Risk Management Process - September 11 Digital Archive

FM 100-14
Field Manual
NO . 100- 14
Headquarters
Department of the Amy
Washington. DC. 23 April 1998
Risk Management
Contents
Page
Preface ................................................................... ii
Introduction ............................................................. ...
III
Chapter 1 Risk Management Fundamentals ........................... 1-1
Background ............................................ 1-2
Principles .............................................. 1-3
Applicability ............................................ 1-4
Constraints ............................................ 1-7
Chapter 2 Risk Management Process ........................... 2-0
The Five Steps: An Overview .............................. 2-0
The Five Steps Applied ................................... 2-2
Tools and Pitfalls ....................................... 2-19
Chapter 3 Risk Management Implementation ......................... 3-0
Moral and Ethical Implications for Leaders ..................... 3-0
Responsibilities ......................................... 3-1
Integration into Training and Operations ...................... 3-7
Assessment of the Risk Management Process ................. 3-9
Appendix Examples of Risk Management Application ....... Appendix-1
Glossary ............................................. Glossary-0
References .................................................. References-0
Index .............................................................. Index- 1
DISTRIBUTION RESTRICTION: Approved for public release; distribution is
unlimited .
i

Preface
FM 100-14 applies across the wide range of Army operations. It
explains the principles, procedures, and responsibilities to
successfully apply the risk managemenf process to conserve combat
power and resources. The manual applies to both Army and civilian
personnel during all Army activities, including joint, multinational,
and interagency environments.
The manual is intended to help commanders,' their staffs,
leaders,2 and managers develop a framework to make risk
management a routine part of planning, preparing, and executing
operational missions and everyday tasks. This framework will allow
soldiers to operate with maximum initiative, flexibility, and
adaptability. Although the manual's prime focus is the operational
Army, the principles of risk management apply to all Army activities.
Army operations-especially combat operations-are demanding
and complex. They are inherently dangerous, including tough,
realistic training. Managing risks related to such operations requires
educated judgment and professional competence. The risk
management process allows individuals to make informed, conscious
decisions to accept risks at acceptable levels.
This manual is not a substitute for thought. Simply reading it will
not make one adept in building protection around a mi~sion.~ Soldiers
should compare the doctrine herein against their own experience and
think about why, when, and how it applies to their situation and area
of responsibility. If the doctrine herein is to be useful, it must become
second nature.
The proponent of this manual is HQ TRADOC. Send comments
and recommendations on DA Form 2028 directly to Commander, US
Army Training and Doctrine Command, ATTN: ATBO-SO, Fort
Monroe, VA 23651-5000.
Unless this publication states otherwise, masculine nouns and
pronouns do not refer exclusively to men.
The term commander as used herein refers to personnel in a command
position.
The term leader as used herein refers to commanders, personnel in the
chain of command (team, squad, section, platoon leader), and staff members
having personnel supervisory responsibility.
The term mission as used herein includes mission, operation, or task.
ii

Introduction
Risk management is not an add-on feature to the decisionmaking
process but rather a fully integrated element of
planning and executing operations.. . Risk management helps
us preserve combat power and retain theflexibility for bold and
decisive action. Proper risk management is a combat multiplier
that we can ill aford to squander.
General Dennis J. Reimer
Chief of Staff, Army
27 July 1995
The Army’s fundamental purpose is to fight and win the nation’s
wars. For this purpose, the country gives the Army critical resources,
including those most valuable-its sons and daughters. The Army
uses its resources to generate overwhelming combat power to fight
and win quickly, decisively, and with minimal losses. The Army’s
inherent responsibility to the nation is to protect and preserve its
resources-a responsibility that resides at all levels. Risk management
is an effective process for preserving resources. It is not an event. It
is both an art and a science. Soldiers use it to identify tactical and
accident risks, which they reduce by avoiding, controlling, or
eliminating hazards.
The Army introduced the risk management process into training,
the operational environments, and materiel acquisition in the late
1980s. Risk management was originally perceived as solely a safety
officer function. However, by the early 1990s, the Army established a
goal to integrate risk management into all Army processes and
activities and into every individual’s behavior, both on and off duty.
Since the process was introduced, the personal involvement of
commanders in preventing accidents-and their aggressive use of the
process-have become driving factors in the steady downward trend
in Army accidental losses.
Leaders must understand the importance of the process in
conserving combat power and resources. Risk management, like
reconnaissance and security, is an ongoing process that continues from
mission to mission. Within the mission, leaders must know when the
process begins and who has responsibility. It must be integral to the
military decision. The process is an important means to enhance
situational awareness.
iii

Risk Management
Risk decisions are commanders’ business. Such decisions are
normally based on the next higher commander’s guidance on how
much risk he is willing to accept and delegate for the mission. Risk
decisions should be made at the lowest possible level, except in
extreme circumstances. Training operations, including those at
combat training centers (CTCs), may be of such intensity that risk
decision are retained at a higher level.
Both leaders and staffs manage risk. Staff members continuously
look for hazards associated with their areas of expertise. They then
recommend controls to reduce risks. Hazards and the resulting risks
may vary as circumstances change and experience is gained. Leaders
and individual soldiers become the assessors for ever-changing
hazards such as those associated with environment (weather;
visibility; contaminated air, water, and soil), equipment readiness,
individual and unit experience, and fatigue. Leaders should advise
the chain of command on risks and risk reduction measures.
iv

Chapter 1
Risk Management Fundamentals
Sizing up opponents to determine victory, assessing dangers
and distances is the proper course of action for milita y leaders.
Sun Tzu, The Art of War, “Terrain”
Risk management is the process of identifying, assessing,
and controlling risks arising from operational factors
and making decisions that balance risk costs with
mission benefits. Leaders and soldiers at all levels use
risk management. It applies to all missions and
environments across the wide range of Army
operations. Risk management is fundamental in
developing confident and competent leaders and units.
Proficiency in applying risk management is critical to
conserving combat power and resources. Commanders
must firmly ground current and future leaders in the
critical skills of the five-step risk management process.
Risk is characterized by both the probability and severity
of a potential loss that may result from hazards due to the
presence of an enemy, an adversary, or some other
hazardous condition. Perception of risk varies from
person to person. What is risky or dangerous to one
person may not be to another. Perception influences
leaders’ decisions. A publicized event such as a training
accident or a relatively minor incident may increase the
public’s perception of risk for that particular event and
time-sometimes to the point of making such risks
unacceptable. Failure to effectively manage the risk
may make an operation too costly-politically,
economically, and in terms of combat power (soldiers
lives and equipment). This chapter presents the
background, principles, applicability, and constraints
relating to the risk management process.
1-1

Risk Management
BACKGROUND
Throughout the history of armed conflict, government and
military leaders have tried to reckon with the effect of casualties on
policy, strategy, and mission accomplishment. Government and
military leaders consider battle losses from different perspectives.
However, both must balance the following against the value of
national objectives:
Effects of casualties.
Impact on civilians.
Damage to the environment.
Loss of equipment.
Level of public reaction.
War is inherently complex, dynamic, and fluid. It is characterized
by uncertainty, ambiguity, and friction. Uncertainty results from
unknowns or lack of information. Ambiguity is the blurring or fog that
makes it difficult to distinguish fact from impression about a situation
and the enemy. Friction results from change, operational hazards,
fatigue, and fears brought on by danger. These characteristics cloud the
operating environment; they create risks that affect an army’s ability to
fight and win. In uncertainty, ambiguity, and friction, both danger and
opportunity exist. Hence, a leader’s ability to adapt and take risks are
key traits. Chapter 2 of FM 100-5 provides information on the
challenging circumstances of military operations during conflict.
Historically the Army has had more accidental losses, including
fratricide (friendly fire), than losses from enemy action. See Figure 1-1.
These accidental losses are the same types experienced in peacetime
World War II
1942-1 945
Korea
1950-1 953
Vietnam
1965-1 972
Desert Shield/
Storm’
1 990-1 991
Accidents
Friendly Fire
56%
1 Yo
44%
1 Yo
54%
1 Yo
75%
5%
Enemv Action 43% 55% 45% 20%
I
’These numbers include the relatively long buildup time and short
period of combat action
Figure 1-1. Battle and Nonbattle Casualties
I
1-2

FM 100-14
during training exercises. These losses are not caused by the enemy or
an adversary. Factors include-
An ever-changing operational environment.
Effects of a fast-paced, high-operational tempo (OPTEMPO) and
a high-personnel tempo (PERSTEMPO) on unit and human
performance. Examples include leader or soldier error or failure
to train or perform to standards.
Equipment failure, support failure, and the effects of the
physical environment.
PRINCIPLES
The basic principles that provide a framework for implementing
the risk management process are-
* Integrating risk management into mission planning, preparation, and
execution. Leaders and staffs continuously identify hazards and
assess both accident and tactical risks. They then develop and
coordinate control measures. They determine the level of residual
risk for accident hazards in order to evaluate courses of action
(COAs). They integrate control measures into staff estimates,
operation plans (OPLANs), operation orders (OPORDs), and
missions. Commanders assess the areas in which they might take
tactical risks. They approve control measures that will reduce
risks. Leaders ensure that all soldiers understand and properly
execute risk controls. They continuously assess variable hazards
and implement risk controls.
Making risk decisions at the appropriate level in the chain of command.
The commander should address risk guidance in his
commander’s guidance. He bases his risk guidance on
established Army and other appropriate policies and on his
higher commander’s direction. He then gives guidance on how
much risk he is willing to accept and delegate. Subordinates seek
the higher commander’s approval to accept risks that might
imperil the next higher commander’s intent.
Accepting no unnecessa y risk. Commanders compare and balance
risks against mission expectations and accept risks only if the
benefits outweigh the potential costs or losses. Commanders
alone decide whether to accept the level of residual risk to
accomplish the mission.
1-3

Risk Management
APPLICABILITY
Risk management applies to all situations and environments
across the wide range of Army operations, activities, and
processes. Risk management is useful in developing, fielding, and
employing the total Army force. Figure 1-2 summarizes the key
aspects of risk management.
DEVELOPMENT
Development concerns include force design, manpower
allocation, training and training developments, and combat and
materiel developments (equipment and weapons systems) and
battle laboratories.
Risk management assists the commander or leader in-
* Conserving lives and resources and avoiding
unnecessary risk.
Making an informed decision to implement a COA.
Identifying feasible and effective control measures where
specific standards do not exist.
Providing reasonable alternatives for mission
accomplishment.
Risk management does not-
* Inhibit the commander’s and leader’s flexibility and
in it i at ive.
Remove risk altogether, or support a zero defects
mindset.
Require a GO/NO-GO decision.
Sanction or justify violating the law.
Remove the necessity for standard drills, tactics,
techniques, and procedures.
Figure 1-2. Key Aspects of Risk Management
1 -4

FM 100-14
Force Design
Concerns include risks introduced in trade-off decisions that
involve the design and equipping of-
Tables of organization and equipment (TOE).
Modification tables of organization and equipment (MTOE).
Tables of distribution and allowances (TDA) organizations.
Manpower Allocations
Concerns include shortfalls in manning that put unit readiness
and full use of combat system capabilities at risk.
Training and Training Developments
Concerns include hazardous and critical training tasks and
feasible risk reduction measures that provide leaders with the
flexibility to safely conduct tough, realistic training.
Combat and Materiel Developments and Battle Laboratories
Concerns include providing a means to assist in making informed
trade-off decisions such as-
Balancing equipment form, fit, and function.
Balancing the durability and cost of equipment and spare parts
against their reliability, availability, and maintainability
requirements.
Determining the environmental impact.
Determining whether to accept systems with less than the full
capabilities prescribed in requirement documents and
experimental procedures.
ARs 70-1 and 385-16 and MIL-STD-882 provide details on risk
management application in the Army materiel acquisition process.
FIELDING
Fielding concerns include personnel assignments, sustainment
and logistics, training, and base operations.
Personnel Assignments
Concerns include making informed decisions in assigning
replacement personnel. For example, a risk is associated with
assigning a multiple launch rocket system crewmember as a
replacement for a tube artillery cannon crewmember.
1-5

Risk Management
Sustainment and Logistics
Concerns include enhancing one's ability to determine support
requirements, the order in which they should be received, and the
potential impact of logistics decisions on operations.
Training
Concerns include helping leaders determine the-
* Balance between training realism and unnecessary risks
in training.
Impact of training operations on the environment.
Level of proficiency and experience of soldiers and leaders.
Base Operations
Concerns include prioritizing the execution of base operations
functions to get the most benefit from available resources. Examples
include allocating resources for pollution prevention, correcting safety
and health hazards, and correcting violations of environmental
protection regulations. FM 20-400 provides specific guidance on
environmental protection in military operations.
EMPLOYMENT
Employment concerns include force protection and deployment,
operations, and redeployment.
Force Protection
Concerns include developing a plan that identifies threats and their
associated hazards and balancing resource restraints against the risk.
Deployment, Operations, and Redeployment
Concerns include-
1-6
* Analyzing the factors of mission, enemy terrain, troops, and
time available (METI'-T) to determine both tactical and accident
risks and appropriate risk reduction measures.
Determining the correct units, equipment composition, and
sequence.
Identifying controls essential to safety and environmental
protection.

FM 100-14
CONSTRAINTS
Risk management does not convey authority to violate the law-ofland
warfare or deliberately disobey local, state, national, or host
nation laws. It does not justify ignoring regulatory restrictions and
applicable standards. Neither does it justify bypassing risk controls
required by law, such as life safety and fire protection codes, physical
security, transport and disposal of hazardous material and waste, or
storage of classified material. Commanders may not use risk
management to alter or bypass legislative intent. However, when
restrictions imposed by other agencies adversely affect the mission,
planners may negotiate a satisfactory COA if the result conforms to
the legislative intent.
Risk management assists the commander in complying with
regulatory and legal requirements by-
* Identifying applicable legal standards that affect the mission.
* Idenhfymg alternate COAs or alternate standards that meet the
intent of the law.
Ensuring better use of limited resources through establishing
priorities to correct known hazardous conditions that will result
in projects with the highest return on investment funded first.
1-7

Chapter 2
Risk Management Process
First reckon, then risk
Field Marshal Helmuth von Moltke
This chapter provides the essence of the five-step risk
management process. It illustrates the application of
each step to military operations through the factors
of METT-T.
THE FIVE STEPS: AN OVERVIEW
Risk management is the process of identifying and controlling
hazards to conserve combat power and resources. The five steps of
risk management are-
Step 1. Idenhfy hazards.
Step 2. Assess hazards to determine risks.
Step 3. Develop controls and make risk decisions.
Step 4. Implement controls.
Step 5. Supervise and evaluate.
This five-step process is integrated into the military decision-making
process as shown in Figure 2-1.
FM 100-40 provides insight into the context in which the risk
management process is applied herein. Areas of particular interest in
FM 100-40 include
Solving tactical problems (Chapter 1).
The science and art of tactics (Chapter 1).
Hasty versus deliberate operations (Chapter 1).
The plan-prepare-execute cycle (Chapter 1).
Basic tactical control measures (Chapter 2).
The factors of METT-T (Chapter 2).
2-0

FM 100-14
Military Decision
Making Process
Mission Receipt
Mission Analysis
COA Development
COA Analysis
COA Comparison
COA Approval
Step 1
Identify
Hazards
X
X
X
X
Risk Management Steps
Step 2
Assess
Hazards
Step 3
Develop
Controls
Step 4
Implement
Controls
Step 5
Supervise and
Evaluate
and
Make Risk
I
Decision
I x I
Orders Production
Rehearsal’
X
X
Execution and’
Assessment
X
-
’All boxes are marked to emphasize the continued use of the risk management
process throughout the mission
X
Figure 2-1. Risk Management Steps Correlated with
Military Decision-Making Tasks
Risk decisions should be based upon awareness rather than
mechanical habit. Leaders should act on a keen appreciation for the
essential factors that make each situation unique instead of from
conditioned response. Throughout the entire operational continuum,
the commander must consider US Government civilians and contract
support personnel in his risk management process. Hazards can exist,
regardless of enemy or adversary actions, in areas with no direct
enemy contact and in areas outside the enemy’s or adversary’s
2-1

Risk Management
influence. The two types of risk that exist across the wide range of
Army operations are tactical risks and accident risks.
Tactical risk is risk concerned with hazards that exist because of
the presence of either the enemy or an adversary. It applies to all
levels of war and across the spectrum of operations.
Accident risk includes all operational risk considerations other
than tactical risk. It includes risks to the friendly force. It also
includes risks posed to civilians by an operation, as well as an
operations impact on the environment. It can include activities
associated with hazards concerning friendly personnel,
civilians, equipment readiness, and environmental conditions.
STEPS 1 AND 2
Steps 1 and 2 together comprise the risk assessment. In Step 1,
individuals identify the hazards that may be encountered in executing
a mission. In Step 2, they determine the direct impact of each hazard on
the operation. The risk assessment provides for enhanced situational
awareness. This awareness builds confidence and allows soldiers and
units to take timely efficient, and effective protective measures.
STEPS 3 THROUGH 5
Steps 3 through 5 are the essential follow-through actions to
effectively manage risk. In these steps, leaders balance risk against
costs-political, economic, environmental, and to combat powerand
take appropriate actions to eliminate unnecessary risk. During
execution, as well as during planning and preparation, leaders
continuously assess the risk to the overall mission and to those
involved in the task. Finally, leaders and individuals evaluate the
effectiveness of controls and provide lessons learned so that others
may benefit from the experience.
THE FIVE STEPS APPLIED
STEP 1. IDENTIFY HAZARDS
A hazard is an actual or potential condition where the following
can occur due to exposure to the hazard:
Injury, illness, or death of personnel.
Damage to or loss of equipment and property.
Mission degradation.

FM 100-14
Hazards are sources of danger or risks due to enemy or adversary
presence and other conditions not due to enemy or adversary
capabilities. Hazards are found in all operational environments.
Combat operations, stability operations, base support operations, and
training present unique hazards for units involved in these kinds of
missions. Hazards are identified during the first four steps of the
military decision-making process: mission receipt, mission analysis, COA
development, and COA analysis.
The ability of unit leaders and staffs to identify hazards is key. One
reality of today's missions is that the aspect of a hazard can change
rapidly. Things of little risk initially can quickly become major threats
due to unforeseen natural or man-made events. Leaders should be
aware of this possibility. Complacency to the fact that existing controls
may not continue to control hazards in rapidly changing situations
should be viewed as a hazard in itself.
The factors of METT-T provide a sound framework for identifying
hazards when planning, preparing, and executing operations. When
applying risk management to METT-T during mission analysis,
leaders and staffs should look for hazards that affect both tactical and
accident risks. They must identify all hazards that may present
significant risks to the mission.
Mission
Leaders first analyze the assigned mission. They look at the type
of mission to be accomplished and consider possible subsequent
missions. Certain kinds of operations are inherently more dangerous
than others. For example, a deliberate frontal attack, because of the
associated movement, is more likely to expose a unit to losses than
would a defense from prepared positions. Identifying missions that
routinely present great risk is imperative. Leaders also look for
hazards associated with complexity of the plan such as-
A scheme of maneuver that is difficult to understand or too
complex for accurate communications down to the lowest level.
The impact of operating under a fragmentary order (FRAGO).
Enemy
Commanders look for enemy capabilities that pose significant
hazards to the operation. For example, "What can the enemy do to
2-3

Risk Management
defeat my operation?” Common shortfalls that can create hazards
during operations against an enemy include failure to-
Assess potential advantages to the enemy provided by the
battlefield environment.
Fully assess the enemy’s capabilities.
Understand enemy collection capabilities and ,friendly
vulnerabilities to those capabilities.
Accurately determine the enemy’s probable COAs.
Plan and coordinate active ground and aerial reconnaissance
activities.
Disseminate intelligence about the enemy to lower levels.
Identifying terrorist threats and capabilities.
Intelligence plays a critical part in identifying hazards associated
with tactical risk. Intelligence-preparation-of-the-battlefield (IPB) is a
dynamic staff process that continually integrates new information and
intelligence that ultimately becomes input to the commander’s risk
assessment process. Intelligence assists in identifying hazards during
operations by-
* Identifying the opportunities and constraints the battlefield
environment offers to threat and friendly forces.
Thoroughly portraying threat capabilities and vulnerabilities.
Collecting information on populations, governments, and
infrastructures.
FMs 34-130 and 34-60, respectively, provide detailed information on
IPB and on counterintelligence operations and multidiscipline
counterintelligence analysis.
Terrain and Weather
In addition to those due to the enemy or adversaries, the most
obvious hazards to military operations are due to terrain and weather.
Terrain and weather affect the type of hazard encountered. When the
enemy uses terrain to his advantage, the risk is clearly tactical. The
aspects of terrain and weather may create situations where accident
risks predominate. When looking at this from a purely mission
perspective, familiarity of the unit with the terrain and its associated
environment must be paramount. Basic issues include-
* How long the unit has operated in the environment and climate.
Whether the terrain has been crossed before.
2-4

FM 100-14
Terrain. The five main military aspects of terrain-ubservation and
fields offire, cover and concealment, obstacles, key terrain and decisive terrain,
and avenues of approach (OCOKA)-can be used to identify and assess
hazards impacting on friendly forces. Chapter 2 of FM 100-40 has
details on OCOKA. The terrain analysis includes both map and on-theground
reconnaissance to identify how well unit capabilities and
mission demands can be accommodated by the terrain.
Observation and fields offire. Hazards associated with this usually
involve when the enemy will be able to engage a friendly unit and
when friendly unit weapons capabilities allow it to effectively
engage the enemy.
Cover and concealment. Hazards associated with cover and
concealment are created by the enemy’s ability to place direct or
indirect fire on friendly forces.
* Obstacles. Hazards associated with obstacles may be accident or
tactical. They may be due to natural conditions such as rivers or
swamps or man-made such as minefields or built-up areas.
Key terrain and decisive terrain. Hazards are a marked advantage
terrain provides to the enemy if he controls such terrain or
denies its use to friendly forces.
Avenues of approach. Hazards associated with avenues of
approach can affect both tactical and accident risks. Such
hazards include conditions where an avenue of approach
impedes deployment of friendly combat power or where it
supports deployment of enemy combat power.
Weather . Weather works hand-in-hand with terrain to create
hazards. To identify weather hazards, leaders and soldiers must
assess the impact on operating systems. Mistakes include not
considering the-
* Adverse effects of heat and cold hazards on the performance
of soldiers.
Effects of climate and weather on maintenance of vehicles and
equipment before beginning an operation.
Hazardous effects of weather on the five military aspects
of terrain.
2-5

Risk Management
Troops
Leaders analyze the capabilities of available friendly troops.
Associated hazards impact both the soldier and unit. Key
considerations are level of training, manning levels, the condition and
maintenance of vehicles and equipment, morale, availability of
supplies and services, and the physical and emotional health of
soldiers. Leaders and soldiers must be vigilant to the fact that hazards
in these areas can adversely affect a mission, even when all tactical
considerations point to success. Mission failure can be caused by-
* Hazards to the physical and emotional health of soldiers. Inadequate
sanitation facilities, water purification capabilities, medical
attention, and evacuation capabilities are key hazards that can
arise from incomplete logistical planning. Care of troops requires
long-range projections of all classes of supply, with close
monitoring of mission changes that could impact availability or
depletion of supplies. When beginning an operation immediately
upon arriving in theater, hazards include not implementing
measures to help soldiers overcome fatigue or acclimatize them to
the geographical area and associated climate.
Hazards to task organization or units participating in an operation.
Hazards include how long units have worked together under a
particular command relationship. During stability operations,
task organizations may change often. Hazards include poor
communication, unfamiliarity with higher headquarters SOPS,
and insufficient combat power to accomplish the mission.
Hazards associated with long-term missions. Long-term missions
include nation building, peacekeeping, or insurgency/
counterinsurgency operations. Hazards associated with these
missions include the turmoil of personnel turnover, lack of
continuity of leadership, inexperience, and lack of knowledge of
the situation and the unit’s operating procedures. An especially
insidious hazard is critical-skills atrophy that results from not
performing METL-related missions.
Time Available
The hazard is insufficient time to plan, prepare, and execute
operations. Planning time is always at a premium. Leaders routinely
apply the one-third/two-thirds rule to ensure their subordinate units
are given maximum time to plan. Failure to accomplish a mission on
2-6

FM 100-14
time can result in shortages of time for subordinate and adjacent units
to accomplish their mission.
Civilians
The commander’s legal responsibility is to consider hazards to,
and safeguarding of, civilians in his area of operations. Civilians
include nongovernmental organizations (NGOs), private voluntary
organizations (PVOs), US Government civilians, foreign national
civilians, the media, and dislocated civilians put at risk by military
operations. The commander must consider hazards that can occur
across the range of operations, such as-
* In a wartime environment. The commander must consider the
hazard of collateral damage which may result in creating
new adversaries.
In a peacetime environment. The commander must consider the
political attitudes and previous actions of civilians in identifying
hazards to friendly forces and the populace itself.
Adversaries are hostile elements other than the enemy that may be
encountered during any operation. They present additional hazards.
They may be organized opposition or individuals that challenge
authority. They may include such diverse elements as rioters,
criminals, rogues, or gangs that might want to harass a peace
enforcement mission.
STEP 2. ASSESS HAZARDS
Step 2 completes the risk assessment. Risk is the chance of hazard
or bad consequences. This step examines each hazard in terms of
probability and severity to determine the risk level of one or more
hazardous incidents that can result from exposure to the hazard. This
step is conducted during three steps of the military decision-making
process-mission analysis, COA devebpment, and COA analysis. This
step is also conducted after controls are developed.
The incident must be credible in that it must have a reasonable
expectation of happening. The end result is an estimate of risk from
each hazard and an estimate of the overall risk to the mission caused
by hazards that cannot be eliminated. Leaders must also assess the
risk to civilians posed by the operation. They may need to assess the
operations’ impact on the environment. This step is conducted in
three substeps.
2-7

Risk Management
Substep A
Leaders and staffs assess each hazard in relation to the probability
of a hazardous incident. The probability levels estimated for each
hazard may be based on the mission, COAs being developed and
analyzed, or frequency of a similar event. Figure 2-2 provides a
summary of the five degrees of probability. The letters in parentheses
following each degree (A through E) provide a symbol for depicting
probability. For example, the letter A representsfrepent probability.
Single item
Fleet or inventory of
items
Individual soldier
All soldiers exposed
Occurs very often in service life. Expected to occur
several times over duration of a specific mission or
operation. Always occurs.
Occurs continuously during a specific mission or
operation, or over a service life.
Occurs very often in career. Expected to occur several
times during mission or operation. Always occurs.
Occurs continuously during a specific mission or
operation.
Single item
Fleet or inventory of
items
Individual soldier
All soldiers exposed
Occurs several times in service life. Expected to occur
during a specific mission or operation.
Occurs at a high rate, but experienced intermittently
(regular intervals, generally often,).
Occurs several times in career. Expected to occur during
a specific mission or operation.
Occurs at a high rate, but experienced intermittently.
Single item
Fleet or inventory of
items
Individual soldier
All soldiers exposed
Occurs some time in service life. May occur about as
often as not during a specific mission or operation.
Occurs several times in service life.
Occurs some time in career. May occur during a specific
mission or operation, but not often.
I Occurs sporadically (irregularly, sparsely, or sometimes).
Figure 2-2. Hazard Probability
2-8

FM 100-14
Single item
Fleet or inventory of
items
Individual soldier
All soldiers exposed
Occurs in service life, but only remotely possible. Not
expected to occur during a specific mission or operation.
Occurs as isolated incidents. Possible to occur some time
in service life, but rarely. Usually does not occur.
Occurs as isolated incident during a career. Remotely
possible, but not expected to occur during a specific
mission or operation.
Occurs rarely within exposed population as isolated
incidents.
Single item
Fleet or inventory of
items
Individual soldier
All soldiers exposed
Occurrence not impossible, but can assume will almost
never occur in service life. Can assume will not occur
during a specific mission or operation.
Occurs very rarely (almost never or improbable). Incidents
may occur over service life.
Occurrence not impossible, but may assume will not occur
in career or during a specific mission or operation.
Occurs very rarely, but not impossible.
Substep B
Substep B addresses the severity of each hazard. It is expressed in
terms of-
Degree of injury or illness.
Loss of or damage to equipment or property.
Environment a1 damage.
Other mission-impairing factors such as lost combat power.
The degree of severity estimated for each hazard may be based on
knowledge of the results of similar past events. Figure 2-3 provides a
summary of the four degrees of hazard severity. The Roman numerals
in parentheses following each degree (I through IV) provide a
convenient symbol for depicting severity. For example, I represents
the catastrophic degree of severity.
2-9

Risk Management
CATASTROPHIC (I)
CRITICAL (11)
MARGINAL (111)
NEGLIGIBLE (IV)
Loss of ability to accomplish the mission or
mission failure. Death or permanent total
disability (accident risk). Loss of major or
mission-critical system or equipment. Major
property (facility) damage. Severe
environmental damage. Mission-critical
secu r i ty failu re. Unacceptable collateral
damage.
Significantly (severely) degraded mission
capability or unit readiness. Permanent
partial disability, temporary total disability
exceeding 3 months time (accident risk).
Extensive (major) damage to equipment or
systems. Significant damage to property or
the environment. Security failure.
Significant collateral damage.
Degraded mission capability or unit
readiness. Minor damage to equipment or
systems, property, or the environment. Lost
day due to injury or illness not exceeding 3
months (accident risk). Minor damage to
property or the environment.
Little or no adverse impact on mission
capability. First aid or minor medical
treatment (accident risk). Slight equipment
or system damage, but fully functional and
serviceable. Little or no property or
environmental damage.
Figure 2-3. Hazard Severity
Substep C
In this substep leaders and staffs expand what they understand
about probable hazardous incidents into estimates of levels of risk for
each identified hazard and an estimate of the overall risk for the
operation. Estimating risk follows from examining the outcomes of
Substeps A and B; that is, both the probability and severity of
hazardous incidents. This substep is more art than science. Much
depends on the use of historical lessons learned, intuitive analysis,
2-1 0

FM 100-14
experience, and judgment. Uncertainty can arise in the assessment of
both the probability and severity of a hazardous incident. Uncertainty
results from unknowns about a situation; from incomplete, inaccurate,
undependable, or contradictory information; and from unforeseen
circumstances. Therefore, assessment of risk requires good judgment.
Figure 2-4 is a standardized matrix that can be used to assist in this
process. Leaders and staffs enter the estimated degree of severity and
probability for each hazard in Substeps A and B from the severity row
and probability column, respectively. The point where the severity
row and probability column intersect defines the €eve1 of risk. For
example, if the hazard is estimated to have a critical severity (11) and a
Zikely probability (B), the level of risk is high (H).
Figure 2-5 provides a summary of the levels of risk. It also
provides examples of hazardous incidents for each risk level. Several
examples illustrate the trade-off between tactical and accident risks.
Probability
Severity
Frequent
A
Likely Occasional Seldom Unlikely
B C D E
Catastrophic
I
Critical
II
Marginal
111
Negligible
IV
M L L L L
E - Extremely High Risk
H - High Risk
M - Moderate Risk
L - Low Risk
Figure 2-4. Risk Assessment Matrix
2-1 1

Risk Management
E - Extremely High: Loss of ability to accomplish the mission if hazards
occur during mission. A frequent or likely probability of catastrophic loss
(IA or IB) or frequent probability of critical loss (HA) exists.
Example: A commander finds that one of his implied tasks to attack an
objective involves crossing a normally shallow riverbed. After looking at
the factors of METT-T, he discovers that three days of intense rain have
raised the water level to rise above flood stage, with currents far in
excess of his ability to safely ford with armored vehicles. After
discussing COAs with his staff, he determines the accident risk is
extremely high because of the likely probability and catastrophic
severity of losing vehicles and killing soldiers. His conclusions are
based on his experience with and knowledge of fording armored
vehicles under the existing conditions of water depth and current
speed.
H - High: Significant degradation of mission capabilities in terms of the
required mission standard, inability to accomplish all parts of the
mission, or inability to complete the mission to standard if hazards
occur during the mission. Occasional to seldom probability of
catastrophic loss (IC or ID) exists. A likely to occasional probability
exists of a critical loss (IlB or IIC) occurring. Frequent probability of
marginal losses (I I IA) exists.
Example: During a preplanned ambush, the leader discovers that the
force he intends to ambush has significantly more combat power than
his own force can accommodate. He realizes that he could only detay
rather than destroy the enemy. He knows his casualty estimates would
be very high if the enemy reorganized and counterattacked. He also
knows that the size of the enemy force could seriously impact adjacent
units conducting a movement to contact. He determines the situation is
high risk because he estimates (based on his training and experience)
there is a likely probability of the enemy reor anizing and
counterattacking and the severity of loss to his unit wou B d be critical.
M - Moderate: Expected degraded mission capabilities in terms of the
required mission standard will have a reduced mission capability if
hazards occur during mission. An unlikely probability of catastrophic
loss (IE) exists.The probability of a criticalloss is seldom (IID). Marginal
losses occur with a likely or occasional probability (IIIB or IIIC). A
frequent probability of negligible (IVA) losses exists.
Example: A commander in a defensive position receives a warning order
to be prepared to counterattack if the enemy attacks again. He chooses
to use pre-positioned ammunition caches to support his defense, as
opposed to moving his ammunition resupply forward by truck. He
determines that the severity of not having an immediate resupply of
ammunition available during the counterattack will have a criticalimpact
on his combat power. He realizes that if the enemy forces him to
abandon his forward positions, the severity of the loss of his
Figure 2-5. Levels of Risk
2-1 2

FM 100-14
ammunition caches will critically impact his combat power. He
considers that his unit is deployed in excellent defensive positions. He
has repelled two attacks that resulted in the destruction of an estimated
50 percent of the enemy’s combat power. He receives information that
the probability of the enemy attacking is likely; but that the probability
of the enemy being reinforced and attacking in overwhelming force is
remote (seldom). The commander concludes that the risk of conducting
a counterattack with limited ammunition is greater than the moderate
risk of the enemy pushing him back.
L - Low: Expected losses have little or no impact on accomplishing the
mission. The probability of critical loss is unlikely (IIE), while that of
marginal loss is seldom (HID) or unlikely (HIE). The probability of a
negligible loss is likelyor less (IVB through (WE).
Example: A mechanized task force (TF) conducting a movement to
contact in a desert environment is overtaken by nightfall before
reaching its limit of advance (LOA). The terrain along the axis of
advance is flat and open. Visibility is about 800 meters under a clear sky
illuminated by a full moon. Estimates put the enemy, which has been
hastily withdrawing for the past three days, at approximately 30 percent
strength. Contact has been iight with no defensible terrain along the
TF’s axis. The TF commander considers all the factors. In addition, the
TF is 100 percent operational in using night vision devices. The TF
commander estimates that it is unlikely that his unit will incur losses of
critical severity by being surprised by the enemy or lose critical combat
power due to an accident. He estimates the risk to his force in
continuing a nighttime movement is low
Figure 2-5. Levels of Risk (continued)
STEP 3. DEVELOP CONTROLS AND MAKE RISK DECISIONS
Risk management is the recognition that decision making
occurs under conditions of uncertainty. Decisions must remain
consistent with the commander’s stated intent and offer a good
expectation of success. The risk-taking skill requires
competency as a prerequisite.
FM 100-7, Decisive Force:
The Army in Theater Operations, May 1995
Step 3 is accomplished in two substeps: develop controls and
make risk decisions. This is done during the COA development, COA
analysis, COA comparison, and COA approval of the military
decision-making process.
Substep A - Develop Controls
After assessing each hazard, leaders develop one or more controls
that either eliminate the hazard or reduce the risk (probability and/or
2-1 3

Risk Management
severity) of a hazardous incident. When developing controls, they
consider the reason for the hazard not just the hazard itself.
Types of ControlGontrols can take many forms, but fall
into three basic categories-educat ional controls, physical controls,
and avoidance.
EducationaZ controls. These controls are based on the knowledge
and skills of the units and individuals. Effective control is
implemented through individual and collective training that
ensures performance to standard.
Physical controls. These controls may take the form of barriers
and guards or signs to warn individuals and units that a hazard
exists. Additionally, special controller or oversight personnel
responsible for locating specific hazards fall into this category.
Avoidance. These controls are applied when leaders take positive
action to prevent contact with an identified hazard.
Criteria for Contro?bsbe effective, each control developed
must meet the following criteria:
Suitability. It must remove the hazard or mitigate (reduce) the
residual risk to an acceptable level.
FeasibiZity. The unit must have the capability to implement
the control.
Accqtability. The benefit gained by implementing the control
must justify the cost in resources and time. The assessment of
acceptability is largely subjective. Figure 2-6 gives criteria for
determining acceptability of controls for each identified hazard.
Support
Standards
Tra i n in g
Leadership
Individual
Availability of adequate personnel, equipment,
supplies, and facilities necessary to implement a
suitable controls.
Guidance and procedures for implementing a control
are clear, practical, and specific.
Knowledge and skills are adequate to implement a
control.
Leaders are competent to implement a control.
Individual soldiers are sufficiently self-disciplined to
implement a control.
2-1 4
Figure 2-6. Criteria for Determining Acceptability of Controls

FM 100-14
Examples of Control &amples of controls include-
Engineering or designing to eliminate or control hazards.
Selecting a COA that avoids identified hazards.
Limiting the number of people and the amount of time they are
exposed to hazards, consistent with mission requirements.
Selecting personnel with appropriate mental, emotional, and
physical capabilities.
Providing protective clothing, equipment, and safety and
security devices.
Providing such services as adequate sanitation facilities and
water purification capabilities.
Providing warning signs and signals.
Scheduling vehicle and aircraft silhouette drills.
Planning training, including rehearsals, rock drills, battle drills,
and so forth.
Programming communications links for key civilian organizations.
Establishing battlefield controls such as areas of operations and
boundaries, direct fire control measures, fire support
coordination measures, rules of engagement, airspace control
measures, bridge classification, traffic control, and so forth.
Developing terrorist attack warning systems and response plans.
The key is to specify who, what, where, when, and how each
control is to be used. For example-
Planning and scheduling intensive threat and friendly vehicle
identification refresher training for all antiarmor and air defense
weapons crews before the mission reduces the probability of
engaging a friendly vehicle or aircraft (fratricide).
Programming installation of crashworthy passenger seats in the
UH-60 Blackhawk, when mission circumstances do not indicate
their removal, can reduce the severity of injuries in crashes.
Requiring soldiers to wear flak vests and helmets during
movement to contact, or when riding in vehicles in areas where
enemy fire is likely, can reduce the probability and severity of a
wound from small arms fire or fragments.
2-1 5

Risk Management
Establishing strong continuity documents and planning overlap
tours for key leaders facilitate smooth transitions during
extended operations.
Residual Riskonce the responsible leader develops and
accepts controls, he determines the residual risk associated with each
hazard and the overall residual risk for the mission.
Residual risk is the risk remaining after controls have been
selected for the hazard. Residual risk is valid (true) only if the
controls for it are implemented. As controls for hazards are
identified and selected, the hazards are reassessed as in Step 2
and the level of risk is then revised. This process is repeated until
the level of residual risk is acceptable to the commander or leader
or cannot be further reduced. See Figures A-3 through A-5.
Overall residual risk of a mission must be determined when more
than one hazard is identified. The residual risk for each of these
hazards may have a different level, depending on the assessed
probability and severity of the hazardous incident. Overall
residual mission risk should be determined based on the incident
having the greatest residual risk. Determining overall mission risk
by averaging the risks of all hazards is not valid. If one hazard has
high risk, the overall residual risk of the mission is high, no matter
how many moderate or low risk hazards are present.
Substep B - Make Risk Decision
A key element of the risk decision is determining if the risk is
justified. The commander must compare and balance the risk against
mission expectations. He alone decides if controls are sufficient and
acceptable and whether to accept the resulting residual risk. If he
determines the risk level is too high, he directs the development of
additional controls or alternate controls, or he modifies, changes, or
rejects the COA.
Leaders can use the risk assessment matrix in Figure 2-4-in
conjunction with their commanders’ guidance-to communicate how
much risk they are willing to delegate. For example, a commander may
place constraints on his subordinates that restrict their freedom of action
to accept risk in instances where the risk might imperil his intent, his
higher commander’s intent, or a critical capability of the unit.
2-1 6

FM 100-14
STEP 4. IMPLEMENT CONTROLS
Leaders and staffs ensure that controls are integrated into SOPS,
written and verbal orders, mission briefings, and staff estimates. The
critical check for this step, with oversight, is to ensure that controls
are converted into clear, simple execution orders understood at all
levels. Implementing controls includes coordination and
communication wit h-
Appropriate superior, adjacent, and subordinate units and those
executing the mission.
Logistics Civil Augmentation Program (LOGCAP) organizations
and civilian agencies that are part of the force.
The media, NGOs, and PVOs must be included in coordination when
their presence impacts or is impacted by the force.
Leaders must explain how supervisors will implement controls.
Examples of control implementation include-
Conducting vehicle and aircraft silhouette drills.
Conducting rehearsals, rock drills, battle drills, and so forth.
Conducting intensive threat and friendly vehicle
identification refresher training for all antiarmor and air
defense weapons crews.
Conducting orientation for replacement personnel.
Installing and maintaining communications :links for key
civilian organizations.
Operating in convoys of four vehicles minimum.
Carrying weapons and wearing flak jackets and helmets when
outside secure compounds.
STEP 5. SUPERVISE AND EVALUATE
Leaders must supervise the execution of their orders. The more
untrained the troops, the more detailed this supervision must be.
Infantry in Battle, 1939
During mission preparation and execution, leaders must ensure
that their subordinates understand how to execute risk controls.
Leaders continuously assess risks during the conduct of operations,
2-1 7

