CERTCC · ahouseholder · Oct 14, 2025 · Oct 10, 2025 · Oct 10, 2025 · Oct 14, 2025
diff --git a/docs/_includes/default_mission_impact_values.md b/docs/_includes/default_mission_impact_values.md
@@ -0,0 +1,5 @@
+!!! tip "Default Mission Impact Values"
+
+    Similarly, with [*Mission Impact*](/reference/decision_points/mission_impact.md), the deployer should assume that the software is in use at the
+    organization for a reason, and that it supports essential functions unless they have evidence otherwise.
+    With a total lack of information, assume [*support crippled*](/reference/decision_points/mission_impact.md) as a default.
diff --git a/docs/howto/bootstrap/collect.md b/docs/howto/bootstrap/collect.md
@@ -118,11 +118,7 @@ we can suggest something like defaults for some decision points.
     This position is conservative, but software is thoroughly embedded in daily life now, so we suggest that the decision
     maker provide evidence that no one’s well-being will suffer.
 
-!!! tip "Default Mission Impact Values"
-
-    Similarly, with [*Mission Impact*](../../reference/decision_points/mission_impact.md), the deployer should assume that the software is in use at the
-    organization for a reason, and that it supports essential functions unless they have evidence otherwise.
-    With a total lack of information, assume [*support crippled*](../../reference/decision_points/mission_impact.md) as a default.
+{% include-markdown "../../_includes/default_mission_impact_values.md" %}
 
 !!! example "Using Defaults"
 

diff --git a/docs/howto/gathering_info/mission_impact.md b/docs/howto/gathering_info/mission_impact.md
@@ -12,3 +12,5 @@ At a minimum, understanding mission impact should include gathering information
 There are various sources of guidance on how to gather this information; see for example the FEMA guidance in [Continuity Directive 2](https://www.fema.gov/sites/default/files/2020-07/Federal_Continuity_Directive-2_June132017.pdf) or [OCTAVE FORTE](https://insights.sei.cmu.edu/insider-threat/2018/06/octave-forte-and-fair-connect-cyber-risk-practitioners-with-the-boardroom.html).
 This is part of risk management more broadly.
 It should require the vulnerability management team to interact with more senior management to understand mission priorities and other aspects of risk mitigation.
+
+{% include-markdown "../../_includes/default_mission_impact_values.md" %}
diff --git a/docs/reference/decision_points/mission_impact.md b/docs/reference/decision_points/mission_impact.md
@@ -11,6 +11,8 @@ print(example_block(LATEST))
 
       See this [HowTo](../../howto/gathering_info/mission_impact.md) for advice on gathering information about the Mission Impact decision point.
 
+{% include-markdown "../../_includes/default_mission_impact_values.md" %}
+
 !!! tip "See also"
 
     Mission Impact combines with [Safety Impact](./safety_impact.md) to inform