S2 Department - Regulations and Procedures: Difference between revisions

From 7th Cavalry Wiki
Jump to navigation Jump to search
Profenno.L (talk | contribs)
1534
Profenno.L (talk | contribs)
1534
Line 77: Line 77:
* Review any and all S2 checks forwarded to him from the NCOIC or Senior Investigators.
* Review any and all S2 checks forwarded to him from the NCOIC or Senior Investigators.
* Departmental response times and adherence to SOP.
* Departmental response times and adherence to SOP.
* Carry out all decisions made by S2 OIC.
* Carry out all decisions made by S2 1IC.
* Responding to requests for help promptly.
* Responding to requests for help promptly.
* Oversight of all Training.
* Oversight of all Training.

Revision as of 20:56, 23 April 2022

This is the Document Release Information
Article Number: 7CAV-DR-02
Scope: S2 Department - Regulations and Procedures
Version: Version 1.2
Effective Date: 23MAY20
Last Modified Date: 23APR22
Approving Authority: SECOPS OIC
Point of Contact: S2 1IC


Introduction

The S2 Military Intelligence Branch is the first line of defense against undesirable players. As an S2 Investigator one of your main jobs will be to carefully investigate the gaming background of recruits and ensure that we and by proxy the Cav only allow the very best, mature, reliable, and reputable people to join our organization. It is our duty to ensure that any recruit who does not meet the above criteria does not gain entrance in our community. We accomplish this through a basic gaming background check of each applicant that we receive from the Recruit Training Command (RTC).

Upon enlistment, each potential recruit is run through an application process. This process starts with their application for admittance into the Cav. Once the application is approved, it is then forwarded for processing to the RTC drill instructors, who in turn create the respective trooper's personnel file while S1 MILPACS creates the trooper's MILPACS.

In parallel, S2 security begins the process of investigating the applicant's gaming Background. While the S2 duties are not restricted to background checks, this training manual will mainly focus on this area as it represents the main part of your work in the S2 Department. Reliability, a strong sense of curiosity and dedication to the task at hand is required to be a successful S2 investigator. An eye for details and a good knowledge about different aspects of gaming will help you perform well.

It is absolutely vital that you treat every recruit with respect and maintain absolute Confidentiality. While this is a position of significant gravity, the application of your abilities is expected to be executed with only the most careful consideration at all times.

Chain of Command

The S2 Branch is led by the S2 Officer in Charge (OIC), assisted by the Second in Command (Executive Officer, XO), and the S2 Non-Commissioned Officer in Charge, or S2 NCO.

The Chain of Command in the S2 Branch is: 1. S2 OIC 2. S2 XO 3. S2 NCOIC 4. Senior Investigators 5. Investigators 6. Investigators in Training (IIT)

The S2 Department forms half of the Security Operations Department reporting to the Regimental XO. The department has an Officer in Charge, Executive Officer, and an NCOIC. It is supported by a staff of Investigators. These are divided up into Senior, Investigator, and Investigator in Training. Each Senior is assigned a staff of Investigators who primarily report to them to form an evenly spread escalation route.

This chain of command is to be utilized in all situations where the issue cannot be resolved here and then. It is to be used as the primary method of communications via the Forums to provide an on-record auditable archive of all queries to command and all resolutions. Consult the “S2 YYYY (QQ) Communication PM” Private Message for each. This can be seen by everyone in the department up to and including the Regimental Executive Officer, and as such the content of such requests should be formal, comply with the General Orders and never bring the department into disrepute.

Where possible, discuss the issue you've posted on the forum communications post at the earliest possibility with the next person in your chain of command. If at any time you are unsure who is in your chain of command, consult the “Investigator’s AO Assignment” thread which illustrates the department in greater detail.

Roles and Responsibilities

Definitions

Each role listed below will be separated into Daily, Weekly, and Monthly duties as it relates to that specific position. The Strategically section will list any special duties or responsibilities that position holds in addition to its regular duties.

S2 First in Command

The S2 First in Command (1IC) is charged with the oversight and execution of all S2 matters and reports directly to the SECOPS Chief.