Risk Management
especially during long-term missions. Leaders maintain situational
awareness. They guard against complacency to ensure that risk
control standards are not relaxed or violated. To gain insight into areas
needing improvement, leaders must continuously evaluate their
units’ effectiveness in managing mission risks.
Supervise
Leaders supervise mission rehearsal and execution to ensure
standards and controls are enforced. Techniques may include spotchecks,
inspections, situation reports and brief-backs, buddy checks,
and close supervision. During the mission, leaders continuously
monitor controls to ensure they remain effective. They mod* them as
necessary. Leaders and individuals anticipate, idenw, and assess new
hazards to implement controls. They continually assess variable
hazards such as fatigue, equipment serviceability,, and the environment.
Leaders mod* controls to keep risks at an acceptable level.
During sustained operations, leaders continue planning to ensure
that controls emplaced at the beginning of the mission apply to
changes in the operation’s current situation and to hazardous
conditions. Leaders must maintain an extraordinary degree of
discipline. They must avoid complacency, which can result from
boredom and overconfidence. Leaders must ensure that soldiers do
not relax their vigilance due to performing repetitive tasks-despite
changing roles and missions, unit turbulence and turnover, and
declining skills. Leaders maintain a close ovenvatch on controls put in
place to reduce risks over a prolonged period. For example, during
stability operations, land mine hazards may not be solved in the near
term, but may require continual attention. Other examples of longterm
hazards that may be encountered include-
Climatic extremes.
NBC and hazardous waste contamination.
Diseases native to a particular area of operation or indigenous
population.
Terrorist threats.
Evaluate
After a mission, leaders and individuals evaluate how well the
risk management process was executed. They-
Determine how to ensure that successes are continued to the
next mission.
2-1 8

FM 100-14
Capture and disseminate lessons learned so that others may
benefit from the experience.
Consider the effectiveness of the risk assessment in identifying
and accurately assessing the probability and severity of hazards
that resulted in mission degradation.
Determine whether the level of residual risk of each hazard and
of the overall mission were accurately estimated.
Evaluate the effectiveness of each control in reducing or
removing risk, including whether controls were effectively
communicated, implemented and enforced.
Leaders and individuals determine why some controls were
ineffective and what should be done when the hazard is encountered
again. A control may be altered; the way it is implemented or
supervised may be changed to make it effective; or a completely
different control may be more effective. Leaders must energize the
system to fix systemic problems that hinder combat effectiveness.
Figure 2-7 shows that the risk management process continues
throughout a mission as well as from mission to mission. It is
integral to the military decision-making process. Its application
requires good judgment and intuitive analysis borne of confidence,
experience, and situational awareness.
TOOLS AND PITFALLS
The appendix provides examples of risk management tools to
help leaders assess identified hazards, develop controls, and make
risk decisions. The tools should be tailored to suit particular situations
and missions. The examples in Figures A-3 through A-5 are tools to
manage risk at the tactical level. The example in Figure A-6 is a tool to
manage risk at the operational level. Units may develop additional
tools suitable for their needs.
Units train to a standard. They operate and train regardless of the
degree of real or perceived difficulty. Risk reduction begins with
commanders identifying their METLs. Commanders use the risk
management process to assess the degree of risk related to each METL
their unit must perform. From this assessment, risk reducing standard
operating procedures evolve.
Figure A-7 provides an example of risk management
considerations integrated into a mission training plan (MTP) task.
2-1 9

Risk Management
-
Step 2. Assess Hazards
Estimate
probability
I Step 5. Supervise and Evaluate I
11 Supervise 1 I) 1 Evaluate 1 I
'. '
Estimate
severity
h 1
Determine risk level for
each hazard and overall
8
I
'#I
Step 4. Implement Controls I ---: *;
.,
Step 3. Develop Controls and
Make Risk Decision
Develop
controls
Determine residual risk
level for each hazard
and overall residual
mission risk'
Make
decision
'As controls for hazards are identified and selected the hazards are
reassessed as in Step 2
Figure 2-7. Continuous Application of Risk Management
2-20

FM 100-14
Pitfalls arise when risk management tools are used without
adaptation to the factors of METT-T. Using a standardized risk
assessment card or checklist may be of some value initially in the
mission analysis and COA development or in cases where a routine
task is performed in an unchanging environment or static situation.
However, such a tool used alone will not likely identify all hazards for
every mission in a changing operational environment.
Completing the risk assessment alone, but failing to identify
effective controls, usually results in a GO or NO-GO decision based on
the initial risk. If the risk assessment does not accurately identify the
hazards and determine the level of residual risk, the leader is likely to
make his risk decision based upon incomplete or inaccurate
information. If the risk assessment places missions in a routine, lowrisk
category, the commander may not be informed of a risk decision
resulting in an accepted risk level that could imperil his or his higher
commander’s intent or other affected organizations. The risk
management process is intended to provide reasonable controls to
support mission accomplishment without exposing the force to
unnecessary residual risk.
2-2 1

Chapter 3
Risk Management Implementation
It is imperative to develop twenty-first century leaders who
trust their subordinates’ abilities and judgment. Such leaders
must be willing to underwrite their subordinates’ honest errors
and coach them on to excellence, without tolerating
incompetence or laxity. We must recognize that Army leaders
are not perfect, and that activity at the ragged edge of audacity
sometimes leaves debris in its wake.
GEN William W. Hartzog
Commanding General
US Army Training and Doctrine Command
This chapter presents the moral and ethical
implications of risk management. It outlines essential
responsibilities and considerations necessary to
effectively integrate and assess risk management
within the Army. Leaders should tailor these essentials
to develop specific how-to procedures suited to their
circumstances , available resources , and mission.
MORAL AND ETHICAL IMPLICATIONS
FOR LEADERS
To be successful, risk management must be underwritten by the
chain of command. Leaders should not expect that all missions will be
accomplished with zero defects-free from errors, flaws, or less-thanperfect
performance. Demanding such rigid standards leads to
oversupervision and paralysis; it produces timid leaders, afraid to
make tough decisions in crisis and unwilling to take risks necessary
for success in military operations. A zero defects mindset creates
conditions that will lead inevitably, in the larger sense, to failure in
battle and higher casualties. Leaders are morally bound to support a
subordinate’s decision to accept risks that are within his commander’s
intent and guidance, as he understands it.
Leaders accept that things may go wrong, even with the certain
knowledge that a subordinate has done all within his power to
prevent an incident. In such an event, the leader steps forward and
3-0

FM 100-14
accepts the responsibility along with his subordinate. Furthermore,
risk management does not justify taking actions to facilitate an
unethical or immoral action. FM 22-100 addresses the moral and
ethical aspects of protecting the force within the overall framework of
how to apply leadership at all levels to meet mission requirements.
Everyday as we respond to the nation’s needs, we expose our
soldiers to hazards in uncertain and complex environments. We
do this with the full knowledge that there are inherent risks
associated with any military operation. The nature of our
profession will not allow for either complacency or a cavalier
acceptance of risk.
General Dennis J. Reimer
Chief of Staff, Army
RESPONSIBILITIES
One critical task for all operations is minimizing risk. Every military
plan must make this a priority. It is an inherent part of every mission
and a basic responsibility of commanders. Whether for training or
operational deployments, commanders issue clear risk guidance.
Minimizing risk-eliminating unnecessary risk-is the responsibility of
everyone in the chain of command. This responsibility runs from the
highest commander, through his subordinate leaders, to the soldier.
The commander and his staff must look at tactical risks and
accident risks. They use the same risk management process to manage
both types. Commanders-with the assistance of their leaders and
staffs-manage accident risks. Commanders determine how and
where they are willing to take tactical risks.
Leaders and soldiers at all levels are responsible and
accountable for managing risks by ensuring that hazards and
associated
.
risks are-
Identified during planning, preparation, and execution of
operations.
Controlled during preparation and execution of operations.
Soldiers are responsible for executing risk controls to standards. They
must continuously assess variable hazards such as fatigue, equipment
serviceability, and the environment. They must take care of one
3-1

Risk Management
another and make risk decisions consistent with the higher
commander’s guidance.
Sometimes commanders are not properly advised in situations
where the assumption of risk may affect or imperil their units, the
intent of their higher commander, or the operations of an adjacent
unit. This is most often attributed to-
* The risk denial syndrome in which leaders do not want to know of
the risk.
A staff member who believes that the risk decision is part of his
job and does not want to bother his commander or section leader.
A subordinate who does not fully understand the higher
commander’s guidance.
Complacency-outright failure to recognize a hazard or the
level of risk involved, or overconfidence in one’s abilities or the
unit’s capabilities to avoid or recover from a hazardous incident.
Use of a standardized risk assessment tool, such as a risk
assessment card, that is not tailored to the unit’s mission or
adapted to the factors of MET-T and which may put missions
in the routine low-risk category.
COMMANDERS
The commander directs the organization and sets priorities and
the command climate (values, attitudes, and beliefs). Successful
preservation of combat power requires embedding risk management
into unit behavior. This requires commitment and creative
leadership-innovative planning, careful management. It also
requires the chain of command’s demonstrated support of the risk
management process. Only then will the Army begin to capture the
full power of risk management. Commanders establish a command
climate favorable for risk management integration by-
3-2
* Demonstrating consistent and sustained risk management
behavior through leading by example-habitually doing risk
management-and actively participating throughout the risk
management process.
Providing clear guidance, when appropriate, on where or what
risk to accept.

FM 100-14
Obtaining and providing to subordinates the necessary assets to
control risk.
Knowing their own limitations, their leaders’ and soldiers’
limitations, and their unit’s capabilities.
Preventing a zero-defects mindset from creeping into their
command’s culture.
Allowing subordinates to make mistakes and learn from them.
Demonstrating full confidence in subordinates’ mastery of their
trade and their ability to execute a chosen COA.
Keeping subordinates informed; consulting with subordinate
leaders before making a decision, if feasible.
Listening to subordinates.
Commanders are responsible and accountable for their own
actions and those of units under their charge. Commanders must
weigh the repercussions of casualties, damage to the environment,
and loss of equipment. They must also consider the level of public
reaction to loss against national, strategic, operational, or tactical
objectives. Commanders are also responsible for keeping soldiers
from falling into complacency. During sustained operations in
particular, complacency can creep in as a result of accepting the status
quo. For example, a unit can be deployed for several months and
nothing may happen. The unit then gets very satisfied with itself and
its performance. It gets conditioned to its initial circumstances-being
well-armed, well-equipped, well-disciplined, and well-trained. It
thinks it has risks under control and does not need to change. Such
complacency, and the associated loss of situational awareness, can
result in leaders and soldiers taking a gamble instead of a prudent
risk. A risk is the accepted result of an informed decision; a gamble is
an uninformed bet or guess on a hopeful outcome. Leaders and
soldiers must clearly understand the difference.
Command is often exercised in conditions of uncertainty and
ambiguity, where violence, danger, fear, and friction abound, and
under the ever present time constraints driven by OPTEMPO. Risk
decisions are frequently required by and dependent on the immediate
situation. Judgment is required; a formula, rule, or checklist, by itself,
is not appropriate under such circumstances.
Avoiding the zero-risk mindset requires the exercise of positive
leadership. The commander’s approach to managing risk should be
3-3

Risk Management
through empowering leaders by pushing risk decisions as far down
the chain of command as feasible within the next higher commander’s
guidance. Commanders must insist that subordinates exercise their
freedom of action to act decisively and aggressively to complete
assigned missions and promote success of the larger force.
Subordinates must consider hazards outside their assigned
responsibilities that impact the mission. The result is to encourage
coordination and communication-laterally and up and down the
chain of command. This requires and encourages initiative, which
demands well-trained, determined, disciplined soldiers.
Risk management is a two-way street. It is important that those
involved in mission preparation and execution be fully aware of the
amount of command involvement and actions necessary to control or
remove hazards. The higher commander’s guidance specifies the
degree of damage or risk to subordinate units that he is willing to accept
during the current operation. Subordinates ensure they understand and
implement their commander’s intent and guidance. If, during the
planning process, the accident and/or tactical residual risk exceeds that
which the higher commander is willing to accept, the subordinate
informs his commander. He requests the resources necessary to mitigate
the risk. If, during mission execution, the subordinate determines the
risk is too great, he directs the development of additional or alternate
controls or modifies or changes the COA. He should notify his next
higher commander of his decision. Requiring subordinates to report to
the higher commander when a risk decision point is reached during
mission execution can result in paralysis.
The objective of managing risk is not to remove all risk, but to
eliminate unnecessary risk. Commanders conduct tough, realistic
training, knowing that they may put lives and property at risk in the
course of military operations. Nothing is worth the cost of a life as the
result of taking unnecessary risk. If an action will result in an
unacceptable risk, measures should be taken to mitigate it. If the risk
cannot be mitigated to an acceptable level, the action should not be
executed. Circumstances may occur during mission execution when a
decision to stop and defer execution of the operation should be made
to avoid taking unwarranted risk. Such a situation will generally occur
at the tactical level. For example, circumstances may determine if a
trade-off between maintaining the momentum of the attack or risking
fratricide or serious accidents is justified. For example, during the
deployment of TF Eagle to Bosnia-Herzegovina, there was pressure to
3-4

FM 100-14
complete the Sava River bridge as quickly as possible. The
commander assessed the situation and decided to call for a short rest
period because his soldiers were tired and getting careless.
Consequently, they completed the bridge ahead of schedule under the
most difficult conditions imaginable and without injuries.
LEADERS
Many of the tasks identified for commanders apply to all leaders.
Leaders’ specific responsibilities in managing risk include-
* Establishing clear, feasible risk management policies and goals.
Conducting detailed planning within time constraints; assessing
each mission and task in terms of its risk; continuously
reassessing risk as the mission and conditions change and
experience is gained.
Making informed risk decisions and establishing and clearly
communicating risk guidance.
Training the risk management process. Ensuring subordinates
understand the who, what, where, when, how, and why of
managing risk and how the process applies to their
circumstances and assigned responsibilities.
Examining how subordinates manage risk and how soldiers
protect themselves.
Supervising and evaluating the unit’s execution of risk controls
during the mission to correct areas needing improvement.
Advising his chain of command on risks and risk-reduction
measures.
Providing subordinates with feedback on their performance and
ways to improve.
Assessing the effectiveness of their unit’s risk management
program.
Capturing and disseminating lessons learned to ensure they are
continued from mission to mission so that others may benefit
from the experience.
3-5

Risk Management
STAFFS
The chief of staff or executive officer is responsible for supervising
integration of risk management across the staff. He coordinates
development of risk reduction controls with emphasis on
deconflicting controls that affect multiple functional areas and
adjacent units. The staff officer helps the commander eliminate
unnecessary risks by-
* Analyzing his functional area and applying risk management
during the military decision-making process.
Iden-g
constraints in the higher commander’s risk guidance.
Including hazards and their risks in the mission analysis briefing.
* Including a risk assessment for the commander’s estimate.
Considering the risk assessment in the operations estimate.
Including risks and recommending ways to reduce their impact
in the staff estimate.
Implementing risk controls by coordinating and integrating
them into the appropriate paragraphs and graphics of the
OPORD and into products such as SOPS and OPLANs.
Establishing procedures and standards that are clear and
practical.
Determining the effectiveness of hazard/risk controls and
c on t inu o u s 1 y a s s e s s in g their sui tab i li t y, f e a s i b i 1 it y, an d
acceptability.
Supervising, evaluating, and assessing the integration of risk
management during an operation.
Continuously identifymg hazards, assessing initial and residual
risks for each hazard, recommending control measures to reduce
the risk to the force.
Identifying and assessing hazards associated with complacency,
especially during extended operations, and recommending
appropriate actions to the commander.
At the operational level, staffs focus on hazards and their risks across
the spectrum of protecting the force
3-6

FM 100-14
INDIVIDUALS
The level of expertise and maturity of the individual influence his
proficiency in managing risk. Managing risk is subjective because its
basis is individual judgment. Young soldiers are routinely charged
with executing hazard controls and risk reduction measures. By
nature, some them are impulsive risk takers. Their limited experience,
coupled with an infallible attitude, can significantly increase the level
of risk they are willing to accept. Their sense of indestructibility,
motivation (esprit de corps), and willingness to achieve the mission at
any cost also play a part.
Some soldiers and individuals ignore existing standards and
improvise their own. Due to inexperience or complacency, they
become susceptible to-
* Overestimating their ability to respond to or recover from a
hazardous incident-they become overconfident.
Underestimating the level of risk posed by a hazard.
It is imperative that individuals understand and execute controls
implemented by leaders and staffs.
Individuals must maintain situational awareness and selfdiscipline
when they perform their duties. They must-
Understand and apply risk management.
Execute controls directed by their leaders, that is, perform to
standards.
Carry risk management over into training and activities-both
on and off duty.
Look out for others-anyone has authority to halt something
that is inherently unsafe.
INTEGRATION INTO TRAINING
AND OPERATIONS
ARFOR commanders/leaders must continuously employ risk
management approaches to efectively preclude unacceptable
risks to personnel and property, including protecting forces
preparing for or en route to combat.
FM 100-7, Decisive Force: The Army in Theater Operations,
May 1995
3-7

Risk Management
Integrating risk management into training and operations-
* Preserves the lives and well-being of everyone.
Conserves equipment, facilities, environmental resources, and
combat power.
Risk management must not be treated as an afterthought. It must be
planned for up front. Leaders and managers of materiel acquisition,
base operations, and industrial operations must budget risk control
costs up front at the level of expected payback over the duration of the
activity, or the life cycle of materiel/weapons system.
When integrating risk management into sustained operations,
leaders must consider increases in turbulence, personnel turnover,
critical skill atrophy, and mission development. Leaders must
continuously assess-
* The complexity of mission development and associated
changing interrelationships with other agencies.
The inclusion of civilian contractors, for example, LOGCAP, as
part of the force.
The presence of the media, NGOs, and PVOs.
These diverse elements need to be integrated into the risk
management process.
Two key considerations relevant to managing risk in complex
operational environments include-
3-8
* Understanding the culture of the indigenous population or
society and its way of doing business. Leaders should respect
their way of life and not interfere with local customs. Such
interference could risk damage to relationships and increase the
potential for introducing instability into the local society.
Leaders must not, however, intentionally allow these
considerations to endanger their force or its mission.
The dynamics of managing risk and the way the leader and his
subordinates manage risk. Leaders manage risk by-
- Having the right combination of well-trained, disciplined,
well-armed, and well-equipped forces.
- Issuing clear guidance to minimize risk.
- Determining and implementing risk controls for carrying
out the mission.

FM 100-14
- Maintaining situational awareness, especially of
vulnerabilities.
- Avoiding unnecessary accident risk.
Risk management works best when incorporated into existing
command training and operational planning cycles. They then act as
risk management tools and provide for-
* Development of policy, goals, objectives, and priorities in the
commander’s quarterly training guidance.
The commander’s training assessment, by identifying hazards
and risk controls.
Systematic observation and assessment of the unit’s risk
management performance and feedback into the training
management cycle and SOPS.
Leaders and soldiers must have the skills, knowledge, and
attitude to effectively manage risks inherent in all operations. Effective
training helps soldiers become proficient. It qualifies them technically
and tactically, and as leaders, to accomplish the mission without
unnecessary risk.
Doctrine developers must integrate risk management into planning
for all Army processes, especially the training management cycle
defined in FMs 25-100 and 25-101. Unit leaders and their staffs must
continually assess and evaluate the integration of risk management into
short-, near-, and long-term training plans. They must continually
review METLs to ensure that training is supported by realistic risk
management objectives. In the past, unprepared or improperly trained
units paid a high price for veteran status. The Army must learn from
past experiences if it is to avoid repeating such losses.
ASSESSMENT OF
THE RISK MANAGEMENT PROCESS
To assess the risk management process is to determine a unit’s
current level of proficiency in implementing the process. The term
assessment, as discussed here, differs from evaluation as used in
Step 5 of the process. Evaluation is used to measure demonstrated
ability to accomplish specified objectives within a discrete
operation or exercise. Assessment, as used here, also differs from
3-9

Risk Management
the aspect of assessing hazards for probability and severity, as
addressed in Step 2 of the process.
How well risk is managed affects readiness. Leaders need to know
the current status and effectiveness of their organization’s risk
management program. They self-assess their unit’s effectiveness in
managing risk in order to gain insight into areas for improvement and
get feedback on subordinates’ understanding and application of risk
guidance. The assessment objectives are to determine how-
* Effectively risk management is embedded into planning and
preparing for operations.
Well risk management is understood by subordinate leaders and
soldiers.
Effectively risk management is used to execute operations.
Leaders assess the effectiveness of their units by reviewing how
well hazards are identified and risk controls are-
. Specified in oral and written OPORDs, OPLANs, and SOPS.
Communicated to lowest level of chain of command.
Included in short-, near-, and long-term training plans.
Implemented into training and activities on and off duty.
Embedded into protect-the-force programs such as safety and
health and antiterrorism.
Part of after-action reviews and fed into lessons learned.
Risk management cannot be seen as a competitive program
whereby a unit or leader is judged or compared in a competitive sense.
Focus is strictly on both reduction of risk and risk behavior.
Take calculated risks. That is quite diferentfiom being rash.
General George S. Patton, Jr.
3-1 0

Appendix
Examples of Risk Management Application
The examples in this appendix are designed to help
those charged with managing risk.
TRACKING TOOL
The work sheet instructions are in Figure A-1.
Block
4 - D Self explanatory
E
F
G
H
I
J
K
Identify task relating to the mission or task in Block A
Identify Hazards - Identify hazards by reviewing MET-T factors for
the mission or task. Additional factors include historical lessons learned,
experience, judgment, equipment characteristics and warnings, and
environmental considerations.
Assess Hazards - Assessment includes historical lessons learned,
intuitive analyses, experience, judgment, equipment characteristics and
warnings, and environmental considerations. Determine initial risk for each
hazard by applying risk assessment matrix (Figure 2-4). Enter the risk level
for each hazard.
Develop Controls - Develop one or more controls for each hazard
that will either eliminate the hazard or reduce the risk (probability
and/or severity) of a hazardous incident. Specify who, what, where, why,
when, and how for each control. Enter controls.
Determine Residual Risk - Determine the residual risk for each
hazard by applyin the risk assessment matrix (Figure 2-4). Enter the
residual risk level s or each hazard.
Implement Controls - Decide how each control will be put into
effect or communicated to the personnel who will make it happen (written or
verbal instruction; tactical, safety, garrison SOPS, rehearsals). Enter controls.
Determine Overall MissionlTask Risk - Select the highest residual
risk level and circle it. This becomes the overall mission or task risk level.
The commander decides whether the controls are sufficient to accept the
level of residual risk. If the risk is too great to continue the mission or task,
the commander directs development of additional controls or modifies,
changes, or rejects the COA.
Supervise and Evaluate - This last step is not on the worksheet.
Plan how each control will be monitored for implementation (continuous
supervision, spot-checks) and reassess hazards as the situation changes.
Determine if the controls worked and if they can be improved. Pass on
lessons learned.
~~
Figure A-I. Risk Management Work Sheet Instructions
Appendix-1

Risk Management
The work sheet (Figure A-2) provides a starting point to logically
track the process of hazards and risks. It can be used to document risk
management steps taken during planning, preparation, and execution
of training and combat missions and tasks.
..
a
5
P
I!!
n
a
c
t2
6
i
I
QZij
a .-
E&
E
F
a
CI
t2
m
Y
u)
F
L
0
E
0
.-
.-
a
u)
u)
a
Append i x-2
u:
Y
u)
F
CJ
I
I
Figure A-2. Sample Risk Management Work Sheet

FM 100-14
Examples provided in Figures A-3 through A-6 should help
individuals manage risk at the tactical level.
h
n
E
n n h
E E E
Y
u)
F
w
Figure A-3. Example of Completed Risk Management Work Sheet
for SquadPlatoon
Appendix-3

Risk Management
xx
xx
5
-
n n
5 5 f
Y
a, a, a,
n
E
E
d. a, d. a,
P U
U
s J
s
E
a,
-0
s
m
n
E
L
0 a
a
Y
u)
F
rri
-
Figure A-4. Example of Completed Risk Management Work Sheet
for Com panyneam
Appendix-4

FM 100-14
i
n
J
W
6
J
- 0
cn
n
d.
6
-I
n
J
W
J
i
Y
v)
F
rri
Figure A-5. Example of Completed Risk Management Work Sheet
for Battalionnask Force
Appendix-5

-r
X
Risk Management
i
xx
xx
00
$$
66
LDO
t-90
Om
00
77
00
\i d
-
5
z
h
z
h
S
.- 0
e
la
v)
Figure A-5. Example of Completed Risk Management Work Sheet
for Battalionnask Force (continued)
Appendix-6

FM 100-14
I
i
n
W
W
xx
xx
00
88
.- b
.- c
v)
0
a
2
2
6
E
Z
c
v)
a
J
J C
(d
E.
i
0
Figure A-5. Example of Completed Risk Management Work Sheet
for B att al io nnas k Force (con t i n ued)
Append ix-7

~
Risk Management
7
Y
v)
w
Figure A-6.
Example of Completed Risk Management Work Sheet
for Division/Corps/EAC Task Force
Appendix-8

FM 100-14
i
O
Appendix-9

Risk Management
Figure A-6. Example of Completed Risk Management Work Sheet
for Division/Corps/EAC Task Force (continued)
Appendix-1 0

FM 100-14
MISSION TRAINING PLAN
Figure A-7 shows risk management integrated into an MTP task.
The example portrays a possible method for integrating the risk
management process and products into MTPs. The text in bold italics
indicates suggested areas in which to integrate risk management.
TASK C2 THE BATTALION (7-1-1901)(FM 7-20)
ITERATION: 1 2 3 4 5 (circle)
TRAINING STATUS: T P U (circle)
CONDITION: The brigade issues an OPORD or FRAGO
TASK STANDARD :
a. The battalion plan accomplishes the directed mission and
specified tasks according to the brigade commander’s
concept and intent. The plan is received and understood
by the leadership of the battalion, who makes the plan
successful. It is coordinated with higher, adjacent, and
supporting elements.
b. The plan is as fully prepared as time allows to initiate the
mission at the directed time.
c. The battalion controls and synchronizes subordinate and
supporting elements so that it accomplishes the mission and
preserves the force. Include commander‘s risk guidance.
d. The battalion keeps higher, adjacent, subordinate,
supporting, and supported headquarters informed of
essential information key to controlling the battle or
making required decisions.
I
SUBTASKS AND STANDARDS: GO NO-GO
+l. Battalion leaders issue the warning order.
a. A complete warning order is issued within 15 minutes of
receipt of the brigade order.
b. Warning order is received by all platoons within 45
minutes of issuance of battalion warning order.
+ Critical task.
* Leader task.
Figure A-7. Integration of Risk Management into MTP Task
Appendix-1 1
I

~~ ~
Risk Management
*2. Battalion commander analyzes mission and gives
initial guidance.
a. Guidance includes restated mission, which includes
brigade commander’s intent for battalion and identifies all
specified and implied tasks.
b. Guidance is given within 30 minutes of receipt of order.
c. Guidance includes instructions on information
requirements and initially required preparation actions
(movement, resupply) to start. Guidance includes chain of
command authorized to accept risk (extremely high, high,
moderate, and low) aflecting higher command’s intent,
resources, or adjacent units’ missions.
+3. Battalion accomplishes reconnaissance and other
actions to gather needed information.
a. Reconnaissance actions begin to physically gain
information on the enemy and terrain as early as possible.
b. Commander conducts a personal reconnaissance, when
possible. If not, the commander conducts a detailed map
reconnaissance.
c. Subordinate leaders perform a personal reconnaissance
when possible. See subordinate company (ARTEP 7-10-
MTP) and platoon (ARTEP 7-8-MTP) T&EOs.
d. Staff coordinates with subordinate, higher, supporting,
and adjacent headquarters to gather information for
planning. Stag analyzes mission to identify hazards.
e. Staff provides operations, intelligence, and CSS estimates
to include all critical METT-T factors and risk assessment
r
considerations (identified hazardslrisks).
+4. Battalion commander develops and wargames
courses of action and selects one.
Figure A-7. Integration of Risk Management into MTP Task
(continued)
Appendix-I 2

~
FM 100-14
a. Tactically feasible courses of action (include CS and
maneuver) are made and wargamed with the available
staff (commander, S3, and FSO are best for quick planning
sequences; XO, S2, engineer, S4, s 3 ( Safe ADA officer
are best in more deliberate situations). Each course of
action contains assessment of hazards, risk level, and
control measures identifed to lower or control the risk.
b. Best COA is selected.
c. COA is wargamed and refined by the command and staff.
The staff must understand the concept to produce a sound
OPORD and rehearse. The stafcontinually assesses the
situation to identify new hazards, assess the risk from
each hazard, develop acceptable control measures, and
reassess for residual risk to the mission. COA should pose
minimum risk to soldiers, equipment, and mission
accomplishment. Risk acceptance decisions for the COA
are made at the appropriate level in the chain of command.
*5. Staff develops an OPLAN and OPORD from the
commander’s guidance.
*6. Battalion commander and staff issue implementing
FRAGOS (accident risk controls) .
-
1 *7. Battalion commander issues the OPORD/FRAGO. I
a. OPORD/FRAGO is issued IAW the one-third, two-thirds
rule and makes full use of daylight time.
b. OPORD/FRAGO accomplishes all directed missions and
tasks, complies with the brigade commander’s intent,
controls r&&is,doctrinally sound. It is based on
evaluator judgment and on comparison of brigade and
battalion OPORDs.
-~ ~
Figure A-7. Integration of Risk Management into MTP Task
(continued)
Appendix-1 3

Risk Management
c. All subordinate and supporting elements receive the
OPORD/ FRAGO.
d. OPORD/FRAGO contains task organization, mission,
concept, accident risk controls, intent for maneuver,
supporting fires, and obstacles; missions and tasks for each
subordinate; fire support and CSS instructions; and
coordinating instructions to synchronize the efforts of
maneuver forces and CS.
e. If more time is available, the battalion commander issues a
fully developed OPORD (although an initial FRAGO may
be issued to allow subordinates to begin preparation and
followed by a full OPORD.)
f. Order is given at a location that reduces travel time, allows
observation of the zone/sector, and promotes OPSEC.
(Depending upon the METT-T factors, observation of the
zone/sector may not be possible.)
g. Battalion commander should perform brief-backs and war
gaming, to include identifying hazards and control
measures, immediately after the order to improve
subordinate understanding and reaction.
h. Subordinate leaders and staff should perform lateral
coordination before leaving the orders site.
+8. Commander and staff coordinate and refine the plan.
a. Time is well used to continue gathering information and to
improve the plan (contingency plans, hazard identification
and controls, fire plans) .
b. New information is disseminated and coordinated with
higher, adjacent, and supporting headquarters to include-
Changes or refinements in plan.
Information on the enemy in the sector or zone.
Figure A-7. Integration of Risk Management into MTP Task
(continued)
Appendix-I 4

FM 100-14
Information that impacts on planning and execution
(risk acceptance decisionslhazard controls) of
subordinate elements.
Adjustments/changes in the plans.
1
+*9. Battalion executes changes in task organization.
a. Main CP coordinates link-up location, time, and
responsible element.
b. Attachments/new elements are received at the
coordinated location and time; updated on current
situation, OPORDs, and SOIs; and resupplied.
c. Detachments reach the link-up point at the time and place
direct e d .
+*lo. Battalion performs and commander and staff
perform, supervise, and monitor preparations.
a. Command group/XO performs brief-backs with
subordinate commanders, leaders, and key staff.
b. Main CP maintains status of preparations.
c. Elements make full use of time to prepare for the
operation. Subjective judgment of the evaluator is
based on the analysis of preparation charts and
available preparation time.
1 +*11. Battalion sees the battlefield. I
a. Command group is positioned to see and move.
b. Companies and other subordinates accurately report
critical information on actions and changes in combat
status within five minutes. See subordinate MTPs.
c. Main CP collects, analyzes, and passes processed critical
information.
d. Subordinates execute intelligence collection plan. See
Figure A-7. Integration of Risk Management into MTP Task
(continued)
Appendix-I 5

Risk Management
subordinate element MTPs. Subordinates integrate the
risk management process when developing plans and
executing tasks.
+*12. Battalion leaders command and control the
execution .
a. Subordinate elements report enemy and friendly actions,
change in status, and any other factor that would require
change within three minutes.
b. Battalion leaders win the battle by directing the maneuver
of units, controlling direct and indirect fires, properly
integrating risk management into planning, preparation,
and execution, and directing other CS actions to cope with
new METT-T/risk factors. Indicators are:
(1) Elements not following OPLAN and OPORD
are corrected.
(2) Responses to new METT-T hazards are directed
soon after the new situation occurs.
(3) No friendly casualties inflicted by friendly direct
or indirect fires or other accidents.
(4) Number/percentage of direct fire weapons
engaging the enemy.
(5) Number/percentage of indirect fire rounds fired
and percentage hitting/suppressing the enemy.
(6) Number of enemy casualties.
(7) Number of friendly casualties.
c. The C2 and CSS assets are controlled to support maneuver
effort. Indicators are-
(1) Effective CSS and C2.
(2) C2 or CSS elements not destroyed by enemy
direct fires.
d. FRAGOs are clear, concise, incZude risk management, and
are quickly executed by subordinates.
Figure A-7. Integration of Risk Management into MTP Task
(continued)
Appendix-1 6

~~~~ ~ ~
~~
~~~~~
FM 100-14
e. Changes that affect the battle are disseminated within
five minutes.
I
+13. Subordinate commanders, leaders, and staff
laterally coordinate actions during the battle.
All battle actions requiring coordination between elements
are coordinated.
+*14. Battalion coordinates with adjacent and
supporting headquarters.
All battle actions requiring coordination with other
headquarters are laterally and promptly coordinated.
I
+*15. Battalion reports.
Battalion CPs submit all critical and required reports to
brigade. They report events to adjacent and supporting
elements that impact on them in time for those units to react.
They advise the chain of command, as appropriate, on risks
and risk-reduction measures.
Figure A-7. Integration of Risk Management into MTP Task
(continued)
I
Appendix-I7

Glossary
AAR
ADA
ARFOR
ARTEP
assessment
base operations
support
BASOPS
C2
COA
Cof s
combat power
controls
CP
css
CTC
after-action review
air defense artillery
army forces headquarters
Army Training and Evaluation Program
an analytical process to determine an
organization’s current levels of proficiency
on a specific objective (for example, a training
objective or risk management
implementation) (CJCSM 3500.03)
the provision of administrative and logistical
services; includes supply operations,
maintenance of materiel, personnel support,
base services and administrative services
rendered by or through activities of the
supporting installation
base operations support
command and control
course of action
chief of staff
the total means of destructive and/or
disruptive force that a military unit or
formation can apply against an opponent at a
given time; a combination of the effects of
maneuver, firepower, protection, and
leadership
actions taken to eliminate hazards or reduce
their risk
command post
combat service support
combat training center
Glossary-0

FM 100-14
danger
EAC
evaluation
exposure
FM
FRAGO
fratricide
friction
FSO
G3
hazard
inherently
dangerous
IPB
IR
exposure or vulnerability to harm or risk; the
balance between the chance or probability of
a hazardous incident and the result of the
hazardous incident
echelons above corps
the process used to measure the
demonstrated ability to accomplish specified
objectives such as training within a discrete
event or exercise (CJCSM 3500.03);
measurement of the demonstrated ability of
soldiers or units to perform a task and
supporting skill and knowledge or learning
objective against the established standard
the frequency and length of time personnel
and equipment are subjected to a hazard
field manual
fragmentary order
the employment of friendly weapons and
munitions with the intent to kill the enemy or
destroy his equipment or facilities, which
results in unforeseen and unintentional death
or injury to friendly personnel
the accumulation of chance errors,
unexpected difficulties, enemy actions, and
confusion of battle
fire support officer
general staff operations section
any actual or potential condition that can
cause injury, illness, or death of personnel,
damage to or loss of equipment, property or
mission degradation (FM 101-5); a condition
or activity with potential to cause damage,
loss or mission degradation (Joint Pub 1-02)
an activity or task containing a danger to life
or limb that is a permanent and inseparable
element of the activity
intelligence-preparation-of-the-battlefield
infrared
Glossary-I

~ ~~
Risk Management
LOA
LOGCAP
METL
METT-T
MOS
MTP
NBC
NVD
OCOKA
OPCON
operational tempo
OPLAN
OPORD
OPTEMPO
personnel tempo
PERSTEMPO
PIR
probability
PVO
residual risk
risk
limit of advance
Logistics Civil Augmentation Program
mission-essential task list
mission, enemy terrain, troops, and time
available
military occupational specialty
mission training plan
nuclear, biological, chemical
night vision device
0 - observation and fields of fire, C - cover
and concealment, 0 - obstacles, K - key
terrain and decisive terrain, A - avenues of
approach
operational control
the pace of an operation or operations;
OPTEMPO includes all of the activities the
unit is conducting; OPTEMPO can be a single
activity or a series of operations
operations plan
operations order
operational tempo
unit work load level and number of deployed
days per year
personnel tempo
priority intelligence requirements
the likelihood that a hazardous incident will
occur
private voluntary organization
the level of risk remaining after controls have
been identified and selected for hazards that
may result in loss of combat power
chance of hazard or bad consequences; the
probability of exposure to chance of injury or
loss from a hazard; risk level is expressed in
terms of hazard probability and severity
(FM 101-5)
Glossary-2

FM 100-1 4
risk assessment
risk decision
risk management
risk management
integration
s3
severity
situational
awareness
SOP
T&EO
TACSOP
TC
TF
us
xo
identification and assessment of hazards
(first two steps of risk management process);
an identified hazard is assessed to determine
the risk (both the probability of occurrence
and resulting severity) of a hazardous
incident due to the presence of the hazard
the decision to accept or not accept the risks
associated with an action; made by the
commander, leader, or individual responsible
for performing that action
the process of identifying, assessing, and
controlling risks arising from operational
factors and making decisions that balance
risk cost with mission benefits
the embedding of risk management
principles and practices into Army
operations, culture, organizations, systems,
and individual behavior
operations officer
the expected consequence of an event
(hazardous incident) in terms of degree of
injury, property damage, or other missionimpairing
factors (loss of combat power and
so on) that could occur
ability to have accurate and real-time
information on friendly, enemy neutral, and
noncombatant locations; a common, relevant
picture of the battlefield scaled to specific
level of interest and special need
standing operating procedure
test and evaluation outline
tactical standing operating procedure
training circular
task force
United States
executive officer
Glossary-3

References
SOURCES USED
FM 20-400. Military Environmental Protection. 1997 (draft).
FM 22-9. Soldier Performance in Continuous Operations.
12 December 1991.
FM 22-100. Army Leadership. 1997 (draft).
FM 25-100. Training the Force. 15 November 1988.
FM 25-101. Battle-Focused Training. 30 September 1990.
FM 34-60. Counterintelligence. 5 February 1990.
FM 34-130. Intelligence Prqaration of the Battlefield. 23 May 1989.
FM 100-5. Operations. August 1997 (draft).
FM 100-40. Tactics. 29 October 1997 (draft).
FM 100-7. Decisive Force: The Army in Theater Operations. 31 May 1995.
FM 101-5. Staff Organization and Operations. 31 May 1997.
READINGS RECOMMENDED
Army Regulation 70-1. Systems Acquisition Policy and Procedures. 1997.
Army Regulation 385-16. System Safety Engineering and Management.
3 May 1990.
CSA Statement on Risk Management. 27 July 1995.
HQDA Letter 5-97-1. Risk Management Integration Responsibilities.
1 May 1997.
MIL-STD-882C. System Safety Program Requirements. 19 January 1993.
”Risk Management for Brigades and Battalions.” Center for Army
Lessons Learned (CALL) Newsletter 95-9. June 1995.
References-0

