This chapter looks at operations security. This is not the same as OPSEC (as used in within the military). JP(Joint Publication)JP 1-02 defines OPSEC as “a process of identifying critical information and subsequently analyzing friendly actions attendant to military operations and other activities to identify those actions that can be observed by adversary intelligence systems”.

Rather, organizational Operations Security is about maximizing the Confidentiality, Integrity and Availability of the systems used by the organization using a risk based approach. This ...