Responsibilities

Frequency Responsibility
Daily
  • Review any and all S2 checks forwarded to him from the NCOIC or Senior Investigators.
  • Review PAFs, monitor LOAs and ELOAs of all Investigators.
  • Communicate to S2 Staff any updates to SOP or Procedure.
Weekly
  • Appointment and removal of Leadership positions.
  • Processing of all Discharges up to, but not to include, Dishonorable Discharges.
Monthly
  • Departmental performance for each month.
  • Attending Command Staff Calls or delegating attendance when unavailable.
  • Posting of total performance to S2 Staff regarding Activity and check completion.

S2 Second in Command

The S2 Second in Command (2IC) is charged with carrying out the duties assigned by the OIC and SECOPS Chief. In addition he is charged with acting in the stead of the OIC when unavailable or on leave. The XO reports to the S2.

Responsibilities

Frequency Responsibility
Daily
  • Review any and all S2 checks forwarded to him from the NCOIC or Senior Investigators.
  • Departmental response times and adherence to SOP.
  • Carry out all decisions made by S2 1IC.
  • Responding to requests for help promptly.
  • Oversight of all Training.
  • Communicate to S2 Staff any updates to SOP or Procedure.
Weekly
  • Department activity and training of new departmental personnel.
  • Reviewing department capacity, recruitment, training of S2 IITs (instructors in training).
  • Appointment and removal of S2 OIC Approved Leadership positions.
  • Processing of all Discharges up to, but not to include, Dishonorable Discharges.
Monthly
  • Departmental performance for each month.
  • Attending Command Staff Calls or delegating attendance when unavailable.
  • Posting of total performance to S2 Staff regarding Activity and check completion.

S2 Lead Investigator

The S2 Lead Investigator is placed in charge of both S2 Check Departments, Initial and Final Checks. All investigators within those departments report to their Senior Investigator. The Senior Investigators report directly to the S2 Lead Investigator. The S2 Lead Investigator reports directly to the S2 2IC.

Responsibilities

Frequency Responsibility
Daily
  • Forward all proposed changes to SOP, especially in regard to changes in training, to 1IC/2IC.
  • Maintain the presence of troopers and activity within the departments.
  • Carry out all decisions made by the S2 1IC/2IC.
  • Be available for all trooper concerns and respond to them promptly.
  • Handle all Check issues escalated by investigators.
Weekly
  • Assign FC Checks to Investigators every Sunday and ensure they are all started by the following Friday. Ensure that IC Checks are being appropriately self-assigned as needed and started within a 72-hour time frame.
  • Monitor team activity and training of new departmental personnel.
  • Review department capacity/recruitment / training of S2 IITs (instructors in training), informing S2 IITs of their progress.
  • Perform random spot reviews of checks completed by investigators for any missed items or deficiencies and ensure checks are being moved to either Cleared Initial Checks or Completed Checks depending on the department.
Monthly
  • Departmental performance for each month.
  • Attend at least one CSC every three months.
  • Review the status of trainees and determine graduates of the department school for processing by the XO.

S2 Senior Investigator

The Senior Investigator is charged with the leadership of a group of investigators within one of the two S2 Investigations departments. The Senior Investigator reports directly to the S2 NCOIC.

Responsibilities

Frequency Responsibility
Daily
  • Ensure all assigned checks are being processed prior to the following Sunday.
  • Maintain the presence of troopers and activity within the department.
  • Carry out all decisions made by the CoC.
  • Be available for all trooper concerns and respond to them promptly.
  • Handle all minor check issues escalated by investigators.
Weekly
  • Responsible for the direct training of all new departmental personnel.
  • Review department capacity/recruitment / training of S2 IITs (Investigator in Training), informing S2 IITs of their progress.
  • Review all checks completed by investigators for any missed items or deficiencies and move checks to either Cleared Initial Checks or Completed Checks depending on the department.
  • Prompt creation and updating of all IiT Trainee folders.
Monthly
  • Review and report the status of all trainee folders to CoC.
  • Execute Random comprehensive reviews and interview sit-ins with Investigators to ensure no degradation in performance.