Index
A
accident risks 2-2, 2-4, 2-1 1, 3-1
adversaries 2-7
after-action reviews 3-1 0
ambiguity 1-2
antiterrorism 3-1 0
assessment 3-9
avenues of approach 2-5
avoidance controls.
See controls, types of
awareness. See situational
awareness
B
battlefield controls. See controls
C
chain of command 3-2
civilians 2-1, 2-7
climate 2-6
COA
analysis 2-3, 2-7
development 2-3, 2-7, 2-8
enemy 2-4
evaluation 1-3
combat operations ii
combat power ii, iii, 1-1, 2-2,2-6,
2-12, 2-13
conserving 2-0
critical 2-1 3
enemy deployment of 2-5
friendly 2-5
IOSS of 2-9
command climate 3-2
commander
and identification of METL
2-19
and the risk management
process 2-19
responsibilities of iv, 2-3,
2-16, 3-2-3-5
commander’s guidance 2-16,3-2,
3-4
complacency 3-3
constraints 1-7
contract support personnel 2-1
control measures. See controls
controls iv, 1-3, 1-7,2-3, 2-7
acceptability of 2-14
alternate 2-16
approval of 1-3
battlefield 2-15
conversion of 2-17
coordination and
communication 2-17
criteria for (Fig 2-6) 2-14
development of 2-0, 2-13,
2-14, 3-4
effectiveness of 2-2,2-19
emplacement of 2-18
enforcement of 2-18
examples of 2-15-2-1 6
execution of 2-17, 3-1, 3-5
feasibility of 2-14
implementation of 2-0, 2-14,
2-17, 2-18
ineffective 2-19, 2-21
integration into OPORDs 1-3
modification of 2-18
monitoring of 2-18
Index-1

Risk Management
reassessment of 2-1 6
and residual risk 2-1 6
and risk decision 2-1 6
safety and environmental 1-6
suitabiity of 2-1 4
and tools for development
2-19
types of 2-14
counterinsurgency operations 2-6
counterintelligence 2-4.
See also intelligence
courses of action. See COA
cover and concealment 2-5
D
danger, sources of 1-2, 2-3, 3-3
decision levels 1-3
decisive terrain 2-5.
See also terrain
degree of severity.
See severity, degree of
discipline 2-1 8
E
educational controls.
See types of controls
enemy, as part of METT-T 2-3.
See also combat power
environment
damage to 1-2
impact on 2-7
evaluation 3-9
evaluation, of risk management
process 2-18
examples of risk management
work sheets
for battalionhask force
(Fig A-5) Appendix-5-7
for company/team
(Fig A-4) Appendix-4
for division/corps/EAC
(Fig A-6) Appendix-8-1 0
for squad/platoon
(Fig A-3) Appendix-3
exposure to hazards 2-2, 2-7,
2-15
F
fatigue 1-2, 2-6
fear 1-2, 3-3
foreign nationals 2-7
fragmentary order. See FRAGO
FRAGO 2-3
fratricide 1-2, 2-15, 3-4
friction 1 -2, 3-3
friendly fire. See fratricide
friendly vulnerabilities 2-4
geographical area,
acclimatization to 2-6
H
hazard, definition of 2-2
hazards iii, iv, 3-1, 3-6
and accident risks 2-2
assessment of 2-7, 3-10
and common shortfalls 2-4
control of 3-4
heat and cold 2-5
identifying and controlling
2-0, 2-2, 2-3, 3-6, 3-9
long-term 2-18
outside of assigned
responsibilities 3-4
review of 3-10
and tactical risk 2-2
variable 2-18, 3-1
health considerations 2-6
hostile elements. See adversaries
Index-2

FM 100-14
implementation of controls 2-1 7
incident, credibility of 2-7
I
individuals, responsibilities of 3-7
inexperience 2-6
infrastructures, collecting
information on 2-4
instructions for work sheet
Appendix-1
insurgency operations 2-6
integration of risk management
into MTP task (Fig A-7)
Appendix-1 1-1 7
intelligence. See
also counterintelligence
collection plan Appendix-I 5
dissemination of 2-4
estimates Appendix-1 2
and identification of hazards
2-4
intelligence-preparation-of-thebattlefield.
See IPB
IPB 2-4
K
key terrain 2-5. See also terrain
knowledge, lack of 2-6
L
leaders. See also supervisors
and assessment of hazards
2-8
and avoidance 2-14
and continuous planning
2-18
and development of controls
2-13
and discipline 2-18
and estimated degree of
severity 2-11
and evaluation of risk
management process
2-18, 2-19
and implementation of
controls 2-17
and METT-T 2-3
and mission analysis 2-3
and mission preparation 2-17
and mission rehearsal and
execution 2-18
and modification of controls
2-18
and moral and ethical
implications 3-0
and overlap tours 2-16
and overwatch of controls
2-18
responsibilities of iii, 2-1,2-2,
2-3, 3-5
and risk assessment 2-16
and situational awareness
2-18
and time available 2-6
and tools to assess identified
hazards 2-19
and troops 2-6
and weather 2-5
as supervisors 2-17
unit 2-3
leadership 2-6, 2-14, 3-2
lessons learned 2-10, 3-10
levels of risk 2-11, (Fig 2-5) 2-12,
2-13
extremely high 2-12
high 2-12
low 2-13
moderate 2-12
LOGCAP 2-17, 3-8
Logistics Civil Augmentation
Program. See LOGCAP
losses 1 -2. See also fratricide
Index-3

Risk Management
manning levels 2-6
matrix. See risk assessment
matrix
media, hazards to 2-7
METL 3-9
and degree of related risk
2-19
identification of 2-19
-related missions 2-6
MET-T 1-6, 2-0,2-3,2-12,2-21,
3-2
military decision-making process
2-O(Fig 2-I), 2-1, 2-3, 2-7, 2-13
minimizing risk 3-1
mission
analysis 2-3, 2-7
failure, causes of 2-6
as part of MET-T 2-3
receipt of 2-3
mission, enemy, terrain, troops,
and time available.
See METT-T
mission training plan. See MTP
missions, long-term 2-6
morale 2-6
moral and ethical implications
3-0-3-1
MTP
integrating risk management
into Appendix-1 1
and risk management
considerations 2-19
multidiscipline counterintelligence
analysis 2-4
N
nation building 2-6
NGOs 2-7, 2-17, 3-8
nongovernmental organizations.
See NGOs
observation and fields of fire,
cover and concealment,
obstacles, key terrain and
decisive terrain, and avenues of
approach. See OCOKA
OCOKA 2-5
one-third/two-thirds rule 2-6
operating environment 1-2, 1-3
operational deployment 3-1
operational hazards 1-2
operational tempo.
See OPTEMPO
OPLANs 1-3, 3-10
OPORDs 3-10
OPTEMPO 1-3, 3-3
overall risk 2-7, 2-10
overlap tours 2-16
overwatch of controls 2-18
peacekeeping 2-6
peacetime environment 2-7
perception, and leaders’
decisions 1-1
personnel tempo.
See PERSTEMPO
personnel turnover 2-6
PERSTEMPO 1-3
physical controls.
See types of controls
pitfalls of risk management 2-1 9
planning time 2-6
private voluntary organizations.
See PVOs
probability 1-1, 2-7, 2-8, 2-10,
2-11, 2-12, 2-13, 2-15, 2-16,
2-19, 3-10
degrees of 2-8
frequent 2-8, 2-12
Index-4

FM 100-14
of hazards (Fig 2-2) 2-8, 2-9
levels 2-8
likely 2-1 2, 2-1 3
occasional 2-1 2
seldom 2-12, 2-13
unlikely 2-1 2, 2-1 3
proficiency 1-1
PVOS 2-7, 2-1 7, 3-8
R
readiness 3-1 0
reconnaissance activities 2-4
residual risk 1-3,2-14,2-16,2-19,
2-21, 3-6
definition of 2-16
tactical 3-4
resources ii, iii, 1-1
resources, conservation of iii
responsibilities of commanders,
leaders, staffs, and individuals
3- 1 -3-7
risk
definition of 1-1, 2-7
estimate of 2-7
levels of 2-10
perception of 1-1
risk assessment 2-2,2-4, 2-7,
2-1 1, 2-19, 2-21, 3-6
card 2-21, 3-2
matrix (Fig 2-4) 2-1 1, 2-1 6
process 3-8
tools 3-2
risk controls. See controls
risk decision iv, 1-3, 2-0, 2-1,
2-1 3,2-16,2-19,2-21,3-2,3-3,
3-4, 3-5
risk denial syndrome 3-2
risk levels. See risk, levels of
risk management 1-1, 1-7, 2-1 6,
3-4, 3-5, 3-6
applicability 1-4 - 1-6
background of 1-1-1 -2
and the chain of command
3-0
continuous application of
(Fig 2-7) 2-20
examples of application,
Appendix-1 -Appendix-1 2
fundamentals 1-2-1 -7
implementation of 3-0-3-1 0
integrating into planning,
preparation, and execution
iii, 1-3
key aspects of 1-4
principles of 1-3
and regulatory and legal
requirements 1-7
risk management process ii, 1-1,
1-3, 2-0-2-21, 3-1, 3-2, 3-5
assessment of 3-9-3-1 0
and constraints 1-7
continuous application of
2-19
the five steps 2-0
introduction of iii
risk management steps
2-1 (Fig 2-1), 2-2
risk management work sheet
instructions
(Fig A-1) Appendix-1
risk reduction controls 3-6
safety programs 3-1 0
sample risk management work
sheet (Fig A-2) Appendix-2
severity 1-1, 2-7, 2-9, 2-1 0, 2-1 1,
2-15, 2-16, 2-19, 3-10
catastrophic 2-9, 2-1 0
critical 2-1 0
degree of 2-9
of hazards (Fig 2-3) 2-1 0
Index-5

Risk Management
marginal 2-10
negligible 2-10
situational awareness iii, 2-2,
2-18, 2-19, 3-3, 3-7, 3-9
soldiers, health of 2-6
soldiers’ responsibilities. See
individuals, responsibilities of
SOPS 3-10
stability operations 2-6, 2-18
staffs, responsibiity of 2-11, 3-6
steps, of the risk management
process
Step 1. Identify Hazards
2-2-2-7
Step 2. Assess Hazards
2-7-2-1 3
Step 3. Develop Controls and
Make Risk Decisions
2-13-2-1 6
Step 4. Implement Controls
2-17
Step 5. Supervise and
Evaluate 2-17-2-1 9
supervise and evaluate.
See steps, of the risk
management process
supervision techniques 2-18
supervisors, and examples of
control implementation 2-17
supplies and services 2-6
sustained operations 2-18, 3-3
tactical risk 2-2, 2-4, 2-1 1, 3-1
task organization 2-6
terrain 2-5.
See also key terrain
terrain and weather 2-4
aspects of 2-5
as part of METT-T 2-4
threat capabilities and
vulnerabilities 2-4
time available, as part of METT-T
2-6
tools
to assess identified hazards
2-19
for risk management 2-19
tracking Appendix-1
training 3-1
assessment 3-9
levels of 2-6
plan 3-10
training management cycle 3-9
training and operations,
integration into 3-7-3-9
troops, care of 2-6
uncertainty 1-2, 2-1 1
v
vehicles, maintenance of 2-6
violence, and risk decisions 3-3
wartime environment 2-7
weather hazards, identification of
2-5
work sheet instructions
(Fig A-1) Appendix-1
Index-6

The Tool To Protect The Force, Family and
Friends

“Risk management is the Army’s principal
risk-reduction process to protect the force.
Our goal is to make risk management a
routine part of planning and executing
operational missions.”
Chief of Staff, Army
L
Protect the Force

What the Chief Didn’t Say
Risk mangement is optional.
Risk management is a safety officer
function.
Risk management is for leaders only.
3

Risk Management Terms
Risk Management - The process of identifling and
controlling hazards to protect the force.
4
Hazard - Any real or potential condition that can cause injury,
illness, . . death,
4 damage
4 ..
to or loss of equipment or property, or
mission degradation.
or
Any adverse condition of a METT-T factor that, if not
controlled, can cause loss of combat power from accidents or
enemy action.
Risk
-?
Chance of hazard or bad consequences; exposure to
chance of injury or loss. Expressed in terms of hazard
probability and severity.
Protect the Force

f
Risk Management Terms
Risk Assessment - the identification and assessment of
hazards (first two steps of the Risk Management
process).
Risk level - expressed in terms of hazard probability
and severity.
Probability - the likelihood an event will occur.
Severity - the expected consequence of an event in terms of
degree of injury, lost resources, or other mission impairing
factors that could occur.
5
Controls - actions taken to eliminate hazards or reduce their
risks.
Protect the Force -

Residual Risk - the level of risk remaining after
controls have been identified and selected.
Risk Decision - The decision to accept or not
accept the risks associated with an action made by
the commander, leader, or individual responsible
for performing that action.
6
Protect the Force

I
I B
Rules of Risk Management
Integrate into danning;.
U I U
Accept no unnecessary risks.
Make risk decisions at the proper level.
Accept risk if the benefits outweigh the
potential losses.
I
Protect the Force

I
Risk Management Process
8
1
Protect the Force

I
Hazard Identification
11
Look for things that can keep you from reaching
the objective without all of your combat
power.
II
Hazard factors - Operational, environmental,
situational/scenario .
Consider all aspects of current and future
situations, and known historical problem
areas.
1
Protect the Force
9

Most Likely Hazards
~ d
OBJECTIVE - Identify those hazards most likely to
result in loss of combat power.
CRITERIA- Hazard is not adequately controlled at this
For echelon or next lower echelon.
“Most Likelv
Hazard”
-AND-
Include control(s) for hazard in FRAGO
OPORD, mission instructions or verbal
order.
10
Track hazard via risk management work
sheet.
Protect the Force =

9
ID HAZARDS
Q- Is hazard adequately controlled?
I
Identified
METT-%
hazard
-Support - Is type/amount/capability/condition of suppoi
8% adequate to control hazard?
- Personnel - Equipment/material
- Supplies - Services/facilities
-Standards - Is guidance/procedure adequately clear/
8% mactical/sPecific to control hazard?
- Training - Is training adequately thorough and recent
18% to control hazard?
- Leader - Are leaders ready, willing and able to enforce
18% standards required to control hazard?
Adequate
YES NO
Individual - Is soldier performance and conduct sufficieni
48% self-disciplined to control hazard?
Y
11
A - If all “yes”, no further action.
- If one or more “no”. risk manage th is hazard.
Protect the Force

Identify hazards during
JReceive The Mission
JIssue The Warning Order
JMake A Tentative Plan
I1
12
Protect the Force

( Hazards )
-3
13
5
Protect the Force

-.---
Assess Hazards
Don’t get wound up in a matrix.
More art than science (use experience).
Tailor to the operation and level involved.
Think of cumulative effects and critical path.
Assess hazards based on probability, severity
and mission impact.
14
Protect the Force =

I
THE ARMY RISK ASSESSMENT MATRIX. ..
Risk Level:
E - Extremely High
H - High
M - Moderate
L -Low
S
e
V
e
r
i
t
Y
Catastrophic
Critical
Marginal
Negligible
I
I Frequent
HAZARD PROBABILITY
Likely Occasional Seldom ~
Unlikely
E E H H M
E H H M L
H M M L L
M L L L L
15
..I One
size fits all?
Protect the Force

Unit:
Operation:
Risk Management Worksheet
16
Protect the Force =

RISK MANAGEMENT
IDENTIFY AND ASSESS MISSION RISKS AND HAZARDS
I MISSION PLANNING
I
TERRAIN
TRAFFICABI LITY
I MISSION I PREPARATORY TIME
DURATION
r m K S
24-48 HOURS
< 24 HOURS
IN DEPTH ADEQUATE MINIMAL
3 4 5
2 3 4
1 2 4
TYPE
MOUNTAIN/
DESERT
HILLS
FLATROLLING
I MISSION CONTROL EQUIPMENT
I
AGE
OLD
AVERAGE
NEW
I
IMPROVED TRAILS CROSS COUNTRJ
3 4 5
2 3 4
1 3 4
EQUIPMENT STATUS
MAINTENANCE STATUS
MLY MISSION
CWABLE
I
I NTmME;IN
3 4 5
2 4 5
1 3 5
I
SOLDIER SELECTION
I WEATHER & ENVIRONMENTAL CONDITIONS
TEMP
DAY LIMITED VISIBILITY/ NIGHTDUSTEOG
CLEMRY HAZYDRIZZLE SNOWiMUDiICERAIN
TASK
HIGHLY
EXPERIENCED MOS QUALIFIED UNTRAINED
80
3 4 5
COMPLEX
32-59
2 3 4
I
ROUTINE
SIMPLE
OPERATING
ENVIRONMENT
NON ACCLIMATED
PARTIALLY
ACCLIMATED
SOLDIER ALERTNESS
OPTIMUM
> 8 HOURS
4
3
ADEQUATE
4-8HOURS
MINIMAL
< 4 HOURS
4 5
3 4
60-79
1 2 4
DEVELOP AND IMPLEMENT RISK REDUCTION ACTIONS.
ALL RISK GREATER THAN 4 REQUIRE IMMEDIATE ACTION.
WHEN TWO OR MORE AREAS ARE ASSIGNED A RISK
FACTOR OF 5, THE OVERALL RATING SCHEME IS EXTREMELY HIGH.
ACCLIMATED
1
2 4
YOU ARE CHALLENGED TO MAKE PRUDENT RISK DECISIONS.
ACCEPT RISKS WHEN THE BENEFITS OUTWEIGH THE COST.
DON’T ACCEPT UNNECESSARY RISKS!

Assess Hazards
Assess hazards during
71 Situation Estimate
J Detailed Mission Analysis
JDeveloping Situation and COA
71 Analyzing COA
19
Protect the Force

1
Risk ~ 1
Management Process
( )-( t:.:zs Decisions lMake
>
20
Protect the Force

1
I iDevelop Controls and Make Risk
For Each Hazard
Decision
71 Implement existing controls if adequate
71 If not, adjust to make adequate or develop new
71 Consider realism and resources
71 Minimize chance of accidents, maximize mission
accomplishment
Determine residual risk and appropriate
commander acceptshejects risk
21
Protect the Force

1Develop Controls and Make Risk
Decision
Do this during
71 Comparing COA
JMaking Decisions
JExpanding selected COA into a tentative plan
22
Protect the Force

I
d
I Risk 9
Management Process
Identify
Hazards
Implemen
Controls
I
23
Protect the Force

Implement Controls
Controls are the standard.
Include in OPORDs, FRAGOs, rehearsals.
Link to specific hazards.
Communicate to your soldiers.
SOPS and training to standard are some of the
most common sources of controls.
24
Protect the Force

Implent Controls During
J Initiating Movement
J Reconnoitering
3 Completing The Plan
JIssueing The Order

j
Risk Management Process
>
26
Protect the Force

Enforce standards.
Deconflict controls.
Plan!
C
Evaluate controls and adjusthpdate as
nece s sary .
Incorporate lessons learned for fitture
use.
Do this during supervise and refine the
plan.
21 Protect the Force

~ enforcement
-1
Put your greatest emphasis in hazard
identification and development and
of controls.
The higher the risk, the more senior the decision maker.
Continually assess risk and adjust controls.
Be careful “averaging out” risk.
28
Protect the Force

RISK MANAGEMENT WORKSHEET PAGF 1 nf 3
4. PREPAREDBY:
/ /
5. HAZARDS
Inexperienced
untrained soldiers
- Air Loading
- Rail Loading
- Hazardous Cargo
- New Equipment
Continuous operations
during loading
Lack of / improper
ground guiding
H
-
H
9. OVERALL RISK LEVEL AFTER CONTROLS ARE Ik
ID soldiers with
deployment experience
and assigned to load
teams.
Train Airloadmail
teams.
Train drivers on new
equipment
Develop rest plans/
shift schedules
Train driverdground
guides in correct
procedures.(Hand&Arm)
,EMENTED (CIRCLE ONE):
LOW ~DERATI~J HIGH EXTREMELY HIGH
I
10. RI
RSOP/
Training
guidance
RSOP/
TACSOP
OPORD
RSOP/
Training
guidance
ON AUTHORITY:
12. HOWTO
LEAD
spot
check
by BCs
Cont. supv
by Plt Sgt
Cont. supv
spot
check
by 1SGs
Section
Chiefs
COLONEL BATTISTEBDE CDR
RANWLASTNAMEIDUTY POSITION
TSP-29

I FY ~
96 STATS
FA Soldiers killed: 25
FA Soldiers killed off-duty: 23
FA Soldiers killed in POVs: 21
Total Soldiers killed in POVs: 130
FA % of POV deaths: 16%
30
FA % ofArrny: 6%
Protect the Force

The Tool To Protect The Force, Family and
Friends
I 1
Protect the Force -
“Risk management is the Army’s principal
risk-reduction process to protect the force.
Our goal is to make risk management a
routine part of planning and executing
operational missions.”
Chief of Staff, Army
It
Protect the Force -

-
1 What the Chief Didn't Say
'
1
Risk mangement is optional.
Risk management is a safety officer
hnct ion.
Risk management is for leaders only.
Protect the Force
i
Risk Management Terms
Risk Management - The process of identifying and
controlling hazards to protect the force.
Hazard - Any real or potential condition that can cause injury,
illness, death, damage to or loss of equipment or property, or
mission degradation.
or
Any adverse condition of a METT-T factor that, if not
controlled, can cause loss of combat power from accidents or
enemy action.
Risk - Chance of hazard or bad consequences; exposure to
chance of injury or loss. Expressed in terms of hazard
probability and severity.
Protect the Force -

Risk Management Terms
Risk Assessment - the identification and assessment of
hazards (first two steps of the Risk Management
process).
Risk level - expressed in terms of hazard probability
and severity.
Probability - the likelihood an event will occur.
Severity - the expected consequence of an event in terms of
degree of injury, lost resources, or other mission impairing
factors that could occur.
Controls - actions taken to eliminate hazards or reduce their
risks.
I . Protect the Force -
I
Risk Management Terms
Residual Risk - the level of risk remaining after
controls have been identified and selected.
Risk Decision - The decision to accept or not
accept the risks associated with an action made by
the commander, leader, or individual responsible
for performing that action.
I
Protect the Force

Integrate into planning.
Accept no unnecessary risks.
Make risk decisions at the proper level.
Accept risk if the benefits outweigh the
potential losses.
I
Protect the Force I
Risk Management Process
I Protect the Force -

Hazard Identification
Look for things that can keep you from reaching
the objective without all of your combat
power.
Hazard factors - Operational, environmental,
situational/scenario.
Consider all aspects of current and future
situations, and known historical problem
areas.
Protect the Force -
Most Likely Hazards
OBJECTIVE - IdentifL those hazards most likely to
result in loss of combat power.
CRITERIA- Hazard is not adequately controlled at this
For echelon or next lower echelon.
“Most Likelv
Hazard ”
-AND-
- Include control(s) for hazard in FRAGO
OPORD, mission instructions or verbal
order.
- Track hazard via risk management work
sheet.
10 Protect the Force -

Adeauate
Q- Is hazard adeauatelv controlled? YES NO
Identified
METT-T
hazard
-Support - Is type/amount/capability/condition of support
8% adequate to control hazard?
- Personnel Equipmenvmaterial
- Supplies - Services/facilities
-Standards - Is guidance/procedure adequately clear/
8% practical/specific to control hazard?
- Training - Is training adequately thorough and recent
18% to control hazard?
- Leader - Are leaders ready, willing and able to enforce
18% standards required to control hazard?
Individual - Is soldier performance and conduct sufficien
48% self-disciulined to control hazard?
I I
A - If all “yes”, no further action.
1f-e // no ,> . v d .
.
Protect the Force -
Hazard Identification
IdentifL hazards during
ZReceive The Mission
YIssue The Warning Order
71Make A Tentative Plan
Protect the Force -

Risk Management Process
3
Protect the Force -
j
Assess Hazards
Don’t get wound up in a matrix.
More art than science (use experience).
Tailor to the operation and level involved.
Think of cumulative effects and critical path.
Assess hazards based on probability, severity
and mission impact.
14
Protect the Force -

THE ARMY RISK ASSESSMENT MATRIX. ..
Risk Level:
E - Extremely High
H - High
M - Moderate
L - Low
-
S
e
V
e
r
i
t
- Y
Catastrophic
Critical
Marginal
Negligible
HAZARD PROBABILITY
Frequent Likely Occasional Seldom Unlikely
E E H H M
E H H M L
H M M L L
M L L L L
J
... One size fits all?
Protect the Force -
I Unit:
Operation:
Risk Management Worksheet
16
Protect the Force -

Protect the Force -
MISSION
MISSION PLANNING
PREPARATORY TIME
n PE
TERRAIN
rnCABILrn
I
I
I
1 WEATHER 81 ENVIRONMENTAL CONDITIONS 1
II SOLDIER ALERTNESS I
DLVUaP .AND IMPLEMEVT PJSK REDUXIOK ACTIONS
ALL RISK GREATER THAN4 REWIRE IMMEDIATE ACTION
U~YTWOORhlOREIUIEr~~~,G~~DARlSK
FACTOR OF I. THE OI'ERALL RATING SCHEME IS WREMELY HIGH.
YOU ARE CHALLEhGED TO MAKE PRUDEM RISK DECISIONS.
ACCEPTRISKS U'HENTHEBEUEmSOL~EIGHTHECOST.

i
I
Assess Hazards
Assess hazards during
71 Situation Estimate
71Detailed Mission Analysis
JDeveloping Situation and COA
71Analyzing COA
I
I9 Protect the Force -
in Protect the Force -

Develop Controls and Make Risk
Decision
For Each Hazard
71 Implement existing controls if adequate
71 If not, adjust to make adequate or develop new
71 Consider realism and resources
71 Minimize chance of accidents, maximize mission
accomplishment
Determine residual risk and appropriate
commander acceptshejects risk
Protect the Force -
I
,Develop Controls and Make Risk
!
Decision
Do this during
acornparing COA
2Making Decisions
71Expanding selected COA into a tentative plan
Protect the Force -

I
1 Risk
Management Process
( Assess ) ( Make )
Hazards
Decisions
Protect the Force -
I
Implement Controls
Controls are the standard.
Include in OPORDs, FRAGOs, rehearsals.
Link to specific hazards.
Communicate to your soldiers.
Avoid the big
hand-wave
SOPS and training to standard are some of the
most common sources of controls.
I 24
Protect the Force -

~ Protect
Implement Controls
Implent Controls During
71Initiating Movement
71Reconnoitering
71Completing The Plan
71Issueing The Order
Protect the Force -
I) 3
Hazards
-
Decisions
the Force J

Lead and Evaluate
Enforce standards.
Deconflict controls.
Evaluate controls and adjusthpdate as
necessary.
Incorporate lessons learned for hture
use.
Do this during supervise and refine the
plan.
Protect the Force -
Put your greatest emphasis in hazard
identification and development and
enforcement of controls.
The higher the risk, the more senior the decision maker.
Continually assess risk and adjust controls.
Be careful "averaging out'' risk.
Use the process creatively.
Protect the Force -

RISK MANAGEMENT WORKSHEET DACC I "r 1
I MSNirASK Deploy he 2ND Bnmde Combat Tram 2 MG BEGIN 10FJIB97 3 DATE
END 6MAR97 PRPARED2UNOV96 1
4 PWARU)BY CPT AMERICA ASSISTANT S-3.2ND BCT
RANK2ASTU4UEmVIY WSnlON
L H*Z\RDS
Inexperienced/
untrained soldiers
- Air Loading
- Rail Loading
- Hazardous Cargo
New Equipment
Continuous operations
during loading
Lack of / improper
ground guiding
H ID soldiers with L
deployment experience
and assigned to load
teams.
Train AirloadRail
teams.
Train drivers on new
equipment
H Develop rest plans/
shift schedules
H Train driverslground M
guides in correct
procedures.(Hand&Arm)
IRE hlPLEMENTED(CRCLE0NE) I 10 AlsRbEE
RSOPI
Training
guidance
RSOP/
TACSOP
OPORD
RSOPl
Training
guidance
,I. now TO
LEAD
Spot
check
by BCs
Cont. sup
by Plt Sg
Cont. sup
Spot
check
by lSGs
Section
Chiefs
-
I LOW HIGH EXTREMELY HIGH I BATTIST"BDE CDR
RNWLASTNAMEIDUN wsinoN --
FA Soldiers killed: 25
FA Soldiers killed off-duty: 23
FA Soldiers killed in POVs: 21
Total Soldiers killed in POVs: 130
FA % of POV deaths: 16%
FA % of Army: 6%
Protect the Force -

RISK
Risk Management, when properly
applied, enables a commander to
maximize oDerational capabilities while
minimizing risk to the force.
Clvll 6 criminal
llabilwles \
Environmental
degradation *
Risks Threaten the Force
and Its Capabilities
Fratricide 4 L
Loss of public 9
trust 6
confldence
Loss &theft of
++- materiel &funds
Accidental destructlon
of materiei/facllitles
Thase risks can h. minimized if they an effectively detected and controlled -
Risk Manraement
I
1
I

The Dimensions of Risk
I The relative Mission Fiscal
Safety
Personal
Legamedia Environmental
1 Changing - - one element often influences
other elements positively or negatively
What Price are we Paying
Wow?
Historically
aoa-threat losses
Desert Shield
Storm
Hostile fire ............ 2.9 (20Y0)
Accidents .......... 11.14 (75%)!
Fratricide ............. .68 (5%)
27 -Trucks
450 tow of 8mmunilmkI
The non-threat losses
can be cut 50-100%
2
2

I Whoisthe I
REAL
threat?? I
What’s New About Risk
Management?
Hasn’t risk always been managed?
Yes, but:
Not systematically and consistently
Not with tested and proven methods
Not on a totally integrated basis
Not as a tool for expanding capabilities
The procedures for risk management offer
breakthrough improvements in
warfighting effectiveness and force protecfion.
Risk Management Philosophy
Risk management is the best process for the
protecting the force. Risk management provides a
systematic and lmical aaaroach to identifvinp and
controlline hazards that endanger our resources.
Risk management supports and encourages
initiative allowine flexibilitv. adaatabilitv and
eaeerness to act. ... it applies to all elements of force
protection in all situations and environments.
I
I
3
3

+Hazard - any real or Dotential condition that can
cause iniurv, illness or death of personnel, or damage
to, or loss of equipment or property, or mission
degradation.
+Risk - chance of hazard or bad consequences;
exposure to chance of injury or loss.
Key Definitions
+Risk level is expressed in terms of hazard
probability and severity.
- Severity - exDected conseauenw of an event in term:
of degree of injury, property damage, or other missior
impairing factors (loss of combat power, adverse
publicity, etc.) that could occur.
- Probability - likelihood that an event will occur.
Key Definitions
+ Risk Management (RM) - the process of identifying
and controlling hazards to protect the force.
- Its five steps represent a logical thought process from
which users develop toois, techniques, and
procedures for applying risk management in their
areas of responsibility.
- It is a continuous process applicable to any situation
and environment.
+ Risk Assessment -the first two steps of the RM
process.
4
4

Key Definitions
+Controls - actions taken to eliminate
hazards or reduce their risk@).
Risk Decision - the decision to acceDt or
not acceDt the risks associated with an
action made by the individual responsible
for performing that action.
Risk Management Process
+ Identify Hazards. Identify hazards to the force. Consider all
aspects of current and future situations, environment, and
known historical problem areas.
5
5

+ Assess Hazards. Assess hazards to determine risks.
Assess the impact of each hazard in terms of potential
loss and cost, based on probability and severity.
control measures that eliminate the hazard or reduce its risk.
As control measures are developed, risks are reevaluated until
all risks are reduced to a level where benefits outweigh
I
+ Implement Controls. Put controls in place that
eliminate the hazards or reduce their risks.
.Examples:
+Plana, OPORDs,
SOPS, Tnlning
Performance
Standards,
Reheanals.
6
6

Risk Management Process
+ Supervise & Evaluate. Enforce standards and
controls. Evaluate the effectiveness of controls and
adjusthpdate as necessary.
Risk Management Process
+ A risk assessment matrix can be used to determine
risk levels of an identified hazard. Standard terms
associated with risk assessment:
- Probability -the likelihood that an event will occur.
- Severity -the expected consequence of an event in
terms of degree of injury, property damage, or other
mission impairing factors (loss of combat power,
adverse publicity, etc), that could occur.
Risk Assessment Matrix
7
7

Risk Management Tools
Readiness Risk Management
+Key risk issues for the unit have been
identified. Effective indicators of risk status
exist in these areas.
+Leaders assess soldier risk proneness
factors 8 use leadership skills to reduce
risks.
+Important risk skills 8 knowledge’s have
been identified 8 the unit scores high on
tests of factors.
8
8

~
Readiness Rlsk Management Iconl'dl
+All leaders have been trained on RM
responsibilities 8 skills. All can apply RM to
unit operations
+METL-based tasks have been assessed for risk
& effective risk controls are in place.
+Each soldier can name the 5 leading sources of
injury for their MOS &job and the key risk
controls.
+New o
& risk
I
Applications of Risk Management
To perform optimally, unit leaders must be able
to detect and control risks in specific missions
assigned to the unit within operational
resources and time constraints.
Control Option Matrix
Control Option
Engineer
+ Guard
Limit exposure
Pcnonnel sekclioa
Train & educate
Warn
Molivste
Reduceeffects
+ Rehabilitate
ndividual Supervisor
I
'ommander
9
9

Applications of Risk Management
Safety restnctions often stifle audacity in training and actual war
Opportunity-risk concept have a proven capability to detect thse bzers They also
provlde the means to elminate or modify counterproductive safety resmctinns and
override the risk associated wth audacity
>
Decisive Victq
&
-Initiative
increased losses
Traditional process vs. RM process
Traditional approach
- "Common Sense".
- Random hazard ID and
assessment.
- More omission.
- Uninformed decision.
- Reactiveldownstream
oriented.
- Compliance based.
Risk Management
- Methodical.
- Less omission.
- Informed decision.
- Upstream process
oriented.
- Involvement and
empowerment.
10
IO

~~
What are the Potentlal
Benefits?
I
Promotes audacity thru prudent rrsh laking
+ Improved abdity . to .. proiect force with minimal .
losser
+ Enhanms decision-making skills
Improved congressional & media confidence in
force
+ Improves soldier confidence in unit capabilities
lN COMBAT
The Bottom Line
Commanders can cut accidental losses in
training and combat by 50-90%. At the same
time, training realism can be substantially
enhanced and operational capabilities
significantly and continuously improved.
The Four Rules of
Risk Management
+ lntearate risk management into operational
planning.
+Accept no unnecessary risks.
+Make risk decisions at the proDer level.
+Accept risks if the benefits outweighs the
cost.
11
11

“Don’t never take a
chance you don’t have
to.”
Standing Orders
Rogers’ Rangers 1759
12
12

RISK
Risk Management, when properly
applied, enables a commander to
maximize ODerational CaDabilities while
minimizing risk to the force.
Civil 6 criminal
Risks Threaten the Force
and Its Capabilities
'dental deaths 6 Injuries
Environmental
degradation *
Diseases 6 illnesses
Loss 6 theft of
-Fratricide d I 4 k materiel 6 funds
Loss of ubiic
ttusP6
confidence
Accidental destruction
of materiel/facllities
These risks can be minimized if they are effectively detected and controlled -
Risk Manapemmnt
1
I

The Dimensions of Risk
I The relative Mission Fiscal I
significance of
Of
risk varies
from
operation to
operation
Train j
I Changing - - one element often influences
other elements positively or negatively
I
I
I -
Historically
non-threat losses
What Price are We Paying
WOW
Desert Shield
Storm
Hostile tire ............ 2.9 (20%)
I nL
The Doha Catastrophe
450 tom of .amunition
Accidents .......... 11.14 (%YO)!
Fratricide ............. .68 (5%)
The non-threat losses
can be cut 50-100%
I
I
2
2

Who is the
REAL
threat ??
What’s New About Risk
Management?
Hasn’t risk always been managed?
Yes, but:
Not systematically and consistently
Not with tested and proven methods
- Not on a totally integrated basis
* Not as a tool for expanding capabilities
The procedures for risk management offer
breakthrough improvements in
warfighting effectiveness and force protection.
Risk Marauement Philosouhy
Risk management is the best process for the
protecting the force. Risk management provides a
svstematic and loeical amroach to identifvinp and
controlling hazards that endanger our resources.
Risk management supports and encourages
initiative allowing flexihilitv. adaptabilitv and
eaeerness to act. ... it applies to all elements of force
protection in all situations and environments.
3
3

Key Definitions
+Hazard - any real or ootential condition that can
cause iniuru, illness or death of personnel, or damage
to, or loss of equipment or property, or mission
degradation.
+Risk - chance of hazard or bad consequences;
exposure to chance of injury or loss.
I
I
Key Definitions
+Risk level is expressed in terms of hazard
probabilitv and severity.
- Severity - exDected mnseauence of an event in terms
of degree of injury, property damage, or other mission
impairing factors (loss of combat power, adverse
publicity, etc.) that could occur.
- Probability - likelihood that an event will occur.
+ Risk Management (RM) -the process of identifying
and controlling hazards to protect the force.
- Its five steps represent a logical thought process from
which users develop tools, techniques, and
procedures for applying risk management in their
areas of responsibility.
- It is a continuous process applicable to any situation
and environment.
+ Risk Assessment - the first two steps of the RY
process.
4
4

Key Definitions
+Controls - actions taken to eliminate
hazards or reduce their risk(s).
+ Risk Decision - the decision to acceDt or
not acceDt the risks associated with an
action made by the individual responsible
for performing that action.
Risk Management Process
Risk Management Process
Identify Hazards. Identify hazards to the force. Consider all
aspects of current and future situations, environment, and
known historical problem areas.
5
5

Risk Management Process
+ Assess Hazards. Assess hazards to determine risks.
Assess the impact of each hazard in terms of potential
loss and cost, based on probability and severity.
Risk Management Process
Develop Controls and Make Risk Decisions. Develop
control measures that eliminate the hazard or reduce its risk.
As control measures are developed, risks are reevaluated until
all risks are reduced to a level where benefits outweigh
Risk Management Process
Implement Controls. Put controls in place that
eliminate the hazards or reduce their risks.
.Examples:
*Plans, OPORDs
SOPS, Training
Performance
Standards,
Rehearsals.
6
6

Risk Management Process
+ Supervise & Evaluate. Enforce standards and
controls. Evaluate the effectiveness of controls and
adjusthpdate as necessary.
Risk Management Process
+ A risk assessment matrix can be used to determine
risk levels of an identified hazard. Standard terms
associated with risk assessment:
- Probabllity - the likelihood that an event will occur.
- Severity - the expected consequence of an event in
terms of degree of injury, property damage, or other
mission impairing factors (loss of combat power,
adverse publicity, etc), that could occur.
Risk Assessment Matrix
I
7
7

Risk Management Tools
I
Readiness Risk Management
+Key risk issues for the unit have been
identified. Effective indicators of risk status
exist in these areas.
+Leaders assess soldier risk proneness
factors & use leadership skills to reduce
risks.
+Important risk skills & knowledge’s have
been identified & the unit scores high on
tests of factors.
8
8

Readiness Rlsk Management Icomidl
+All leaders have been trained on RM
responsibilities 8 skills. All can apply RM to
unit operations
+METL-based tasks have been assessed for risk
& effective risk controls are in place.
+Each soldier can name the 5 leading sources of
injury for their MOS &job and the key risk
controls.
+New operational capabilities are subjected to RM
Applications of Risk Management
To perform optimally, unit leaders must be able
to detect and control risks in specific missions
assigned to the unit within operational
resources and time constraints.
Control Option Matrix
Control Option
Engineer
Guard
Limit exposure
Personnel selection
Train & educate
Warn
Motivate
Reduceeffects
+ Rehabilitate
ndividual Supervisor :ommander
9
9

Applications of Risk Management
I override
Safety rermctions often stifle audacity in training and actual war
Opportunity-nsk concept have a proven capability to detect these bsen They also
provide the means to eliminate or modify eaunterproducuve safety restrictions and
the risks associated with audacity
>
Decisive Victor).
. Synchmnimtior
- Flewbiht)
-Initiative
-Depth
-Audacity
nsks Do more w>t
increased losses
Traditional process vs. RM process
- Random hazard ID and
assessment.
- More omission.
+ Risk Management
- Methodical.
- L~~~ omission.
- Informed decision.
- Upstream process
- Uninformed decision. oriented.
- Reactive/downstream - Involvement and
empowerment.
- Compliance based.
10
IO

What are the Potential
Benefits9
‘)i Non-battle casualties (non-hostile fire) reduced up
to 5Q%
+ Promotes audacity thru prudent risk taking
+ Improved ability to project force wth minimal
losses
Enhances decision-making skills
+ Improved congressional & media confidence tn the
force
+ Improves soldier confidence in unit capabilities
J
4EEE
\
MmA,N,NI
IN COMBAT
A POTENTIALLY DECISIVE EDGE!
Commanders can cut accidental losses in
training and combat by 50-90%. At the same
time, training realism can be substantially
enhanced and operational capabilities
significantly and continuously improved.
The Four Rules of
Risk Management
4 lntearate risk management into operational
4Accept no unnecessarv risks.
4 Make risk decisions at the proDer level.
+Accept risks if the benefits outweighs the
cost.
11
II

“Don’t never take a
chance you don’t have
to.”
Standing Orders
Rogers’ Rangers 1759
12
12

FM 3-100.12
MCRP 5-12.lC
NTTP 5-03.5
AFTTP( I) 3-2.34
FEBRUARY 2001
DISTRIBUTION RESTRICTION:
Approved for public release;
distribution is unrestricted

