Testing – Tabletop


Hosting tabletop exercises is one of my favorite activities. I suppose that is a good thing, as I  have hosted 200+ during my career. Tabletops have so many valuable aspects. They are a low stress way to test your current plans, identify gaps and improve your ability to respond. The more we test, the better we will be prepared at time of crisis.

There are many ways to perform tabletop exercises. If you look at 20 tabletops on the Internet you will see each has a different style. You can pick and choose the ones that fit your organizational culture and customize the content.

Below are some tips I would like to share with you. They have all been learned through experience. After the list of tips we will walk through a typical tabletop exercise. I will add suggestions where I think it might help:

Tip – You should always have goals and objectives defined for your tabletops. Know what you want to accomplish, communicate and learn from the attendees. Then work backwards to incorporate the content that will help you achieve your goals. I mentioned a couple of times in the book that when I used to develop complex software systems I would always ask the users (clients) what they wanted to accomplish with the system. What type of output and reports would they need? What metrics would make them happy? What would be the most pleasing layout for input forms (user experience)? I would then design each module in the system to achieve all of the users desires (requirements). I found it a recipe for success every time. In the software / project management profession this is typically called a requirements document. On occasion, I called it a desires document!

Tip – Make the exercise interactive! The more the attendees get absorbed in the scenario, the better. When interactivity takes over I smile! It can be a magical experience!

Tip – Make it fun! I suggest you use slides with pictures and audio to liven up the exercise. Putting a few humorous slides and/or anecdotes in scope will do wonders building rapport with the attendees. The squirrel slide works every time!

Tip – Be careful not to use too many slides. Sometimes, less is more!

Tip – Make it low stress! Not – no stress so they fall asleep – but low stress, so they are not sweating bullets and wondering if they  will be ‘called on’, like in school. This is especially true the first few exercises for a location or process. You are there to improve and partner with them, not to embarrass them. Before hosting tabletops as a business continuity professional, I was an attendee as an IT Senior Technical Officer. It is easy for me to empathize with attendees of exercises I now host.

Tip – Add value. Add value. Add value…You have a great deal of expertise and you must share it. Share and you will receive.

Tip – If you do it right you will often hit on a topic that turns into an amazing discussion. That is great! You also have to keep control or one hot topic could use up the allotted time. If you need to, schedule separate more focused discussion solely on that topic.

Recently there was a slide I was debating whether I should include in my next tabletop. I was not sure if it would be on target for the group of attendees. I finally said, ‘what the heck’ and added it. Well, it hit a big time security nerve and I was really happy I had included it. In fact, people did not want to leave that slide. Everyone was chiming in. Finally, I did have to take control and move on, with the promise that we would break that topic out into a follow-up discussion – and we did.

Tip – Please do not – I repeat – do not make it a lecture. If you make it a lecture and load up 100 slides with a bunch of densely packed textual information you will lose them fast. You may even hear some snoring in the room. Keep it interactive, fun and lively!

Tip – Nervousness – Trust me, the first few exercises you host you may be nervous. I certainly got nervous the first 4-5 times I hosted tabletops. It is fine to get nervous. Some of the most popular actors and actresses get nervous before a live performance. If you are a little nervous it means you care. Remember, most people are afraid to speak in front of a group of people. You are brave by getting up and speaking.

You are providing a critical service each time you host a tabletop. People will thank you. Even if they pick up one useful take-away it can be life saving or business saving. Just getting the key players in the same room to talk about emergency response and continuity of operations is a huge win for your organization. So before you say the first word you have already won! Now have fun.

For the first few, remember to loosen your shoulders, emphasize certain words, use your hands to emphasize points and speak slowly (especially finishing sentences). Do a little check-down before starting. I always do my little check-down whether hosting a tabletop or racewalking a 5k. It always works to my advantage and it will for you.

After your first few tabletops you will be very confident and loose. You will no longer be nervous and you will look forward to hosting tabletops. It is really fun! The attendees will learn a lot and you will learn as well. You can add what you learn to future tabletops. It is a virtuous cycle – it gets better-and-better with every tabletop you host. I promise you!

Planning and Running Tabletop Tips:

Planning:

Tip – Tabletops must be included in the comprehensive business continuity exercise schedule you create and share with management.