S2 Investigator

The investigator makes up the bulk of the department. They are the front line in defending the 7th Cavalry from the threat of foul play and indecency among our incoming membership and they serve at the leisure of the S2 OIC. An investigator is held to a superior standard and must be timely with their workload. Any and all issues should be reported up to the Senior by Tagging them in any post in which the investigator identifies a problem.

Responsibilities

Frequency Responsibility
Daily
  • Check for new assignments and follow up / complete previous week incomplete checks.
  • Carry out all decisions made by the Chain of Command.
Weekly
  • Ensure there are no checks that were left with information or procedures incomplete.

S2 Investigator in Training

The IIT is charged with learning the Procedures for investigation within the scope of the S2 Department of the 7th Cavalry Regiment. The IIT reports to the Senior Investigator to whom they are assigned and will attend weekly training sessions on this manual, participating in investigations and checks where requested.

Responsibilities

Frequency Responsibility
Daily
  • Be available to whom they are assigned as an investigator in training, and obtain observations of behavior from Investigators and Sr Investigators to aid in education and progress towards becoming an investigator.
  • Follow all directions issued by the Senior Investigator and communicate your status with them frequently.
  • Carry out all decisions made by the CoC.
Weekly
  • Attend sessions with the assigned Senior Investigator to review the SOP manual and train on check completion.

Documentation of Work

Google Drive

Google Drive is a cloud based server that the S2 department uses to coordinate its efforts and paperwork in a secure manner. Within it you will record all possible evidence and recordings, plus other S2 related business when instructed by the Chain of Command. Once you are accepted to join the S2 Department, you will need to provide your email address to the S2 OIC so that you may be added to this Drive account. Once added you will be given an orientation in the proper use of the Google Drive folders.

S2 Quarterly PM

Every 3 months the OIC, XO, or NCOIC will create a new PM for all investigators. This thread is used to inform the team about new checks, anything that is relevant for our work and to throw out questions to the team and get a second opinion or in general ask for help. Only General Staff, OIC, XO, NCOIC, S2 Investigators and Investigators in Training have access here and confidentiality applies 100%.

Discord

Discord is a voice and chat tool that the Cav uses as a complement to our existing tools. S2 has a specific channel we use to inform the team about specific events or just ask a short question. It is not mandatory to use discord, but see it as an add-on to the forums. There is an extension for the cell phone as well. Once you get accepted into S2 you will get access to the S2 channel. Please keep all chat here confidential.

Retention of Data

At no point is any S2 evidence to be stored on a local machine or other means of hosting other than specified above. You can hold data temporarily on a local machine but all evidence must be uploaded to the S2 Check Folder and deleted from any other means. After a check is completed as Clear it may be deleted from the storage medium. The maximum amount of time to hold such data is two weeks from the closure of the check.

Background Check Standard Operating Procedures

The main task of the S2 department is the recruit gaming background check. Below is a description of the various parts and forum areas you will need for your check. Please refer to Appendix 1 for a more detailed workflow.

Forums Utilization

There are three primary sub-forums you will utilize to complete background checks on recruits.

Tool Description
RTC Recruit Tracking This is where a lot of basic information is gleaned from. If any behavior or such ends up raising flags with RTC while the recruit is with the department, it will usually be notated in their RTC folder.
S2 Final Checks Final checks are the more detailed checks that are performed once a trooper has completed boot camp, RTC has posted their graduation and is preparing for transfer into a billet. The things that are checked include the following:
  • Googling SteamID to check for potential dual-clanning.
  • Going through Steam groups to check for potential dual-clanning or inappropriate content.
  • Reviewing comments, reviews, name history, screenshots, etc...
  • Searching Regimental assets (detailed in template) for any prior history with the trooper.
  • Checking any related gaming sites the troopers may be part of.

Note: It is absolutely forbidden to access a player's social media for any reason whatsoever. Twitch is not regarded as social media, so if a player's Twitch account is linked in their steam profile, information can be gathered there as long as that information is not considered personal or social media-related.