FOREWORD
This publication has been prepared under our direction for use by our respective
commands and other commands as appropriate.
A
JOHN N. ABRAMS
General, USA
Commander
Training and Doctrine Command
BRUCE B. KNUTSON, JR.
Lieutenant General, USMC
Commanding General
Marine Corps Combat
Development Command
ROBERT G. SPRIGG
Rear Admiral, USN
Commander
Navy Warfare Development Command
LANCE L. SMITH
Major General, USAF
Commander
Headquarters Air Force Doctrine Center
This publication is available on the General
Dennis J. Reimer Training and Doctrine Digital
Library at www.adtdI .army. mil

1. Scope
This publication describes risk management functions and responsibilities applicable to
the joint task force (JTF) and service staffs. It applies risk management planning
procedures to the military decision making process and employs the Joint Operation
Planning and Execution System (JOPES) for the operation planning team.
2. Purpose
This publication provides a consolidated multiservice reference addressing risk
management background, principles, and application procedures. To facilitate multiservice
interoperability, this publication identifies and explains the risk management process and
its differences and similarities as it is applied by each service.
3. Applicability
The audience for this publication includes combatant command, JTF, and functional
and service component staffs. The target staff level is the JTF headquarters staff. This
publication serves as a source document for developing service and joint manuals,
publications, and curricula, and may be used as a stand-alone document.
4. Implementation Plan
Participating service command offices of primary responsibility will review this
publication, validate the information, and reference and incorporate it in service and
command manuals, regulations, instructions, and curricula as follows:
Army. The Army will incorporate this publication in U.S. Army training and doctrinal
publications as directed by the Commander, U.S. Army Training and Doctrine Command
(TRADOC). Distribution is in accordance with DA Form 12-99-R.
Marine Corps. The Marine Corps will incorporate the procedures in this publication in
U.S. Marine Corps (USMC) training and doctrinal publications as directed by the
Commanding General, U.S. Marine Corps Combat Development Command (MCCDC).
Distribution is in accordance with Marine Corps Publication Distribution System (MCPDS) .
Navy. The Navy will incorporate these procedures in U.S. Navy (USN) training and
doctrinal publications as directed by the Commander, Navy Warfare Development
Command (NWDC). Distribution is in accordance with Military Standard Requisitioning
and Issue Procedures (MILSTRIP) Desk Guide and Navy Standing Operating Procedures
(NAVSOP) Publication 409.
Air Force. The Air Force will validate and incorporate appropriate procedures in
accordance with applicable governing directives. Distribution is in accordance with Air Force
Instruction 33-360, Volume 1.
5. User Information
a. The TRADOC-MCCDC-NWDC-Headquarters (HQ) Air Force Doctrine Center
(AFDC) and Air Land Sea Application (ALSA) Center developed this publication with the
joint participation of the approving service commands. ALSA will review and update this
publication as necessary.
b. This publication reflects current joint and service doctrine, command and control
organizations, facilities, personnel, responsibilities, and procedures. Changes in service
MARINE CORPS: PCN 14400009300
I

protocol, appropriately reflected in joint and service publications, will be incorporated in
revisions of this document.
c. We encourage recommended changes for improving this publication. Key your
comments to the specific page and paragraph and provide a rationale for each
recommendation. Send comments and recommendations directly to-
ii

FM 3-100.12
MCRP 5-12.1C
NTTP 5-03.5
AFTTP(I) 3-2.34
FM 3-100.12
MCRP 5-12.1C
NTTP 5-03.5
AFTTP(I) 3-2.34
U.S. Army Training and Doctrine Command
Fort Monroe, Virginia
Marine Corps Combat Development Command
Quantico, Virginia
Navy Warfare Development Command
Newport, Rhode Island
Headquarters Air Force Doctrine Center
Maxwell Air Force Base, Alabama
15 February 2001
RISK MANAGEMENT
Multiservice Tactics, Techniques, and Procedures for
Risk Management
TABLE OF CONTENTS
EXECUTIVE SUM MARY.. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Chapter I RISK MANAGEMENT FUNDAMENTALS .........................................................
Page
1. Background ................................................................................................... 1-1
2. Risk Management Goal ................................................................................. 1-1
3. Key Aspects of Risk Management ................................................................. 1-1
4. Principles of Risk Management .................................................................... 1-2
5. Levels of Risk Management .......................................................................... 1-3
6. Risk Management Process Overview ............................................................ 1-3
7. Risk Management Process Application Guidelines. .. . . . . .. . . . .. . . . . . . . . . . . . . . . . . . . ... . . 1-3
8. Relationship of Force Protection to Risk Management. .. . . . ... . . . .. . . . . .. . . . ... . . . .. . 1-5
Chapter II RISK MANAGEMENT PROCESS AND OPERATIONAL
CONSIDERATIONS .................................................................................................. 11-1
1. Background .................................................................................................. 11-1
2. Application of Risk Management .... ....... .... . ........ ..... ...... . .... . .... .................... 11-1
3. Integration of Risk Management ..................... ......................... ..... . ......... .... 11-7
4. Analysis Models.. ... ..... . .... ....... ..... . ...... .... .......... . .... . ..... .... ...... ......... . .... ..... .... 11-8
Chapter 111 STAFF FUNCTIONS AND RESPONSIBILITIES ............................................. 111-1
1. Background ................................................................................................ 111-1
2. Responsibilities . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 111- 1
V
1-1
iii

3 . Integration into Training and Operations ................................................. 111-6
4 . Review of the Risk Management Process .................................................. 111-6
Appendix A Risk Management Tools .............................................................................. A-1
Appendix 6 Force Protection Working Group ............................................................... B-1
References ..........................................................................................................
Glossary ..............................................................................................................
References-1
Glossary-1
Index .................................................................................................................... Index- 1
Figures 1.1 . Continuous Application of Risk Management ............................................ 1-4
11- 1 . Identify the Threats .................................................................................. . II-1
11.2 . Assess the Threat ....................................................................................... 11-2
11.3 . Develop Controls and Make Risk Decisions ............................................. , II-3
11.4 . Implement Controls ................................................................................... 11-5
11.5 . Supervise and Review ................................................................................ 11-6
A.A.1 . Sample Completed Risk Management Worksheet ..............................
A-A-1
A-B-1
A-D-1
A-B- 1 . Sample Force Protection Priority Matrix ...........................................
A.D.l . Risk Assessment Matrix .....................................................................
A-E- 1 . Sample Risk Control Options Planning Matrix .................................. A. E.1
B.1 . Potential Sources for the FPWG ................................................................ B-1
B.2 . Example FPWG Meeting Agenda .............................................................. B-2
B.3 . Sample Risk Considerations Matrix .......................................................... B-5
Tables 11.1 . Criteria for Effective Controls ................................................................... 11-3
11.2 . Risk Management Execution (Risk Management in Deliberate
Planning) .................................................................................................. . II-7
11.3 . Risk Management Execution (Risk Management in Crisis Action
Planning) ................................................................................................... 11.8
11.4 . Considerations and Potential Threats Analyzed (Man Element,
5-M Model) ............................................................................................... 11- 11
11.5 . Considerations and Potential Threats Analyzed (Machine Element,
5-M Model) ............................................................................................... 11- 11
11.6 . Considerations and Potential Threats Analyzed (Media Element,
5-M Model) ............................................................................................... 11- 12
11.7 . Management Tools and Examples Analyzed (Management Element.
5-M Model) ............................................................................................... 11-12
A-C- 1 . Sample Force Protection Tasks. Conditions. Desired Effects. and
Activities ...............................................................................................
A-D- 1 . Risk Severity Categories ....................................................................
A.D.2 . Probability Definitions .......................................................................
A.E.1 . Examples of Risk Control Options ......................................................
A-C-1
A-D-2
A-D-3
A-E-2
iv

This publication-
Risk Management
Provides multiservice tactics, techniques, and procedures for tactical level
risk management in the planning and execution of operations in a joint
environment.
Provides a basic risk management process that may be used by all services.
Applies to all elements of a force that assists in planning and conducting
force protection.
0 Provides risk management tools for commanders and staffs to use to
manage risk during planning, preparation, and execution of joint operations.
Chapter I
Risk Management Fundamentals
Chapter I introduces risk management as a process to assist decision makers in
reducing or offsetting risks. It identifies the goal, key aspects, and principle concepts of the
process; provides general guidelines for applying the process: and gives an overview of the
process:
0
Identifying threats.
Assessing threats to determine risks.
Developing controls and making risk decisions.
0 Implementing controls.
0 Supervising and reviewing.
Chapter II
Operational Considerations and Implementation
Chapter I1 describes the actions involved in applying the risk management process:
identifies pitfalls, types of controls, and feedback requirements; and integrates the risk
management process into the planning process. This chapter describes how common
situation analysis tools support the risk management process.
Chapter 111
Staff Functions and Responsibilities
Chapter I11 ties the risk management process to the chain of command and the staff
directorates, and describes how leader involvement at all levels is necessary for the process
to be effective. This chapter also describes the integration of the risk management process
into all aspects of operations and training and illustrates how constant review of the
process leads to improvement in the process.
V

PROGRAM PARTICIPANTS
The following commands and agencies participated in the development of this
publication:
Army
HQ TRADOC (ATDO-A)& (ATBO-SO), Ingalls Rd Bldg 133 Room 7, Ft. Monroe,
VA 23651-5000
Combined Arms Center (CAC), Combined Arms Doctrine Directorate (CADD),
Ft Leavenworth, KS
OG-D, BCTP, Ft Leavenworth, KS
CDR, XVIII Airborne Corps, Ft Bragg, NC
Army Safety Center, Training Division, Ft Rucker, AL
USAREUR, DCSPER, Unit 29351, APO AE, 09063
Marine Corps
Marine Corps Combat Development Command, Joint Doctrine Branch (C427) 3300 Russell
Rd, 3rd Floor Suite 318A, Quantico, VA 22134-5021
Marine Corps Combat Development Command, MSTP (C54) 2076 South Street,
Quantico, VA 22134-5021
Commandant of the Marine Corps (Code SD), 2 Navy Annex, Room, 33 17,
Washington, DC 20380- 1775
Navy
OPNAV, N09K, 2000 Navy Pentagon 5E8 16, Washington, DC 20305-2000
Commander, Navy Warfare Development Command/N5,686 Cushing Rd,
Newport, RI 02841-1207
Commander, Naval Safety Center, 375 A Street, Norfolk, VA 2351 1-4399
COMPHIBGRU TWO, NAB Little Creek, Norfolk, VA 2352 1
Air Force
HQ Air Force Doctrine Center, 155 N Twining Street, Maxwell Air Force Base, AL 361 12
AFDC Detachment 1, 216 Sweeny Bvld. Ste 109, Langley Air Force Base, VA 23665
HQ USAF/SE, 9700 G Ave SE, Kirkland Air Force Base, NM 871 17-5670
vi

1. Background
Chapter I
RISK MANAGEMENT FUNDAMENTALS
Risk management is a process that assists decision makers in reducing or offsetting risk
(by systematically identifying, assessing, and controlling risk arising from operational
factors) and making decisions that weigh risks against mission benefits. Risk is an
expression of a possible loss or negative mission impact stated in terms of probability and
severity. The risk management process provides leaders and individuals a method to assist
in identifying the optimum course of action (COA). Risk management must be fully
integrated into planning, preparation, and execution. Commanders are responsible for the
application of risk management in all military operations. Risk management facilitates the
mitigation of the risks of threats to the force. For the purposes of this document, threat is
defined as a source of danger-any opposing force, condition, source, or circumstance with
the potential to negatively impact mission accomplishment and/or degrade mission
capability.
a. Each of the services uses similar but slightly different processes. This publication
provides a single process to enable warfighters from different services to manage risk from
a common perspective.
b. Risk management is useful in developing, deploying, and employing the joint force.
Development concerns force design, manpower allocation, training development, and
combat material developments. Deploying and employing the joint force generates concerns
in force protection and balancing risk against resource constraints.
c. Military operations are inherently complex, dynamic, dangerous and, by nature,
involve the acceptance of risk. Because risk is often related to gain, leaders weigh risk
against the benefits to be gained from an operation. The commander's judgment balances
the requirement for mission success with the inherent risks of military operations. Leaders
have always practiced risk management in military decision making; however, the
approach to risk management and degree of success vary widely depending on the leader's
level of training and experience.
d. Since the Korean conflict, United States forces have suffered more losses from noncombat
causes than from enemy action. Key factors contributing to those losses include-
(1) Rapidly changing operational environment.
(2) Fast-paced, high operations tempo and high personnel tempo.
(3) Equipment failure, support failure, and effects of the physical environment.
(4) Human factors.
2. Risk Management Goal
The fundamental goal of risk management is to enhance operational capabilities and
mission accomplishment, with minimal acceptable loss.
3. Key Aspects of Risk Management
a. Risk management assists the commander or leader by-
(1) Enhancing operational mission accomplishment.
(2) Supporting well-informed decision making to implement a COA.
(3) Providing assessment tools to support operations.
1-1

(4) Enhancing decision-making skills based on a reasoned and repeatable process.
(5) Providing improved confidence in unit capabilities. Adequate risk analysis
provides a clearer picture of unit readiness.
(6) Preserving and protecting personnel, combat weapon systems, and related
support equipment while avoiding unnecessary risk.
(7) Providing an adaptive process for continuous feedback through the planning,
preparation, and execution phases of military operations.
(8) Identifying feasible and effective control measures where specific standards do
not exist.
b. Risk Management does not-
(1) Replace sound tactical decision making.
(2) Inhibit the commander’s and leader’s flexibility, initiative, or accountability.
(3) Remove risk altogether, or support a zero defect mindset.
(4) Sanction or justify violating the law.
(5) Remove the necessity for rehearsals, tactics, techniques, and procedures.
4. Principles of Risk Management
The basic principles that provide a framework for implementing the risk management
process include-
a. Accept No Unnecessary Risk. An unnecessary risk is any risk that, if taken, will
not contribute meaningfully to mission accomplishment or will needlessly endanger lives or
resources. No one intentionally accepts unnecessary risks. The most logical choices for
accomplishing a mission are those that meet all mission requirements while exposing
personnel and resources to the lowest acceptable risk. All military operations and off-duty
activities involve some risk. The risk management process identifies threats that might
otherwise go unidentified and provides tools to reduce or offset risk. The corollary to this
axiom is “accept necessary risk” required to successfully complete the mission or task.
b. Make Risk Decisions at the Appropriate Level. Anyone can make a risk
decision: however, the appropriate level for risk decisions is the one that can make
decisions to eliminate or minimize the threat, implement controls to reduce the risk, or
accept the risk. Commanders at all levels must ensure that subordinates know how much
risk they can accept and when to elevate the decision to a higher level. Ensuring that risk
decisions are made at the appropriate level will establish clear accountability. The risk
management process must include those accountable for the mission. After the commander,
leader, or individual responsible for executing the mission or task determines that controls
available to them will not reduce risk to an acceptable level, they must elevate decisions to
the next level in the chain of command.
c. Accept Risk When Benefits Outweigh the Cost. The process of weighing risks
against opportunities and benefits helps to maximize mission success. Balancing costs and
benefits is a subjective process and must remain a leader’s decision.
d. Anticipate and Manage Risk by Planning. Integrate risk management into
planning at all levels. Commanders must dedicate time and resources to apply risk
management effectively in the planning process, where risks can be more readily assessed
and managed. Integrating risk management into planning as early as possible provides
leaders the greatest opportunity to make well-informed decisions and implement effective
risk controls. During execution phases of operations, the risk management process must be
1-2

applied to address previously unidentified risks while continuing to evaluate the
effectiveness of existing risk control measures and modify them as required.
5. Levels of Risk Management
The risk management process has two levels of application: crisis action and deliberate.
Time is the basic factor that contributes to the selection of the level of application used.
a. Crisis Action. Crisis action risk management is an “on-the-run” mental or verbal
review of the situation using the basic risk management process. The crisis action process
of risk management is employed to consider risk while making decisions in a timecompressed
situation. This level of risk management is used during the execution phase of
training or operations as well as in planning and execution during crisis responses. It is
particularly helpful for choosing the appropriate COA when an unplanned event occurs.
b. Deliberate. Deliberate risk management is the application of the complete process
when time is not critical. It primarily uses experience and brainstorming to identify threats
and develop controls and is, therefore, most effective when done in a group. Examples of
deliberate applications include planning upcoming operations, reviewing standing
operating procedures (SOP), maintenance, training, and developing damage control or
disaster response plans.
6. Risk Management Process Overview
The risk management process involves the following:
0 Identifying threats.
0 Assessing threats to determine risks.
Developing controls and making risk decisions.
0 Implementing controls.
0 Supervising and reviewing.
a. Threat Identification and Threat Assessment. These elements comprise the
risk assessment portion of risk management. In threat identification, individuals identify
the threats that may be encountered in executing a mission. In threat assessment, they
determine the direct impact of each threat on the operation. Risk assessment provides
enhanced awareness and understanding of the situation. This awareness builds confidence
and allows timely, efficient, and effective protective measures.
b. Develop Controls, Make Decisions, Implement Controls, Supervise, and
Review. These remaining elements of the risk management process are the essential
follow-through actions of managing risk effectively. Leaders weigh risk against benefits and
take appropriate actions to eliminate unnecessary risk. During planning, preparation, and
execution, the commander should communicate his acceptable risks to subordinates and
continuously assess risks to the overall mission. Finally, leaders and individuals evaluate
the effectiveness of controls and capture lessons learned.
7. Risk Management Process Application Guidelines
This section provides general guidelines for applying the risk management process. To
get maximum benefit from this tool-
a. Apply the Process in Sequence. Each element is a building block for the next
one. For example, if threat identification is interrupted to focus control on a particular
threat, other more important threats may be overlooked and the risk management process
may be distorted. Until threat identification is complete, it is not possible to prioritize risk
control efforts properly.
1-3

. Maintain Balance in the Process. All parts of the process are important. If only
an hour is available to apply the risk management process, the time must be allocated to
ensure the total process can be completed. Spending fifty minutes of the hour on threat
identification may not leave enough time to apply the other parts of the process effectively.
The result would be suboptimal risk management. Of course, it is simplistic to rigidly insist
that each of the parts is allocated ten minutes. The objective is to assess the time and
resources available for risk management activities and allocate them to the actions in a
manner most likely to produce the best overall result.
c. Apply the Process as a Cycle. See Figure 1-1 below. Notice that “supervise and
review” feeds back into the beginning of the process. When “supervise and review” identifies
additional threats or determines that controls are ineffective, the entire risk management
process should be repeated.
Identify the Threats
I Analyze Mission I I ListThreats I I Listcauses I
New
Threats
Supervise and Review
r
I
Assess the Threat
Assess Threat
Severitv
f
--- Make Risk Decisions
jiProvide11
Implementation Accountabilit Support Develop Controls
and Determine
I Implement Controls I I Develop Controls and
11 : I! Establish
I -
I I I I Residual Risk I
13Make Risk
Decisions
I
I
As controls for threats are identified and selected, the
Assess Threats Process is repeated.
Figure 1-1. Continuous Application of Risk Management
1-4

d. Involve People Fully. The only way to ensure the risk management process is
effective is to involve the people actually exposed to the risks. Periodically revalidate risk
management procedures to ensure those procedures support the mission.
8. Relationship of Force Protection to Risk Management
The commander has the dilemma of weighing mission requirements and force protection
measures. One of his primary tools for weighing mission and protection is reconciled by
assessing and balancing risk. This process forms a direct relationship between force
protection and risk management. In the force protection process, we consider three
elements: planning, operations, and sustainment. Risk management enables the force
protection process by using risk assessment and controls in each element. The relationship
between force protection and risk management is evident in the following:
a. In planning, we conduct risk assessment and develop controls.
b. In operations, we update risk assessment and implement controls.
c. In sustainment, we continue to update assessments and adjust controls.
1-5

1. Background
Chapter II
RISK MANAGEMENT PROCESS AND OPERATIONAL
CONSIDERATIONS
This chapter discusses the risk management process and how it may be applied in the
planning and execution phases of all operations. This chapter also provides two situational
analysis models. These models are the mission, enemy, terrain and weather, troops and
support available, time (METT-T) model and the man, machine, media, management,
mission (5-M) model.
2. Application of Risk Management
a. Identify Threats. A threat is a source of danger: any opposing force, condition,
source, or circumstance with the potential to impact mission accomplishment negatively
and/or degrade mission capability. Experience, common sense, and risk management tools
help identify real or potential threats. Threat identification is the foundation of the entire
risk management process; if a threat is not identified it cannot be controlled. The effort
expended in identifying threats will have a multiplier effect on the impact of the total risk
management
1
process. Figure
bl
11-1 depicts the actions necessary
Fl
to identify threats
1
associated with these three categories: (1) mission degradation, (2) personal injury or death,
and (3) property damage.
ACTION1 ACTION2 ACTION3
ANALYZE MISSION LIST THREATS LIST CAUSES
I 1 I I I I
Figure 11-1. Identify the Threats
(1) Action 1-Analyze Mission. This is accomplished by-
(a) Reviewing operation plans and orders describing the mission.
(b) Defining requirements and conditions to accomplish the tasks.
(c) Constructing a list or chart depicting the major phases of the operation
normally in time sequence.
(d) Breaking the operation down into “bite-size” chunks.
(2) Action 2-List Threats. Threats (and factors that could generate threats) are
identified based on the mission and associated vulnerabilities. The output of the
identification phase is a list of inherent threats or adverse conditions, which is developed by
listing the threats associated with each phase of the operation. Stay focused on the specific
steps in the operation; limit your list to “big picture” threats. Examine friendly centers of
gravity for any critical vulnerabilities. Threats may be tracked on paper or in a computer
spreadsheeddatabase system to organize ideas and serve as a record of the analysis for
future use.
(3) Action 3-List Causes. Make a list of the causes associated with each threat
identified in Action 2. Although a threat may have multiple causes, it is paramount to
identify the root cause(s). Risk controls may be more effective when applied to root causes.
b. Assess Threats. Each threat is assessed for probability and severity of occurrence.
Probabilityis the estimate of the likelihood that a threat will cause an impact on the
11-1

mission. Some threats produce losses frequently; others almost never do. Severity is the
expected consequence of an event in terms of degree of injury, property damage, or other
mission-impairing factors (such as loss of combat power). The result of this risk assessment
allows prioritization of threats based on risk. The number one risk is the one with the
greatest potential impact on the mission. However, the least risky issue may still deserve
some attention and, possibly, risk control action. Keep in mind that this priority listing is
intended for use as a guide to the relative priority of the risks involved, not as an absolute
order to be followed. There may be, as an example, something that is not a significant risk
that is extremely simple to control. Figure 11-2 depicts the necessary actions.
ASSESS THREAT ASSESS THREAT COMPLETE RISK
SEVERITY PROBABILITY ASSESSMENT
I I I I
Figure 11-2. Assess the Threat
(1) Action 1-Assess Threat Severity. Determine the severity of the threat in
terms of its potential impact on the mission, exposed personnel, and exposed equipment.
Severity categories are defined to provide a qualitative measure of the worst credible
outcome resulting from external influence (such as combat or terrorist action; personnel
error; environmental conditions; design inadequacies; procedural deficiencies; or system,
subsystem, or component failure or malfunction). Severity categories listed in Appendix A,
Annex D, provide guidance for a wide variety of missions and systems.
(2) Action 2-Assess Threat Probability. Determine the probability that the
threat will cause a negative event of the severity assessed in Action 1. Probability may be
determined through experienced-based estimates or derived from research, analysis, and
evaluation of historical data from similar missions and systems. The typical event sequence
is much more complicated than a single line of erect dominos; tipping the first domino
(threat) triggers a clearly predictable reaction. Supporting rationale for assigning a
probability should be documented for future reference. Generally accepted definitions for
probability may be found at Appendix A, Annex D.
(3) Action 3-Complete Risk Assessment. Combine severity and probability
estimates to form a risk assessment for each threat. When combining the probability of
occurrence with severity, a matrix may be used to assist in identifying the level of risk. A
sample matrix is in Appendix A, Annex D. Existing databases and/or a panel of personnel
experienced with the mission and threats can also be used to help complete the risk
assessment.
(4) Output of Risk Assessment. The outcome of the risk assessment process is a
prioritized list of threats. The highest priority threat is the most serious one to the mission;
the last is the least serious risk of any consequence.
(5) Risk Assessment Pitfalls. The following are some pitfalls that should be
avoided during the assessment:
(a) Over optimism: “It can’t happen to us. We’re already doing it.” This pitfall
results from not being totally honest and not looking for root causes of the threats.
(b) Misrepresentation: Individual perspectives may distort data. This can be
deliberate or unconscious.
(c) Alarmism: “The sky is falling” approach, or “worst case” estimates are used
regardless of their possibility.
11-2

(d) Indiscrimination: All data is given equal weight.
(e) Prejudice: Subjectivity andor hidden agendas are used instead of facts.
(f)
Inaccuracy: Bad or misunderstood data nullify accurate risk assessment.
(g) Enumeration: It is difficult to assign a numerical value to human behavior.
Numbers may oversimplify real life situations.
It may be difficult to get enough applicable data; this could force
inaccurate estimates.
numbers.
0
Numbers often take the place of reasoned judgment.
Risk can be unrealistically traded off against benefit by relying solely on
c. Develop Controls and Make Risk Decisions. These actions are listed as
separate and distinct parts of the overall process by the U.S. Air Force (USAF), but will be
dealt with under this overall heading for the purpose of this publication. Figure 11-3 depicts
the necessary actions.
I
ACTION 1
DEVELOP CONTROLS AND
DETERMINE RESIDUAL
RISK
I
Figure 11-3. Develop Controls and Make Risk Decisions
MAKE RISK
DECISIONS
(1) Action 1-Develop Controls. After assessing each threat, leaders should
develop one or more controls that either eliminate the threat or reduce the risk (probability
and/or severity) of threats. For each threat identified, develop one or more control options
that either avoid the threat or reduce its risk to a level that meets the commander’s risk
guidance. Examples of criteria for establishing effective controls are listed in Table 11- 1.
11-3

(a) Some types of controls are as follows:
Engineering controls. These controls use engineering methods to reduce
risks, such as developing new technologies or design features, selecting better materials,
identifying suitable substitute materials or equipment, or adapting new technologies to
existing systems. Examples of engineering controls that have been employed in the past
include development of aircraft stealth technology, integrating global positioning system
data into cruise missiles, and development of night vision devices.
Administrative controls. These controls involve administrative actions,
such as establishing written policies, programs, instructions, and SOPS, or limiting the
exposure to a threat either by reducing the number of personneVassets or length of time
they are exposed.
0 Educational controls. These controls are based on the knowledge and
skills of the units and individuals. Effective control is implemented through individual and
collective training that ensures performance to standard.
0 Physical controls. These controls may take the form of barriers and
guards or signs to warn individuals and units that a threat exists. Use of personal
protective equipment, fences around high power high frequency antennas, and special
controller or oversight personnel responsible for locating specific threats fall into this
category.
0 Operational controls. These controls involve operational actions such as
pace of operations, battlefield controls (areas of operations and boundaries, direct fire
control measures, fire support coordinating measures), rules of engagement, airspace
control measures, map exercises, and rehearsals.
(b) A control should avoidreduce the risk of a threat by accomplishing one or
more of the following:
0 Avoiding the risk. This often requires canceling or delaying the task,
mission, or operation and is, therefore, an option rarely exercised because of mission
importance. However, it may be possible to avoid specific risks: risks associated with a
night operation may be avoided by planning the operation for daytime; thunderstorm or
surface-to-air-missile risks can be avoided by changing the flight route.
0 Delay a COA. If there is no time deadline or other operational benefit to
speedy accomplishment of a task, it may be possible to reduce the risk by delaying the task.
Over time, the situation may change and the risk may be eliminated, or additional risk
control options may become available (resources become available, new technology becomes
available, etc.) reducing the overall risk. For example, a mission can be postponed until
more favorable weather reduces the risk to the force.
0 Transferring the risk. Risk may be reduced by transferring a mission, or
some portion of that mission, to another unit or platform that is better positioned, more
survivable, or more expendable. Transference decreases the probability or severity of the
risk to the total force. For example, the decision to fly an unmanned aerial vehicle into a
high-risk environment instead of risking a manned aircraft is risk transference.
0 Assigning redundant capabilities. To ensure the success of critical
missions to compensate for potential losses assign redundant capabilities. For example,
tasking a unit to deploy two aircraft to attack a single high value target increases the
probability of mission success.
11-4

(c) Determine Residual Risk. Once the leader develops and accepts
controls, he or she determines the residual risk associated with each threat and the overall
residual risk for the mission. Residual risk is the risk remaining after controls have been
identified, selected, and implemented for the threat. As controls for threats are identified
and selected, the threats are reassessed, and the level of risk is revised. This process is
repeated until the level of residual risk is acceptable to the commander or leader or cannot
be further reduced. Overall residual risk of a mission must be determined when more than
one threat is identified. The residual risk for each of these threats may have a different
level, depending on the assessed probability and severity of the hazardous incident. Overall
residual mission risk should be determined based on the threat having the greatest
residual risk. Determining overall mission risk by averaging the risks of all threats is not
valid. If one threat has high residual risk, the overall residual risk of the mission is high, no
matter how many moderate or low risk threats are present.
(2) Action 2-Make Risk Decisions. A key element of the risk decision is
determining if the risk is justified. The leader should compare and balance the risk against
the mission’s potential gain. The leader alone decides if controls are sufficient and
acceptable and whether to accept the resulting residual risk. If the leader determines the
risk level is too high, he or she directs the development of additional or alternate controls,
or modifies, changes, or rejects the COA. Leaders can use the risk assessment matrix or
other tools found in Appendix A, in conjunction with their commanders’ guidance, to
communicate how much risk they are willing to allow subordinate leaders to accept.
d. Implement Controls. Once the risk control decision is made, assets must be made
available to implement the specific controls. Part of implementing controls is informing the
personnel in the system of the risk management process results and subsequent decisions.
Figure 11-4 depicts the actions necessary to complete this step. Careful documentation of
each step in the risk management process facilitates risk communication and the rational
processes behind risk management decisions.
I
ACTION 1 ACTION 2
MAKE
IMPLEMENTATION
I
ESTABLISH
ACCOUNTABILITY
I CLEAR I I I
I I I I
Figure 11-4. Implement Controls
ACTION 3
PROVl DE
SUPPORT
(1) Action 1-Make Implementation Clear. To make the implementation
directive clear, consider using examples, providing pictures or charts, including job aids,
etc. Provide a roadmap for implementation, a vision of the end state, and description of
successful implementation. The control should be presented so it will be received positively
by the intended audience. This can best be achieved by designing in user ownership.
(2) Action 2-Establish Accountability. Accountability is important to effective
risk management. The accountable person is the one who makes the decision (approves the
control measures): therefore, the right person (appropriate level) must make the decision.
Clear assignment of responsibility for implementation of the risk control is required.
11-5

(3) Action 3-Provide Support. To be successful, the command must support the
risk controls. This support requires-
(a) Providing the personnel and resources necessary to implement the control
measures.
(b) Designing in sustainability from the beginning.
(c) Employing the control with a feedback mechanism that will provide
information on whether the control is achieving the intended purpose.
e. Supervise and Review. Supervise and review involves determining the
effectiveness of risk controls throughout the operation. There are three aspects: monitoring
the effectiveness of risk controls: determining the need for further assessment of either all,
or a portion of, the operation due to an unanticipated change; and capturing lessons
learned, both positive and negative. Figure 11-5 depicts the necessary actions.
I i
1- I
i
1- I
ACTION 1 ACTION 2 ACTION 3
SUPERVISE REVIEW FEEDBACK
I I I I I
Figure 11-5. Supervise and Review
(1) Action l-Supervise. Monitor the operation to ensure-
(a) Controls are implemented correctly, effective, and remain in place.
(b) Changes requiring further risk management are identified.
(c) Action is taken to correct ineffective risk controls and reinitiate the risk
management process in response to new threats.
(d) Risks and controls are reevaluated any time the personnel, equipment, or
mission tasks change, or new operations are anticipated in an environment not covered in
the initial risk management analysis.
Successful mission performance is achieved by shifting the cost versus benefit balance
more in favor of benefit through controlling risks. By using risk management whenever
anything changes, we consistently control risks identified before an operation and those
that develop during the operation. Addressing the risks before they get in the way of
mission accomplishment saves resources and enhances mission performance.
(2) Action 2-Review. The risk management process review must be systematic.
After controls are applied, a review must be accomplished to see if the risks and the mission
are in balance. To determine if appropriate risk management controls have been applied,
compare METT-T or the 5-M model from the earlier steps to the present risk management
assessment.
(a) To accomplish an effective review, commanders identify whether the actual
cost is in line with expectations. The commander needs to determine what effect the risk
control had on mission performance. It is difficult to evaluate the risk control by itself;
therefore, the focus should be on the aspect of mission performance the control measure
was designed to improve.
(b) Measurements are necessary to ensure accurate evaluations of how
effectively controls eliminated threats or reduced risks. After Action Reports (AAR) ,
surveys, and in-progress reviews provide great starting places for measurements.
11-6

~ Deliberate
(3) Action 3-Feedback. A review by itself is not enough; a mission feedback
system should be established to ensure that the corrective or preventative action taken was
effective and that any newly discovered threats identified during the mission were analyzed
and corrective action taken.
(a) When a decision is made to accept risk, factors (cost versus benefit
information) involved in the decision should be recorded: proper documentation allows for
review of the risk decision process. Then, when a negative consequence occurs, the decision
process can be reviewed to determine where errors in the process may have occurred.
(b) Risk analysis will not always be perfect the first time. When errors occur in
an analysis, use feedback (such as briefings, lessons learned, cross-tell reports,
benchmarking, or database reports) to identify and correct those errors. This feedback will
help determine if the previous forecasts were accurate, contained errors, or were
completely incorrect.
3. Integration of Risk Management
Tables 11-2 and 11-3 integrate the risk management process into each phase of the
deliberate and crisis action Joint Operation Planning and Execution System (JOPES). The
annotations of the joint task force (JTF) and major subordinate element (MSE) in the
matrix identify the level of command primarily responsible for risk management execution
during each particular phase of planning. The risk management process should be
considered throughout the planning process by each level of command.
Planning
Table 11-2
Risk Management Execution
(Risk Management in Deliberate Planning)
Develop Controls
Identify Assess
Make
Threats Threats Risk Decision Controls
Supervise
and Review
PHASE I
Initiation
JTF
I
I
PHASE II
Concept Development
PHASE 111
Plan Development
PHASE IV
Plan Review
PHASE V
Supporting Plans
EXECUTION
JTF
MSE
JTF
MSE
JTF
MSE
JTF
I I I I I I
JTF
JTF
MSE
MSE
11-7

~ PLANNING
~
~ Controls
CRISIS ACTION
1 PHASE I
Situation Development
PHASE II
Crisis Assessment
~~
PHASE 111
COA Development
PHASE IV
COA Selection
Risk Manage1
(Risk Mananement in
I JTF
I JTF
I JTF I JTF
Tab e 11-3
lent Execution
Xsis Action Planni
Develop Controls
Make Risk
Decision
JTF
JTF
MSE
JTF
MSE
Implement
Supervise
and Review
PHASE V
Execution Planning
JTF
MSE
+IMSE
PHASE VI
Execution
I MSE I MSE
MSE
MSE
MSE
4. Analysis Models
a. The METT-T Model. The METT-T model can be used for conducting a situation
analysis by breaking it into five general areas: (1) the mission itself, (2) the enemy, (3)
terraidweather, (4) troops and support available, and (5) time available.
Note. The U.S. Army uses mission, enemy, terrain and weather, troops and support
available, time available, civil considerations (METT-TC), adding civil considerations
as a sixth area of analysis.
(1) Mission. Leaders first analyze the assigned mission. They look at the type of
mission to be accomplished and consider possible subsequent missions. Certain kinds of
operations are inherently more dangerous than others. For example, a deliberate frontal
attack is more likely to expose a unit to losses than would a defense from prepared
positions. Identifying missions that routinely present greater risk is imperative. Leaders
also look for threats associated with complexity of the plan (such as a scheme of maneuver
that is difficult to understand or too complex for accurate communications down to the
lowest level) or the impact of operating under a fragmentary order.
(2) Enemy. Commanders look for enemy capabilities that pose significant threats to
the operation. For example, “What can the enemy do to defeat my operation?”
to-
(a) Common shortfalls that can create threats during operations include failure
0 Assess potential advantages to the enemy provided by the battlefield
environment.
0 Fully assess the enemy’s capabilities.
0 Understand enemy capabilities and friendly vulnerabilities to those
capabilities.
11-8

Accurately determine the enemy’s probable COAs.
Plan and coordinate active ground and aerial reconnaissance activities.
Disseminate intelligence about the enemy to lower echelons.
Identify terrorist threats and capabilities.
(b) Intelligence plays a critical part in identifying threats associated with the
presence of an enemy or an adversary. Intelligence preparation of the battlespace is a
dynamic staff process that continually integrates new information and intelligence that
ultimately becomes input to the commander’s risk assessment process. Intelligence assists
in identifying threats during operations by-
Identifying opportunities and constraints the battlefield environment offers
to enemy and friendly forces.
Thoroughly portraying enemy capabilities and vulnerabilities.
0 Collecting information on populations, governments, and infrastructures.
(3) Terrain and Weather. Terrain and weather pose great potential threats to
military operations. The unit must be familiar with both the terrain and its associated
environment for a mission to succeed. Basic issues include availability of reliable weather
forecasts, how long the unit has operated in the environment and climate, and whether the
terrain has been crossed before.
(a) Terrain. The main military aspects of terrain are observation and fields of
fire, cover and concealment, obstacles, key terrain, and avenues of approach; these may be
used to identify and assess threats impacting friendly forces. Terrain analysis includes both
map and visual reconnaissance to identify how well the terrain can accommodate unit
capabilities and mission demands.
0 Observation and fields uffire. Threats associated with observation and fields
of fire usually involve when the enemy will be able to engage a friendly unit and when the
friendly unit’s weapon capabilities allow it to engage the enemy effectively.
Cover and Concealment. Threats associated with cover and concealment are
created either by failure to use cover and concealment or by the enemy’s use of cover and
concealment to protect his assets from observation and fire.
0 Obstacles. Threats associated with obstacles may be caused by natural
conditions (such as rivers or swamps) or man-made conditions (such as minefields or builtup
areas).
0 Key terrain. Threats associated with key terrain result when the enemy
controls that terrain or denies its use to the friendly forces.
0 A venues of approach. Threats associated with avenues of approach include
conditions in which an avenue of approach impedes deployment of friendly combat power or
conditions that support deployment of enemy combat power.
(b) Weather. To identify weather threats, leaders and unit personnel must
assess the impact on operating systems. Threats may arise from-
0 Lack of understanding of reliability and accuracy of weather forecasting.
0 Effects of climate and weather on personnel and equipment operation and
maintenance.
0 Effects of weather on mobility.
11-9

(4) Troops and Support Available. Leaders analyze the capabilities of available
friendly troops. Associated threats impact both individual personnel and the unit. Key
considerations are level of training, manning levels, the condition and maintenance of
equipment, morale, availability of supplies and services, and the physical and emotional
health of personnel. All personnel must be vigilant to the fact that threats in these areas
can adversely affect a mission. Even when all tactical considerations point to success,
mission failure can be caused by-
(a) Threats to physical and emotional health. The health threat depends on a
complex set of environmental and operational factors that combine to produce “disease
non-battle injuries” as well as combat injuries. Care of troops requires long-range
projection of logistical and medical needs with close monitoring of mission changes that
could impact troop support.
(b) Threats to task organization or units participating in an operation. Threats
include poor communication, unfamiliarity with higher headquarters SOPS, and
insufficient combat power to accomplish the mission. How long units have worked together
under a particular command relationship should be considered when identifying threats.
(c) Threats associated with long-term missions. Long-term missions include
peacekeeping, or insurgencykounterinsurgency operations. Threats associated with these
missions include the turmoil of personnel turnover, lack of continuity of leadership,
inexperience, and lack of knowledge of the situation and the unit’s operating procedures.
Long-term missions can also lead to complacency; units conditioned to routine ways of
accomplishing the mission fail to see warnings evident in the operational environment. An
especially insidious threat is the atrophy of critical-skills that results from not performing
mission-essential task list related missions.
(5) Time Available. The threat is insufficient time to plan, prepare, and execute
operations. Planning time is always at a premium. Leaders routinely apply the onethirdtwo-thirds
rule (providing two thirds of time available to subordinates for planning) to
ensure their subordinate units are given maximum time to plan. Failure to accomplish a
mission on time can result in shortages of time for subordinate and adjacent units to
accomplish their missions.
b. U.S. Army Situation Analysis. While Joint, Marine Corps, Air Force, and Navy
doctrine use METT-T for situation analysis, the Army uses MEW-TC. The “C” in METT-TC
is civil considerations-how the attitudes and activities of the civilian leaders, populations,
and organizations within an area of operations will influence the conduct of military
operations. Threats associated with civil considerations include, but are not limited to,
collateral damage, changing political and social attitudes, civilian unrest, the influence of
the press on public opinion, conflicting goals and objectives of private voluntary
organizations (PVOs) and nongovernmental organizations (NGOs), and the handling of
refugees, noncombatants, and protesters.
c. 5-M Model. The 5-M model provides an alternative framework for conducting
mission analysis by examining the impacts and inter-relationships between the composite
elements of Man, Machine, Media, Management, and Mission. The amount of overlap or
interaction between the individual components is a characteristic of each mission and
evolves as the mission develops.
11-10

