You should contact your organization’s OPSEC representative to discuss items on your organization’s Critical Information and Indicators List (CIIL).

Who that usually is

In most organizations that use a CIIL, the OPSEC representative role is formally assigned. This can include:

  • OPSEC Program Manager
  • OPSEC Signature Manager
  • OPSEC Coordinator

These people are specifically trained to manage and protect critical information and are responsible for validating, updating, and explaining items on the CIIL.

Why not other roles?

Other security‑related roles may sound similar but are not the primary contact for CIIL content. Common examples:

  • Facility Manager: Focuses on buildings, infrastructure, and maintenance, not detailed OPSEC indicators.
  • Security Forces / Guard Force: Focuses on physical security and response, not CIIL management.
  • General Security Manager: Oversees security broadly but usually relies on the OPSEC program staff for CIIL specifics.

How to phrase your request

When reaching out inside your organization, you can say something like:

“I’d like to review and clarify items on our Critical Information and Indicators List. Could you connect me with our OPSEC representative or OPSEC Program Manager?”

If you are unsure who that is, ask your supervisor or security office who serves as the OPSEC point of contact in your unit or department.