The process to check a prospective member's Steam Account.


Recruit Status Determination

Note: Checks are labeled with the colors GREEN, RED, or YELLOW.

There are nine statuses that a recruit can potentially have during their course in the investigation. Two statuses of special note are the “Clear” or “Hold”. The hold status can be initiated as soon as the initial check phase of the recruits process.

Initial Check Clear (IC)

Note: IC CLEAR needs to be colored with the color GREEN

If the investigation confirms that all information presented by the applicant is accurate and correct, no bans or other hinders are found and no suspect information needs to be discussed the recruit will be cleared. Update the recruit folder (see recruit folder for details) and the S2 recruit background check (see S2 recruit background check for details) with the status.

Clear

Note: CLEAR needs to be colored with the color GREEN

Once a recruit has been fully investigated, the matter is considered clear.

Initial Check Hold

Note: IC HOLD needs to be colored with the color RED

Some HOLD's will require an interview, some examples of this would be:

  • Multiple recent aliases with clan tags
  • Many active clan associations
  • Milsim group membership
  • Missing or unclear information
  • Racist Content

A valid reason for HOLD is any inconclusive information. When in doubt put the trooper on hold and conduct an interview to clarify your findings. Send a PM to the trooper and copy your S2 NCOIC / Senior Investigator on it. The title of the PM should, for example, read “S2 Action Required - RCT.Anderson.M”. Paste the respective HOLD template message in the PM. Make sure to follow up on the PM. If there is no response within 72 hours send a reminder. Check also the recruit folder Of RTC to see if there is an update.

Note: For private steam profiles, recruits are no longer placed on “S2 Hold”. We put them under “In Progress” and they will have 7 days to acknowledge. If no acknowledgment is made then they will be S2 DOR’d from the cav. The PM that is sent to them will request they add the investigator as a friend or set their profile to public. This is a mandatory step.

S2 Hold

Note: S2 HOLD needs to be colored with the color RED

Some HOLD's will require an interview, some examples of this would be:

  • Multiple recent aliases with clan tags
  • Many active clan associations
  • Milsim group membership
  • Missing or unclear information
  • Racist Content

A valid reason for HOLD is any inconclusive information. When in doubt put the trooper on hold and conduct an interview to clarify your findings. Send a PM to the trooper and copy your S2 NCOIC / Senior Investigator on it. The title of the PM should, for example, read “S2 Action Required - RCT.Anderson.M”. Paste the respective HOLD template message in the PM. Make sure to follow up on the PM. If there is no response within 72 hours send a reminder. Check also the recruit folder Of RTC to see if there is an update.

In Progress

Note: IC CLEAR needs to be colored with the color YELLOW.

For private steam profiles, recruits are no longer placed on “S2 Hold”. We put them under “In Progress” and they will have 7 days to acknowledge. If no acknowledgment is made then they will be S2 DOR’d from the cav. The PM that is sent to them will request they add the investigator as a friend or set their profile to public. This is a mandatory step.

Denied

Note: denied needs to be colored with the color RED

Recruits that fail the initial check are denied, and then are set as one of the following status:

S2 Drop on Request

Note: S2 DOR is posted without a color.

When the member is denied during the IC progress, they will be Dropped at the S2 level.

Recruit Training Command Drop on Request

Note: RTC DOR is posted without a color.

When a recruit discharges or is discharged through RTC.

Discharged

Note: DISCHARGED is posted without a color.

Once a recruit is fully discharged.

Denials

In order for a denial to be issued to a recruit, there needs to be sufficient evidence that the recruit meets criteria for such denial. That evidence needs to be gathered and uploaded to Google Drive and must be logged and recorded accurately and in a timely manner in the Check Folder. Informational accuracy is absolutely key.

Denied for a VAC Ban Under 5 Years Old

In case of an active VAC ban in Steam under 5 years the recruit can be denied with approval of S2 CoC. This approval needs to be a formal approval. Post your findings in the S2 recruit background check and update the status of the background check. Inform the S2 CoC (use the monthly S2 thread). The CoC will check the facts, update the RTC recruit folder and handle the discharge further.