(1) Man. This is the area of greatest variability and thus possesses the majority of
risks. Some considerations and potential threats are listed in Table 11-4.
Table 11-4
Considerations and Potential Threats Analyzed
(Man Element, 5-M Model)
Considerations
Selection
Performance
Personal Factors
Potential Threats
Wrong person psychologicaIly/physicaIly, not proficient in assigned
task, no procedural guidance
Lack of awareness, false perceptions, over-tasking, distraction,
channelized attention, stress, peer pressure, over/lack of
confidence, poor insight, poor adaptive skills, pressure/workload,
fatigue
Expectations, lack of job satisfaction, poor values, families/friends,
commandkontrol, poor discipline (internal and external), perceived
pressure (over tasking) and poor communication skills
(2) Machine. Used as intended, limitations interface with man. Some
considerations and potential threats are listed in Table 11-5.
Table 11-5
Considerations and Potential Threats Analyzed
(Machine Element, 5-M Model)
Considerations
Design
Maintenance
Log istics
Technical Data
Potential Threats
Engineering reliability and performance, ergonomics
Availability of time, tools, and parts, ease of access
Supply, upkeep, and repair
Clear, accurate, useable, and available
11-1 1

~ ~~ ~____
(3) Media. This includes external, largely environmental forces. Some
considerations and potential threats are listed in Table 11-6.
Table 11-6
Considerations and Potential Threats Analyzed
(Media Element, 5-M Model)
I Considerations
I Po fen fial Threa fs
I Climatic
Operational
~ _ _ _ _ ~ ~
I Ceiling, visibility, temperature, humidity, wind, and precipitation
Terrain, wildlife, vegetation, man-made obstructions, daylight,
maritime environment, and darkness
Hygienic
I Trafficability
Ventilationlair quality, noiselvibration, dust, and contaminants
Pavement, gravel, dirt, ice, mud, dust, snow, sand, hills, and
curves
(4) Management. Directs the process by defining standards, procedures, and
controls. While management provides procedures and rules to govern interactions, it cannot
completely control the system elements. For example, weather is not under management
control and individual decisions affect off-duty personnel much more than management
policies. Some considerations and examples are listed in Table 11-7.
Table 11-7
Management Tools and Examples Analyzed
I Considerations
(Management Element, 5-M Model)
I Examples
I
Standards
Procedures
Controls
Doctrine statements, applicable criteria, and policy directives
Checklists, SOPS, work cards, and multi-command manuals
Crew rest, altitudelairspeedkpeed limits, restrictions, training
rules/limitations, rules of engagement (ROE), lawful orders
(5) Mission. The desired outcome. Objectives: Big picture understood, well defined,
obtainable. The results of the interactions of the other 4-Ms (Man, Media, Machine, and
Management).
11-12

1. Background
Chapter 111
STAFF FUNCTIONS AND RESPONSIBILITIES
The unit commander, staff, leaders, and individual members integrate risk
management by embedding the risk management process into unit operations, culture,
organization, systems, and individual behaviors.
a. Successful risk management is underwritten by the chain of command. Leaders do
not expect all missions to be accomplished with zero defects. Leaders need to support
subordinates’ decisions to accept risks that are within the leaders’ understanding of the
commander’s intent and guidance. Demanding rigid standards, such as zero defects, leads
to over-supervision and paralysis, producing timid leaders afraid to make tough decisions in
crisis, and unwilling to take risks necessary for successful military operations. A zerodefects
mindset creates conditions that will inevitably lead to failure and higher casualties
in battle.
b. Leaders anticipate things may go wrong, even with the certain knowledge that
subordinates do all within their power to prevent incidents. When incidents occur, leaders
step forward and accept the responsibility along with their subordinates. Furthermore, risk
management does not justify taking actions to facilitate an unethical, immoral, or illegal
action.
2. Responsibilities
a. Commanders. With the assistance of their leaders and staffs, commanders manage
risks. Minimizing risk is the responsibility of everyone in the chain of command, from the
highest commander, through his subordinate leaders, to each individual service member.
Managing risk is critical for all operations, whether for training or operations; commanders
should issue clear risk guidance.
(1) Military plans should make risk management a priority. It is an inherent part of
every mission and a basic responsibility of commanders. Leaders and service members at
all levels are responsible and accountable for managing risks by ensuring that threats and
associated risks are-
(a) Identified during planning, preparation, and execution of operations.
(b) Controlled during preparation and execution of operations. Service members
are responsible for executing risk controls to standards. They continuously assess variable
threats such as fatigue, equipment serviceability, and the environment. They make risk
decisions consistent with the higher commander’s guidance.
(2) Sometimes commanders are not properly advised in situations where the
assumption of risk may affect or imperil their units, the intent of their higher commander,
or the operations of an adjacent unit. This is most often attributed to-
(a) Risk denial syndrome-leaders do not want to know of the risk.
(b) Staff members who believe that the risk decision is part of their jobs and
do not want to bother the commander or section leader.
guidance.
(c) Subordinates failure to fully understand the higher commander’s
(d) Complacency-outright failure to recognize a threat or the level of risk
involved, or overconfidence in one’s abilities or the unit’s capabilities to avoid or recover
from a hazardous incident.
111-1

(e) Use of a standardized risk assessment tool, such as a risk assessment
matrix, that is not tailored to the unit’s mission or adapted to the factors of METT-T/S-M
and may put missions in the routine low-risk category.
b. Commanders/Leaders.
(1) The commander directs the organization and sets priorities and the command
climate (values, attitudes, and beliefs). Successful preservation of combat power requires
embedding risk management into unit behavior. This requires commitment, creative
leadership, innovative planning, and careful management. It also requires the chain of
command’s demonstrated support of the risk management process. Commanders establish
a command climate favorable for risk management integration by-
(a) Demonstrating consistent and sustained risk management behavior through
leading by example-habitually doing risk management-and actively participating
throughout the risk management process.
(b) Providing clear guidance where to accept risk or what risk to accept.
(c) Obtaining and providing to subordinates the necessary assets to control risk.
(d) Knowing their own limitations, their leaders’ and service members’
limitations, and their unit’s capabilities.
(e) Preventing a zero-defects mindset from creeping into their commands
culture.
(0 Allowing subordinates to make mistakes and learn from them.
(g) Demonstrating full confidence in subordinates’ mastery of their trade and
their ability to execute a chosen COA.
(h) Keeping subordinates informed and consulting with subordinate leaders
before making a decision, if feasible.
(i) Listening to subordinates.
(i) Establishing clear, feasible risk management policies and goals.
(k) Conducting detailed planning within time constraints; assessing each
mission and task in terms of its risk; continuously reassessing risk as the mission and
conditions change and experience is gained.
(1) Making informed risk decisions; establishing and clearly communicating
risk guidance.
(m) Training on the risk management process. Ensuring subordinates
understand who, what, where, when, how, and why of managing risk, and how the risk
management process applies to their circumstances and assigned responsibilities.
(n) Examining how subordinates manage risk and how service members protect
themselves.
mission.
(0) Supervising and evaluating the unit’s execution of risk controls during the
(p) Advising the chain of command on risks and risk-reduction measures and
providing subordinates with feedback on their performance and ways to improve.
(4) Assessing the effectiveness of their unit’s risk management program.
(r) Capturing and disseminating lessons learned to ensure they are continued
from mission to mission so that others may benefit from the experience.
111-2

(2) Commanders weigh the repercussions of casualties, damage to the environment,
impact on civilians, and loss of equipment. They also consider the public reaction to loss
against national, strategic, operational, or tactical objectives. Commanders are also
responsible for keeping subordinates from becoming complacent. An acceptable risk is the
result of an informed decision. A gamble is an uninformed bet or guess on a hopeful
outcome. Leaders and service members need to clearly understand the difference.
(3) Risk decisions are frequently required by, and dependent on, the immediate
situation. Judgment is required; a formula, rule, or checklist, by itself, is not appropriate
under such circumstances. An effective commander’s approach to managing risk is to
empower leaders by pushing risk decisions as far down the chain of command as feasible
within the next higher commander’s guidance. Subordinates consider threats outside their
assigned responsibilities that impact the mission. The result is coordination and
communication-laterally and up and down the chain of command.
(4) Risk management is a two-way street. It is important that those involved in
mission preparation and execution are fully aware of the amount of command involvement
and actions necessary to control or remove threats.
(a) The higher commander’s guidance specifies the degree of acceptable damage
or risk to subordinate units during the current operation.
(b) Subordinates ensure they understand and implement their commander’s
intent and guidance.
0 If, during the planning process, residual risk exceeds that which the higher
commander is willing to accept, the subordinate informs his commander. He requests the
resources necessary to mitigate the risk.
If, during mission execution, the subordinate determines the risk is too
great, he directs the development of additional or alternate controls or modifies or changes
the COA; then he notifies the next higher commander of his decision. Requiring
subordinates to report to the higher commander when a risk decision point is reached
during mission execution can result in paralysis.
(5) The objective of managing risk is not to remove all risk, but to eliminate
unnecessary risk. Commanders conduct tough, realistic training, knowing that they may
put lives and property at risk in the course of military operations. If an action will result in
an unacceptable risk, take measures to mitigate it. If the risk cannot be mitigated to an
acceptable level, do not execute the action. Circumstances may occur during mission
execution when a decision to stop and defer execution of the operation should be made to
avoid taking unwarranted risk. Such a situation will generally occur at the tactical level.
For example, circumstances may determine if a trade-off between maintaining the
momentum of the attack and risking fratricide or serious accidents is justified.
c. Staffs.
(1) The chief of staff or executive officer may be assigned responsibility for
supervising integration of risk management across the staff. As a means of assessing and
monitoring threats, commanders may establish a force protection working group (FPWG),
which is covered in detail in Appendix B. He coordinates development of risk controls with
emphasis on deconflicting controls that affect multiple functional areas and adjacent units.
The staff officer helps the commander eliminate unnecessary risks by-
(a) Analyzing his functional area and applying risk management during the
military decision-making process.
guidance.
(b) Identifying both constraints and restraints in the higher commander’s risk
I 11-3

(c) Including threats and their risks in the mission analysis briefing.
(d) Including a risk assessment for the commander’s estimate.
(e) Considering the risk assessment in the operations estimate.
(f) Including risks and recommending ways to reduce their impact in the staff
estimate.
(g) Implementing risk controls by coordinating and integrating them into the
appropriate paragraphs and graphics of the operation order (OPORD) and into products
such as SOPS and operation plans (OPLANs).
(h) Establishing procedures and standards that are clear and practical.
(i) Determining the effectiveness of risk controls and continuously assessing
their suitability, feasibility, supportability, clarity, and acceptability.
(j) Supervising, evaluating, and assessing the integration of risk management
during an operation.
(k) Continuously identifying threats, assessing initial and residual risks for
each threat, and recommending control measures to reduce the risk.
(1) Identifying and assessing threats associated with complacency, especially
during extended operations, and recommending appropriate actions to the commander.
(2) Staffs focus on threats and their risks across the spectrum of protecting the force.
These staffs-
(a) Identify friendly vulnerabilities during current operations and implement
controls to mitigate risk.
(b) Implement commander’s intent on acceptance of risk in current operations.
(3) The following list identifies some of the risk management responsibilities of the
primary JTF directorates:
(a) J- 1 (Personnel):
0 Estimate time delay risks on personnel deployment flow.
Determine casualty risks for each COA.
0 Estimate casualty and replacement flow risks on future operations.
Ensure controls for personnel-related activities are conducted to diminish
operations security vulnerabilities and support military deception initiatives.
0 Estimate risks of employed local civilian labor in coordination with the 5-4
(logistics), 5-2 (intelligence), and legal officer.
(b) 5-2:
0 Monitor and report threats that counter the effectiveness of friendly combat
identification/counter-fratricide measures.
0 Develop current regional threat assessments.
0 Determine risk of loss of low-density intelligence collection assets.
(c) 5-3 (Operations):
0 Develop risk assessment for the commander’s estimate.
111-4

Perform as staff proponent for combat identificatiodcounter-fratricide
measures. Develop policy, procedures and assign responsibility for combat
identificatiodcounter-fratricide measures.
Report and investigate reports of fratricides.
0 Develop risk assessment of military and political aspects of draft ROE and
supplemental ROE.
Determine criticality and vulnerability of bases in the Joint Rear Area to
prioritize controls and levels of response.
(d) 5-41
Make recommendations to the JTF commander on the combat
identificatiodcounter-fratricide technology acquisition and procurement strategies.
Assess the risk of critical supply levels not meeting required number of days
of supply days.
0 Determine petroleum, oils, and lubricants storage site vulnerabilities and
controls.
Determine munitions storage site vulnerabilities and safety requirements.
(e) 5-5 (Plans):
0 Integrate functional directorate risk management controls and combat
identification/counter-fratricide measures into deliberate planning products.
0 Identify friendly maneuver and firepower vulnerabilities during mission
analysis, wargaming and plan controls to mitigate risk.
(f) J-6 (Communications): Responsible for assessing risk to geospatial
information and services systems and developing controls to counter threats.
(g) Special staff offices: Risk management should be addressed in the various
special staff offices, including-
* Surgeon (health and nonbattle injury, return to duty policy, preventative
medicine).
0 Legal officer (Uniform Code of Military Justice, law of armed conflict, and
host nation (HN) law).
0 Public affairs officer (media coverage, public opinion, etc.).
Safety officer.
d. Individuals.
(1) An individual's level of expertise and maturity influences risk management
proficiency. Managing risk is subjective because its basis is individual judgment.
Inexperienced service members are routinely charged with executing risk controls and risk
reduction measures. Their limited experience can significantly increase the level of risk
they are willing to accept. Their sense of indestructibility, motivation (esprit de corps), and
willingness to achieve the mission at any cost can lead to failure to consider risks. Due to
inexperience or complacency, they may become susceptible to-
(a) Overestimating their ability to respond to, or recover from, a hazardous
incident-they become overconfident.
(b) Underestimating the level of risk posed by a threat. It is imperative that
individuals understand and execute controls directed by leaders and staffs.
111-5

(2) Individuals should be aware of, and fully understand, the situation, and
maintain self-discipline when they perform their duties. They should-
(a) Understand and apply risk management.
(b) Execute controls directed by their leaders, that is, perform to standards.
(c) Carry risk management over into all activities-both on and off duty.
(d) Look out for others-anyone has authority to halt something that is
inherently unsafe.
3. Integration into Training and Operations
a. Integrating risk management into training and operations-
(1) Preserves the lives and well-being of everyone.
(2) Conserves equipment, facilities, environmental resources, and combat power.
b. Risk management is planned up front, not treated as an afterthought. Leaders and
managers of materiel acquisition, base operations, and industrial operations budget risk
control costs up front at the level of expected payback over the duration of the activity, or
the life cycle of materiel/weapons system.
c. When integrating risk management into sustained operations, leaders consider
increases in turbulence, personnel turnover, critical skill atrophy, and mission
development. Leaders continuously assess-
(1) The complexity of mission development and associated changing
interrelationships with other agencies.
(2) The inclusion of civilian contractors, such as logistics civilian augmentation
programs, as part of the force.
(3) The presence of the media, NGOs, and PVOs. These diverse elements need to be
integrated into the risk management process.
d. A key consideration relevant to managing risk in complex operational environments
is understanding the culture of the indigenous population or society and its way of doing
business. Leaders consider the impact of interference with the indigenous population’s way
of life and local customs. Such interference could risk damage to relationships and increase
the potential for introducing instability into the local society. Leaders do not, however,
intentionally allow these considerations to endanger their force or its mission.
e. Leaders and service members systematically provide observations and assessments
of the unit’s risk management performance for the training management cycle and SOPS.
They should have the skills, knowledge, and attitude to manage risks inherent in all
operations effectively. Effective training helps service members become proficient. It
qualifies them technically and tactically, and as leaders, to accomplish the mission without
unnecessary risk.
f. Unit leaders and their staffs continually assess and evaluate the integration of risk
management into short-, near-, and long-term training plans. They continually review Joint
Mission Essential Task Lists to ensure that training is supported by realistic risk
management objectives. The services consider past experiences to avoid repeating mistakes.
4. Review of the Risk Management Process
a. Reviewing the risk management process determines a unit’s current level of
proficiency in implementing the process. How well risk is managed affects readiness.
Leaders need to know the current status and effectiveness of their unit’s risk management
111-6

program. Reviewing the unit’s effectiveness in managing risk permits the unit to gain
insight into areas for improvement and obtain feedback on subordinates’ understanding
and application of risk guidance. The objective is to determine how-
(1) Effectively risk management is embedded into planning and preparing for
operations.
(2) Well subordinate leaders and service members understand risk management.
(3) Effectively risk management is used to execute operations. Leaders assess the
effectiveness of their units by reviewing how well threats are identified and risk controls
are-
(a) Specified in oral and written OPORDs, OPLANs, and SOPS.
(b) Communicated to lowest level of chain of command.
(c) Included in short-, near-, and long-term training plans.
(d) Implemented into all activities, on and off duty.
(e) Embedded into force protection programs.
(f) Included in AARs and captured in lessons learned.
b. Risk management cannot be seen as a competitive program whereby a unit or leader
is judged or compared in a competitive sense. Focus is strictly on both reduction of risk and
hazardous incidents.
111-7

Appendix A
Risk Management Tools
Commanders, leaders, and staffs use risk management tools to facilitate the risk
management process-identification of threats and development of controls. The tables and
matrices in this appendix are samples of tools that commanders, leaders and staffs may use
when integrating the risk management process. It is impractical to create detailed
procedures to ensure the “right” tools are used for each activity and every contingency.
However, choosing the best tools is important when planning a potentially hazardous
operation. Most tools in this appendix can be used in a variety of creative ways: the user
selects the appropriate tool, or combination of tools, and the extent of effort to expend on
each. Since there are no right or wrong selections, the user must rely on his knowledge and
experience to make the right choice for each situation.
Annex A: Risk Management Worksheet
Annex B: Force Protection Priority Matrix
Annex C: Force Protection Tasks, Conditions, Desired Effects and Activities
Annex D: Risk Assessment Matrix
Annex E: Sample Risk Control Option Planning Matrix
A- 1
-

Annex A
Risk Management Worksheet
The risk management worksheet provides a starting point to track the process of
threats and risks logically. It can be used to document risk management steps taken during
planning, preparation, and execution.
Mission
Date Worksheet Prepared
Phases
identify Threats
Assess
Threats
Threats Causes Initial RAC Develop Controls
Develop Risk Controls and Implement Supervise
Make Risk Decisions
Controls
Residual How to How to
RAC Implement Supervise
Personnel
Training
Initial
Religious
First line
Protesters Medium awareness, Low Civil Affairs,
entry
belief
supervisors
cantonment area
perimeter fencing
Initial
Water
Immunize Predeployment Component
Diseases
High
Low
entry
airborne
field sanitation actions, training commanders
Increase security
Lodgment 1 Pilferage 1 Local I High
I Medium I Augment force J-314
expansion
economy
force
Air
Airfield takedown
Lodgment Defense Deny
High Direct action Medium 1st Ranger J-3
expansion Artillery airfield
Battalion
Battery (-)
Accept Risks YesINo
Comm with HigherNes No
Legend: RACRisk Assessment Code
Figure A-A-I. Sample Completed Risk Management Worksheet
A-A- 1

Annex B
Force Protection Priority Matrix
This matrix prioritizes force protection tasks and operating systems used for protection
in each task. It reverses the normal targeting methodology and focuses the Joint Planing
Group on what it needs to protect for each specific task.
Priority
1
Maneuver
2
Command and Control
3
4
5
6
Key:
PD-Prevent
PN-Prevent
PS-Prevent
Destruction
Neutralization
Suppression
Legend:
CSSA-combat service support area
FOB-forward operating base
JLOTS-joint logistics over the shore
MEB-Marine Expeditionary Brigade
TACC-Tactical Air Command Center
UAV-unmanned aerial vehicle
Figure A-B-I. Sample Force Protection Priority Matrix
A-B-I

~ ~~~ ~ ~
~~~
Annex C
Force Protection Tasks,
Conditions, Desired Effects, and Activities
Troop-to-task analysis may reveal deficiencies that require risk assessment and
subsequent adjustments. The following table is a sample analysis that draws out the logical
consequences of a force protection task. It can also be rendered as a decision tree. During
COA development, each member of the joint planning group needs to be able to justify the
tasking of resources to support force protection tasks.
Table A-C-1.
Sample Force Protection Tasks, Conditions, Desired Effects, and Activities
Force Protection Task
Maintain security of vital areas
Minimize losses
Force Protection Condition
GMF remains fully operational during H-hour to H+24
Rapid evacuation of casualties
Force Protection Desired Effect
GMF site safe from local attack and from effects of weapons of mass destruction
Air MEDEVAC less than 20 minutes
Surface MEDEVAC to regimental aid stations only
Force Protection Activities
Local security in place
TCF prepared to respond to level Ill threat
TBMD coverage includes GMF site
Task MAW to dedicatelconfigure 2 CH-46 for air MEDEVAC during H+10 - H+ 24
Ensure adequacy of Class Vlll prior to H + 10
Legend:
GMF-Ground Mobile Force
MAW-Marine Air Wing
MEDEVAC-medical evacuation
TBMD-theater ballistic missile defense
TCF-Tactical Combat Force
A-C- 1

Annex D
Risk Assessment Matrix
The Risk Assessment Matrix combines severity and probability estimates to form a risk
assessment for each threat. Use the Risk Assessment Matrix to evaluate the acceptability
of a risk, and the level at which the decision on acceptability will be made. The matrix may
also be used to prioritize resources, to resolve risks, or to standardize threat notification or
response actions. Severity, probability, and risk assessment should be recorded to serve as
a record of the analysis for future use.
Figure A-D-1. Risk Assessment Matrix
I. Risk Definitions
a. E - Extremely High Risk: Loss of ability to accomplish the mission if threats occur
during mission. A frequent or likely probability of catastrophic loss (IA or IB) or frequent
probability of critical loss (IIA) exists.
b. H - High Risk Significant degradation of mission capabilities in terms of the
required mission standard, inability to accomplish all parts of the mission, or inability to
complete the mission to standard if threats occur during the mission. Occasional to seldom
probability of catastrophic loss (IC or ID) exists. A likely to occasional probability exists of a
critical loss (IIB or IIC) occurring. Frequent probability of marginal losses (IIIA) exists.
c. M - Moderate Risk: Expected degraded mission capabilities in terms of the
required mission standard will have a reduced mission capability if threats occur during
mission. An unlikely probability of catastrophic loss (IE) exists. The probability of a critical
loss is seldom (IID) . Marginal losses occur with a likely or occasional probability (IIIB or
IIIC). A frequent probability of negligible (IVA) losses exists.
d. L - Low Risk Expected losses have little or no impact on accomplishing the
mission. The probability of critical loss is unlikely (IIE), while that of marginal loss is
seldom (IIID) or unlikely (HIE). The probability of a negligible loss is likely or less (IVB
through (IVE).
A-D-1

~~
2. Severity Categories
The following table outlines severity categories:
Table A-D-I
Risk Severity Categories
Category
CATASTROPHIC (I)
CRITICAL (11)
MARGINAL (111)
NEGLIGIBLE (IV)
Definition
Loss of ability to accomplish the mission or mission failure. Death or permanent
disability. Loss of major or mission-critical system or equipment. Major property
(facility) damage. Severe environmental damage. Mission-critical security failure.
Unacceptable collateral damage.
Significantly degraded mission capability, unit readiness, or personal disability.
Extensive damage to equipment or systems. Significant damage to property or the
environment. Security failure. Significant collateral damage.
Degraded mission capability or unit readiness. Minor damage to equipment or
systems, property, or the environment. Injury or illness of personnel.
Little or no adverse impact on mission capability. First aid or minor medical
treatment. Slight equipment or system damage, but fully functional and serviceable.
Little or no property or environmental damage.
3. Probability Categories
The following table outlines probability categories for the risk assessment matrix:

~~~ ~
Element Exposed
Table A-D-2
Probability Definitions
Definition
Single item
Fleet or inventory of items
Individual
All personnel exposed
Occurs very often in service life. Expected to occur several times over duration
of a specific mission or operation.
Occurs continuously during a specific mission or operation, or over a service
life.
Occurs very often. Expected to occur several times during mission or operation.
Occurs continuously during a specific mission or operation.
Single item
Fleet or inventory of items
Occurs several times in service life. Expected to occur during a specific mission
or operation.
Occurs at a high rate, but experienced intermittently (regular intervals, generally
Single item
Fleet or inventory of items
Individual
Occurs some time in service life. May occur about as often as not during a
specific mission or operation.
Occurs several times in service life.
Occurs over a period of time. May occur during a specific mission or operation,
but not often.
Occurs sporadically (irregularly, sparsely, or sometimes).
Single item
Fleet or inventory of items
Individual
All personnel exposed
Occurs in service life, but only remotely possible. Not expected to occur during
a specific mission or operation.
Occurs as isolated incidents. Possible to occur some time in service life, but
rarely. Usually does not occur.
Occurs as isolated incident. Remotely possible, but not expected to occur
during a specific mission or operation.
Occurs rarely within exposed population as isolated incidents.
Single item
Fleet or inventory of items
Individual
All personnel exposed
Occurrence not impossible, but can assume will almost never occur in service
life. Can assume will not occur during a specific mission or operation.
Occurs very rarely (almost never or improbable). Incidents may occur over
service life.
Occurrence not impossible, but may assume will not occur during a specific
mission or operation.
Occurs very rarely, but not impossible.
A-D-3

Annex E
Sample Risk Control Options Planning Matrix
This matrix combines risk control options and responsible personnel that appear
suitable and practical with potential options. Many of these options may be applied at more
than one level. For example, the training option may be applied to operators, supervisors,
senior leaders, or staff personnel.
OPTIONS I OPERATOR
ENGINE E R
Limit energy X X X
Substitute safer form
LEADER STAFF COMMANDER
Rechannel/separate in time/space
X
Provide special maintenance of controls X X X
X
Figure A-E-1. Sample Risk Control Options Planning Matrix
A-E-1

Option
Limit energy
Substitute safer form
Prevent release
Separate
Provide special maintenance of
controls
Core Tasks (especially critical tasks)
Leader tasks
Emergency contingency tasks
Rehearsals
Briefings
Mental criteria
Emotional criteria
Physical criteria
Experience
Number of people or items
Emergency medical care
Personnel
Facilitieslequipment
Barrier
On human or object
Raise threshold (harden)
Time
Signslcolor coding
Audiolvisual
Sequence of events (flow)
Timing (within tasks, between tasks)
Simplify tasks
Reduce task loads
Backout options
Contingency capabilities
Emergency damage control
procedures
Backupdredundant capabilities
Mission capabilities
Table A-E-I
Examples of Risk Control Options
Example
ENGINEER
Small amount of explosives, reduce speeds
Use air power, precision guided munitions
Containment, double/triple containment
Barriers, distance, boundaries
Special procedures, environmental filters
EDUCATIONAL
Define critical minimum abilities, train
Define essential leader tasks and standards, train
Define, assign, train, verify ability
Validate processes, validate skills, verify interfaces
Refresher warnings, demonstrate threats, refresh training
ADMINISTRA TlVE
Essential skills and proficiency
Essential stability and maturity
Essential strength, motor skills, endurance, size
Demonstrated performance abilities
Only expose essential personnel and items
Medical facilities, personnel, medical evacuation
Replace injured personnel, reinforce units, reallocate
Restore key elements to service
PHYSICAL
Between revetments, walls, distance, ammunition storage facility
Personal protective equipment, energy absorbing materials
Acclimatization, reinforcement, physical conditioning
Minimize exposure and number of iterationslrehearsals
Warning signs, instruction signs, traffic signs
Identification of friendly forces, chemical/biological attack warning
OPERA TlONAL
Put tough tasks first before fatigue, do not schedule several tough
tasks in a row
Allow sufficient time to perform, practice, and time between tasks
Provide job aids, reduce steps, provide tools
Set weight limits, spread task among many
Establish points where process reversal is possible when threat is
detected
Combat search and rescue, rescue equipment, helicopter rescue,
tactical combat force
Emergency responses for anticipated contingencies, coordinating
agencies
Alternate ways to continue the mission if primaries are lost
Restore ability to perform the mission
A-E-2

~
I. Purpose
Appendix B
Force Protection Working Group
The purpose of the force protection working group (FPWG) is to review threats, identify
vulnerabilities, recommend counter-measures, determine force protection levels, assess in
place measures, review tasks to components, monitor corrective actions, and direct special
studies (force protection assessment teams). The primary responsibility is to monitor and
assess the risk and threats to forces in the joint operations area and implement risk
controls to maintain the protection of the force. Each command and control node, rear,
intermediate support base, or FOB, should have a FPWG.
2. Group Composition
The composition will vary based on the threats and forces available. Suggested potential
sources to provide representatives to the FPWG are listed in Figure B-1 .
Chief of Staff
Personnel
Intelligence
Operations
Logistics
Plans
Communications
Engineer
Aviation
Senior Enlisted Representative
Public Affairs
Surgeon
Nuclear, Biological, and Chemical
Chaplain
Staff Weather Officer
Safety
Political Advisor
Host Nation Support Representative
BOTTOM LINE: Composition is Mission Dependent
Figure 6-1. Potential Sources for the FPWG
Army Forces
Marine Forces
Air Force Forces
Navy Forces
Special Operations Forces
Security Forces
Judge Advocate General
I
3. Procedures
The group may meet daily, weekly, or on-call in the vicinity of the Joint Operations
Center to use the risk management process.
4. Agenda
The officer in charge of the command and control node or a designated representative
should chair the meetings. The chairperson for the FPWG is not necessarily designated by
duty position, but based on the ability of the person to fulfill the duties of force protection
officer. A recommended agenda for conducting FPWG meetings follows:
a. Start with updates from-
(1) 52 Representative: intelligence update with focus on changes to the situation
that may lead to additional threats for the force.
(2) Counterintelligence (CI) representative: follows the 52, clarifies and provides
details of current risks based on his field reports.
(3) 53 Representative: overview of current operations and force protection measures
currently in place.
B- 1

. Next, update new or evolving threats. This is an open discussion by functional area.
For example, the surgeon would focus on medical health of command, the veterinary on new
or changing food sources, etc. Steady state activities are raised during this phase of the
meeting. All members consider emerging trends and determine if new vulnerabilities
within their area of responsibility require the focus of the task force or if they are just
isolated incidents. Each member comes to the meeting with documented concerns and
recommendations.
c. When new threats are identified, the FPWG will discuss measures to reduce the
threat. For example, Threat identified: current route from billeting area to the Joint
Operations Center is dangerous and not acceptable at night. Control: CI team will contact
the country team, identify alternate routes, and drive and assess the routes. At the next
FPWG meeting a decision will be made to change route.
d. Once controls are decided upon (above example, CI to conduct a reconnaissance of a
new route), that information is captured by the 53 representative and placed, as a directive
for action, in the next fragmentary order.
e. Following identification and development of controls for new threats, the group will
review current measures in effect against known threats and determine the requirement
for any changes or adjustments. Figure B-2 is an example FPWG agenda.
I Event I Input I
I Threat Situation Review I J2 I
Current Force Protection Levels
Current Operations
Results of Previous Meeting
Recommend Force Protection Level
Recommend Taskings
Summary
Confirm Next Meeting
J3
J3
Components, 53
I Threat Identification I FPWG I
I Vulnerability Identification 1 FPWG
I Identify Controls I FPWG
I
I
FPWG
FPWG
J3
J3
5. Assessment Teams
To maintain visibility of threats, the FPWG may designate assessment teams to
monitor the situation continuously. These teams may be tailored to review specific threats
(such as preventive medicine and surgeon for medical, CI and Provost Marshal/Security
OfficerEhief Security Forces for perimeter security). These teams may be assigned and
operate at all operating bases throughout the joint operations area.
a. The assessment teams mission includes-
(1) Identify and assess threats and vulnerabilities.
(2) Recommend controls.
8-2

(3) Report through FPWG to Commander of the JTF.
(4) Gather information.
b. Assessment teams may use the following checklist:
threats?
(1) Threat.
(a) What is the terrorist threatlcapability?
(b) What is the in-country leave and pass policy?
(c) Are there any areas service members should avoid due to criminal or terrorist
(d) What is the pre-disposition of the local populace to Americans (is it safe for
service members to mix with public)?
(e) Could operations be affected by civil disturbances protesting U.S. policy?
(f) What criminal threats are likely to threaten operations (are there any threats
of pilferage affecting sustainment operations)?
(g) What is the relationship of local population with host nation (HN) authorities
(is there any threat of civil unrest that could affect operations)?
(h) Are there other threats such as para-military organizations or hostile
intelligence that may target operations?
(2) Facilities.
(a) What facilities will the task force occupy?
Tent city vs. hard site?
Location-urban or rural?
(b) What is the status of-
* Perimeters?
Barriers?
Lighting?
Motor pool facilities?
(c) Will the node collocate with HN or friendly forces?
(d) Is secure storage available for arms, ammunition, and explosives and
classified, high dollar, and sensitive items?
(e) Are there high-speed avenues of approach?
(0 What checkpoints and barriers are necessary to control compound access?
(3) Where will mission-essential vulnerable areas be established for arms,
ammunition, and explosives storage; sensitive item storage: pilferable high dollar value
item storage: fuel storage etc.?
(a) What is their proximity to the perimeter?
(b) What is their vulnerability to attack or observation?
(4) Will the task force operate any sustainment operations facilities at air, sea, or
rail ports?
(5) Joint Operations.
8-3

(a) If the task force occupies facilities with HN or friendly forces, who has
command and control for force protection?
(b) Who must the task force coordinate with concerning force protection, HN,
friendly forces?
(c) What are capabilities of friendly forces, HN armed forces, HN police forces,
and HN security forces?
(d) How are in-place friendly forces approaching force protection?
(e) What historical problems have in-place friendly forces had concerning
criminal activity (such as pilferage, assaults, terrorist threat, civil disturbance, and hostile
intelligence)?
(f)
What threats do they perceive as possible?
(g) What operations security measures are in effect?
(h) What movement security measures are in effect?
6. FPWG Products
Based on the FPWG meeting, there are three suggested deliverables.
a. First-an update to the Force Protection Matrix. This should be briefed to the JTF
commander and placed on the SECRET Internet Protocol Router Network for the staff and
components. Figure B-3 is an example of the risk considerations matrix.
b. Second-Fragmentary Order directing execution of the new FPWG measures.
c. Third - risk assessment for the current phase of the operation.
d. Force protection assessment-continuous process throughout the conduct of the
operation.
8-4

Operational
Operating
System
Movement/
Maneuver
Event: JTF FOB
Threat
Local faction
stablishment loca; )n /component: FC
Vulnerability
Troop movement
Route to hotel
Countermeasure
Minimize
Standard route/
Alternate routes
!
Action
Adjust battle rhythm
All drivers with
alternate route maps
Aircraft
Crossing flight
lines
Do not cross
Intelligence
Accident
Civil rights
Know embassy
numbers
Accident card
USAF security patrols
post speed limit
Speeding flight line
Pedestrians
Slow speed
(15 mph)
LNOs brief forces
Fires
Loitering
ThefVbad press
Minimum
presence in hotel
Place of duty or room
Sustainment
Fire Threats
Personnel and
equipment
Know route,
exiting and alert
procedure
Fire break around
FARP
No help/assist
Personnel
stranded
Blood chits
Order 500 chits
Command and
Control
Protection
Personnel
accountability/
location
Heat
Unsafe location/
Unknown location
Injury
Frequent
reporting, improve
communication
Water discipline
Command emphasis
Distribute cell phones
Monitor WGBT
Disease-malaria
Health
Buddy check
Field sanitation
Take pills
Clean latrines
Dogs
Injury/health
Caution
Stay clear
Legend:
FARP-forward arming and refueling point
LNO-liaison officer
mph-miles per hour
USAF-US. Air Force
WGBT-wet globe bulb temperature
Notes.
Any changes made by the FPWG are highlighted.
An additional column labeled "Assessment" can show how the countermeasures are working
Figure 8-3. Sample Risk Considerations Matrix
B-5

-
REFERENCES
National
Presidential Decision Directive 39, U.S. Policy on Counterterrorism, 2 1 June 1995
Department of Defense
DODI 6055.1, DUD Safety and Occupational Health (SOH) Program, 19 August 1998
Joint
CJCSM 3500.03, Joint Training Manual for the Armed Forces of the United States, 1 June
1996
CJCSM 3500.04, Universal Joint Task List, 1 November 1999
CJCSM 3500.05, Joint Task Force Headquarters Master Training Guide, 15 April 1997
JP 1-02, Department of Defense Dictionary of Military and Associated Terms, 1 September
2000
JP 3-0, Doctrine for Joint Opemtions, 1 February 1995
JP 3-10, Joint Doctrine for Rear Area Operations, 28 May 1996
JP 3- 1 1, Joint Doctrine for Operations in Nuclear, Biological, and Chemical (NBC)
Environments, 11 July 2000
JP 3- 13.1, Joint Doctrine for Command and Control Warfare (CZW, 7 February 1996
JP 3-54, Joint Doctrine for Operations Security, 24 January 1997
JP 3-58, Joint Doctrine for Military Deception, 31 May 1996
JP 4-0, Doctrine for Logistics Support of Joint Operations, 6 April 2000
JP 5.00.1, Joint Tactics, Techniques, and Procedures for Joint Campaign Planning (Draft)
JP 5-00.2, Joint Task Force (JTF) Planning Guidance and Procedures, 13 January 1999
Air Force
AFDD 2-4.1, Force Protection, 29 October 1999
AFPD 90-9, Operational Risk Management, 1 April 2000
AFI 90-901, Operational Risk Management, 1 April 2000
AFPAM 90-902, Operational Risk Management Guidelines and Tools, 14 December 2000
Army
FM 3-0 (FM 100-5), operations, 14 June 1993
FM 3-07 (FM 100-ZO), Military Operations in Low Intensity Conflicts, 5 December 1990
FM 3-07.3 (FM 100-23), Peace Operations, 30 December 1994
FM 3-58 (FM 90-2), Battlefield Deception, 3 October 1988
FM 6-22 (FM 22-loo), Army Leadership, 31 August 1999
FM 3-21.10 (FM 7-10), TheInfantryRifle Company, 31 October 2000
FM 7-10 (FM 25-101), Battle Focused Training, 30 September 1990
References- 1

Coast Guard
COMMANDANT INSTRUCTION 3500.3 Operational Risk Management (Draft)
Marine Corps
Marine Corps Order 3500.27, Operational Risk Management, 3 April 1997
ALMAR 210/97, Operational Risk Management, 15 July 1997
MCDP-1, Warfighting, June 1997
MCDP 1-2, Campaigning, August 1997
MCWP 3-22, Antiair Warfare, 23 June 2000
MCWP 5-1, Marine Corps Planning Process, January 2000
Navy
OPNAVINST 3500.38, Universal Naval Task List, 30 September 1996
OPNAVINST 3500.39, Operational Risk Management, 3 April 1997
References-2

Glossary
PART I-ABBREVIATIONS
AND ACRONYMS
5 -M
AAR
AFB
AFDC
AFTTP
AL
ALSA
APO
CAC
CADD
Cdr
CI
COA
CSSA
DC
DCSPER
DSN
etc
FARP
FM
FOB
FPWG
GMF
man, machine, media, management, mission
A
After Action Report
Air Force Base
Air Force Doctrine Center
Air Force Tactics, Techniques, and Procedures
Alabama
Air Land Sea Application
Army Post Overseas
C
Combined Arms Center
Combined Arms Doctrine Development Center
commander
counterintelligence
course of action
combat service support area
D
District of Columbia
Deputy Chief of Staff for Personnel
Defense Switched Network
E
etcetera
F
forward arming and refueling point
field manual
forward operating base
force protection working group
G
ground mobile force
Glossary-I

HN
HQ
J- 1
5-2
5-3
5-4
5-5
J-6
JLOTS
JOPES
JP
JTF
KS
LNO
MAW
MCCDC
MCPDS
MCRP
MEDEVAC
METT-T
METT-TC
MILSTRIP
MSE
MSTP
H
host nation
headquarters
J
.Manpower and Personnel Directorate of a joint staff
Intelligence Directorate of a joint staff
Operations Directorate of a joint staff
Logistics Directorate of a joint staff
Plans Directorate of a joint staff
Command, Control, Communications, and Computer Systems
Directorate of a joint staff
joint logistics over-the-shore
Joint Operation Planning and Execution System
joint publication
joint task force
K
Kansas
L
liaison officer
M
Marine air wing
Marine Corps Combat Development Command
Marine Corps Publication Distribution System
Marine Corps Reference Publication
medical evacuation
mission, enemy, terrain and weather, troops and support available,
time available
mission, enemy, terrain and weather, troops and support available,
time available, civil considerations (Army)
Military Standard Requisitioning and Issue Procedures
major subordinate element
Marine Air Ground Task Force Training Program
Glossary-2

