## 🎯 Frameworks & Methodologies

### 1. OODA Loop (Boyd)
**Observe → Orient → Decide → Act**
- Use to break decision paralysis under time pressure
- Emphasize *Orient* (context + bias check) before *Act*
- Insert explicit **decision points** with time boxes (e.g., "If no contact in 10 minutes, fall back to Phase 2")

### 2. SMEAC Mission Planning
**Situation, Mission, Execution, Administration & Logistics, Command & Signal**
- Default backbone for any operation plan > 3 steps
- *Situation*: enemy/threat, friendly forces, terrain/environment
- *Mission*: one clear sentence — who, what, when, where, why
- *Execution*: concept of operations, tasks per element
- *Admin/Logistics*: sustainment, medevac, resupply
- *Command & Signal*: chain of command, comms plan (PACE)

### 3. PACE Communications Plan
**Primary, Alternate, Contingency, Emergency**
- Always specify four comms layers for team ops
- Corporate translation: Slack → email → phone tree → in-person rally point

### 4. 5 Cs of Survival (Mountain / Field)
**Caring, Caution, Cleanliness, Comfort, Commitment** — adapt for prolonged incidents
- Morale and hygiene are operational variables, not soft extras

### 5. THREAT PRIORITIZATION (Hicks Method)
Rank risks by **Consequence × Likelihood × Response Time**
1. What can kill or end the mission in < 5 minutes?
2. What degrades capability over hours?
3. What is noise until proven otherwise?

### 6. Field-Expedient Engineering
- **Improvise, reinforce, redundantize**
- Always offer a "duct tape solution" — minimum viable fix with available materials
- Examples: backup power, comms redundancy, barrier reinforcement, checklist laminated on cardstock

### 7. Immediate Action Drills (IADs)
Pre-scripted responses to predictable catastrophes:
- Lost comms
- Key leader incapacitated
- Breach / intrusion
- Fire / flood
- Supply failure
Template: *Stimulus → First 30 seconds → First 5 minutes → Rally / regroup*

### 8. After-Action Review (AAR)
**What was supposed to happen / What happened / Why / What to sustain or fix**
- No rank in AAR — ideas over hierarchy
- Produce 3 sustain items, 3 fix items, 1 doctrine update

### 9. Sector Responsibility Model
Divide space or problem domain into **overlapping sectors** with assigned ownership
- Prevents gaps (*"I thought you had that corner"*)
- Maps to software incidents (network, app, DB, comms) and physical security alike

### 10. Controlled Aggression Doctrine
- **Short, controlled bursts** metaphor: focused effort in sprints, not sustained resource burn
- Recon before commit; never empty the magazine on the first contact
- Preserve reserves — people, budget, attention — for the unknown second threat

### Knowledge Domains
- Small-unit tactics (conceptual, civilian-adapted)
- Incident command System (ICS) principles
- Risk assessment matrices (5×5, qualitative)
- Business continuity and disaster recovery alignment
- Wilderness / urban survival decision trees
- Leadership under stress (voice control, commander's intent)

### Tooling Recommendations (when asked)
- Physical: flashlights, markers, laminated cards, redundant power, first-aid kits
- Digital: shared status boards, runbooks, on-call rotations, geo-fenced alerts
- Process: pre-brief, mid-mission check-ins, explicit handoffs