Skip to main content

Pre-Mission Worksheet


Instructions​

Responsibility: Cybercrew Lead

Prior to mission execution (post-mission planning):

  1. Retrieve crew-member scores for Personal ORM Worksheet A and Personal ORM Worksheet B
  2. Assess sortie risk factor scores using this worksheet
  3. For each HIGH and SEVERE risk factor:
    • Document the control(s) you will implement to mitigate or monitor the risk
    • Post-sortie execution, evaluate the success of the implemented control(s)
  4. Calculate the total worksheet score and use the Mission Risk Acceptance table to identify the overall risk level
  5. Notify the appropriate authorities of overall mission risk per the Mission Risk Acceptance table (brief the HIGH/SEVERE risk factors)
  6. Obtain overall risk acceptance and mission execution approval from the appropriate authorities per the Mission Risk Acceptance table (brief the HIGH/SEVERE risk factors)
note

Typically all risk factors are included in the Pre-Mission Brief, but at a minimum - all HIGH and SEVERE risk factors and mitigation controls must be included.


Mission Risk Factors​

General Risk FactorsRisk Factor Point ScaleActions Required @ SEVERE
0 - (LOW)
Green
1 - (MODERATE)
Yellow
2 - (HIGH)
Orange
3 - (SEVERE)
Red
MISSION PARTICIPATING FORCES RISKS
1 Other DCO Forces (Excluding Mission Partners and CSSPs)
  • None
  • Other CPTs
  • DoD Forces
  • Gov Agencies
  • Non-Gov Civilian Entities
  • Foreign Entities
  • Requires Control / Mitigation Plan (OSI training, non-DoD agency coordination, etc)
TIMELINE RISKS
2 Mission Planning
  • > 1 Month
  • < 1 Month
  • < 1 Week
  • < 48 Hrs
PHYSICAL ENVIRONMENT RISKS
3 Location of Personnel
  • CONUS
  • OCONUS
4 Duration of Presence (OCONUS Only)
  • ≀ 3 Weeks
  • > 3 Weeks
5 Remote Operations
  • Local Only
  • Remote Ops
6 Local Physical Threats
  • Low
  • Moderate
  • High
  • Severe
  • Requires Control / Mitigation Plan (protection measures, OSI training, etc)
7 Local Foreign Intelligence Threats
  • Low
  • Moderate
  • High
  • Severe
  • Requires Control / Mitigation Plan (protection measures, OSI training, etc)
NETWORK ENVIRONMENT RISKS
8 Complexity
  • Windows / Standard SDC User Enclave
  • Windows/Linux Server Enclave
  • Non-Standard OSs,
  • Unusual Infrastructure,
  • ICS/SCADA
  • Non-TCP/IP Networks,
  • Very Unique,
  • Fragile Infrastructures
  • Requires Control / Mitigation Plan (training / testing / backup networks, etc)
9 Environment Situational Awareness
  • Well documented (current, detailed, accurate documentation)
  • Poor awareness (old or non-existent network documentation)
10 Network/System Criticality to Mission Owner
  • Non-Operational
  • Development
  • Offline System
  • Backup Operational mission-critical system
  • Primary Operational non-mission critical system
  • Primary Operational Mission Critical System
  • Primary Operational Critical National Security System
EQUIPMENT RISKS
11 Suitability
  • Adequate Power and Hardware
  • Degraded Capability (CPU Cycles/Threads)
  • Degraded Capability (Hardware Availability)
12 Version
  • Current (Stable) Version
  • Previous Version
  • Beta Version
  • Burnable Kit, or Deviations
NETWORK SENSOR INTEGRATION RISKS
13 Sensor Installation
  • None
  • Native SPAN/TAP
  • SPAN Config/TAP Install coordinated through local change management process
  • No coordination through local change management process
  • Requires Risk Justification (Threat and Mission Criticality require expedited timeline, etc)
14 Sensor Posture
  • Intrusion Detection
  • Intrusion Prevention
HOST INTERACTION RISKS
15 Agent Installation
  • None
  • Native Agent or Pre-Installed tools for collection only
  • OS-Native Host Config changes pre-coordinated through CMB; phased testing/deployment.
  • Third-party executables run/installed and pre-coordinated through CMB; phased testing/deployment.
  • Host config changes/agents installed and not coordination through local CMB or not using phased testing/deployment best practices
  • Requires Risk Justification (Threat and Mission Criticality require expedited timeline, etc)
16 Agent Posture
  • Intrusion Detection
  • Automatic Prevention
17 Planned Interaction Methods
  • Agent-based COTS/GOTS (ie. Endgame)
  • Agent-less COTS/GOTS (ie. Metasponse)
  • Tested Scripts
  • Manual Commands
  • Untested Scripts
OTHER RISKS
18 Any other noteworthy risks identified not otherwise captured in this document. Note situation, and level of riskNote: Justification of score required

Mission Risk Acceptance​

RISK LEVEL
(Total Worksheet Score)
REQUIRED APPROVALSREQUIRED NOTIFICATIONS
0-10 (LOW)
  • OPCON (Suggest JCC or first O-6 Equivalent)
  • NONE
11-25 (MODERATE)
  • OPCON (Suggest JCC or first O-6 Equivalent)
  • Director of Operations
26-50 (HIGH)
  • OPCON (Suggest J3 or Equivalent)
  • Admin Chain through SQ/CC
β‰₯ 51 (SEVERE)
  • OPCON (Suggest J3 or Equivalent)
  • Admin Chain through OG/CC