Note: As of NOV2018, VAC-banned players who's bans are 5 years old or older are permitted within the Cav.

Other Reasons for Denial

There can be other reasons to deny entry to a recruit:

  • Recruit has shown racism in his Steam profile.
  • Recruit is currently a member of another FPS gaming clan. In these cases you recommend DENIED and document your evidence in the S2 recruit background check.

In most cases it is beneficial to conduct an interview first to verify data and gather evidence. As General Command Staff or S2 OIC / XO need to approve the denial of entry, precise proof and evidence is required. Inform the S2 chain of command (use the monthly S2 PM and post a short message on Discord ) and wait for a decision. The OIC/XO (or someone they delegate) will check the facts and OIC will decide. DO NOT act further. If a recruit is denied it is fair and transparent to inform the recruit of the reason. This will commonly be handled by the OIC or XO of S2 but it can happen that the OIC/XO asks you to handle this as you have had previous conversations with the recruit and a rapport has been established. Be polite but clear in your communication. Even under negative circumstances we want to maintain a professional, polite and collected demeanor.

Interview Process

As a result of a recruit's HOLD status, it is possible that you will have to interview potential 7th Cavalry members in TeamSpeak (TS3). The interview is usually done to resolve potential issues and problems that you have found in your investigation. It can also be done to verify information with the recruit. Initially, as an S2 Trainee, you must have a full-status investigator present when you interview applicants unless approved in advance by the CoC of S2. Your S2 colleagues are there to help you, monitor the conversation, and look for things that you may not see. They are also there to evaluate you in the process, and to make sure there are no potential problems that come up during the interview. You may schedule a specific time with the applicant, but oftentimes you can connect with them while they are TS and pull them into an interview on short notice. Commonly discussed in an interview:

  • (Start Recording) Timestamp @ Beginning and End of recording
  • Identify yourself and the parties
  • Explain briefly S2's purpose (protecting the clan)
  • Code of Conduct / General Orders(send and quickly review)
  • Verification of Age (Birthday/year)
  • Previous/Current Clan affiliation (ask for a copy of their post terminating their previous clan membership, for example).
  • The recruit's verbal acknowledgement of our SOPs, General orders, rules and policies-Put the recruit at ease (chat about enlistment, why he's chosen the Cav, What games he plays, etc.)
  • Investigation (Quick questions and let the recruit talk, even if he rambles)

How to Conduct an Interview

There are many ways to run an interview and each investigator has his/her own methods. The key is to remain fluid and flexible. Follow what the recruits say, how they say it and go with the flow of the conversation. You can learn much from how people talk and behave in the interview, as well as from what they actually say. There are many ways to run an effective interview, and the outline below is a basic guideline. You may have to adjust to personality types, things that are brought up during the interview process, time schedules etc. Take notes and prepare for the interview. Have an agenda for what you want to achieve or the data you want to verify. Always keep in mind that you represent the Cav in the interview and act professional and courteous.

A good interview can be as such:

  • Inform the recruit that this is an S2 interview which will be recorded. Ask them if they are ok with this. (In case the recruit refuses, ask why and inform the recruit that this can lead to a denial of membership. If the recruit refuses to be recorded, release the recruit and inform the S2 CoC.)
  • If all is agreed, start the recording. Introduce yourself and any others who may be present. Welcome the recruit and ask how they like their Cav experience so far. Chat a little about the game they play and maybe the country they come from. Many applicants have heard scary stories of S2 and who we are and are nervous about coming in. Make them feel secure and at ease.
  • Explain to them why they are there, and that you have the job of verifying their application and that you have questions about a few things that have come up in your research.

Begin reviewing their information on the application asking the obvious questions about data posted. Be prepared when you ask the question and confront them with conflicting data. If you feel the recruit gets defensive change the subject to ease up the conversation again. You may then show them links from Steam, or bring up issues that you have found in your check process. Let them speak! They may feel unnerved and often will ramble on and tell you all kinds of things. I* f you have discussed what is on your list wrap up your interview and thank the recruit for the cooperation. If you have found validation of your background check findings you can remind the recruit that their statements are in opposition to the Cav's policies, and that we won't be able to offer them membership at this time. If the recruit is found to be younger than 18 inform them that the Cav cannot offer them membership until they have turned 18 and that they are free to apply again then.

