURCES AND METHODS - The sources and methods in place to collect intelligence about the Adversary's negotiation posture
10. INTELLIGENCE KNOWN - The previously collected intelligence about the Adversary's negotiation posture
11. CAPABILITY TO DETECT SPOOFING - The capability. including sources and methods, of the Organization to detect Adversary spoofing of Operation negotiation posture
12. INTELLIGENCE ABOUT SPOOFING - The intelligence gathered about Adversary spoofing of Operation negotiation posture

Intelligence Gathering

1. EXISTENCE - The existence of an operation to secretly gather intelligence
2. WHO - Organizations that have an objective to collect intelligence against the Adversary
3. REQUIREMENTS - List of the intelligence requirements against the Adversary against which the Organization is authorized to collect
4. COLLECTION METHODS - Methods used by the Organization against the Adversary relative to an intelligence requirement
5. VULNERABILITIES - Known or discovered vulnerabilities in the performance, effectiveness, and reliability of collection assets
6. TYPES - Types of collection assets used by the Organization against the Adversary
7. COLLECTION ASSET CAPABILITY - Capabilities of each type of collection asset used by the Organization against the Adversary
8. TARGET IDENTITY/LOCATIONS - Locations of the Adversary where collection is targeted
9. COLLECTION LOCATIONS - Location where the Organization positions its collection assets
10. TIME FRAME - Time during which collection against the Adversary is done
11. COLLECTION REGULATIONS - Regulations affecting the Organization's ability to collect intelligence against the Adversary
12. FULFILLED REQUIREMENT - The degree of fulfillment of an intelligence requirement against the Adversary
13. CAPABILITY TO DETECT SPOOFING - The capability. including sources and methods, of the Organization to detect Adversary spoofing
14. INTELLIGENCE ABOUT SPOOFING - The intelligence gathered about Adversary spoofing

Presence of Important Personnel at a Site

1. WHO - The names of the important personnel
2. IMPORTANCE - The positions of the important personnel
3. AFFILIATION - The organizations to which the important personnel belong
4. SITE - Site at which the important personnel will be present
5. SCHEDULED PLACES - Particular rooms or areas within that Site at which the important personnel are scheduled to be
6. ITINERARY - Time frame during which the important personnel will be at particular Scheduled Places

Safety of Important Personnel - Permanent Site

Possible Critical Information Components

1. WHO - The names and positions of the important personnel
2. SITE - Permanent site at which protection is planned for the important personnel
3. SCHEDULED PLACES - Particular rooms or areas within that Site at which the important personnel are scheduled to be
4. ITINERARY - Time frame during which the important personnel will be at particular Scheduled Places
5. SCHEDULED PLACES' SECURITY - Security in place at Scheduled Places to prevent harm to the important personnel

Safety of Important Personnel - Temporary Fixed Site (Conference Center, Hospital, Airport, Lodging)

1. WHO - The names and positions of the important personnel
2. SITE - Site at which protection is planned for the important personnel
3. ARRIVAL AREA - Area at the Site at which the important personnel arrive
4. ENTRANCE PORTAL - The portal at the Arrival Area at which the important personnel enter the Site facility
5. ARRIVAL TIME - Time at which the important personnel will arrive at the the Arrival Area
6. ARRIVAL AREA SECURITY - Security in place at the Arrival Area to prevent harm to the important personnel
7. EXIT PORTAL - Exit used by the important personnel when leaving the Site
8. DEPARTURE AREA - Area at the Site at which the important personnel depart
9. DEPARTURE TIME - Time at which the important personnel will depart from the Site
10. DEPARTURE SECURITY - Security in place at the Departure Area to prevent harm to the important personnel
11. SCHEDULED PLACES - Particular rooms or areas within the Site at which the important personnel are scheduled to be
12. ITINERARY - Time frame during which the important personnel will be at particular Scheduled Places
13. SCHEDULED PLACES' SECURITY - Security in place at Scheduled Places to prevent harm to the important personnel

 GENERIC OPERATION CATEGORY Xlc:

Safety of Important Personnel - Fixed Mobile Tour (and Safe Movement of Sensitive Materials)

1. WHO - The names and positions of the important personnel (kind of sensitive material)
2. PLANNED ROUTE - The route planned for transportation of the important personnel (sensitive material)
3. METHOD of TRANSPORT - Type of carrier (boat, car, plane, and so forth) of the important personnel (sensitive material)
4. IDENTITY of TRANSPORT - Identity of particular carriers of the important personnel (sensitive material)
5. VEHICLE SECURITY - Security in place to prevent unauthorized personnel from tampering with vehicles used to transport the important personnel (sensitive material)
6. ROUTE SECURITY - Security in place to protect important personnel (sensitive material) at departure, along the Planned Route, and at destination
7. DEPARTURE TIME - Time of departure of the important personnel (sensitive material)
8. ITINERARY - Time at which the the important personnel (sensitive material) will be expected to be points along the Planned Route
9. DESTINATION - The final destination of the moved important personnel (sensitive material)