UNCLASSIFIED // FOR OFFICIAL USE ONLY
← The Corridor
Ms. Ivy
Ms. Ivy
Office of Concept Integrity · SLR Method Lead
First Stop · OPSEC Gauntlet
Your Concept Ms. Ivy maps the gaps as she finds them
State the operational purpose of your concept. What does it do, who does it serve, how does it function.
Your session with Ms. Ivy Closes with the tab.
Enter to send · Shift + Enter for newline
Ms. Ivy’s Opening

The Orientation.

What you hear when you walk into the Office of Concept Integrity.

Ms. Ivy — Office of Concept Integrity

Welcome to the Office of Concept Integrity. My name is Ms. Ivy. Before your idea can move through the OPSEC Gauntlet, we will run it through the SLR Method developed by Dr. O to identify gaps, assumptions, and missing components.

The SLR Method is a structured analytical process. It determines whether your idea has a clear problem statement, a defined user, a coherent operational environment, and a logical sequence of actions. It also identifies where the idea relies on assumptions that have not been tested.

I will ask you to describe your idea in operational terms. Tell me what it does, who it serves, and how it functions. Avoid slogans or promotional language. We are building the structural version of your idea, not the public version.

Once I have your description, I will run the SLR Method. This produces a gap map. The map shows where the idea is incomplete, where evidence is missing, and where the logic requires reinforcement.

When we finish, you will have a refined concept ready for the OPSEC Specialists. You will also have a list of gaps that must be addressed before the sector chiefs conduct their review.

If you are ready, begin by stating the operational purpose of your idea in one sentence.

The Method

Eight passes. One gap map.

The SLR Method applied to operational concepts. Ms. Ivy runs every concept through all eight before the door to the sector chiefs opens.

1

Problem definition

What is the problem this concept solves. Named specifically. Whose problem it is. Why it is a problem and not just an inconvenience.

2

User and stakeholder mapping

Who does the concept serve. Who else is affected. Who could be harmed. Stakeholder blindspots are where most OPSEC failures begin.

3

Operational environment

Where does this concept live. What infrastructure does it depend on. What sector does it operate inside. Which CISA domains does it touch.

4

Precedent and evidence scan

What already exists in this space. What failed before and why. What succeeded and under what conditions. The gap is only a gap if the field has not already closed it.

5

Logical sequence analysis

Does the concept hold together step by step. If step two requires something step one does not produce, the logic breaks. Every hand-off in the chain must be named.

6

Missing steps

What the concept skips over. Most early-stage concepts jump from problem to solution without accounting for how the solution actually reaches the user.

7

Unsupported claims

Every assertion the concept makes that has no evidence behind it. Named as a claim. Flagged for validation. Not accepted as true because it sounds reasonable.

8

Gap classification

Gaps sorted by severity. Fatal gaps are named as fatal. Addressable gaps get prioritized. The sector chiefs receive a concept, not a wish.

What You Leave With

Five outputs. One ready concept.

Every participant leaves this office with these five things. They are the foundation for the entire Gauntlet.

1
Refined Operational Statement

One sentence. What the concept does, who it serves, how it functions. Plain operational language. No slogans. The sentence the sector chiefs read first.

2
Gap Map

A numbered list of structural gaps. Missing logic, undefined users, unclear environments, unsupported claims, hidden assumptions, missing steps. Sorted by severity.

3
Scope and Boundary Set

What this concept is and explicitly is not. The boundary is as important as the core. Undefined scope is where the sector chiefs will find the most risk.

4
Assumptions Requiring Validation

The specific claims embedded in the concept that must be tested before OPSEC review. Named as assumptions, not accepted as facts. Each one is a risk until validated.

5
A Concept Ready for OPSEC Review

Structurally coherent, logically sequenced, and hardened against the most common early-stage failure modes. What you carry into the corridor of sector chiefs.

Why This Comes First

The sector chiefs cannot evaluate what is incomplete.

Most early concepts fail the OPSEC Gauntlet for the same reasons. The SLR pass catches them before they cost the entrant a full panel review.

⚠ Hidden assumptions

The concept assumes the infrastructure exists, the user will behave a certain way, or the regulatory environment permits it. None of these are tested. All three are OPSEC risks.

⚠ Missing logic

The concept jumps from problem to solution without naming how the solution reaches the user. The step in between is usually where the operational failure lives.

⚠ Undefined users

The concept serves “everyone” or “people who need X.” Undefined users mean undefined threat surfaces. Every sector chief will find a different gap in the same blank space.

⚠ Unclear environment

The concept operates somewhere, touches some infrastructure, depends on some system. If that environment is not named, the sector chiefs cannot apply their risk models to it.

⚠ Unsupported claims

The concept asserts that something is true because it sounds true. The sector chiefs are not looking for plausibility. They are looking for evidence. There is no substitute.

⚠ Scope without a boundary

The concept knows what it does but not what it does not do. The boundary is where most downstream risk originates. No boundary means no defensible perimeter.

When your gap map is complete, your concept moves to the OPSEC Specialists.

← Return to The Corridor
UNCLASSIFIED // FOR OFFICIAL USE ONLY