NAVSOP
NC
NWDC
NGO
NM
OPLAN
OPORD
PD
PN
PS
PVO
RAC
RI
ROE
SOP
TACC
TBMD
TCF
TRADOC
UAV
USAF
USAREUR
USMC
USN
N
Navy Standing Operating Procedure
North Carolina
Navy Warfare Development Command
nongovernmental organization
New Mexico
0
operation plan
operation order
P
prevent destruction
prevent neutralization
prevent suppression
private voluntary organization
R
risk assessment code
Rhode Island
rules of engagement
S
standing operating procedure
T
Tactical Air Command Center
theater ballistic missile defense
tactical combat force
United States Army Training and Doctrine Command
U
unmanned aerial vehicle
United States Air Force
United States Army, Europe
United States Marine Corps
United States Navy
Glossary-3

PART II-TERMS
AND DEFINITIONS
acceptable risk. The portion of identified risk that is allowed to persist without further
controls
assessment. 1. Analysis of the security, effectiveness, and potential of an existing or
planned intelligence activity.
2. Judgment of the motives, qualifications, and characteristics of present or
prospective employees or “agents.” (JP 1-02)
controls. Actions taken to eliminate threats or reduce their risk. This term and its
definition are applicable only in the context of this publication and should not be referenced
outside this publication.
exposure. The frequency and length of time subjected to a hazard (FM 3-100.12/100-14).
extremely high risk. Risk that could result in loss of ability to accomplish the mission if
threats occur during mission. A frequent or likely probability of catastrophic loss (IA or IB)
or frequent probability of critical loss (IIA) exists. This term and its definition are
applicable only in the context of this publication and should not be referenced outside this
publication.
high risk. Risk that could result in significant degradation of mission capabilities in terms
of the required mission standard, inability to accomplish all parts of the mission, or
inability to complete the mission to standard if threats occur during the mission. Occasional
to seldom probability of catastrophic loss (IC or ID) exits. A likely to occasional probability
exists of a critical loss (IIB or IIC) occurring. Frequent probability of marginal losses (IIIA)
exists. This term and its definition are applicable only in the context of this publication and
should not be referenced outside this publication.
identified risk. A risk determined by applying severity and probability analysis to an
identified threat.
inherently dangerous. An activity or task containing a danger to life or limb that is a
permanent and inseparable element of the activity. This term and its definition are
applicable only in the context of this publication and should not be referenced outside this
publication.
low risk. Risk that could result in expected losses having little or no impact on
accomplishing the mission. The probability of critical loss is unlikely (IIE), while that of
marginal loss is seldom (IIID) or unlikely (IIIE). The probability of a negligible loss is likely
or less (IVB through IVE). This term and its definition are applicable only in the context of
this publication and should not be referenced outside this publication.
moderate risk. Risk that could result in degraded mission capabilities in terms of the
required mission standard will have a reduced mission capability if threats occur during
mission. An unlikely probability of catastrophic loss (IE) exists. The probability of a critical
loss is seldom (IID). Marginal losses occur with a likely or occasional probability (IIIB or
IIIC). A frequent probability of negligible (IVA) losses exists. This term and its definition
are applicable only in the context of this publication and should not be referenced outside
this publication.
operational protection. The conservation of the forces’ fighting potential so that it can be
applied at the decisive time and place. This activity includes actions taken to counter the
enemy’s forces by making friendly forces (including operational formations, personnel, etc.) ,
systems, and operational facilities difficult to locate, strike, and destroy. (CJCSM 3500.04)
Glossary-4

probability. The likelihood that a hazardous incident will occur.
frequent (A): Occurs very often, continuously experienced.
likely (B): Occurs several times
occasional (C): Occurs sporadically
seldom (D): Remotely possible; could occur at some time
unlikely (E): Can assume will not occur, but not impossible.
This term and its definitions are applicable only in the context of this publication and
should not be referenced outside this publication.
residual risk. The level of risk remaining after controls have been identified and selected
for threats that may result in loss of combat power. This term and its definition are
applicable only in the context of this publication and should not be referenced outside this
publication.
risk. 1. Probability and severity of loss linked to threats.
2. See degree of risk. See also risk management. (JP 1-02)
risk assessment. Identification and assessment of threats: an identified threat is assessed
to determine the risk (both the probability of occurrence and resulting severity) of a
hazardous incident due to the presence of the threat. This term and its definition are
applicable only in the context of this publication and should not be referenced outside this
publication.
risk decision. The decision to accept or not accept the risks associated with an action:
made by the commander, leader, or individual responsible for performing that action. This
term and its definition are applicable only in the context of this publication and should not
be referenced outside this publication.
risk management. A process by which decision makers reduce or offset risk. Also called
RM. (JP 1-02) The systematic process of identifying, assessing, and controlling risks arising
from operational factors and making decisions that weigh risks against mission benefits.
severity. The intensity of the expected consequence of an event in terms of degree of
injury, property damage, or other mission-impairing factors (loss of combat power and so
on) that could occur.
catastrophic (I): Loss of ability to accomplish the mission or mission failure. Death or
permanent total disability. Loss of major or mission critical system or equipment. Major
property (facility) damage. Severe environmental damage. Unacceptable collateral
damage. Mission-critical security damage.
critical (11): Significantly degraded mission capability or unit readiness. Permanent
partial disability. Extensive (major) damage to equipment or systems. Significant
damage to property or the environment. Security failure. Significant collateral damage.
marginal (111): Degraded mission capability or unit readiness. Minor damage to
equipment or systems, property, or the environment.
negligible (IV): Little or no adverse impact on mission capability. Slight equipment or
system damage, but fully functional and serviceable. Little or no property or
environmental damage.
This term and its definitions are applicable only in the context of this publication and
should not be referenced outside this publication.
Glossary-5

threat. A source of danger; any opposing force, condition, source, or circumstance with the
potential to negatively impact mission accomplishment and/or degrade mission capability.
This term and its definition are applicable only in the context of this publication and should
not be referenced outside this publication.
total risk. The sum of identified risk and unidentified risk. It is accepted by the
appropriate decision-maker because further efforts at risk control are not justified by the
perceived gain.
unacceptable risk. The risk that cannot be tolerated and must be eliminated or
controlled.
unidentified risk. The risk that has not been identified. It is unknown or immeasurable.
Glossary-6

Index
A
acceptability, 11-3, 111-4, A-D-1
acceptable loss, 1-1
acceptable risk, I-2,I-3,II-3,11-5, 111-3, A-D-1, Glossary-4
accountability, I-2,II-5, 111-1, B-5
administrative controls, 11-4, A-E- 1, A-E-2
alarmism, 11-2
application of risk management, i, I-1,I-3, 1-4, 11-1
assessment, I-1,I-3, 1-5, 11-2,11-3,11-5,11-6,11-8,11-9, 111-2, 111-4, 111-5, 111-6, A-1, A-A-1, A-
C-1, A-D- 1, A-D-2, B- 1, B-2, B-3, B-4, B-5, Glossary-3, Glossary-4, Glossary-5
complete, 11-2
matrix, A-D-1
output, 11-2
pitfalls, v, 11-2
teams, B-1
assigning redundant capabilities, 11-5, A-E- 1, A-E-2
avenues of approach, 11-9, B-3
avoiding the risk, I-2,II-3, 11-4, 111-3
C
catastrophic, A-D-1, A-D-2, Glossary-4, Glossary-5
chain of command, v, 1-2, 111-1, 111-2, 111-3,111-7
civil consideration, 11-8,II-10,111-3,111-4,111-6, A-A-1, B-3, B-4, B-5, Glossary-2
climate, 11-9,111-2
commander, i, v, vi, 1-1, 1-2, I-3,1-5, 11-3,11-5, 11-6, 11-8,11-9, 111-1, 111-2,111-3, 111-4, 111-5, A-
1, A-A- 1, A-E- 1, B-3, B-4, Glossary-1 , Glossary-5
complacency, II-lO,III-l, 111-4, 111-5
complete risk assessment, 11-2
controls, risk, v, I-2,I-3,1-4, 1-5, 11-1, 11-3, 11-4,11-5, 11-6,II-7, 11-8,11-9,11-12,111-1, 111-2,
111-3,111-4,111-5,111-6, 111-7, A-1, A-A-1, A-E-1, A-E-2, B-1, B-2, Glossary-4, Glossary-5
administrative, 11-4, A-E-1, A-E-2
avoiding risk, 1-2, 11-3,II-4, 111-3
delay COA, 11-4
develop, v, 1-3, 1-5, 11-3, 11-4, 11-5, 11-7, 11-8, 111-3, 111-5, A-1, A-A-1, B-2
educational, 11-4, A-E- 1, A-E-2
engineering, 11-4, A-E-l , A-E-2
implement, v, 1-3, I-5,II-3,II-4.11-5,II-6,II-7,II-8,111-4, A-A-1, B-1
operational, 11-4, A-E-1, A-E-2
options, 11-3,II-4, A-1, A-E-1, A-E-2
physical, 11-4, A-E-l , A-E-2
planning matrix, A-E-1
Index-1

edundant capabilities, 11-4, A-E-1, A-E-2
residual risk, 11-3.11-5, 111-3, 111-4, A-A-1, Glossary-5
support, v, 11-3,11-6, 111-2, 111-4
transferring risk, 11-4
course of action (COA), 1-1, I-3,1-4,II-3,II-4, 11-5,11-8,11-9,111-2,111-3, 111-4, A-C-1,
Glossary- 1
cover and concealment, 11-9
crisis action, I-3,II-7, 11-8
critical, 1-3,II-l, 11-4, 11-9.11-10, 111-1.111-5,111-6, A-D-1, A-D-2, A-E-1, A-E-2, Glossary-4,
Glossary-5
D
decisions, i, v, 1-1, 1-2, 1-3, 11-3, 11-5.11-6, 11-7, 11-8,II-12, 111-1 111-2, 111-3, A-A-1, A-C-1, A-
D-1, B-2, Glossary-5, Glossary-6
delay, 11-4, 111-4
deliberate, 1-3, 11-2, 11-7, 11-8, 111-5
develop controls, v, 1-3, I-5,II-3, 11-5, 11-7, 11-8, 111-3, 111-5, A-1, A-A-1, B-2
E
enemy, 1-1,11-1,11-8,11-9, Glossary-2, Glossary-4
engineering, 11-4,II- 1 1, A-E- 1, A-E-2, B- 1
exposure, 11-4, A-E-2
F
feasibility, 1-2, 11-3, 111-2, 111-3, 111-4
feedback, v, 1-2, 11-6, 11-7, 111-2,111-7
force protection, v, 1-1, I-5,111-3,111-7, --1, ---B-l, n-C-l, B-l,B-2, B-4, Glossary-1
activities, A-C-1
agenda, B-1, B-2, B-3
assessment team, B-1, B-2
checklist, B-3
composition, B- 1
conditions, A- 1, A-C- 1
effects, A- 1, A-C- 1
facilities, B-3, B-4
priority matrix, A- 1, A-B- 1
procedures, B- 1
products, B-4
tasks, A-1, A-B-1, A-C-1
force protection working group (FPWG), 111-3, B-1, B-2, B-3, B-4, B-5, Glossary-1
forward area refueling point (FARP), B-5, Glossary-1
Index-2

H
high risk, 11-5, A-A- 1, A-D- 1, Glossary-4
host nation (HN), 111-5, B-1, B-3, B-4, Glossary-1
hygienic, 11- 12
I
identify, i, v, 1-1, 1-2, 1-3, 1-4, 11-1, 11-2, 11-3, 11-4, 11-5, 11-6, 11-7, 11-8, 11-9, 11-10, 111-1, 111-3,
111-4, 111-5,111-7, A-1, A-A-1, A-B-1, A-E-2, B-1, B-2, Glossary-4, Glossary-5, Glossary-6
impact, mission, probability and severity, I-1,I-3, II-l,II-2, 11-8, 11-9, 11-10,111-3, 111-4, III-
6, A-D-2, Glossary-4, Glossary-5
implementation, i, v, 1-1, 1-2, 1-3, 1-5, 11-3, 11-4, 11-5, 11-6, 11-7, 11-8,111-3, 111-4, 111-6, 111-7,
A-A- 1. B- 1
J
Joint Operation Planning and Execution System (JOPES), i, 11-7, Glossary-2
joint task force (JTF) i, 11-7,II-8, 111-4,111-5, B-3, B-4, B-5, Glossary-2
K
key aspects, v, 1-1, 11-6, 11-9, 111-5
L
logistics, 11-10, 11-1 1, 111-4, 111-6, A-B-1, B-1, Glossary-2
loss, 1-1,11-2,11-4, 11-8, 111-3, 111-4, A-C-1, A-D-1, A-D-2, Glossary-4, Glossary-5
low risk, 1-2, 11-5, 111-2, A-A-1, A-D-1, Glossary-4
M
machine, 11-1, 11-10, 11-11,II-12, Glossary- 1
maintenance, 1-3, 11-9, 11-10.11-11, A-E-1, A-E-2
major subordinate element (MSE), 11-7,II-8, Glossary-2
man, machine, media, management, mission (5-M) model, 11-1, 11-6, 11-10, 11-11, 11-12, 111-2,
Glossary- 1
managing, 1-3,111-1,111-2, 111-3.111-5,111-6,111-7
marginal, A-D- 1, A-D-2, Glossary-4, Glossary-5
media, 11-1, 11-10, 11-12.111-5, 111-6, Glossary-1
METT-T (mission, enemy, terrain and weather, troops and support available, time
available), 11-1, 11-6, 11-8,II-10, 111-2, Glossary-2
METT-TC (mission, enemy, terrain and weather, troops and support available, time
available, civil considerations [Army]) 11-8, 11-10, Glossary-2
moderate risk, 11-5, A-D-1, Glossary-4
N
negligible, A-D- 1, A-D-2, Glossary-4, Glossary-5
0
objective, 1-4, 11-10, 11-12, 111-3, 111-6, 111-7
Index-3

observation, 11-9,111-6, B-3
operational, v, 1-1, 11-1,II-4, 11-10, 11-12,111-3, 111-6, A-B-1, A-C-1, A-E-1, A-E-2, B-5,
Glossary-4, Glossary-5
operation order (OPORD), 111-4,111-7, Glossary-3
operation plan (OPLAN), 111-4,111-7, Glossary-3
operations, military, v, 1-1, 1-2, 1-3, 1-5, 11-1, 11-4, 11-6, 11-8, 11-9, 11-10, 111-1, 111-3, 111-4, III-
6, 111-7, A-1, A-D-3, B-1, B-2, B-3, B-4, Glossary-2
P
performance, 11-4, 11-6, 11-11, 111-2, 111-6, A-E-2
personal, 11-1, 11-4, 11-11, A-D-2, A-E-2
physical, 1-1, 11-4, 11-10, 11-11, A-E-1, A-E-2
probability, 1-1, II-l,II-2, 11-3,II-4,II-5, A-D-1, A-D-2, A-D-3, Glossary-4, Glossary-5,
category, A-D-2
definitions, A-D-3
procedures, i, v, 1-2, 1-3, 1-5, 11-3, 11-10, 11-12, 111-4, 111-5, A-1, A-E-1, A-E-2, B-1, B-5,
Glossary-1 , Glossary-2, Glossary-3
process, i, v, 1-1, 1-2, I-3,I-4, 1-5, 11-1, 11-2, 11-3, 11-5, 11-6, 11-7, 11-9, 11-12,III-l, 111-2, 111-3,
111-6, A-1, A-A-1, A-E-2, B-1, B-4, Glossary-5
R
residual risks, 11-3, 11-5,111-3,111-4, A-A-1, Glossary-5,
responsibilities, i, v, 11-5, 111-1, 111-2, 111-3, 111-4, 111-5, B-1, B-2
commander, 111-1, 111-2, 111-3
leaders, 111- 1, 111-2
individual, 111-5
staff, 111-3
risk, i, v, I-1,l-2, 1-3, 1-4, 1-5, II-l,II-2, 11-3, 11-4, 11-5,II-6, 11-7, 11-8, 11-9, 11-1 1, 111-1, 111-2,
111-3, 111-4,111-5, 111-6, 111-7, A-1, A-A-1, A-C-1, A-D-1, A-D-2, A-E-1, A-E-2, B-1, B-4, B-5,
Glossary-3, Glossary-4, Glossary-5, Glossary-6
assessment, 112,111-4, A-C- 1, A-D- 1, A-D-2
probability categories, A-D-2
probility definitions, A-D-3
severity categories, 11-2, A-D-2
unacceptable, I11 - 3, Glossary-6
unnecessary, I-2,I-3, 111-3,111-6
risk management, i, v, I-1,I-2, I-3,1-4,1-5,II-l, 11-5,II-6,II-7, 11-8, 11-10, 11-12, 111-1, 111-2,
111-3,111-4, 111-5,111-6, 111-7, A-1, A-A-1, B-1, Glossary-5
application guidelines, 1-3, 111-7
application, i, 1-1, Ii3, 11-1
assessment, 1-1, 11-6,111-6
crisis action, 1-3, 11-7, 11-8
cycle, 1-4
decisions. 11-5
Index-4

deliberate, 1-3, 11-7
execution, 11-7, 11-8
feedback, v, 1-2, 11-6,II-7,111-2, 111-7
framework for implementing, 1-2
fundamentals, v, I- 1
goal, v, 1-1
implement, I-2,111-6
integration, v, 11-7, 111-2, 111-3, 111-4, 111-6
key aspects, v, 1-1
levels, 1-3
objective, 111-3,111-6, 111-7
principles, i, v, 1-2
process, i, v, 1-1, I-2,1-3, 1-4, 1-5, 11-1, 11-5, 11-6, 11-7, 111-1, 111-2, 111-6, A-1, B-1,
Glossary- 5
review, v, I-3,1-4, 11-1, 11-6, 11-7,11-8, 111-6, 111-7
sequence, 1-3
supervise, 1-3, 1-4, 11-6, 11-7, 11-8, A-A-1
training, 111-2, 111-6
use, I- 1,I-3
worksheet, A-1, A-A- 1
risk management fundamentals, v, I- 1
risk management goal, v, 1-1, 11-10, 111-2
S
services, v, 1-1, 11-10,111-5, 111-6
situational analysis, 11- 1
supervise and review, 1-3, 1-4, 11-6, 11-7, 11-8, A-A-1
T
threat, v, 1-1, I-2,I-3,1-4, 11-1,II-2,II-3,II-4,II-5,II-6, 11-7,11-8,11-9, 11-10, 11-11,II-12,111-
1, 111-3, 111-4, III-5,111-7, A-1, A-A-1, A-C-1, A-D-1, A-E-2, B-1, B-2, B-3, B-4, B-5,
Glossary-4, Glossary-5, Glossary-6
assessment, I-3,111-4
causes, II-l,II-2, A-A-1
checklist, B-3
identification, v, 1-2, I-3,1-4, 11-1, 11-3, 11-5, 11-7, 11-8,11-9, 11-10, 111-4, A-1, A-A-1, B-2,
Glossary-4, Glossary-5
probability, 11- 1,11-2,11-3, A-D- 1, Glossary-5
severity, II-1,11-2, 11-3, Glossary-4, Glossary-5
U
unacceptable risk , 111-3, Glossary-6
unnecessary risk, 1-2, 1-3, 111-3, 111-6
Index-5

FM 3-100.12
MCRP 5-12.1C
NTTP 5-03.5
AFTTPU) 3-2.34
15 February 2001
By Order of the Secretary of the Army:
Official:
ERIC K. SHINSEKI
General, United States Army
Chief of Staff
JOEL B. HUDSON
Administrative Assistant to the
Secretary of the Army
0106 101
DISTRIBUTION:
Active Army, Army National Guard, and U.S. Army Reserve: To be distribute in
accordance with the initial distribution number 11 5840 requirements for FM 3-
100.12.
By Order of the Secretary of the Air Force:
LANCE L. SMITH
Major General, USAF
Commander
Headquarters Air Force Doctrine Center
Air Force Distribution: F

MARINE CORPS: PCN 14400009300

MCRP 5-12.1C
NTTP 5-03.5
AFTTP(I) 3-2.34
FEBRUARY 2001
DISTRIBUTION RESTRICTION:
Approved for public release;
distribution is unrestricted

FOREWORD
This publication has been prepared under our direction for use by our respective
commands and other commands as appropriate.
h
U
JOHN N. ABRAMS
General, USA
Commander
Training and Doctrine Command
BRUCE B. KNUTSON, JR.
Lieutenant General, USMC
Commanding General
Marine Corps Combat
Development Command
ROBERT G. SPRIGG
Rear Admiral, USN
Commander
Navy Warfare Development Command
LANCE L. SMITH
Major General, USAF
Commander
Headquarters Air Force Doctrine Center
This publication is available on the General
Dennis J. Reimer Training and Doctrine Digital
Library at www.adtdl .army. mil

1. Scope
This publication describes risk management functions and responsibilities applicable to
the joint task force (JTF) and service staffs. It applies risk management planning
procedures to the military decision making process and employs the Joint Operation
Planning and Execution System (JOPES) for the operation planning team.
2. Purpose
This publication provides a consolidated multiservice reference addressing risk
management background, principles, and application procedures. To facilitate multiservice
interoperability, this publication identifies and explains the risk management process and
its differences and similarities as it is applied by each service.
3. Applicability
The audience for this publication includes combatant command, JTF, and functional
and service component staffs. The target staff level is the JTF headquarters staff. This
publication serves as a source document for developing service and joint manuals,
publications, and curricula, and may be used as a stand-alone document.
4. Implementation Plan
Participating service command offices of primary responsibility will review this
publication, validate the information, and reference and incorporate it in service and
command manuals, regulations, instructions, and curricula as follows:
Army. The Army will incorporate this publication in U.S. Army training and doctrinal
publications as directed by the Commander, U.S. Army Training and Doctrine Command
(TRADOC). Distribution is in accordance with DA Form 12-99-R.
Marine Corps. The Marine Corps will incorporate the procedures in this publication in
U.S. Marine Corps (USMC) training and doctrinal publications as directed by the
Commanding General, U.S. Marine Corps Combat Development Command (MCCDC).
Distribution is in accordance with Marine Corps Publication Distribution System (MCPDS).
Navy. The Navy will incorporate these procedures in U.S. Navy (USN) training and
doctrinal publications as directed by the Commander, Navy Warfare Development
Command (NWDC). Distribution is in accordance with Military Standard Requisitioning
and Issue Procedures (MILSTRIP) Desk Guide and Navy Standing Operating Procedures
(NAVSOP) Publication 409.
Air Force. The Air Force will validate and incorporate appropriate procedures in
accordance with applicable governing directives. Distribution is in accordance with Air Force
Instruction 33-360, Volume 1.
5. User Information
a. The TRADOC-MCCDC-NWDC-Headquarters (HQ Air Force Doctrine Center
(AFDC) and Air Land Sea Application (ALSA) Center developed this publication with the
joint participation of the approving service commands. ALSA will review and update this
publication as necessary.
b. This publication reflects current joint and service doctrine, command and control
organizations, facilities, personnel, responsibilities, and procedures. Changes in service
MARINE CORPS: PCN 14400009300
i

protocol, appropriately reflected in joint and service publications, will be incorporated in
revisions of this document.
c. We encourage recommended changes for improving this publication. Key your
comments to the specific page and paragraph and provide a rationale for each
recommendation. Send comments and recommendations directly to-

FM 3-100.12
MCRP 5-12.1C
NTTP 5-03.5
AFTTP(1) 3-2.34
FM 3-100.12
MCRP 5-12.lC
NTTP 5-03.5
AFTTP(1) 3-2.34
U.S. Army Training and Doctrine Command
Fort Monroe, Virginia
Marine Corps Combat Development Command
Quantico, Virginia
Navy Warfare Development Command
Newport, Rhode Island
Headquarters Air Force Doctrine Center
Maxwell Air Force Base, Alabama
15 February 2001
RISK MANAGEMENT
Multiservice Tactics, Techniques, and Procedures for
Risk Management
TABLE OF CONTENTS
EXECUTIVE SUMMARY ............................................................ ........................................
Chapter I RISK MANAGEMENT FUNDAMENTALS .........................................................
Page
1. Background ............................................................................ ......,................ 1-1
2. Risk Management Goal ................................................................................. 1-1
3. Key Aspects of Risk Management ................................................................. 1-1
4. Principles of Risk Management .................................................................... 1-2
5. Levels of Risk Management .......................................................................... 1-3
6. Risk Management Process Overview ............................................................ 1-3
7. Risk Management Process Application Guidelines.. . . ....... ..... ........... ...... 1-3
8. Relationship of Force Protection to Risk Management ................................ 1-5
Chapter II RISK MANAGEMENT PROCESS AND OPERATIONAL
CONSIDERATIONS ............................................................... ,.... .......... . ..... .............. 11-1
1. Background .... . ... . . . .. . . . ... . . . . . , . . . .. . , . .. , , . .. . . , .. . . . . , , . .. . , . .. , . . .. . . . .. . . . ... . . , , .. , . . . .. . , . .. .. . .. . 11- 1
2. Application of Risk Management .... . . . .. .. . . .. . . ... . . . . . . . . .. .. . .. . . . .... . . .... . ..... . .... ..... .II-l
3. Integration of Risk Management ...... ........ ...,. .... .... .... .... ...... .... ..... .....II-7
4. Analysis Models .......................................................................... .....+...........
11-8
Chapter 111 STAFF FUNCTIONS AND RESPONSIBILITIES .............................................. 111-1
1. Background ................................................................................................ 111-1
2. Responsibilities . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 111- 1
V
1-1
iii

3 .
4 .
Integration into Training and Operations ................................................. 111-6
Review ofthe Risk Management Process .................................................. 111-6
Appendix A Risk Management Tools ..............................................................................
Appendix B Force Protection Working Group ...............................................................
References .......................................................................................................... References-1
Glossary .............................................................................................................. Glossary-1
Index .................................................................................................................... Index- 1
Figures 1.1 . Continuous Application of Risk Management ............................................ 1-4
11- 1 . Identify the Threats ................................................................................... 11.1
11.2 . Assess the Threat ....................................................................................... 11-2
11.3 . Develop Controls and Make Risk Decisions ............................................. . II-3
11.4 . Implement Controls ................................................................................... 11-5
11.5 . Supervise and Review ...............................................................................
1-6
A-A-1 . Sample Completed Risk Management Worksheet .............................. A-A-1
A-B- 1 . Sample Force Protection Priority Matrix ........................................... A-B-1
A.D-1 . Risk Assessment Matrix ..................................................................... A-D-1
A-E-1 . Sample Risk Control Options Planning Matrix .................................. A-E-1
B- 1 . Potential Sources for the FPWG ................................................................ B-1
B-2 . Example FPWG Meeting Agenda .............................................................. B-2
B-3 . Sample Risk Considerations Matrix .......................................................... B-5
Tables 11.1 . Criteria for Effective Controls ................................................................... 11-3
11.2 . Risk Management Execution (Risk Management in Deliberate
Planning) ................................................................................................... I 1.7
11.3 . Risk Management Execution (Risk Management in Crisis Action
11.4 . Considerations and Potential Threats Analyzed (Man Element.
11.5 . Considerations and Potential Threats Analyzed (Machine Element.
11.6 . Considerations and Potential Threats Analyzed (Media Element.
1.7 . Management Tools and Examples Analyzed (Management Element.
A-C- 1 . Sample Force Protection Tasks, Conditions, Desired Effects, and
Activities ............................................................................................... A-C- 1
A.D.l . Risk Severity Categories .................................................................... A-D-2
A.D.2 . Probability Definitions ....................................................................... A-D-3
A-E- 1 . Examples of Risk Control Options ...................................................... A. E.2
A-1
B-1
Planning) .................................................................................................. . II-8
5-M Model) ............................................................................................... 11- 1 1
5-M Model) ............................................................................................... 11-1 1
5-M Model) ............................................................................................... 11-12
5-M Model) ............................................................................................... 11- 12
iv

This publicatioe
EXECUTIVE SUMMARY
Risk Management
0 Provides multiservice tactics, techniques, and procedures for tactical level
risk management in the planning and execution of operations in a joint
environment.
0
Provides a basic risk management process that may be used by all services.
0 Applies to all elements of a force that assists in planning and conducting
force protection.
0 Provides risk management tools for commanders and staffs to use to
manage risk during planning, preparation, and execution of joint operations.
Chapter I
Risk Management Fundamentals
Chapter I introduces risk management as a process to assist decision makers in
reducing or offsetting risks. It identifies the goal, key aspects, and principle concepts of the
process; provides general guidelines for applying the process: and gives an overview of the
process:
0
0
Identifying threats.
Assessing threats to determine risks.
Developing controls and making risk decisions.
Implementing controls.
Supervising and reviewing.
Chapter II
Operational Considerations and Implementation
Chapter I1 describes the actions involved in applying the risk management process;
identifies pitfalls, types of controls, and feedback requirements; and integrates the risk
management process into the planning process. This chapter describes how common
situation analysis tools support the risk management process.
Chapter 111
Staff Functions and Responsibilities
Chapter I11 ties the risk management process to the chain of command and the staff
directorates, and describes how leader involvement at all levels is necessary for the process
to be effective. This chapter also describes the integration of the risk management process
into all aspects of operations and training and illustrates how constant review of the
process leads to improvement in the process.

The following commands and agencies participated in the development of this
publication:
Army
HQ TRADOC (ATDO-A) & (ATBO-SO), Ingalls Rd Bldg 133 Room 7, Ft. Monroe,
VA 23651-5000
Combined Arms Center (CAC), Combined Arms Doctrine Directorate (CADD),
Ft Leavenworth, KS
OG-D, BCTP, Ft Leavenworth, KS
CDR, XVIII Airborne Corps, Ft Bragg, NC
Army Safety Center, Training Division, Ft Rucker, AL
USAREUR, DCSPER, Unit 29351, APO AE, 09063
Marine Corps
Marine Corps Combat Development Command, Joint Doctrine Branch (C427) 3300 Russell
Rd, 3rd Floor Suite 318A, Quantico, VA 22134-5021
Marine Corps Combat Development Command, MSTP (C54) 2076 South Street,
Quantico, VA 22134-5021
Commandant of the Marine Corps (Code SD), 2 Navy Annex, Room, 3317,
Washington, DC 20380- 1775
Navy
OPNAV, N09K, 2000 Navy Pentagon 5E816, Washington, DC 20305-2000
Commander, Navy Warfare Development CommandN5, 686 Cushing Rd,
Newport, RI 02841-1207
Commander, Naval Safety Center, 375 A Street, Norfolk, VA 2351 1-4399
COMPHIBGRU TWO, NAB Little Creek, Norfolk, VA 2352 1
Air Force
HQ Air Force Doctrine Center, 155 N Twining Street, Maxwell Air Force Base, AL 361 12
AFDC Detachment 1, 2 16 Sweeny Bvld. Ste 109, Langley Air Force Base, VA 23665
HQ USAFISE, 9700 G Ave SE, Kirkland Air Force Base, NM 871 17-5670
vi

1. Background
Chapter I
RISK MANAGEMENT FUNDAMENTALS
Risk management is a process that assists decision makers in reducing or offsetting risk
(by systematically identifying, assessing, and controlling risk arising from operational
factors) and making decisions that weigh risks against mission benefits. Risk is an
expression of a possible loss or negative mission impact stated in terms of probability and
severity. The risk management process provides leaders and individuals a method to assist
in identifying the optimum course of action (COA). Risk management must be fully
integrated into planning, preparation, and execution. Commanders are responsible for the
application of risk management in all military operations. Risk management facilitates the
mitigation of the risks of threats to the force. For the purposes of this document, threat is
defined as a source of danger-any opposing force, condition, source, or circumstance with
the potential to negatively impact mission accomplishment and/or degrade mission
capability.
a. Each of the services uses similar but slightly different processes. This publication
provides a single process to enable warfighters from different services to manage risk from
a common perspective.
b. Risk management is useful in developing, deploying, and employing the joint force.
Development concerns force design, manpower allocation, training development, and
combat material developments. Deploying and employing the joint force generates concerns
in force protection and balancing risk against resource constraints.
c. Military operations are inherently complex, dynamic, dangerous and, by nature,
involve the acceptance of risk. Because risk is often related to gain, leaders weigh risk
against the benefits to be gained from an operation. The commander’s judgment balances
the requirement for mission success with the inherent risks of military operations. Leaders
have always practiced risk management in military decision making; however, the
approach to risk management and degree of success vary widely depending on the leader’s
level of training and experience.
d. Since the Korean conflict, United States forces have suffered more losses from noncombat
causes than from enemy action. Key factors contributing to those losses include-
(1) Rapidly changing operational environment.
(2) Fast-paced, high operations tempo and high personnel tempo.
(3) Equipment failure, support failure, and effects of the physical environment.
(4) Human factors.
2. Risk Management Goal
The fundamental goal of risk management is to enhance operational capabilities and
mission accomplishment, with minimal acceptable loss.
3. Key Aspects of Risk Management
a. Risk management assists the commander or leader by-
(1) Enhancing operational mission accomplishment.
(2) Supporting well-informed decision making to implement a COA.
(3) Providing assessment tools to support operations.

(4) Enhancing decision-making skills based on a reasoned and repeatable process.
(5) Providing improved confidence in unit capabilities. Adequate risk analysis
provides a clearer picture of unit readiness.
(6) Preserving and protecting personnel, combat weapon systems, and related
support equipment while avoiding unnecessary risk.
(7) Providing an adaptive process for continuous feedback through the planning,
preparation, and execution phases of military operations.
(8) Identifying feasible and effective control measures where specific standards do
not exist.
’
b. Risk Management does not-
(1) Replace sound tactical decision making.
(2) Inhibit the commander’s and leader’s flexibility, initiative, or accountability.
(3) Remove risk altogether, or support a zero defect mindset.
(4) Sanction or justify violating the law.
(5) Remove the necessity for rehearsals, tactics, techniques, and procedures.
4. Principles of Risk Management
The basic principles that provide a framework for implementing the risk management
process include-
a.’ Accept No Unnecessary Risk. An unnecessary risk is any risk that, if taken, will
not contribute meaningfully to mission accomplishment or will needlessly endanger lives or
resources. No one intentionally accepts unnecessary risks. The most logical choices for
accomplishing a mission are those that meet all mission requirements while exposing
personnel and resources to the lowest acceptable risk. All military operations and off-duty
activities involve some risk. The risk management process identifies threats that might
otherwise go unidentified and provides tools to reduce or offset risk. The corollary to this
axiom is “accept necessary risk” required to successfully complete the mission or task.
b. Make Risk Decisions at the Appropriate Level. Anyone can make a risk
decision; however, the appropriate level for risk decisions is the one that can make
decisions to eliminate or minimize the threat, implement controls to reduce the risk, or
accept the risk. Commanders at all levels must ensure that subordinates know how much
risk they can accept and when to elevate the decision to a higher level. Ensuring that risk
decisions are made at the appropriate level will establish clear accountability. The risk
management process must include those accountable for the mission. After the commander,
leader, or individual responsible for executing the mission or task determines that controls
available to them will not reduce risk to an acceptable level, they must elevate decisions to
the next level in the chain of command.
c. Accept Risk When Benefits Outweigh the Cost. The process of weighing risks
against opportunities and benefits helps to maximize mission success. Balancing costs and
benefits is a subjective process and must remain a leader’s decision.
d. Anticipate and Manage Risk by Planning. Integrate risk management into
planning at all levels. Commanders must dedicate time and resources to apply risk
management effectively in the planning process, where risks can be more readily assessed
and managed. Integrating risk management into planning as early as possible provides
leaders the greatest opportunity to make well-informed decisions and implement effective
risk controls. During execution phases of operations, the risk management process must be
1-2

applied to address previously unidentified risks while continuing to evaluate the
effectiveness of existing risk control measures and modify them as required.
5. Levels of Risk Management
The risk management process has two levels of application: crisis action and deliberate.
Time is the basic factor that contributes to the selection of the level of application used.
a. Crisis Action. Crisis action risk management is an “on-the-run” mental or verbal
review of the situation using the basic risk management process. The crisis action process
of risk management is employed to consider risk while making decisions in a timecompressed
situation. This level of risk management is used during the execution phase of
training or operations as well as in planning and execution during crisis responses. It is
particularly helpful for choosing the appropriate COA when an unplanned event occurs.
b. Deliberate. Deliberate risk management is the application of the complete process
when time is not critical. It primarily uses experience and brainstorming to identify threats
and develop controls and is, therefore, most effective when done in a group. Examples of
deliberate applications include planning upcoming operations, reviewing standing
operating procedures (SOP), maintenance, training, and developing damage control or
disaster response plans.
6. Risk Management Process Overview
The risk management process involves the following:
Identifying threats.
Assessing threats to determine risks.
Developing controls and making risk decisions.
Implementing controls.
Supervising and reviewing.
a. Threat Identification and Threat Assessment. These elements comprise the
risk assessment portion of risk management. In threat identification, individuals identify
the threats that may be encountered in executing a mission. In threat assessment, they
determine the direct impact of each threat on the operation. Risk assessment provides
enhanced awareness and understanding of the situation. This awareness builds confidence
and allows timely, efficient, and effective protective measures.
b. Develop Controls, Make Decisions, Implement Controls, Supervise, and
Review. These remaining elements of the risk management process are the essential
follow-through actions of managing risk effectively. Leaders weigh risk against benefits and
take appropriate actions to eliminate unnecessary risk. During planning, preparation, and
execution, the commander should communicate his acceptable risks to subordinates and
continuously assess risks to the overall mission. Finally, leaders and individuals evaluate
the effectiveness of controls and capture lessons learned.
7. Risk Management Process Application Guidelines
This section provides general guidelines for applying the risk management process. To
get maximum benefit from this tool-
a. Apply the Process in Sequence. Each element is a building block for the next
one. For example, if threat identification is interrupted to focus control on a particular
threat, other more important threats may be overlooked and the risk management process
may be distorted. Until threat identification is complete, it is not possible to prioritize risk
control efforts properly.
1-3

. Maintain Balance in the Process. All parts of the process are important. If only
an hour is available to apply the risk management process, the time must be allocated to
ensure the total process can be completed. Spending fifty minutes of the hour on threat
identification may not leave enough time to apply the other parts of the process effectively.
The result would be suboptimal risk management. Of course, it is simplistic to rigidly insist
that each of the parts is allocated ten minutes. The objective is to assess the time and
resources available for risk management activities and allocate them to the actions in a
manner most likely to produce the best overall result.
c. Apply the Process as a Cycle. See Figure 1-1 below. Notice that “supervise and
review” feeds back into the beginning of the process. When “supervise and review” identifies
additional threats or determines that controls are ineffective, the entire risk management
process should be repeated.
I
Identify the Threats
Lessons
Learned
fl
Supervise and Review
Feedback
m a
Assess the Threat
Assess Threat
I
x
Severitv
Assess Threat
I Probabilitv I
I Determine risk level for
each threat and overall
I
Implement Controls
Develop Controls and
Make Risk Decisions
As controls for threats are identified and selected, the
Assess Threats Process is repeated.
Figure 1-1. Continuous Application of Risk Management
1-4

d. Involve People Fully. The only way to ensure the risk management process is
effective is to involve the people actually exposed to the risks. Periodically revalidate risk
management procedures to ensure those procedures support the mission.
8. Relationship of Force Protection to Risk Management
The commander has the dilemma of weighing mission requirements and force protection
measures. One of his primary tools for weighing mission and protection is reconciled by
assessing and balancing risk. This process forms a direct relationship between force
protection and risk management. In the force protection process, we consider three
elements: planning, operations, and sustainment. Risk management enables the force
protection process by using risk assessment and controls in each element. The relationship
between force protection and risk management is evident in the following:
a. In planning, we conduct risk assessment and develop controls.
b. In operations, we update risk assessment and implement controls.
c. In sustainment, we continue to update assessments and adjust controls.
1-5

