What is CONOPS?
CONOPS refers to a Concept of Operations. It provides context and answers the “why are we doing this?” question to tie cybersecurity operations together. A CONOPS outlines how a system (or systems) will be used to meet mission objectives, from the user perspective. A CONOPS typically includes:
- Goals and objectives of the system.
- User classes, roles and responsibilities.
- Operational processes, workflows and interactions.
- Context, constraints, assumptions and stakeholder expectations (en.wikipedia.org).
In cybersecurity terms, a Security CONOPS describes how security features support mission operations. It serves as a foundation for developing system requirements, controls and procedures.