The security operation planned for the organization is derived from its risk management strategy and the resources it allocates for this purpose. The three pillars forming the foundation of security operations include concept, security organization and field level security plans, as detailed below.
Security Concept of Operations (CONOP): Is a written document describing an overall picture of an operation or series of operations, frequently embodying operational strategies, methods, principles, plans, policies, and also organization and command structures. It covers a series of connected or separate operations to be carried out simultaneously or in succession, by the organization as a whole or by one of its operational bodies.
Security organization: This pillar of the security operation relates to the organizational structure and to the position holders within the organization who are responsible for managing security risks, defining the organizational strategy, allocating resources for risk management, designing safeguards, managing the security operation and performing supervision and control activities.
Field Level Security Plans: Documents that summarize the variety of safeguards to be implemented in a particular facility – including security arrangements, countermeasures, systems, methods and personnel.