1. Background
Chapter II
RISK MANAGEMENT PROCESS AND OPERATIONAL
CONSIDERATIONS
This chapter discusses the risk management process and how it may be applied in the
planning and execution phases of all operations. This chapter also provides two situational
analysis models. These models are the mission, enemy, terrain and weather, troops and
support available, time (METT-T) model and the man, machine, media, management,
mission (5-M) model.
2. Application of Risk Management
a. Identify Threats. A threat is a source of danger: any opposing force, condition,
source, or circumstance with the potential to impact mission accomplishment negatively
and/or degrade mission capability. Experience, common sense, and risk management tools
help identify real or potential threats. Threat identification is the foundation of the entire
risk management process; if a threat is not identified it cannot be controlled. The effort
expended in identifying threats will have a multiplier effect on the impact of the total risk
management process. Figure 11- 1 depicts the actions necessary to identify threats
associated with these three categories: (1) mission degradation, (2) personal injury or death,
and (3) property damage.
k
LIST
I 1 I I I
ACTION 1
ANALYZE MISSION
ACTION 2
THREATS
Figure 11-1. Identify the Threats
(1) Action 1-Analyze Mission, This is accomplished by-
(a) Reviewing operation plans and orders describing the mission.
(b) Defining requirements and conditions to accomplish the tasks.
ACTION 3
LIST CAUSES
(c) Constructing a list or chart depicting the major phases of the operation
normally in time sequence.
(d) Breaking the operation down into “bite-size’’ chunks.
(2) Action 2-List Threats. Threats (and factors that could generate threats) are
identified based on the mission and associated vulnerabilities. The output of the
identification phase is a list of inherent threats or adverse conditions, which is developed by
listing the threats associated with each phase of the operation. Stay focused on the specific
steps in the operation; limit your list to “big picture” threats. Examine friendly centers of
gravity for any critical vulnerabilities. Threats may be tracked on paper or in a computer
spreadsheeddatabase system to organize ideas and serve as a record of the analysis for
future use.
(3) Action 3-List Causes. Make a list of the causes associated with each threat
identified in Action 2. Although a threat may have multiple causes, it is paramount to
identify the root cause(s). Risk controls may be more effective when applied to root causes.
b. Assess Threats. Each threat is assessed for probability and severity of occurrence.
Probabilityis the estimate of the likelihood that a threat will cause an impact on the
11-1

mission. Some threats produce losses frequently; others almost never do. Severity is the
expected consequence of an event in terms of degree of injury, property damage, or other
mission-impairing factors (such as loss of combat power). The result of this risk assessment
allows prioritization of threats based on risk. The number one risk is the one with the
greatest potential impact on the mission. However, the least risky issue may still deserve
some attention and, possibly, risk control action. Keep in mind that this priority listing is
intended for use as a guide to the relative priority of the risks involved, not as an absolute
order to be followed. There may be, as an example, something that is not a significant risk
that is extremely simple to control. Figure 11-2 depicts the necessary actions.
r r
ACTION 1 ACTION 2 I ACTION 3
ASSESS THREAT
ASSESS THREAT
COMPLETE RISK
SEVERITY
PROBABILITY
ASSESSMENT
I I I I I
Figure 11-2. Assess the Threat
(1) Action 1-Assess Threat Severity. Determine the severity of the threat in
terms of its potential impact on the mission, exposed personnel, and exposed equipment.
Severity categories are defined to provide a qualitative measure of the worst credible
outcome resulting from external influence (such as combat or terrorist action; personnel
error; environmental conditions; design inadequacies; procedural deficiencies; or system,
subsystem, or component failure or malfunction). Severity categories listed in Appendix A,
Annex D, provide guidance for a wide variety of missions and systems.
(2) Action 2-Assess Threat Probability. Determine the probability that the
threat will cause a negative event of the severity assessed in Action 1. Probability may be
determined through experienced-based estimates or derived from research, analysis, and
evaluation of historical data from similar missions and systems. The typical event sequence
is much more complicated than a single line of erect dominos; tipping the first domino
(threat) triggers a clearly predictable reaction. Supporting rationale for assigning a
probability should be documented for future reference. Generally accepted definitions for
probability may be found at Appendix A, Annex D.
(3) Action 3-Complete Risk Assessment. Combine severity and probability
estimates to form a risk assessment for each threat. When combining the probability of
occurrence with severity, a matrix may be used to assist in identifying the level of risk. A
sample matrix is in Appendix A, Annex D. Existing databases and/or a panel of personnel
experienced with the mission and threats can also be used to help complete the risk
assessment.
(4) Output of Risk Assessment. The outcome of the risk assessment process is a
prioritized list of threats. The highest priority threat is the most serious one to the mission;
the last is the least serious risk of any consequence.
(5) Risk Assessment Pitfalls. The following are some pitfalls that should be
avoided during the assessment:
(a) Over optimism: “It can’t happen to us. We’re already doing it.” This pitfall
results from not being totally honest and not looking for root causes of the threats.
(b) Misrepresentation: Individual perspectives may distort data. This can be
deliberate or unconscious.
(c) Alarmism: “The sky is falling” approach, or “worst case” estimates are used
regardless of their possibility.
11-2

(d) Indiscrimination: All data is given equal weight.
(e) Prejudice: Subjectivity and/or hidden agendas are used instead of facts.
(f)
Inaccuracy: Bad or misunderstood data nullify accurate risk assessment.
(g) Enumeration: It is difficult to assign a numerical value to human behavior.
Numbers may oversimplify real life situations.
It may be difficult to get enough applicable data: this could force
inaccurate estimates.
numbers.
0
Numbers often take the place of reasoned judgment.
Risk can be unrealistically traded off against benefit by relying solely on
c. Develop Controls and Make Risk Decisions. These actions are listed as
separate and distinct parts of the overall process by the U.S. Air Force (USAF), but will be
dealt with under this overall heading for the purpose of this publication. Figure 11-3 depicts
the necessary actions.
ACTION 1 I ACTION2 I
DEVELOP CONTROLS AND
DETERMINE RESIDUAL
RISK
MAKE RISK
DECISIONS
Figure 11-3. Develop Controls and Make Risk Decisions
(1) Action 1-Develop Controls. After assessing each threat, leaders should
develop one or more controls that either eliminate the threat or reduce the risk (probability
and/or severity) of threats. For each threat identified, develop one or more control options
that either avoid the threat or reduce its risk to a level that meets the commander’s risk
guidance. Examples of criteria for establishing effective controls are listed in Table 11- 1.
REMARKS
Standards
11-3

(a) Some types of controls are as follows:
0 Engineering controls. These controls use engineering methods to reduce
risks, such as developing new technologies or design features, selecting better materials,
identifying suitable substitute materials or equipment, or adapting new technologies to
existing systems. Examples of engineering controls that have been employed in the past
include development of aircraft stealth technology, integrating global positioning system
data into cruise missiles, and development of night vision devices.
0 Administrative controls. These controls involve administrative actions,
such as establishing written policies, programs, instructions, and SOPS, or limiting the
exposure to a threat either by reducing the number of personnellassets or length of time
they are exposed.
0 Educational controls. These controls are based on the knowledge and
skills of the units and individuals. Effective control is implemented through individual and
collective training that ensures performance to standard.
0 Physical controls. These controls may take the form of barriers and
guards or signs to warn individuals and units that a threat exists. Use of personal
protective equipment, fences around high power high frequency antennas, and special
controller or oversight personnel responsible for locating specific threats fall into this
category.
0 Operational controls. These controls involve operational actions such as
pace of operations, battlefield controls (areas of operations and boundaries, direct fire
control measures, fire support coordinating measures), rules of engagement, airspace
control measures, map exercises, and rehearsals.
(b) A control should avoid/reduce the risk of a threat by accomplishing one or
more of the following:
0 Avoiding the risk. This often requires canceling or delaying the task,
mission, or operation and is, therefore, an option rarely exercised because of mission
importance. However, it may be possible to avoid specific risks: risks associated with a
night operation may be avoided by planning the operation for daytime; thunderstorm or
surface-to-air-missile risks can be avoided by changing the flight route.
0 Delay a COA. If there is no time deadline or other operational benefit to
speedy accomplishment of a task, it may be possible to reduce the risk by delaying the task.
Over time, the situation may change and the risk may be eliminated, or additional risk
control options may become available (resources become available, new technology becomes
available, etc.) reducing the overall risk. For example, a mission can be postponed until
more favorable weather reduces the risk to the force.
0 Transferring the risk. Risk may be reduced by transferring a mission, or
some portion of that mission, to another unit or platform that is better positioned, more
survivable, or more expendable. Transference decreases the probability or severity of the
risk to the total force. For example, the decision to fly an unmanned aerial vehicle into a
high-risk environment instead of risking a manned aircraft is risk transference.
0 Assigning redundant capabilities. To ensure the success of critical
missions to compensate for potential losses assign redundant capabilities. For example,
tasking a unit to deploy two aircraft to attack a single high value target increases the
probability of mission success.
11-4

(c) Determine Residual Risk. Once the leader develops and accepts
controls, he or she determines the residual risk associated with each threat and the overall
residual risk for the mission. Residual risk is the risk remaining after controls have been
identified, selected, and implemented for the threat. As controls for threats are identified
and selected, the threats are reassessed, and the level of risk is revised. This process is
repeated until the level of residual risk is acceptable to the commander or leader or cannot
be further reduced. Overall residual risk of a mission must be determined when more than
one threat is identified. The residual risk for each of these threats may have a different
level, depending on the assessed probability and severity of the hazardous incident. Overall
residual mission risk should be determined based on the threat having the greatest
residual risk. Determining overall mission risk by averaging the risks of all threats is not
valid. If one threat has high residual risk, the overall residual risk of the mission is high, no
matter how many moderate or low risk threats are present.
(2) Action 2-Make Risk Decisions. A key element of the risk decision is
determining if the risk is justified. The leader should compare and balance the risk against
the mission’s potential gain. The leader alone decides if controls are sufficient and
acceptable and whether to accept the resulting residual risk. If the leader determines the
risk level is too high, he or she directs the development of additional or alternate controls,
or modifies, changes, or rejects the COA. Leaders can use the risk assessment matrix or
other tools found in Appendix A, in conjunction with their commanders’ guidance, to
communicate how much risk they are willing to allow subordinate leaders to accept.
d. Implement Controls. Once the risk control decision is made, assets must be made
available to implement the specific controls. Part of implementing controls is informing the
personnel in the system of the risk management process results and subsequent decisions.
Figure 11-4 depicts the actions necessary to complete this step. Careful documentation of
each step in the risk management process facilitates risk communication and the rational
processes behind risk management decisions.
I
ESTABLISH
IMPLEMENTATION ACCOUNTABILITY SUPPORT
CLEAR
I
Figure 11-4. Implement Controls
(1) Action 1-Make Implementation Clear. To make the implementation
directive clear, consider using examples, providing pictures or charts, including job aids,
etc. Provide a roadmap for implementation, a vision of the end state, and description of
successful implementation. The control should be presented so it will be received positively
by the intended audience. This can best be achieved by designing in user ownership.
(2) Action 2-Establish Accountability. Accountability is important to effective
risk management. The accountable person is the one who makes the decision (approves the
control measures); therefore, the right person (appropriate level) must make the decision.
Clear assignment of responsibility for implementation of the risk control is required.
11-5

(3) Action 3-Provide Support. To be successful, the command must support the
risk controls. This support requires-
(a) Providing the personnel and resources necessary to implement the control
measures.
(b) Designing in sustainability from the beginning.
(c) Employing the control with a feedback mechanism that will provide
information on whether the control is achieving the intended purpose.
e. Supervise and Review. Supervise and review involves determining the
effectiveness of risk controls throughout the operation. There are three aspects: monitoring
the effectiveness of risk controls; determining the need for further assessment of either all,
or a portion of, the operation due to an unanticipated change; and capturing lessons
learned, both positive and negative. Figure 11-5 depicts the necessary actions.
ACTION 1
SUPERVISE
FEEDBACK
Figure 11-5. Supervise and Review
(1) Action 1-Supervise. Monitor the operation to ensure-
(a) Controls are implemented correctly, effective, and remain in place.
(b) Changes requiring further risk management are identified.
(c) Action is taken to correct ineffective risk controls and reinitiate the risk
management process in response to new threats.
(d) Risks and controls are reevaluated any time the personnel, equipment, or
mission tasks change, or new operations are anticipated in an environment not covered in
the initial risk management analysis.
Successful mission performance is achieved by shifting the cost versus benefit balance
more in favor of benefit through controlling risks. By using risk management whenever
anything changes, we consistently control risks identified before an operation and those
that develop during the operation. Addressing the risks before they get in the way of
mission accomplishment saves resources and enhances mission performance.
(2) Action 2-Review. The risk management process review must be systematic.
After controls are applied, a review must be accomplished to see if the risks and the mission
are in balance. To determine if appropriate risk management controls have been applied,
compare METT-T or the 5-M model from the earlier steps to the present risk management
assessment.
(a) To accomplish an effective review, commanders identify whether the actual
cost is in line with expectations. The commander needs to determine what effect the risk
control had on mission performance. It is difficult to evaluate the risk control by itself;
therefore, the focus should be on the aspect of mission performance the control measure
was designed to improve.
(b) Measurements are necessary to ensure accurate evaluations of how
effectively controls eliminated threats or reduced risks. After Action Reports (AAR) ,
surveys, and in-progress reviews provide great starting places for measurements.
11-6

(3) Action 3-Feedback. A review by itself is not enough; a mission feedback
system should be established to ensure that the corrective or preventative action taken was
effective and that any newly discovered threats identified during the mission were analyzed
and corrective action taken.
(a) When a decision is made to accept risk, factors (cost versus benefit
information) involved in the decision should be recorded: proper documentation allows for
review of the risk decision process. Then, when a negative consequence occurs, the decision
process can be reviewed to determine where errors in the process may have occurred.
(b) Risk analysis will not always be perfect the first time. When errors occur in
an analysis, use feedback (such as briefings, lessons learned, cross-tell reports,
benchmarking, or database reports) to identify and correct those errors. This feedback will
help determine if the previous forecasts were accurate, contained errors, or were
completely incorrect.
3. Integration of Risk Management
Tables 11-2 and 11-3 integrate the risk management process into each phase of the
deliberate and crisis action Joint Operation Planning and Execution System (JOPES). The
annotations of the joint task force (JTF) and major subordinate element (MSE) in the
matrix identify the level of command primarily responsible for risk management execution
during each particular phase of planning. The risk management process should be
considered throughout the planning process by each level of command.
Deliberate Planning
PHASE I
Initiation
Table 11-2
Risk Management Execution
(Risk Management in Deliberate Planning)
Develop Controls
Identi@ Assess
Make
Threats
Controls
Threats Risk Decision
JTF
Supervise
and Review
PHASE II
Concept Development
JTF
JTF
PHASE 111
Plan Development
MSE
MSE
JTF
MSE
PHASE IV
Plan Review
JTF
PHASE V
Supporting Plans
MSE
MSE
MSE
JTF
MSE
EXECUTION
JTF
MSE
JTF
MSE
JTF
MSE
JTF
MSE
JTF
MSE
11-7

Table 11-3
Risk Management Execution
(Risk Management in Crisis Action Planni
CRISIS ACTION Identify Assess
Develop Controls
Make Risk
PLANNING
Threats Threats
PHASE I
Situation Development
PHASE II
Crisis Assessment
I I I Decision
I JTF I JTF I
I JTF I JTF I JTF
ii
Controls
Supervise
and Review
PHASE 111
COA Development
JTF JTF JTF
MSE MSE MSE
PHASE IV
COA Selection
JTF
MSE
JTF
PHASE V
Execution Planning
JTF
MSE
JTF
MSE
PHASE VI
Execution
I MSE I MSE I MSE
JTF
MSE
JTF
MSE
I
4. Analysis Models
a. The METT-T Model. The METT-T model can be used for conducting a situation
analysis by breaking it into five general areas: (1) the mission itself, (2) the enemy, (3)
terraidweather, (4) troops and support available, and (5) time available.
Note. The U.S. Army uses mission, enemy, terrain and weather, troops and support
available, time available, civil considerations (METT-TC), adding civil considerations
as a sixth area of analysis.
(1) Mission. Leaders first analyze the assigned mission. They look at the type of
mission to be accomplished and consider possible subsequent missions. Certain kinds of
operations are inherently more dangerous than others. For example, a deliberate frontal
attack is more likely to expose a unit to losses than would a defense from prepared
positions. Identifying missions that routinely present greater risk is imperative. Leaders
also look for threats associated with complexity of the plan (such as a scheme of maneuver
that is difficult to understand or too complex for accurate communications down to the
lowest level) or the impact of operating under a fragmentary order.
(2) Enemy. Commanders look for enemy capabilities that pose significant threats to
the operation. For example, “What can the enemy do to defeat my operation?”
(a) Common shortfalls that can create threats during operations include failure
to-
* Assess potential advantages to the enemy provided by the battlefield
environment.
Fully assess the enemy’s capabilities.
Understand enemy capabilities and friendly vulnerabilities to those
capabilities.
11-8

Accurately determine the enemy’s probable COAs.
Plan and coordinate active ground and aerial reconnaissance activities.
Disseminate intelligence about the enemy to lower echelons.
Identify terrorist threats and capabilities.
(b) Intelligence plays a critical part in identifying threats associated with the
presence of an enemy or an adversary. Intelligence preparation of the battlespace is a
dynamic staff process that continually integrates new information and intelligence that
ultimately becomes input to the commander’s risk assessment process. Intelligence assists
in identifying threats during operations by-
0 Identifying opportunities and constraints the battlefield environment offers
to enemy and friendly forces.
Thoroughly portraying enemy capabilities and vulnerabilities.
0 Collecting information on populations, governments, and infrastructures.
(3) Terrain and Weather. Terrain and weather pose great potential threats to
military operations. The unit must be familiar with both the terrain and its associated
environment for a mission to succeed. Basic issues include availability of reliable weather
forecasts, how long the unit has operated in the environment and climate, and whether the
terrain has been crossed before.
(a) Terrain. The main military aspects of terrain are observation and fields of
fire, cover and concealment, obstacles, key terrain, and avenues of approach; these may be
used to identify and assess threats impacting friendly forces. Terrain analysis includes both
map and visual reconnaissance to identify how well the terrain can accommodate unit
capabilities and mission demands.
0 Observation and fields offire. Threats associated with observation and fields
of fire usually involve when the enemy will be able to engage a friendly unit and when the
friendly unit’s weapon capabilities allow it to engage the enemy effectively.
0 Cover and concealment. Threats associated with cover and concealment are
created either by failure to use cover and concealment or by the enemy’s use of cover and
concealment to protect his assets from observation and fire.
0 Obstacles. Threats associated with obstacles may be caused by natural
conditions (such as rivers or swamps) or man-made conditions (such as minefields or builtup
areas).
0 Key terrain. Threats associated with key terrain result when the enemy
controls that terrain or denies its use to the friendly forces.
0 Avenues of approach. Threats associated with avenues of approach include
conditions in which an avenue of approach impedes deployment of friendly combat power or
conditions that support deployment of enemy combat power.
(b) Weather. To identify weather threats, leaders and unit personnel must
assess the impact on operating systems. Threats may arise from-
0 Lack of understanding of reliability and accuracy of weather forecasting.
0 Effects of climate and weather on personnel and equipment operation and
maintenance.
0 Effects of weather on mobility.
11-9

(4) Troops and Support Available. Leaders analyze the capabilities of available
friendly troops. Associated threats impact both individual personnel and the unit. Key
considerations are level of training, manning levels, the condition and maintenance of
equipment, morale, availability of supplies and services, and the physical and emotional
health of personnel. All personnel must be vigilant to the fact that threats in these areas
can adversely affect a mission. Even when all tactical considerations point to success,
mission failure can be caused by-
(a) Threats to physical and emotional health. The health threat depends on a
complex set of environmental and operational factors that combine to produce “disease
non-battle injuries” as well as combat injuries. Care of troops requires long-range
projection of logistical and medical needs with close monitoring of mission changes that
could impact troop support.
(b) Threats to task organization or units participating in an operation. Threats
include poor communication, unfamiliarity with higher headquarters SOPS, and
insufficient combat power to accomplish the mission. How long units have worked together
under a particular command relationship should be considered when identifying threats.
(c) Threats associated with long-term missions. Long-term missions include
peacekeeping, or insurgencykounterinsurgency operations. Threats associated with these
missions include the turmoil of personnel turnover, lack of continuity of leadership,
inexperience, and lack of knowledge of the situation and the unit’s operating procedures.
Long-term missions can also lead to complacency; units conditioned to routine ways of
accomplishing the mission fail to see warnings evident in the operational environment. An
especially insidious threat is the atrophy of critical-skills that results from not performing
mission-essential task list related missions.
(5) Time Available. The threat is insufficient time to plan, prepare, and execute
operations. Planning time is always at a premium. Leaders routinely apply the onethirdkwo-thirds
rule (providing two thirds of time available to subordinates for planning) to
ensure their subordinate units are given maximum time to plan. Failure to accomplish a
mission on time can result in shortages of time for subordinate and adjacent units to
accomplish their missions.
b. U.S. Army Situation Analysis. While Joint, Marine Corps, Air Force, and Navy
doctrine use METT-T for situation analysis, the Army uses METT-TC. The “C” in METT-TC
is civil considerations-how the attitudes and activities of the civilian leaders, populations,
and organizations within an area of operations will influence the conduct of military
operations. Threats associated with civil considerations include, but are not limited to,
collateral damage, changing political and social attitudes, civilian unrest, the influence of
the press on public opinion, conflicting goals and objectives of private voluntary
organizations (PVOs) and nongovernmental organizations (NGOs), and the handling of
refugees, noncombatants, and protesters.
c. 5-M Model. The 5-M model provides an alternative framework for conducting
mission analysis by examining the impacts and inter-relationships between the composite
elements of Man, Machine, Media, Management, and Mission. The amount of overlap or
interaction between the individual components is a characteristic of each mission and
evolves as the mission develops.
11-10

(1) Man. This is the area of greatest variability and thus possesses the majority of
risks. Some considerations and potential threats are listed in Table 11-4.
Table 11-4
Considerations and Potential Threats Analyzed
(Man Element, 5-M Model)
Considera tions
Selection
Performance
Personal Factors
Potential Threats
Wrong person psychologically/physically, not proficient in assigned
task, no procedural guidance
Lack of awareness, false perceptions, over-tasking, distraction,
channelized attention, stress, peer pressure, over/lack of
confidence, poor insight, poor adaptive skills, pressure/workload,
fatigue
Expectations, lack of job satisfaction, poor values, familiedfriends,
command/control, poor discipline (internal and external), perceived
pressure (over tasking) and poor communication skills
(2) Machine. Used as intended, limitations interface with man. Some
considerations and potential threats are listed in Table 11-5.
Table 11-5
Considerations and Potential Threats Analyzed
(Machine Element, 5-M Model)
Considera tions
Design
Maintenance
Logistics
Technical Data
I Potential Threats
I
Engineering reliability and performance, ergonomics
Availability of time, tools, and parts, ease of access
Supply, upkeep, and repair
Clear, accurate, useable, and available
11-1 1

(3) Media. This includes external, largely environmental forces. Some
considerations and potential threats are listed in Table 11-6.
Table 11-6
Considerations and Potential Threats Analyzed
(Media Element, 5-M Model)
Considerations
Climatic
Operational
Potential Threats
Ceiling, visibility, temperature, humidity, wind, and precipitation
Terrain, wildlife, vegetation, man-made obstructions, daylight,
maritime environment, and darkness
Hygienic
I Trafficability
Ventilatiodair quality, noiselvibration, dust, and contaminants
Pavement, gravel, dirt, ice, mud, dust, snow, sand, hills, and
curves
(4) Management. Directs the process by defining standards, procedures, and
controls. While management provides procedures and rules to govern interactions, it cannot
completely control the system elements. For example, weather is not under management
control and individual decisions affect off-duty personnel much more than management
policies. Some considerations and examples are listed in Table 11-7.
Table 11-7
Management Tools and Examples Analyzed
(Management Element, 5-M Model)
Considerations
Standards
Procedures
Controls
Examples
Doctrine statements, applicable criteria, and policy directives
Checklists, SOPS, work cards, and multi-command manuals
Crew rest, altitude/airspeed/speed limits, restrictions, training
rulesllimitations, rules of engagement (ROE), lawful orders
(5) Mission. The desired outcome. Objectives: Big picture understood, well defined,
obtainable. The results of the interactions of the other 4-Ms (Man, Media, Machine, and
Management).
11-12

1. Background
Chapter 111
STAFF FUNCTIONS AND RESPONSIBILITIES
The unit commander, staff, leaders, and individual members integrate risk
management by embedding the risk management process into unit operations, culture,
organization, systems, and individual behaviors.
a. Successful risk management is underwritten by the chain of command. Leaders do
not expect all missions to be accomplished with zero defects. Leaders need to support
subordinates’ decisions to accept risks that are within the leaders’ understanding of the
commander’s intent and guidance. Demanding rigid standards, such as zero defects, leads
to over-supervision and paralysis, producing timid leaders afraid to make tough decisions in
crisis, and unwilling to take risks necessary for successful military operations. A zerodefects
mindset creates conditions that will inevitably lead to failure and higher casualties
in battle.
b. Leaders anticipate things may go wrong, even with the certain knowledge that
subordinates do all within their power to prevent incidents. When incidents occur, leaders
step forward and accept the responsibility along with their subordinates. Furthermore, risk
management does not justify taking actions to facilitate an unethical, immoral, or illegal
action.
2. Responsibilities
a. Commanders. With the assistance of their leaders and staffs, commanders manage
risks. Minimizing risk is the responsibility of everyone in the chain of command, from the
highest commander, through his subordinate leaders, to each individual service member.
Managing risk is critical for all operations, whether for training or operations; commanders
should issue clear risk guidance.
(1) Military plans should make risk management a priority. It is an inherent part of
every mission and a basic responsibility of commanders. Leaders and service members at
all levels are responsible and accountable for managing risks by ensuring that threats and
associated risks are-
(a) Identified during planning, preparation, and execution of operations.
(b) Controlled during preparation and execution of operations. Service members
are responsible for executing risk controls to standards. They continuously assess variable
threats such as fatigue, equipment serviceability, and the environment. They make risk
decisions consistent with the higher commander’s guidance.
(2) Sometimes commanders are not properly advised in situations where the
assumption of risk may affect or imperil their units, the intent of their higher commander,
or the operations of an adjacent unit. This is most often attributed to-
(a) Risk denial syndrome-leaders do not want to know of the risk.
(b) Staff members who believe that the risk decision is part of their jobs and
do not want to bother the commander or section leader.
guidance.
(c) Subordinates failure to fully understand the higher commander’s
(d) Complacency-outright failure to recognize a threat or the level of risk
involved, or overconfidence in one’s abilities or the unit’s capabilities to avoid or recover
from a hazardous incident.
111-1

(e) Use of a standardized risk assessment tool, such as a risk assessment
matrix, that is not tailored to the unit’s mission or adapted to the factors of METT-T/5-M
and may put missions in the routine low-risk category.
b. CommandersLeaders.
(1) The commander directs the organization and sets priorities and the command
climate (values, attitudes, and beliefs). Successful preservation of combat power requires
embedding risk management into unit behavior. This requires commitment, creative
leadership, innovative planning, and careful management. It also requires the chain of
command’s demonstrated support of the risk management process. Commanders establish
a command climate favorable for risk management integration by-
(a) Demonstrating consistent and sustained risk management behavior through
leading by example-habitually doing risk management-and actively participating
throughout the risk management process.
(b) Providing clear guidance where to accept risk or what risk to accept.
(c) Obtaining and providing to subordinates the necessary assets to control risk.
(d) Knowing their own limitations, their leaders’ and service members’
limitations, and their unit’s capabilities.
culture.
(e) Preventing a zero-defects mindset from creeping into their commands
(0 Allowing subordinates to make mistakes and learn from them.
(g) Demonstrating full confidence in subordinates’ mastery of their trade and
their ability to execute a chosen COA.
(h) Keeping subordinates informed and consulting with subordinate leaders
before making a decision, if feasible.
(i) Listening to subordinates.
(i) Establishing clear, feasible risk management policies and goals.
(k) Conducting detailed planning within time constraints; assessing each
mission and task in terms of its risk; continuously reassessing risk as the mission and
conditions change and experience is gained.
(1) Making informed risk decisions; establishing and clearly communicating
risk guidance.
(m) Training on the risk management process. Ensuring subordinates
understand who, what, where, when, how, and why of managing risk, and how the risk
management process applies to their circumstances and assigned responsibilities.
(n) Examining how subordinates manage risk and how service members protect
themselves.
(0) Supervising and evaluating the unit’s execution of risk controls during the
mission.
(p) Advising the chain of command on risks and risk-reduction measures and
providing subordinates with feedback on their performance and ways to improve.
(9) Assessing the effectiveness of their unit’s risk management program.
(r) Capturing and disseminating lessons learned to ensure they are continued
from mission to mission so that others may benefit from the experience.
111-2

(2) Commanders weigh the repercussions of casualties, damage to the environment,
impact on civilians, and loss of equipment. They also consider the public reaction to loss
against national, strategic, operational, or tactical objectives. Commanders are also
responsible for keeping subordinates from becoming complacent. An acceptable risk is the
result of an informed decision. A gamble is an uninformed bet or guess on a hopeful
outcome. Leaders and service members need to clearly understand the difference.
(3) Risk decisions are frequently required by, and dependent on, the immediate
situation. Judgment is required: a formula, rule, or checklist, by itself, is not appropriate
under such circumstances. An effective commander’s approach to managing risk is to
empower leaders by pushing risk decisions as far down the chain of command as feasible
within the next higher commander’s guidance. Subordinates consider threats outside their
assigned responsibilities that impact the mission. The result is coordination and
communication-laterally and up and down the chain of command.
(4) Risk management is a two-way street. It is important that those involved in
mission preparation and execution are fully aware of the amount of command involvement
and actions necessary to control or remove threats.
(a) The higher commander’s guidance specifies the degree of acceptable damage
or risk to subordinate units during the current operation.
(b) Subordinates ensure they understand and implement their commander’s
intent and guidance.
If, during the planning process, residual risk exceeds that which the higher
commander is willing to accept, the subordinate informs his commander. He requests the
resources necessary to mitigate the risk.
If, during mission execution, the subordinate determines the risk is too
great, he directs the development of additional or alternate controls or modifies or changes
the COA; then he notifies the next higher commander of his decision. Requiring
subordinates to report to the higher commander when a risk decision point is reached
during mission execution can result in paralysis.
(5) The objective of managing risk is not to remove all risk, but to eliminate
unnecessary risk. Commanders conduct tough, realistic training, knowing that they may
put lives and property at risk in the course of military operations. If an action will result in
an unacceptable risk, take measures to mitigate it. If the risk cannot be mitigated to an
acceptable level, do not execute the action. Circumstances may occur during mission
execution when a decision to stop and defer execution of the operation should be made to
avoid taking unwarranted risk. Such a situation will generally occur at the tactical level.
For example, circumstances may determine if a trade-off between maintaining the
momentum of the attack and risking fratricide or serious accidents is justified.
c. Staffs.
(1) The chief of staff or executive officer may be assigned responsibility for
supervising integration of risk management across the staff. As a means of assessing and
monitoring threats, commanders may establish a force protection working group (FPWG),
which is covered in detail in Appendix B. He coordinates development of risk controls with
emphasis on deconflicting controls that affect multiple functional areas and adjacent units.
The staff officer helps the commander eliminate unnecessary risks by-
(a) Analyzing his functional area and applying risk management during the
military decision-making process.
guidance.
(b) Identifying both constraints and restraints in the higher commander’s risk
111-3

estimate.
(c) Including threats and their risks in the mission analysis briefing.
(d) Including a risk assessment for the commander’s estimate.
(e) Considering the risk assessment in the operations estimate.
(0 Including risks and recommending ways to reduce their impact in the staff
(g) Implementing risk controls by coordinating and integrating them into the
appropriate paragraphs and graphics of the operation order (OPORD) and into products
such as SOPS and operation plans (OPLANs).
(h) Establishing procedures and standards that are clear and practical.
(i) Determining the effectiveness of risk controls and continuously assessing
their suitability, feasibility, supportability, clarity, and acceptability.
(i) Supervising, evaluating, and assessing the integration of risk management
during an operation.
(k) Continuously identifying threats, assessing initial and residual risks for
each threat, and recommending control measures to reduce the risk.
(1) Identifying and assessing threats associated with complacency, especially
during extended operations, and recommending appropriate actions to the commander.
(2) Staffs focus on threats and their risks across the spectrum of protecting the force.
These staffs-
(a) Identify friendly vulnerabilities during current operations and implement
controls to mitigate risk.
(b) Implement commander’s intent on acceptance of risk in current operations.
(3) The following list identifies some of the risk management responsibilities of the
primary JTF directorates:
(a) J- 1 (Personnel):
0 Estimate time delay risks on personnel deployment flow.
0 Determine casualty risks for each COA.
0 Estimate casualty and replacement flow risks on future operations.
0 Ensure controls for personnel-related activities are conducted to diminish
operations security vulnerabilities and support military deception initiatives.
0 Estimate risks of employed local civilian labor in coordination with the 5-4
(logistics), 5-2 (intelligence), and legal officer.
(b) J-2:
0 Monitor and report threats that counter the effectiveness of friendly combat
identificationkounter-fratricide measures.
0 Develop current regional threat assessments.
0 Determine risk of loss of low-density intelligence collection assets.
(c) 5-3 (Operations):
0 Develop risk assessment for the commander’s estimate.
111-4

Perform as staff proponent for combat identificatiodcounter-fratricide
measures. Develop policy, procedures and assign responsibility for combat
identification/counter-fratricide measures.
Report and investigate reports of fratricides.
Develop risk assessment of military and political aspects of draft ROE and
supplemental ROE.
0 Determine criticality and vulnerability of bases in the Joint Rear Area to
prioritize controls and levels of response.
(d) 5-4:
0 Make recommendations to the JTF commander on the combat
identificatiodcounter-fratricide technology acquisition and procurement strategies.
Assess the risk of critical supply levels not meeting required number of days
of supply days.
controls.
0 Determine petroleum, oils, and lubricants storage site vulnerabilities and
0 Determine munitions storage site vulnerabilities and safety requirements.
(e) 5-5 (Plans):
Integrate functional directorate risk management controls and combat
identificatiodcounter-fratricide measures into deliberate planning products.
0 Identify friendly maneuver and firepower vulnerabilities during mission
analysis, wargaming and plan controls to mitigate risk.
(f) J-6 (Communications): Responsible for assessing risk to geospatial
information and services systems and developing controls to counter threats.
(g) Special staff offices: Risk management should be addressed in the various
special staff offices, including-
0 Surgeon (health and nonbattle injury, return to duty policy, preventative
medicine).
0 Legal officer (Uniform Code of Military Justice, law of armed conflict, and
host nation (HN) law).
d. Individuals.
Public affairs officer (media coverage, public opinion, etc.).
0 Safety officer.
(1) An individual's level of expertise and maturity influences risk management
proficiency. Managing risk is subjective because its basis is individual judgment.
Inexperienced service members are routinely charged with executing risk controls and risk
reduction measures. Their limited experience can significantly increase the level of risk
they are willing to accept. Their sense of indestructibility, motivation (esprit de corps), and
willingness to achieve the mission at any cost can lead to failure to consider risks. Due to
inexperience or complacency, they may become susceptible to-
(a) Overestimating their ability to respond to, or recover from, a hazardous
incident-they become overconfident.
(b) Underestimating the level of risk posed by a threat. It is imperative that
individuals understand and execute controls directed by leaders and staffs.
111-5

(2) Individuals should be aware of, and fully understand, the situation, and
maintain self-discipline when they perform their duties. They should-
(a) Understand and apply risk management.
(b) Execute controls directed by their leaders, that is, perform to standards.
(c) Carry risk management over into all activities-both on and off duty.
(d) Look out for others-anyone
inherently unsafe.
3. Integration into Training and Operations
has authority to halt something that is
a. Integrating risk management into training and operations-
(1) Preserves the lives and well-being of everyone.
(2) Conserves equipment, facilities, environmental resources, and combat power.
b. Risk management is planned up front, not treated as an afterthought. Leaders and
managers of materiel acquisition, base operations, and industrial operations budget risk
control costs up front at the level of expected payback over the duration of the activity, or
the life cycle of materiel/weapons system.
c. When integrating risk management into sustained operations, leaders consider
increases in turbulence, personnel turnover, critical skill atrophy, and mission
development. Leaders continuously assess-
(1) The complexity of mission development and associated changing
interrelationships with other agencies.
(2) The inclusion of civilian contractors, such as logistics civilian augmentation
programs, as part of the force.
(3) The presence of the media, NGOs, and PVOs. These diverse elements need to be
integrated into the risk management process.
d. A key consideration relevant to managing risk in complex operational environments
is understanding the culture of the indigenous population or society and its way of doing
business. Leaders consider the impact of interference with the indigenous population’s way
of life and local customs. Such interference could risk damage to relationships and increase
the potential for introducing instability into the local society. Leaders do not, however,
intentionally allow these considerations to endanger their force or its mission.
e. Leaders and service members systematically provide observations and assessments
of the unit’s risk management performance for the training management cycle and SOPS.
They should have the skills, knowledge, and attitude to manage risks inherent in all
operations effectively. Effective training helps service members become proficient. It
qualifies them technically and tactically, and as leaders, to accomplish the mission without
unnecessary risk.
f. Unit leaders and their staffs continually assess and evaluate the integration of risk
management into short-, near-, and long-term training plans. They continually review Joint
Mission Essential Task Lists to ensure that training is supported by realistic risk
management objectives. The services consider past experiences to avoid repeating mistakes.
4. Review of the Risk Management Process
a. Reviewing the risk management process determines a unit’s current level of
proficiency in implementing the process. How well risk is managed affects readiness.
Leaders need to know the current status and effectiveness of their unit’s risk management
111-6

program. Reviewing the unit’s effectiveness in managing risk permits the unit to gain
insight into areas for improvement and obtain feedback on subordinates’ understanding
and application of risk guidance. The objective is to determine how-
(1) Effectively risk management is embedded into planning and preparing for
operations.
(2) Well subordinate leaders and service members understand risk management.
(3) Effectively risk management is used to execute operations. Leaders assess the
effectiveness of their units by reviewing how well threats are identified and risk controls
are-
(a) Specified in oral and written OPORDs, OPLANs, and SOPS.
(b) Communicated to lowest level of chain of command.
(c) Included in short-, near-, and long-term training plans.
(d) Implemented into all activities, on and off duty.
(e) Embedded into force protection programs.
(0 Included in AARs and captured in lessons learned.
b. Risk management cannot be seen as a competitive program whereby a unit or leader
is judged or compared in a competitive sense. Focus is strictly on both reduction of risk and
hazardous incidents.
111-7

Appendix A
Risk Management Tools
Commanders, leaders, and staffs use risk management tools to facilitate the risk
management process-identification of threats and development of controls. The tables and
matrices in this appendix are samples of tools that commanders, leaders and staffs may use
when integrating the risk management process. It is impractical to create detailed
procedures to ensure the “right” tools are used for each activity and every contingency.
However, choosing the best tools is important when planning a potentially hazardous
operation. Most tools in this appendix can be used in a variety of creative ways; the user
selects the appropriate tool, or combination of tools, and the extent of effort to expend on
each. Since there are no right or wrong selections, the user must rely on his knowledge and
experience to make the right choice for each situation.
Annex A: Risk Management Worksheet
Annex B: Force Protection Priority Matrix
Annex C: Force Protection Tasks, Conditions, Desired Effects and Activities
Annex D: Risk Assessment Matrix
Annex E: Sample Risk Control Option Planning Matrix
A- 1

Annex A
Risk Management Worksheet
The risk management worksheet provides a starting point to track the process of
threats and risks logically. It can be used to document risk management steps taken during
planning, preparation, and execution.
Identify Threats
Mission
Phases I Threats 1 Causes
1 1
Initial
Religious
Protesters
entry belief
Initial
I
Diseases
1
entrv
Lodgment Local
Pilferage
expansion
economy
Assess
Threats
Medium
I
Develop Risk Controls and
Make Risk Decisions
Residual
Initial RAC I Develop Controls I RAc
High
High
I
Personnel
awareness,
cantonment area
Immunize
field sanitation
Increase security
force
Date Worksheet Prepared
I
Low
Low
Medium
Implement
Controls
How to
Training
Civil Affairs,
Predeployment
actions, training
Augment force
Supervise
How to
First line
supervisors
Component
commanders
J-314
High Direct action Medium
Airfield takedown
1st Ranger
Battalion
J-3
Legend:
RACRisk Assessment Code
Comm with HigherNes No
Figure A-A-I. Sample Completed Risk Management Worksheet
A-A- 1

Annex B
Force Protection Priority Matrix
This matrix prioritizes force protection tasks and operating systems used for protection
in each task. It reverses the normal targeting methodology and focuses the Joint Planing
Group on what it needs to protect for each specific task.
Force Protection Task I:
Maintain flank security
Priority
Operational
Operating System
Protected Capability
3d Marine Division (PD)
1 Maneuver 10lst Airborne Division
(Air Assault) (PD)
2 Logistics
I
I
3 1 Fires
I
4 Intelligence UAV FOB
Command and
Control
6 I Force Protection I
Key:
PD-Prevent
PN-Prevent
PS-Prevent
Destruction
Neutralization
Suppression
Legend:
CSSA-combat service support area
FOB-forward operating base
JLOTS-joint logistics over the shore
MEB-Marine Expeditionary Brigade
TACC-Tactical Air Command Center
UAV-unmanned aerial vehicle
Operational Operating
System
Log istics
Command and Control
Fires
Intelligence
Maneuver
Force Protection
Protected Capability
CSSA (PN)
JLOTS Site (PN)
MEB Command Post (PN)
TACC (PN)
Ground Mobile Force Site
(PS)
Airbase A (PN)
Airbase B (PN)
Tactical Combat Force (PD)
Figure A-B-I. Sample Force Protection Priority Matrix
A-B-1

