Preparations for an OPSEC survey must begin well in advance of the field survey phase. The required lead time will depend on the nature and complexity of the operation and activities to be surveyed (combat operations, peacetime operational activity, etc.). Sufficient time must be allotted in the planning phase for a thorough review of pertinent documentation, for formal and informal coordination and discussions, and for the careful preparation of functional outlines. The following actions normally make up the planning phase.

1. Determine the Scope of the Survey. The scope of the survey should be defined at the start of the planning phase and be limited to manageable proportions. Limitations will be imposed by geography, time, units to be observed, funding, and other practical matters.

2. Select Team Members
   (1) Regardless of the survey's external or internal focus, the team should contain multidisciplined expertise. Survey team members should be selected for their analytical, observational, and problem solving abilities.

   (2) Since surveys are normally oriented to operations, the senior member should be selected from the operations (or equivalent) staff of the commander responsible for conducting the survey.

   (3) Typical team members would represent the functional areas of intelligence, security, communications, logistics, plans, and administration. When appropriate, specialists from other functional areas, such as transportation and public affairs, will participate.

   (4) When communications monitoring is planned as part of the survey, the monitoring group's leader should be designated as a member of the OPSEC survey team. Team members must be brought together early in the planning phase to ensure timely, thorough accomplishment of the tasks outlined below.

3. Become Familiar with Survey Procedures. Designating team members with survey experience is advantageous, but is often not possible. In such cases, team members will require familiarization with survey procedures.

4. Determine the Adversary Intelligence Threat. The adversary threat to the activities to be surveyed must be evaluated carefully and realistically. An all-source threat assessment should comprehensively address the adversary intelligence capability, taking into account not only the adversary's collection capabilities (see Appendix B ) but also the adversary's ability to exploit the collection results in a timely manner.

5. Understand the Operation or Activity to be Surveyed. The team members' thorough understanding of the operation or activity to be surveyed is crucial to ensuring the success of subsequent phases of the survey. Team members should become familiar with the operation plans, orders, standard operating procedures, or other directives bearing on the surveyed operation or activity. This initial review familiarizes team members with the mission and concept of operation and identifies most of the organizations participating in the surveyed activity (others may be identified as the survey progresses).

6. Conduct Empirical Studies
   (1) Empirical studies simulate aspects of the adversary intelligence threat and support vulnerability findings. These studies also help the survey team identify vulnerabilities that cannot be determined through interviews and observation. The results of these studies are useful to the survey team during the field or analytic phase of the survey.

   (2) An example of an empirical study is signals monitoring. Computer modeling or other laboratory simulations of the enemy threat may also be useful to the survey team. These studies are usually performed by organizations external to the one sponsoring the OPSEC survey team. Arrangements for their use should be made as far in advance of the survey as possible.

7. Develop a Functional Outline
   (1) A basic OPSEC survey technique involves the construction of a chronology of events that are expected to occur in the surveyed operation or activity. Events are assembled sequentially, thus creating a timeline that describes in detail the activities or plans of an operation or activity.

   (2) Chronologies should first be constructed for each separate functional area, such as operations, communications, logistics, or administration. This functional approach aids the team members in defining their separate areas of inquiry during the field or data collection phase of the survey. Later, the functional outlines can be correlated with each other to build an integrated chronology of the entire operation or activity (see Composite OPSEC Profile, Tab A).

   (3) After the chronology is assembled, vulnerabilities can be identified in light of the known or projected threat.

   (4) During the initial review of operation plans, orders, and procedures, individual team members can begin to develop functionally oriented outlines for their areas of interest. Initially, the outlines will be skeletal projections, in a narrative, table, or graph format, of what is expected to occur in the chronology for a particular functional area (see Tabs B through F).

   (5) Such projections can serve as planning aids for the subsequent field survey phase. For example, units and facilities associated with each of the events can be identified and geographically grouped to aid in planning the travel itinerary of team members during the field survey. Collectively, the initial functional outlines provide a basis for planning the field survey phase and constitute a basis for observation and interviews.

   (6) During the field survey phase, team members will acquire additional information through observation, interviews, and other data-collection techniques, enabling further development and refinement of the functional outlines.

   (7) Collectively, the outlines project a time-phased picture of the events associated with the planning, preparation, execution, and conclusion of the operation or activity. The outlines also provide an analytic basis for identifying events and activities that are vulnerable to adversary exploitation.

8. Determine Preliminary Friendly Vulnerabilities. After the adversary intelligence threat and the OPSEC indicators are determined, a subjective evaluation must be made of the potential friendly vulnerabilities. A vulnerability (e.g., a detectable, exploitable event) may or may not carry a security classification at the time of its identification, but such preliminary vulnerabilities must be protected from disclosure by administrative or security controls. These preliminary friendly vulnerabilities will be refined in later stages of the OPSEC survey.

9. Announce the Survey
   (1) After team members are selected and are familiar with the operation or activity to be surveyed, the organization conducting the survey should inform its subordinate and supporting organizations that a survey will be conducted so that preparations can be made to support the team during the field survey phase.

   (2) The following information should be included:

   (a) Survey purpose and scope.
   (b) List of team members and their clearances.
   (c) List of required briefings and orientations.
   (d) Timeframe involved.
   (e) Administrative support requirements.
   (f) SIGSEC monitoring support requirements (if needed).

Figure E-1. Composite OPSEC Profile for Combat Operations