Operational Security (OPSEC) defines Critical Information as:

Specific facts about friendly intentions, capabilities, and activities needed by adversaries to plan and act effectively against friendly mission accomplishment.

A vulnerability exists when:

The adversary is capable of collecting critical information, correctly analyzing it, and then taking timely action.

OPSEC as a capability of Information Operations

Denies the adversary the information needed to correctly assess friendly capabilities and intentions.

Understanding that protection of sensitive unclassified information is:

The responsibility of all persons, including civilians and contractors.

OPSEC is:

An operations function, not a security function.

All EUCOM personnel must know the difference between:

OPSEC and traditional security programs.

What action should a member take if it is believed that an OPSEC disclosure has occurred?

Report the OPSEC disclosure to your OPSEC representative or the EUCOM OPSEC PM.

OPSEC is concerned with:

Identifying, controlling, and protecting unclassified information that is associated with specific military operations and activities.

The identification of critical information is a key part of the OPSEC process because:

It focuses the remainder of the OPSEC process on protecting vital information rather than attempting to protect all unclassified information.

The purpose of OPSEC is to:

Reduce the vulnerability of U.S. and multinational forces from successful adversary exploitation of critical information.