Annex C
Force Protection Tasks,
Conditions, Desired Effects, and Activities
Troop-to-task analysis may reveal deficiencies that require risk assessment and
subsequent adjustments. The following table is a sample analysis that draws out the logical
consequences of a force protection task. It can also be rendered as a decision tree. During
COA development, each member of the joint planning group needs to be able to justify the
tasking of resources to support force protection tasks.
Table A-GI.
Sample Force Protection Tasks, Conditions, Desired Effects, and Activities
Force Protection Task
Maintain security of vital areas
Minimize losses
Force Protection Condition
GMF remains fully operational during H-hour to H+24
Rapid evacuation of casualties
Force Protection Desired Effect
GMF site safe from local attack and from effects of weapons of mass destruction
Air MEDEVAC less than 20 minutes
Surface MEDEVAC to regimental aid stations only
Force Protection Activities
Local security in place
TCF prepared to respond to level Ill threat
TBMD coverage includes GMF site
Task MAW to dedicatehnfigure 2 CH-46 for air MEDEVAC during H+10 - H+ 24
Ensure adequacy of Class Vlll prior to H + 10
Legend:
GMF-Ground Mobile Force
MAW-Marine Air Wing
MEDEVAC-medical evacuation
TBMD-theater ballistic missile defense
TCF-Tactical Combat Force
A-C-1

Annex D
Risk Assessment Matrix
The Risk Assessment Matrix combines severity and probability estimates to form a risk
assessment for each threat. Use the Risk Assessment Matrix to evaluate the acceptability
of a risk, and the level at which the decision on acceptability will be made. The matrix may
also be used to prioritize resources, to resolve risks, or to standardize threat notification or
response actions. Severity, probability, and risk assessment should be recorded to serve as
a record of the analysis for future use.
I Risk Assessment Matrix I
I I
I Severity
!
Probability
I
Frequent I Likely I 0cca;ional I Seldom 1 Unlply I
B
D
1. Risk Definitions
Figure A-D-1. Risk Assessment Matrix
a. E - Extremely High Risk Loss of ability to accomplish the mission if threats occur
during mission. A frequent or likely probability of catastrophic loss (IA or IB) or frequent
probability of critical loss (IIA) exists.
b. H - High Risk: Significant degradation of mission capabilities in terms of the
required mission standard, inability to accomplish all parts of the mission, or inability to
complete the mission to standard if threats occur during the mission. Occasional to seldom
probability of catastrophic loss (IC or ID) exists. A likely to occasional probability exists of a
critical loss (IIB or IIC) occurring. Frequent probability of marginal losses (IIIA) exists.
c. M - Moderate Risk Expected degraded mission capabilities in terms of the
required mission standard will have a reduced mission capability if threats occur during
mission. An unlikely probability of catastrophic loss (IE) exists. The probability of a critical
loss is seldom (IID). Marginal losses occur with a likely or occasional probability (IIIB or
IIIC) . A frequent probability of negligible (IVA) losses exists.
d. L - Low Risk: Expected losses have little or no impact on accomplishing the
mission. The probability of critical loss is unlikely (IIE), while that of marginal loss is
seldom (IIID) or unlikely (IIIE). The probability of a negligible loss is likely or less (IVB
through (IVE).
A-D-1

2. Severity Categories
The following table outlines severity categories:
Table A-D-1
Risk Severity Categories
Category
CATASTROPHIC (I)
CRITICAL (11)
MARGINAL (111)
NEGLIGIBLE (IV)
Definition
Loss of ability to accomplish the mission or mission failure. Death or permanent
disability. Loss of major or mission-critical system or equipment. Major property
(facility) damage. Severe environmental damage. Mission-critical security failure.
Unacceptable collateral damage.
Significantly degraded mission capability, unit readiness, or personal disability.
Extensive damage to equipment or systems. Significant damage to property or the
environment. Security failure. Significant collateral damage.
Degraded mission capability or unit readiness. Minor damage to equipment or
systems, property, or the environment. Injury or illness of personnel.
Little or no adverse impact on mission capability. First aid or minor medical
treatment. Slight equipment or system damage, but fully functional and serviceable.
Little or no property or environmental damage.
3. Probability Categories
The following table outlines probability categories for the risk assessment matrix:
A-D-2

Table A-D-2
Probability Definitions
Element Exposed
Definition
FREQUENT (A) Occurs very often, continuously experienced
Single item
Fleet or inventory of items
Individual
All personnel exposed
Occurs very often in service life. Expected to occur several times over duration
of a specific mission or operation.
Occurs continuously during a specific mission or operation, or over a service
life.
Occurs very often. Expected to occur several times during mission or operation.
LIKELY (6) Occurs several times
Single item
Fleet or inventory of items
Occurs several times in service life. Expected to occur during a specific mission
or operation.
Occurs at a high rate, but experienced intermittently (regular intervals, generally
OCCASIONAL (C) Occurs sporadically
Single item
Fleet or inventory of items
Individual
All personnel exposed
Occurs some time in service life. May occur about as often as not during a
specific mission or operation.
Occurs several times in service life.
Occurs over a period of time. May occur during a specific mission or operation,
but not often.
SELDOM (0) Remotely possible; could occur at some time
Single item
Fleet or inventory of items
Individual
All personnel exposed
Occurs in service life, but only remotely possible. Not expected to occur during
a specific mission or operation.
Occurs as isolated incidents. Possible to occur some time in service life, but
rarely. Usually does not occur.
Occurs as isolated incident. Remotely possible, but not expected to occur
during a specific mission or operation.
Occurs rarely within exposed population as isolated incidents.
UNLIKELY (E) Can assume will not occur, but not impossible
Fleet or inventory of items
Individual
All personnel exposed
life. Can assume will not occur during a specific mission or operation.
Occurs very rarely (almost never or improbable). Incidents may occur over
service life.
Occurrence not impossible, but may assume will not occur during a specific
mission or operation.
Occurs very rarely, but not impossible.
A-D-3

Annex E
Sample Risk Control Options Planning Matrix
This matrix combines risk control options and responsible personnel that appear
suitable and practical with potential options. Many of these options may be applied at more
than one level. For example, the training option may be applied to operators, supervisors,
senior leaders, or staff personnel.
Figure A-E-I. Sample Risk Control Options Planning Matrix
A-E-I

Option
Limit energy
Substitute safer form
Prevent release
Separate
Provide special maintenance of
controls
Core Tasks (especially critical tasks)
Leader tasks
Emergency contingency tasks
Rehearsals
Briefings
Mental criteria
Emotional criteria
Physical criteria
Experience
Number of people or items
Emergency medical care
Personnel
Facilitieslequipment
Barrier
On human or object
Raise threshold (harden)
Time
Signslcolor coding
Audiolvisual
Sequence of events (flow)
Timing (within tasks, between tasks)
Simplify tasks
Reduce task loads
Backout options
Contingency capabilities
Emergency damage control
procedures
Backupslredundant capabilities
Mission capabilities
Table A-E-1
Examples of Risk Control Options
Example
ENGINEER
Small amount of explosives, reduce speeds
Use air power, precision guided munitions
Containment, doubleltriple containment
Barriers, distance, boundaries
Special procedures, environmental filters
EDUCA TlONAL
Define critical minimum abilities, train
Define essential leader tasks and standards, train
Define, assign, train, verify ability
Validate processes, validate skills, verify interfaces
Refresher warnings, demonstrate threats, refresh training
ADMINISTRA TlVE
Essential skills and proficiency
Essential stability and maturity
Essential strength, motor skills, endurance, size
Demonstrated performance abilities
Only expose essential personnel and items
Medical facilities, personnel, medical evacuation
Replace injured personnel, reinforce units, reallocate
Restore key elements to service
PHYSICAL
Between revetments, walls, distance, ammunition storage facility
Personal protective equipment, energy absorbing materials
Acclimatization, reinforcement, physical conditioning
Minimize exposure and number of iterationslrehearsals
Warning signs, instruction signs, traffic signs
Identification of friendly forces, chemicallbiological attack warning
OPERATIONAL
Put tough tasks first before fatigue, do not schedule several tough
tasks in a row
Allow sufficient time to perform, practice, and time between tasks
Provide job aids, reduce steps, provide tools
Set weight limits, spread task among many
Establish points where process reversal is possible when threat is
detected
Combat search and rescue, rescue equipment, helicopter rescue,
tactical combat force
Emergency responses for anticipated contingencies, coordinating
agencies
Alternate ways to continue the mission if primaries are lost
Restore ability to perform the mission
A-E-2

1. Purpose
Appendix B
Force Protection Working Group
The purpose of the force protection working group (FPWG) is to review threats, identify
vulnerabilities, recommend counter-measures, determine force protection levels, assess in
place measures, review tasks to components, monitor corrective actions, and direct special
studies (force protection assessment teams). The primary responsibility is to monitor and
assess the risk and threats to forces in the joint operations area and implement risk
controls to maintain the protection of the force. Each command and control node, rear,
intermediate support base, or FOB, should have a FPWG.
2. Group Composition
The composition will vary based on the threats and forces available. Suggested potential
sources to provide representatives to the FPWG are listed in Figure B-1.
Chief of Staff
Personnel
Intelligence
Operations
Log is tics
Plans
Communications
Engineer
Aviation
Senior Enlisted Representative
Public Affairs
Surgeon
Nuclear, Biological, and Chemical
Chaplain
Staff Weather Officer
Safety
Political Advisor
Host Nation Support Representative
BOTTOM LINE: Composition is Mission Dependent
~ ~ ~~~
Army Forces
Marine Forces
Air Force Forces
Navy Forces
Special Operations Forces
Security Forces
Judge Advocate General
Figure B-1. Potential Sources for the FPWG
3. Procedures
The group may meet daily, weekly, or on-call in the vicinity of the Joint Operations
Center to use the risk management process.
4. Agenda
The officer in charge of the command and control node or a designated representative
should chair the meetings. The chairperson for the FPWG is not necessarily designated by
duty position, but based on the ability of the person to fulfill the duties of force protection
officer. A recommended agenda for conducting FPWG meetings follows:
a. Start with updates from-
(1) 52 Representative: intelligence update with focus on changes to the situation
that may lead to additional threats for the force.
(2) Counterintelligence (CI) representative: follows the JZ, clarifies and provides
details of current risks based on his field reports.
(3) 53 Representative: overview of current operations and force protection measures
currently in place.
B- 1

. Next, update new or evolving threats. This is an open discussion by functional area.
For example, the surgeon would focus on medical health of command, the veterinary on new
or changing food sources, etc. Steady state activities are raised during this phase of the
meeting. All members consider emerging trends and determine if new vulnerabilities
within their area of responsibility require the focus of the task force or if they are just
isolated incidents. Each member comes to the meeting with documented concerns and
recommendations.
c. When new threats are identified, the FPWG will discuss measures to reduce the
threat. For example, Threat identified: current route from billeting area to the Joint
Operations Center is dangerous and not acceptable at night. Control: CI team will contact
the country team, identify alternate routes, and drive and assess the routes. At the next
FPWG meeting a decision will be made to change route.
d. Once controls are decided upon (above example, CI to conduct a reconnaissance of a
new route), that information is captured by the 53 representative and placed, as a directive
for action, in the next fragmentary order.
e. Following identification and development of controls for new threats, the group will
review current measures in effect against known threats and determine the requirement
for any changes or adjustments. Figure B-2 is an example FPWG agenda.
I Event I lnput I
Threat Situation Review
Current Force Protection Levels
Current Operations
Results of Previous Meeting
Threat Identification
Vulnerability Identification
Identify Controls
Recommend Force Protection Level
Recommend Taskings
Summary
Confirm Next Meeting
J2
J3
J3
Components, J3
FPWG
FPWG
FPWG
FPWG
FPWG
Figure 8-2. Example FPWG Meeting Agenda
5. Assessment Teams
To maintain visibility of threats, the FPWG may designate assessment teams to
monitor the situation continuously. These teams may be tailored to review specific threats
(such as preventive medicine and surgeon for medical, CI and Provost Marshal/Security
Officer/Chief Security Forces for perimeter security). These teams may be assigned and
operate at all operating bases throughout the joint operations area.
a. The assessment teams mission includes-
(1) Identify and assess threats and vulnerabilities.
(2) Recommend controls.
J3
J3
6-2

(3) Report through FPWG to Commander of the JTF.
(4) Gather information.
b. Assessment teams may use the following checklist:
threats?
(1) Threat.
(a) What is the terrorist threatkapability?
(b) What is the in-country leave and pass policy?
(c) Are there any areas service members should avoid due to criminal or terrorist
(d) What is the pre-disposition of the local populace to Americans (is it safe for
service members to mix with public)?
(e) Could operations be affected by civil disturbances protesting U.S. policy?
(0 What criminal threats are likely to threaten operations (are there any threats
of pilferage affecting sustainment operations)?
(g) What is the relationship of local population with host nation (HN) authorities
(is there any threat of civil unrest that could affect operations)?
(h) Are there other threats such as para-military organizations or hostile
intelligence that may target operations?
(2) Facilities.
(a) What facilities will the task force occupy?
Tent city vs. hard site?
Location-urban or rural?
(b) What is the status of-
* Perimeters?
Barriers?
Lighting?
Motor pool facilities?
(c) Will the node collocate with HN or friendly forces?
(d) Is secure storage available for arms, ammunition, and explosives and
classified, high dollar, and sensitive items?
(e) Are there high-speed avenues of approach?
(f)
What checkpoints and barriers are necessary to control compound access?
(3) Where will mission-essential vulnerable areas be established for arms,
ammunition, and explosives storage: sensitive item storage; pilferable high dollar value
item storage; fuel storage etc.?
(a) What is their proximity to the perimeter?
(b) What is their vulnerability to attack or observation?
(4) Will the task force operate any sustainment operations facilities at air, sea, or
rail ports?
(5) Joint Operations.
B-3

(a) If the task force occupies facilities with HN or friendly forces, who has
command and control for force protection?
(b) Who must the task force coordinate with concerning force protection, HN,
friendly forces?
(c) What are capabilities of friendly forces, HN armed forces, HN police forces,
and HN security forces?
(d) How are in-place friendly forces approaching force protection?
(e) What historical problems have in-place friendly forces had concerning
criminal activity (such as pilferage, assaults, terrorist threat, civil disturbance, and hostile
intelligence)?
(0 What threats do they perceive as possible?
(g) What operations security measures are in effect?
(h) What movement security measures are in effect?
6. FPWG Products
Based on the FPWG meeting, there are three suggested deliverables.
a. First-an update to the Force Protection Matrix. This should be briefed to the JTF
commander and placed on the SECRET Internet Protocol Router Network for the staff and
components. Figure B-3 is an example of the risk considerations matrix.
b. Second-Fragmentary Order directing execution of the new FPWG measures.
c. Third - risk assessment for the current phase of the operation.
d. Force protection assessment-continuous process throughout the conduct of the
operation.

~
I
Operational
Operating
System
Movement/
Maneuver
Event: JTF FOB stablishment loca m lcomponent: FC
Threat Vulnerability Countermeasure Action
Local faction
Troop movement
Route to hotel
Minimize
Standard route/
Alternate routes
Adjust battle rhythm
All drivers with
alternate route maps
Aircraft
Crossing flight
lines
Do not cross
Intelligence
Accident
Civil rights
Know embassy
numbers
Accident card
USAF security patrols
post speed limit
Speeding flight line
Pedestrians
Slow speed
(15 mph)
LNOs brief forces
Fires
Loitering Thembad press Minimum
presence in hotel
Place of duty or room
Sustainment
Fire Threats
~~
Personnel and
equipment
~~
Know route,
exiting and alert
procedure
Fire break-aroid
FARP
No helplassist
Personnel
stranded
Blood chits
Order 500 chits
Command and
Control
Protection
Personnel
accountability/
location
Heat
Unsafe location/
Unknown location
Injury
Frequent
reporting, improve
communication
Water discipline
Command emphasis
Distribute cell phones
Monitor WGBT
Disease-malaria
Health
Buddy check
Field sanitation
Take pills
Clean latrines
Dogs
Injury/health
Caution
Stay clear
Legend:
FARP-forward arming and refueling point
LNO-liaison officer
mph-miles per hour
USAF-U .S. Air Force
WGBT-wet globe bulb temperature
Notes.
Any changes made by the FPWG are highlighted.
An additional column labeled "Assessment" can show how the countermeasures are working
Figure 8-3. Sample Risk Considerations Matrix
8-5

REFERENCES
National
Presidential Decision Directive 39, US. Policy on Counterterrorism, 2 1 June 1995
Department of Defense
DODI 6055.1, DOD Safety and Occupational Health (SOH) Program, 19 August 1998
Joint
CJCSM 3500.03, Joint Training Manual for the Armed Forces of the United States, 1 June
1996
CJCSM 3500.04, Universal Joint Task List, 1 November 1999
CJCSM 3500.05, Joint Task Force Headquarters Master Training Guide, 15 April 1997
JP 1-02. Department of Defense Dictionary of Military and Associated Terms, 1 September
2000
JP 3-0, Doctrine for Joint Operations, 1 February 1995
JP 3- 10, Joint Doctrine for Rear Area Operations, 28 May 1996
JP 3- 1 1, Joint Doctrine for Operations in Nuclear, Biological, and Chemical (NBC)
Environments, 11 July 2000
JP 3- 13.1, Joint Doctrine for Command and Control Warfare (CZ W), 7 February 1996
JP 3-54, Joint Doctrine for Operations Security, 24 January 1997
JP 3-58, Joint Doctrine for Military Deception, 31 May 1996
JP 4-0, Doctrine for Logistics Support of Joint Operations, 6 April 2000
JP 5.00.1, Joint Tactics, Techniques, and Procedures for Joint Campaign Planning (Draft)
JP 5-00.2, Joint Task Force (JTF) Planning Guidance and Procedures, 13 January 1999
Air Force
AFDD 2-4.1, Force Protection, 29 October 1999
AFPD 90-9, Operational Risk Management, 1 April 2000
AFI 90-901, Operational Risk Management, 1 April 2000
AFPAM 90-902, Operational Risk Management Guidelines and Tools, 14 December 2000
Army
FM 3-0 (FM 100-5), Operations, 14 June 1993
FM 3-07 (FM 100-20), Military Operations in Low Intensity Conflicts, 5 December 1990
FM 3-07.3 (FM 100-23), Peace Operations, 30 December 1994
FM 3-58 (FM 90-2), Battlefield Deception, 3 October 1988
FM 6-22 (FM 22-loo), Army Leadership, 31 August 1999
FM 3-21.10 (FM 7-10), The Infantry Rifle Company, 31 October 2000
FM 7-10 (FM 25-101), Battle Focused Training, 30 September 1990
References-I

Coast Guard
COMMANDANT INSTRUCTION 3500.3 Operational Risk Management (Draft)
Marine Corps
Marine Corps Order 3500.27, Operational Risk Management, 3 April 1997
ALMAR 210/97, Operational Risk Management, 15 July 1997
MCDP-1, Warfighting, June 1997
MCDP 1-2, Campaigning, August 1997
MCWP 3-22, Antiair Warfare, 23 June 2000
MCWP 5- 1, Marine Corps Planning Process, January 2000
Navy
OPNAVINST 3500.38, Universal Naval Task List, 30 September 1996
OPNAVINST 3500.39, Operational Risk Management, 3 April 1997
References-2

Glossary
PART I-ABBREVIATIONS
AND ACRONYMS
5-M
AAR
AFB
AFDC
AFTTP
AL
ALSA
APO
CAC
CADD
Cdr
CI
COA
CSSA
DC
DCSPER
DSN
etc
FARP
FM
FOB
FPWG
GMF
man, machine, media, management, mission
A
After Action Report
Air Force Base
Air Force Doctrine Center
Air Force Tactics, Techniques, and Procedures
Alabama
Air Land Sea Application
Army Post Overseas
C
Combined Arms Center
Combined Arms Doctrine Development Center
commander
counterintelligence
course of action
combat service support area
D
District of Columbia
Deputy Chief of Staff for Personnel
Defense Switched Network
E
etcetera
F
forward arming and refueling point
field manual
forward operating base
force protection working group
G
ground mobile force
Glossary-I

HN
HQ
J- 1
5-2
5-3
5-4
J-5
J-6
JLOTS
JOPES
JP
JTF
KS
LNO
MAW
MCCDC
MCPDS
MCRP
MEDEVAC
METT-T
METT-TC
MILSTRIP
MSE
MSTP
H
host nation
headquarters
J
Manpower and Personnel Directorate of a joint staff
Intelligence Directorate of a joint staff
Operations Directorate of a joint staff
Logistics Directorate of a joint staff
Plans Directorate of a joint staff
Command, Control, Communications, and Computer Systems
Directorate of a joint staff
joint logis tics over- the-shore
Joint Operation Planning and Execution System
joint publication
joint task force
K
Kansas
L
liaison officer
M
Marine air wing
Marine Corps Combat Development Command
Marine Corps Publication Distribution System
Marine Corps Reference Publication
medical evacuation
mission, enemy, terrain and weather, troops and support available,
time available
mission, enemy, terrain and weather, troops and support available,
time available, civil considerations (Army)
Military Standard Requisitioning and Issue Procedures
major subordinate element
Marine Air Ground Task Force Training Program
Glossary-2

NAVSOP
NC
NWDC
NGO
NM
OPLAN
OPORD
PD
PN
PS
PVO
RAC
RI
ROE
SOP
TACC
TBMD
TCF
TRADOC
UAV
USAF
USAREUR
USMC
USN
N
Navy Standing Operating Procedure
North Carolina
Navy Warfare Development Command
nongovernmental organization
New Mexico
0
operation plan
operation order
P
prevent destruction
prevent neutralization
prevent suppression
private voluntary organization
R
risk assessment code
Rhode Island
rules of engagement
S
standing operating procedure
T
Tactical Air Command Center
theater ballistic missile defense
tactical combat force
United States Army Training and Doctrine Command
U
unmanned aerial vehicle
United States Air Force
United States Army, Europe
United States Marine Corps
United States Navy
Glossary-3

PART II-TERMS
AND DEFINITIONS
acceptable risk. The portion of identified risk that is allowed to persist without further
controls
assessment. 1. Analysis of the security, effectiveness, and potential of an existing or
planned intelligence activity.
2. Judgment of the motives, qualifications, and characteristics of present or
prospective employees or “agents.” (JP 1-02)
controls. Actions taken to eliminate threats or reduce their risk. This term and its
definition are applicable only in the context of this publication and should not be referenced
outside this publication.
exposure. The frequency and length of time subjected to a hazard (FM 3-100.12/100-14).
extremely high risk. Risk that could result in loss of ability to accomplish the mission if
threats occur during mission. A frequent or likely probability of catastrophic loss (IA or IB)
or frequent probability of critical loss (IIA) exists. This term and its definition are
applicable only in the context of this publication and should not be referenced outside this
publication.
high risk. Risk that could result in significant degradation of mission capabilities in terms
of the required mission standard, inability to accomplish all parts of the mission, or
inability to complete the mission to standard if threats occur during the mission. Occasional
to seldom probability of catastrophic loss (IC or ID) exits. A likely to occasional probability
exists of a critical loss (IIB or IIC) occurring. Frequent probability of marginal losses (IIIA)
exists. This term and its definition are applicable only in the context of this publication and
should not be referenced outside this publication.
identified risk. A risk determined by applying severity and probability analysis to an
identified threat.
inherently dangerous. An activity or task containing a danger to life or limb that is a
permanent and inseparable element of the activity. This term and its definition are
applicable only in the context of this publication and should not be referenced outside this
publication.
low risk. Risk that could result in expected losses having little or no impact on
accomplishing the mission. The probability of critical loss is unlikely (IIE), while that of
marginal loss is seldom (IIID) or unlikely (IIIE). The probability of a negligible loss is likely
or less (IVB through IVE). This term and its definition are applicable only in the context of
this publication and should not be referenced outside this publication.
moderate risk. Risk that could result in degraded mission capabilities in terms of the
required mission standard will have a reduced mission capability if threats occur during
mission. An unlikely probability of catastrophic loss (IE) exists. The probability of a critical
loss is seldom (IID). Marginal losses occur with a likely or occasional probability (IIIB or
IIIC). A frequent probability of negligible (IVA) losses exists. This term and its definition
are applicable only in the context of this publication and should not be referenced outside
this publication.
operational protection. The conservation of the forces’ fighting potential so that it can be
applied at the decisive time and place. This activity includes actions taken to counter the
enemy’s forces by making friendly forces (including operational formations, personnel, etc.) ,
systems, and operational facilities difficult to locate, strike, and destroy. (CJCSM 3500.04)
Glossary-4

probability. The likelihood that a hazardous incident will occur.
frequent (A): Occurs very often, continuously experienced.
likely (B): Occurs several times
occasional (C): Occurs sporadically
seldom (D): Remotely possible; could occur at some time
unlikely (E): Can assume will not occur, but not impossible.
This term and its definitions are applicable only in the context of this publication and
should not be referenced outside this publication.
residual risk. The level of risk remaining after controls have been identified and selected
for threats that may result in loss of combat power. This term and its definition are
applicable only in the context of this publication and should not be referenced outside this
publication.
risk. 1. Probability and severity of loss linked to threats.
2. See degree of risk. See also risk management. (JP 1-02)
risk assessment. Identification and assessment of threats; an identified threat is assessed
to determine the risk (both the probability of occurrence and resulting severity) of a
hazardous incident due to the presence of the threat. This term and its definition are
applicable only in the context of this publication and should not be referenced outside this
publication.
risk decision. The decision to accept or not accept the risks associated with an action;
made by the commander, leader, or individual responsible for performing that action. This
term and its definition are applicable only in the context of this publication and should not
be referenced outside this publication.
risk management. A process by which decision makers reduce or offset risk. Also called
RM. (JP 1-02) The systematic process of identifying, assessing, and controlling risks arising
from operational factors and making decisions that weigh risks against mission benefits.
severity. The intensity of the expected consequence of an event in terms of degree of
injury, property damage, or other mission-impairing factors (loss of combat power and so
on) that could occur.
catastrophic (I): Loss of ability to accomplish the mission or mission failure. Death or
permanent total disability. Loss of major or mission critical system or equipment. Major
property (facility) damage. Severe environmental damage. Unacceptable collateral
damage. Mission-critical security damage.
critical (11): Significantly degraded mission capability or unit readiness. Permanent
partial disability. Extensive (major) damage to equipment or systems. Significant
damage to property or the environment. Security failure. Significant collateral damage.
marginal (111): Degraded mission capability or unit readiness. Minor damage to
equipment or systems, property, or the environment.
negligible (IV): Little or no adverse impact on mission capability. Slight equipment or
system damage, but fully functional and serviceable. Little or no property or
environmental damage.
This term and its definitions are applicable only in the context of this publication and
should not be referenced outside this publication.
Glossary-5

threat. A source of danger: any opposing force, condition, source, or circumstance with the
potential to negatively impact mission accomplishment andor degrade mission capability.
This term and its definition are applicable only in the context of this publication and should
not be referenced outside this publication.
total risk. The sum of identified risk and unidentified risk. It is accepted by the
appropriate decision-maker because further efforts at risk control are not justified by the
perceived gain.
unacceptable risk. The risk that cannot be tolerated and must be eliminated or
controlled.
unidentified risk. The risk that has not been identified. It is unknown or immeasurable.
Glossary-6

Index
A
acceptability, 11-3, 111-4, A-D-1
acceptable loss, 1-1
acceptable risk, 1-2, I-3,II-3,II-5, 111-3, A-D-1, Glossary-4
accountability, 1-2,11-5,111-1, B-5
administrative controls, 11-4, A-E-l , A-E-2
alarmism, 11-2
application of risk management, i, I- 1, I-3,1-4, 11-1
assessment, I-l,I-3, 1-5, 11-2, 11-3,II-5, 11-6, 11-8, 11-9, 111-2,111-4, 111-5, 111-6, A-1, A-A-1, A-
C-1, A-D-1, A-D-2, B-1, B-2, B-3, B-4, B-5, Glossary-3, Glossary-4, Glossary-5
complete, 11-2
matrix, A-D-1
output, 11-2
pitfalls, v, 11-2
teams, B-1
assigning redundant capabilities, 11-5, A-E- 1, A-E-2
avenues of approach, 11-9, B-3
avoiding the risk, I-2,II-3, 11-4, 111-3
C
catastrophic, A-D- 1, A-D-2, Glossary-4, Glossary-5
chain of command, v, 1-2, 111-1,111-2,111-3, 111-7
civil consideration, 11-8, 11-10, 111-3, 111-4, 111-6, A-A-1, B-3, B-4, B-5, Glossary-2
climate, 11-9,111-2
commander, i, v, vi, I-1,142, 1-3, 1-5, 11-3, 11-5, 11-6, 11-8, 11-9, 111-1, 111-2, 111-3, 111-4, 111-5, A-
1, A-A-1, A-E-1, B-3, B-4, Glossary-1, Glossary-5
complacency, 11-10,111-1, 111-4, 111-5
complete risk assessment, 11-2
controls, risk, v, 1-2, 1-3, 1-4, 1-5, 11-1, 11-3, 11-4, 11-5, 11-6, 11-7, 11-8, 11-9, 11-12,III-l, 111-2,
111-3, 111-4, 111-5,111-6,111-7, A-1, A-A-1, A-E-1, A-E-2, B-1, B-2, Glossary-4, Glossary-5
administrative, 11-4, A-E- 1, A-E-2
avoiding risk, I-2,II-3,II-4, 111-3
delay COA, 11-4
develop, v, 1-3, 1-5, 11-3,II-4, 11-5, 11-7, 11-8,111-3,111-5, A-1, A-A-1, B-2
educational, 11-4, A-E-1, A-E-2
engineering, 11-4, A-E-1, A-E-2
implement, v, I-3,1-5, 11-3, 11-4,11-5, 11-6, 11-7, 11-8, 111-4, A-A-1, B-1
operational, 11-4, A-E-1, A-E-2
options, 11-3,II-4, A-1, A-E-1, A-E-2
physical, 11-4, A-E-1, A-E-2
planning matrix, A-E-1
index-1

edundant capabilities, 11-4, A-E-1, A-E-2
residual risk, 11-3, 11-5,111-3,111-4, A-A-1, Glossary-5
support, v, 11-3,11-6,111-2, 111-4
transferring risk, 11-4
course of action (COA), 1-1, 1-3, I-4,II-3,II-4, 11-5,11-8,11-9,111-2,111-3, 111-4, A-C-1,
Glossary- 1
cover and concealment, 11-9
crisis action, 1-3, 11-7, 11-8
critical, 1-3, 11-1,II-4,11-9,11-10, 111-1, 111-5,111-6, A-D-1, A-D-2, A-E-1, A-E-2, Glossary-4,
Glossary-5
D
decisions, i, v, I-l,I-2,1-3, 11-3,114.11-6, 11-7, 11-8,11-12,111-1 111-2,111-3, A-A-1, A-C-1, A-
D-1, B-2, Glossary-5, Glossary-6
delay, 11-4, 111-4
deliberate, 1-3, 11-2, 11-7, 11-8, 111-5
develop controls, v, 1-3, 1-5, 11-3, 11-5,II-7, 11-8, 111-3, 111-5, A-1, A-A-1, B-2
E
enemy, 1-1, II- 1,II-8,II-9, Glossary-2, Glossary-4
engineering, 11-4, 11- 1 1, A-E- 1, A-E-2, B- 1
exposure, 11-4, A-E-2
F
feasibility, 1-2, 11-3,III-2, 111-3, 111-4
feedback, v, 1-2, 11-6, 11-7, 111-2, 111-7
force protection, v, I-1,I-5,111-3,111-7, A-1, A-B-1, A-C-1, B-l,B-2, B-4, Glossary-1
activities, A-C-1
agenda, B-1, B-2, B-3
assessment team, B-1 , B-2
checklist, B-3
composition, B- 1
conditions, A-1, A-C-1
effects, A- 1, A-C- 1
facilities, B-3, B-4
priority matrix, A- 1, A-B- 1
procedures, B-1
products, B-4
tasks, A- 1, A-B- 1, A-C- I
force protection working group (FPWG), 111-3, B-1, B-2, B-3, B-4, B-5, Glossary-1
forward area refueling point (FARP), B-5, Glossary-1
Index-2

H
high risk, 11-5, A-A-1, A-D-1, Glossary-4
host nation (HN), 111-5, B-1, B-3, B-4, Glossary-1
hygienic, 11- 12
I
identify, i, v, 1-1, I-2,I-3, 1-4,11-1, 11-2, 11-3,II-4,II-5, 11-6,II-7, 11-8,11-9,11-10,111-1, 111-3,
111-4,111-5,111-7, A-1, A-A-1, A-B-1, A-E-2, B-1, B-2, Glossary-4, Glossary-5, Glossary-6
impact, mission, probability and severity, 1-1,1-3,11-1,11-2, 11-8,II-9,II-10,111-3,111-4, III-
6, A-D-2, Glossary-4, Glossary-5
implementation, i, v, I-1,142, 1-3,1-5,11-3,11-4,11-5,11-6,11-7,11-8,111-3,111-4,111-6,111-7,
A-A-1. B-1
J
Joint Operation Planning and Execution System (JOPES), i, 11-7, Glossary-2
joint task force (JTF) i, 11-7,II-8,111-4,111-5, B-3, B-4, B-5, Glossary-2
K
key aspects, v, I-1,II-6, 11-9, 111-5
L
logistics, 11-10, 11-1 1,111-4, 111-6, A-B-1, B-1, Glossary-2
loss, 1-1 ,II-2,11-4,11-8, 111-3,111-4, A-C-1, A-D-1, A-D-2, Glossary-4, Glossary-5
low risk, 1-2, 11-5, 111-2, A-A-1, A-D-1, Glossary-4
M
machine, 11-1, II-lO,II-11,11-12, Glossary- 1
maintenance, I-3,11-9,11- 10, 11-11, A-E-1, A-E-2
major subordinate element (MSE), 11-7,II-8, Glossary-2
man, machine, media, management, mission (5-M) model, 11-1, 11-6, 11-10, 11-11, 11-12, 111-2,
Glossary-1
managing, 1-3, 111-1, 111-2, 111-3, 111-5, 111-6, 111-7
marginal, A-D-1, A-D-2, Glossary-4, Glossary-5
media, 11-1, 11-10, 11-12,111-5, 111-6, Glossary-1
METT-T (mission, enemy, terrain and weather, troops and support available, time
available), 11-1,II-6, 11-8, 11-10, 111-2, Glossary-2
METT-TC (mission, enemy, terrain and weather, troops and support available, time
available, civil considerations [Army]) 11-8, 11- 10, Glossary-2
moderate risk, 11-5, A-D- 1, Glossary-4
N
negligible, A-D- 1, A-D-2, Glossary-4, Glossary-5
0
objective, 1-4, 11-10, 11-12, 111-3, 111-6, 111-7
Index-3

observation, 11-9,111-6, B-3
operational, v, 1-1, 11-1,II-4,II-10, 11-12, 111-3,111-6, A-B-1, A-C-1, A-E-1, A-E-2, B-5,
Glossary-4, Glossary-5
operation order (OPORD), 111-4, 111-7, Glossary-3
operation plan (OPLAN), 111-4,111-7, Glossary-3
operations, military, v, I-1,I-2, 1-3, 1-5, 11-1,II-4, 11-6,11-8,11-9,11-10, 111-1,111-3,111-4, III-
6, 111-7, A-1, A-D-3, B-1, B-2, B-3, B-4, Glossary-2
P
performance, 11-4,II-6, 11-11, 111-2,111-6, A-E-2
personal, 11-1, 11-4.11-11, A-D-2, A-E-2
physical, 1-1, 11-4, 11-10, 11-11, A-E-1, A-E-2
probability, I-l,II-l,II-2, 11-3.11-4,II-5, A-D-1, A-D-2, A-D-3, Glossary-4, Glossary-5,
category, A-D-2
definitions, A-D-3
procedures, i, v, 1-2, 1-3, 1-5, 11-3,II-10, 11-12,111-4, 111-5, A-1, A-E-1, A-E-2, B-1, B-5,
Glossary-1 , Glossary-2, Glossary-3
process, i, v, 1-1, 1-2, 1-3, 1-4, 1-5, 11-1, 11-2, 11-3, 11-5, 11-6, 11-7, 11-9, 11-12, 111-1, 111-2, 111-3,
111-6, A-1, A-A-1, A-E-2, B-1, B-4, Glossary-5
R
residual risks, 11-3, 11-5, 111-3,111-4, A-A-1, Glossary-5,
responsibilities, i, v, 11-5, 111-1, 111-2, 111-3, 111-4,111-5, B-1, B-2
commander, 111-1, 111-2, 111-3
leaders, 111- 1, 111-2
individual, 111-5
staff, 111-3
risk, i, v, I-1,l-2, 1-3, 1-4, 1-5, 11-1, 11-2, 11-3, 11-4, 11-5, 11-6,II-7, 11-8, 11-9, 11-11, 111-1, 111-2,
111-3, 111-4, 111-5, 111-6, 111-7, A-1, A-A-1, A-C-1, A-D-1, A-D-2, A-E-1, A-E-2, B-1, B-4, B-5,
Glossary-3, Glossary-4, Glossary-5, Glossary-6
assessment, 11-2, 111-4, A-C- 1, A-D-l , A-D-2
probability categories, A-D-2
probility definitions, A-D-3
severity categories, 11-2, A-D-2
unacceptable, 111-3, Glossary-6
unnecessary, 1-2, I-3,111-3, 111-6
risk management, i, v, 1-1, 1-2, 1-3, 1-4, I-5,11-1, 11-5,II-6,II-7,II-8,II-10,II-12, 111-1, 111-2,
111-3, 111-4, 111-5,111-6, 111-7, A-1, A-A-1, B-1, Glossary-5
application guidelines, 1-3, 111-7
application, i, 1-1, 1-3, 11-1
assessment, I-1,II-6,111-6
crisis action, 1-3, 11-7, 11-8
cycle, 1-4
decisions, 11-5
Index-4

deliberate, 1-3, 11-7
execution, 11-7,II-8
feedback, v, 1-2, 11-6, 11-7,III-2, 111-7
framework for implementing, 1-2
fundamentals, v, 1-1
goal, v, 1-1
implement, I-2,111-6
integration, v, 11-7, III-2,111-3, 111-4,111-6
key aspects, v, 1-1
levels, 1-3
objective, 111-3, 111-6, 111-7
principles, i, v, 1-2
process, i, v, I-l,I-2,1-3,1-4, 1-5,11-1,11-5, 11-6, 11-7,111-1,111-2, 111-6, A-1, B-1,
Glossary-5
review, v, 1-3, 1-4,II-1, 11-6, 11-7,II-8, 111-6,111-7
sequence, 1-3
supervise, 1-3,I-4,II-6,II-7, 11-8, A-A-1
training, 111-2, 111-6
use, 1-1, 1-3
worksheet, A- 1, A-A- 1
risk management fundamentals, v, 1-1
risk management goal, v, I- 1, II- 10, 111-2
S
services, v, 1-1, 11-10, 111-5, 111-6
situational analysis, 11-1
supervise and review, 1-3, 1-4, 11-6, 11-7,II-8, A-A-1
T
threat, v, 1-1, 1-2, 1-3, 1-4, 11-1, 11-2, 11-3, 11-4, 11-5, 11-6, 11-7, 11-8, 11-9, 11-10, 11-11, 11-12, III-
1, 111-3,111-4,111-5, 111-7, A-1, A-A-1, A-C-1, A-D-1, A-E-2, B-1, B-2, B-3, B-4, B-5,
Glossary-4, Glossary-5, Glossary-6
assessment, 1-3, 111-4
causes, 11-1,II-2, A-A-1
checklist, B-3
identification, v, I-2,I-3, 1-4, 11-1, 11-3, 11-5,11-7, 11-8, II-9,II-10,111-4, A-1, A-A-1, B-2,
Glossary-4, Glossary-5
probability, II-l,II-2, 11-3, A-D-1, Glossary-5
severity, II- 1, 11-2, 11-3, Glossary-4, Glossary-5
U
unacceptable risk ,111-3, Glossary-6
unnecessary risk, 1-2, 1-3, 111-3, 111-6
Index-5

FM 3-100.12
MCRP 5-12.1C
NTTP 5-03.5
AFTTPG) 3-2.34
15 February 2001
By Order of the Secretary of the Army:
Official:
ERIC K. SHINSEKI
General, United States Army
Chief of Staff
JOEL B. HUDSON
Administrative Assistant to the
Secretary of the Army
01 06 101
DISTRIBUTION:
Active Army, Army National Guard, and US. Army Reserve: To be distribute in
accordance with the initial distribution number 115840 requirements for FM 3-
100.12.
By Order of the Secretary of the Air Force:
LANCE L. SMITH
Major General, USAF
Commander
Headquarters Air Force Doctrine Center
Air Force Distribution: F

MARINE CORPS: PCN 14400009300