Operations security is a process that identifies critical information to determine if friendly actions can be observed by adversary intelligence systems, determines if information obtained by adversaries could be interpreted to be useful to them, and then executes selected measures that eliminate or reduce adversary exploitation of friendly critical information.

Process

1. Identification of Critical Information: Identifying information needed by an adversary, which focuses the remainder of the OPSEC process on protecting vital information, rather than attempting to protect all classified or sensitive unclassified information.
2. Analysis of Threats: the research and analysis of intelligence, counterintelligence, and open source information
   Open source intelligence
   Open-source intelligence is a form of intelligence collection management that involves finding, selecting, and acquiring information from publicly available sources and analyzing it to produce actionable intelligence...
   
    to identify likely adversaries to a planned operation.
3. Analysis of Vulnerabilities: examining each aspect of the planned operation to identify OPSEC indicators that could reveal critical information and then comparing those indicators with the adversary’s intelligence collection capabilities identified in the previous action.
4. Assessment of Risk: First, planners analyze the vulnerabilities identified in the previous action and identify possible OPSEC measures for each vulnerability. Second, specific OPSEC measures are selected for execution based upon a risk assessment done by the commander and staff.
5. Application of Appropriate OPSEC Measures: The command implements the OPSEC measures selected in the assessment of risk action or, in the case of planned future operations and activities, includes the measures in specific OPSEC plans.

Uses

An OPSEC assessment is an intensive application of the OPSEC process to an existing operation or activity by a multidisciplined team of experts. Assessments are essential for identifying requirements for additional OPSEC measures and for making necessary changes in existing OPSEC measures. Additionally, OPSEC planners, working closely with Public Affairs personnel, must develop the Essential Elements of Friendly Information (EEFI) used to preclude inadvertent public disclosure of critical or sensitive information.

Other measures that impact OPSEC

• Communications security
  Communications security
  Communications security is the discipline of preventing unauthorized interceptors from accessing telecommunications in an intelligible form, while still delivering content to the intended recipients. In the United States Department of Defense culture, it is often referred to by the abbreviation...
  
   (COMSEC)
• Counter-intelligence
  Counter-intelligence
  Counterintelligence or counter-intelligence refers to efforts made by intelligence organizations to prevent hostile or enemy intelligence organizations from successfully gathering and collecting intelligence against them. National intelligence programs, and, by extension, the overall defenses of...
  
  
• Information security
  Information security
  Information security means protecting information and information systems from unauthorized access, use, disclosure, disruption, modification, perusal, inspection, recording or destruction....
  
   (INFOSEC)
• Signal Security (SIGSEC)
• Transmission security
  Transmission security
  Transmission security is the component of communications security that results from the application of measures designed to protect transmissions from interception and exploitation by means other than cryptanalysis...
  
   (TRANSEC)

See also

• For Official Use Only - FOUO
• Information security
  Information security
  Information security means protecting information and information systems from unauthorized access, use, disclosure, disruption, modification, perusal, inspection, recording or destruction....
  
  
• Security
  Security
  Security is the degree of protection against danger, damage, loss, and crime. Security as a form of protection are structures and processes that provide or improve security as a condition. The Institute for Security and Open Methodologies in the OSSTMM 3 defines security as "a form of protection...
  
  
• Sensitive but unclassified
  Sensitive but unclassified
  Sensitive But Unclassified is a designation of information in the United States federal government that, though unclassified, often requires strict controls over its distribution...
  
  - SBU

External links

• U.S. Government OPSEC site
• Operations Security (JP 3-13.3) PDF U.S. DoD Operations Security Doctrine
• Operations Security Professionals
• How to Conduct an OPSEC Assessment