Operations Security

Category Abbreviation:
Category Description:
Critical information determined to give evidence of the planning and execution of sensitive (frequently classified) government activities after going through a formal systematic vetting process in accordance with National Security Presidential Memorandum Number 28. This process identifies unclassified information that must be protected. It almost always results from an agency’s official OPSEC program, or is otherwise commonly approved for use by the  CUI Senior Agency Official.

NOTE:  Information on your organization's Critical Information List (CIL) MAY BE CUI.  It depends on what information is included in your document and how it is stated.  To use the OPSEC category, the information must be on the CIL.  But not everything on the CIL will be CUI.
Required Warning Statement:
Required Dissemination Control:


  • OPSEC planning
  • Risk assessment plan
  • Security classification guides


NSPM-28 (contact your OPSEC office for a copy)

Applicable DoD Policies

DoDD 5205-02E
DoDM 5205.02