November 8, 2003 **
War is the extension of policy by another means. Therefore, the War on Terror is the extension of our national security policy. This implies that a strategy for the War on Terror should be derived from our National Security Strategy. The National Security Strategy indicates that the following principles are non-negotiable: the rule of law; limits on the absolute power of the state; free speech; freedom of worship; equal justice; respect for women; religious and ethnic tolerance; and respect for private property.14 We will integrate diplomatic, informational, military and political elements of national power to achieve these objectives around the world. President George W. Bush reiterated this policy in his historic speech to the National Endowment for Democracy on 5 November 2003. The implicit assumption is that agreement on these principles will eliminate the ideological basis for fundamentalist terrorism. These are the clearly defined, if not readily perceived by field commanders, political objectives for which we must set the military conditions. While we must protect our own strategic centers of gravity, so we cannot ignore casualties, it is risk to these objectives that we must manage.
Risk and threat are synonymous. A risk is measured by combining the probability a hazard will occur with the severity of the damage caused by its occurrence. Risk = Probability X Severity15. A threat is measured by combining the intent to act against our interests with the capability of the adversary to damage us. Threat = Intent X Capability. Some events are so unlikely that we do not consider them actual risks. For instance, an alien spaceship striking the National Military Command Center, just as an order to recall strategic bombers is given, does not qualify as a valid risk. Some threats have so low an intent to harm our interests, that the likelihood of their acting prevents them from being a threat. For instance, the British have Weapons of Mass Destruction, but are not considered a measurable threat. So, intent and probability are both tied to a belief-value of likelihood. Probability = Intent. The severity of a hazard is a measurement of its ability to damage. The capability of a threat is also a measurement of its ability to damage. Severity = Capability. That brings us to the conclusion, Risk = Threat. This is important because it means we can adapt the risk management process to manage threats. The process identifies multiple hazards and seeks to mitigate them to reduce the overall level of risk. Risks are rarely eliminated. On today's battlefield we face multiple threats to our political objectives, and we will rarely be able to totally eliminate these threats. However, we can conduct operations to mitigate them to an acceptable level.
Risk management is part of the orders process. Every junior officer is familiar with the principle and technique used as part of the Military Decision-Making Process.16 Once a hazard is identified, it is assessed as Extremely High, High, Moderate or Low. These terms are defined in military publications, as are the gradations of probability and severity. The risk assessment matrix below includes these definitions.
The creation of a Threat Matrix, which translates these terms into metrics of intent and capability, is the leap of imagination required by this study. To do this we will identify factors that influence probability and severity in each of the gradations. These factors could be weighted for a more nuanced approach. We can average out the value of these factors to come out with an overall severity or probability value. These numbers (between 1 and 4 or 1 and 5) equate to one of our definitions. For example, a faction with global reach, a constituency of less than a million, fewer than 100 fighters, external supply and funds, and a charismatic leader represents an overall threat severity of 2.6 (almost Marginal), which rounds down to Critical.
Once that is accomplished, it is a relatively simple matter to pseudo-quantify and plot threats relative to each other and assign them a threat risk for prioritization. Thus, we use scientific method as a means to differentiate between threats and argue for priorities. However, we want to avoid the implication that a detailed analytic approach is a panacea for what is essentially a problem of political art. The figure below is intended as a generalization. Obviously, without rounding our factors we could also differentiate between threats with higher fidelity and use a Cartesian coordinate plane to graphically portray threat phase space.
The next part of the process is establishing and implementing controls to mitigate the risk. In terms of a threat, this would mean coordinating and executing operations, which degrade either intent or, more likely, capability. The final phase of the process is to supervise and evaluate for the next event to determine the effectiveness of the controls. The process is iterative.
A risk management strategy would tailor forces and focus energy against extremely high-risk threats first. As one of these threats was reduced to high risk, attention would shift to another extremely high-risk threat, until all extremely high-risk threats were reduced. Then assets would focus against high-risk threats. The process would be iterative and flexible. Once all threats were assessed as low, the military mission could transfer to local law enforcement. Thus, the military exit strategy is conditions-based, with measurable conditions.
No strategy, of course, can guarantee the personal security of American citizens at all times. The risk of criminal activity and individual acts of insanity will always be possible. However, given the resilience of American society, and the demonstrable lack of political effect of a Timothy McVeigh like attack, these dangers will be manageable. Our strategy is aimed at ensuring the success of the political objectives for which the war is fought. Application of this strategy would have ensured that security of mosques in southern Iraq was not handed over to organized fundamentalists to ensure short-term appearance of stability, when the long-term political objectives are placed at risk. On a Fourth Generation Battlefield, it is possible to win the fight and lose the war.
Previous: page 1
Next: page 3 - Operational Concepts for a Risk Reduction Strategy
Start: Executive Summary
14: The White House, "The National Security Strategy", Washington, DC, 2002.
15: FM 101-5, Fig. J-3, Pg. J-3 in Norman M. Wade, The Battle Staff SMARTbook (Lakeland, FL: Lightning Press, 1999), pg. 1-11. The table and definitions were developed for tactical and accident risk. However, it is easily adapted for operational and strategic risk; and was used by SOCCENT and CJSOTF-N during Operation Iraqi Freedom in this fashion.
David E.A. Johnson, Senior Fellow
Lt. Col. David Johnson is a senior research fellow with the Center for Advanced Defense Studies and a Ph.D. candidate at the University of Paris in Theoretical Information Science. He is a graduate of the United States Military Academy at West Point, a Graduate of the Command and General Staff Course, the Joint Defense College (France), and holds a Masters Degree in the History of Strategy from the Sorbonne. An Army Strategist, he has recently served as an Army Legislative Liaison with the House of Representatives, Chief of Plans for the Combined Joint Special Operations Task Force in Northern Iraq and Chief of Plans for the Combined Joint Special Operations Task Force for the Arabian Peninsula. He is currently assigned as Chief of the Special Operations Theater Support Element-Central Command. His dissertation is in the domain of intention awareness with implications for wireless encryption and the creation of organization independent software. He has participated in numerous working groups for the development of military decision-making systems, both American and French. He has published articles in Infantry and Special Warfare magazines.
This work is posted along the "Fair Use of Copyrighted Works" provisions. This work was originally published by:
The Center for Advanced Defense Studieswith the following provisio:
The George Washington University, Washington, DC 20052
This work reflects the opinions of the author and not the official positions of The George Washington University, The Department of Defense, or any other organization with which the author is affiliated.
Previous: page 1
Next: page 3 - Operational Concepts for a Risk Reduction Strategy
Start: Executive Summary
Back to Articles