Tip – Plan for the month of the tabletop, not an exact date. If you suggest an exact date, give the Incident Commander some flexibility to adjust. They may have valid production reasons to modify the date. They will appreciate your partnership in finding the best date and time for the exercise. It is hard finding a date that accommodates the schedules of most of the attendees.

Tip – My tabletops generally run between 2.5 and 4 hours. I plan for 3 hours and always finish on schedule to respect the time of busy individuals. I always offer to stay longer to discuss any and all issues. Sometimes, when I begin the tabletop I joke, ‘we should be finished in 6 hours’ and everyone gets this really concerned look on their face and then I mention ‘I was only kidding’ … ‘approximately 3 hours’ and they laugh and appreciate the shorter time-frame. In sales that is called ‘framing’ (say a big number and psychologically the smaller number appears even smaller than it is)

Tip – The presentation should be customized to address threats that could realistically impact a location. For example, in the mid-west I discuss tornadoes, in the east hurricanes and in the west earthquakes…  Prior to deciding on which tabletop scenario to present for a specific location you should do some situational research. Hopefully, you have a knowledge-base of location based incidents and geographical hazard maps (State Emergency Management Offices will have hazard maps and stats).

Is the location in tornado alley or on the San Andreas fault?… Speak with the Incident Commander to determine if a particular threat has a high probability of impacting his/her location. Then you can customize and present that scenario. If there is not a particular threat, I usually begin with a tabletop similar to the fire scenario that follows in this chapter. Fire can occur anywhere as a primary event or as a cascading event from an earthquake or tornado.

Tip – Coordinate with management on the location well in advance of the tabletop. Confirm the date and the requirements. Stress that all processes must be represented, as well as the Crisis Management Team, Emergency Response Team, and the Emergency Operations Team. It is also advantageous to have public officials such as police, fire and EMS make a brief appearance to share knowledge.

Tip – I have hosted tabletops ranging from 10 to 70 attendees. Through experience I have found if there are more than 40 attendees it is best to divide the tabletop into two sessions – morning and afternoon. The Incident Commander should be at one and the Alternate Incident Commander should be at the other session. It can be valuable training if the Alternate Incident Commander must step-in for the Incident Commander during a real crisis.

Tip – Either you or the Incident Commander should reserve the conference room and invite the attendees. I have found it is more effective if the Incident Commander sends the invites. The attendees know her/him. Another benefit is, if you are hosting many tabletops having the Incident Commander do the invites will save you a lot of time.

Tip – Horseshoe seating is my favorite where I am at the front. If that is not possible classroom or square is fine.  I have done them all and you can too. Use the seating arrangement you are most comfortable with.

Tip – If the Incident Commander is new to the role you should do a brief meeting with her prior to the tabletop. In fact, even if she is experienced speak with her before the tabletop. This will instill knowledge in her, make her more confident and make the exercise more enjoyable.

Tip – The Incident Commander must stress in the email invite to attendees that people must attend. There will be occasions process owners or their alternates will be traveling. In those cases a conference line can be provided a day or two prior to the exercise. You really do want as many people to attend in person as possible.

Tip – You should provide the email invite template to the Incident Commander.

Tip – The Incident Commander should order appropriate light refreshments.

Tip – Send the Incident Commander the presentation at least 10 days prior to the date of the tabletop. He can have copies printed for the attendees or they can distribute an electronic copy after the tabletop. It makes a nice take-away. Bye the way, I see nothing wrong with distributing the presentation in advance. The goal is for people to learn and be prepared. If they want to prepare in advance that is great!

Tip – The Incident Commander should assign someone to take notes and document follow-up tasks during the exercise.

Tip – Process owners should bring a copy of their plan to the exercise.

Day of the tabletop – finally!

Tip – Arrive early.

Tip – Visit the Incident Commander and say hello. Put him/her at ease. Confirm that he/she will do a short intro kickoff to begin the exercise.

Tip – Test the audio and video early.

Tip – Insure the refreshments are ready.

Tip – Have the sign-in sheet ready near the doorway when attendees arrive. Ask them to please sign-in.

Tip – Greet people as they arrive and introduce yourself.

Tip – Start the exercise on-time!