  • Give the recruit the chance to ask questions as well at the end. Be helpful,professional and do follow up on things if you agree to do so in the interview.

Post Interview Process

Write a short recap of it from your perspective immediately after the interview and document this in a separate post in the S2 recruit background check. Note everything down, including the applicant's demeanour, speech and attitude towards questions. This can be valuable information to handle disputes later. Make sure you update the S2 recruit background check posting and edit the status of the recruit. If you are in doubt, make sure that you check with your CoC before acting. Then finally, upload the recording to the S2 Google Drive and share it on the Check Folder.

Other Duties

Internal Checks

Twice a year S2 will run audits on existing members. This commonly involves looking for new VAC Bans. Results are reported to General Staff. The S2 OIC will inform you about your work allocation if needed in this audit.

Investigations

From time to time we receive information regarding other Cav members that need to be investigated. Common events are concerns about age, failure to follow 7th Cav policies or violation of UCMJ, hacking, or dual clan membership (commonly called dual clanning). These investigations are relayed to the GOA/XO and only started per their instruction. It is extremely important that all internal investigations remain confidential and all results are immediately shared with the S2 NCOIC, S2 XO and the OIC of S2. If information is brought forth by another Cav member outside S2, the results of the investigation are not to be discussed or shared under any circumstances. When in doubt discuss the matter with the S2 CoC.

Outsider Threat

From time to time, we are called on to investigate outside threats to the 7th Cav including attacks on our servers, attacks from hackers, clans, or other groups. We treat these checks in very much the same manner as others attempting to determine who the perpetrators are and what can be done to prevent further threats. These investigations are ordered by command staff through OIC and XO.

Investigator Work Ethic

You probably have heard of the common expression: What happens in Vegas, stays in Vegas. It is quite similar with your work in S2. Everything that happens in the Security Operations Department is CONFIDENTIAL, and under no circumstances to be shared with anyone outside of S2. It is paramount that any result of an investigation stays sealed and is not discussed in any way outside our department, without prior permission of S2 OIC. There are no exceptions to this rule. You will occasionally be asked by other members of the Cav why an applicant was denied but you must never discuss any case with anyone. Even if a senior member of the Cav orders you to disclose information of an investigation, you will politely decline to comment on it, and refer them instead to the OIC of S2. You may be threatened, or told you will be punished etc., but it is extremely important to keep the privacy intact of what we do here. You will have the full support of the S2 Command Staff if you follow this rule. To many members in the Cav, S2 is a department they do not know much about and this sometimes gives S2 a mystical appearance. Some members may ask you what we do and how we do it but we simply don't discuss it, other than to state that we are the Security Operations Department. Your loyalty must be with The 7th Cavalry always, and confidentiality is important, regardless if this is about your buddy or a recruit.

Failure to follow Confidentiality Policy

Failure to follow these standards will result in disciplinary measures up to and including removal from the S2 Department, and possibility of further disciplinary actions from command staff.

Failure to Follow SOP

In the event The Regiment becomes aware that Investigators have acted outside the scope and authority of their role, that member will be suspended from participation in investigations for the duration of any review. A review will be conducted by the Regimental Commander, Regimental Executive Officer, and any other designee into the allegations. If upon completion of that review, there exists sufficient material to affirm the allegations of misconduct, a Court Martial may be convened. If there is a final judgement of malfeasance, the prior investigator will be removed from The Regiment with immediate effect, and stripped of all titles and regalia, with a dishonourable discharge. It is the responsibility of Investigators to be mindful of their actions, and to report any deviation from the policies. Members who are directly aware of such misconduct, but who do not report it, while not directly responsible for the misconduct, will still be removed from the department and may face reduction in grade or other relevant action.

Day of Training Chapters Covered
1 1-3
2 4-6
3 7-8
4 9-10, Final Exam