During the tabletop – our goal is to have fun and learn – let the attendees know that:

Tip – The Incident Commander should say a few words thanking everyone for taking the time to attend and letting them know the importance of this exercise. She can say a few words about emergency response and business continuity at the location. Perhaps reference a recent disruptive event that will strike a chord with the attendees. Then she should introduce you. If at all possible, be there in person. There have been times I have had to host by phone due to travel delays and cancellations. Remote hosting can work.

Tip – Smile and say hello. Thank the attendees for participating in this important exercise. Let them know how happy you are to be there. Put them at ease. Say something amusing – seriously – I mean say something seriously amusing. Attendees are often uptight, especially high level managers. They think they have to score 100%. They might feel they will be embarrassed if they do not know everything. As you and I know, nothing can be further from the truth.

Tip – Let them know there is no pass/fail, if that is your methodology. Just by attending and actively participating we all win. The goal is to identify gaps in plans prior to a crisis event and close them.

Tip – Ask that they go around the table with all the  participants introducing themselves. Have them include their process name and their role in the plan.  People and roles change. New people join organizations and others leave. You might be surprised how silo’ed an organization can be. In my experience, people you think might know each other often do not.

Tip – Have fun. Every tabletop I have given I have enjoyed. I have learned really interesting things as participants relax and open up.

I actually learned about Google Voice and ICE (in case of emergency), both of which I speak about in the book, from participants while hosting tabletops. These are just a couple of the many things I have learned during tabletops over the years. If you strive to make your tabletops interactive and fun everyone will clearly see that the tabletop is not so much a test them, rather it is a review of the plans as they are currently written. The attendees do not have to score 100% during the exercise. As I mentioned before, let them know that the goal of the exercise is to uncover gaps and close them prior to a real crisis.

Tip – If you are using a PowerPoint do not make it wordy. Use 6 bullets or less in a large font on each slide. Using a lot of pictures keeps it interesting. You do not want to put people to sleep or have them squinting to read an 8 point font from 30 feet away.

Tip – The person taking notes (scribe) should capture areas that need more research. The notes are really important so that nothing falls through the cracks. Remember to have the scribe assigned by the Incident Commander prior to the tabletop. The takeaways must be worked on after the tabletop. You can also list the takeaways on large easel pads. Review these at the end of the presentation and ask if we forgot to include anything.

Tip – At the end of the presentation thank the participants for their active participation. Ask them if they have any other questions or concerns. Let them know you are available to them 24x7x365 and mean it!

Tip – Provide them with a feedback survey, either printed or online. It is important they complete it the day of the exercise while things are fresh in their mind. Feedback helps you improve.

Tip – Be prepared for ‘thank you comments’ from attendees and emails letting you know how much they enjoyed and valued the tabletop.

Tabletop example outline – Fire Scenario

Below is an outline of one type of tabletop I have found works well for the attendees and I have fun hosting. Some of the slides in the presentation can be re-usable for other scenarios – especially the crisis management and emergency reposnse slides before the specific fire, earthquake scenario section. Use what works best for you. Update as you develop improvements. Customize for your organization.

Remember, prior to deciding on which tabletop scenario to present for a location do some situational research. Are they in tornado alley or on the San Andrea fault?… Stay away from a volcano for a New York location. Speak with the Incident Commander to determine if a particular threat has a high probability of impacting a location. If there is a need then customize and present that tabletop.

The tabletop outline below is one I like to start with unless a specific scenario is needed.  Fire can occur in any locale, whereas a hurricane, winter storm or tornado is more regional in nature. This tabletop covers a lot of ground. The injects at different points in the tabletop keep it interesting and get people thinking. You should add additional injects.

This tabletop is comprised of two major sections. The first part encompasses housekeeping and ground rules for the tabletop, an overview of the company’s business continuity program, valuable emergency response information and guidance. The second part will be the walk though of the fire scenario with injects.

Remember, do not make it a lecture. The tabletop ideally is very interactive. Use multimedia when possible. I have used audio and video to liven up the scenario. It can get amazing as people are drawn in and really get into the scenario. Someday soon, I will convert this to virtual reality – I am already experimenting with it and I will keep you informed in the Free Ultimate Business Continuity Tips, Techniques and Tools Newsletter.

I find my presentations works best at about 30-38 slides.

Remember, this a sample outline of slides with facilitator notes – you should customize to best serve your company. Add actual location pictures, audio and video customized to the site to – ‘keep it real’. When you distribute the presentation prior to the exercise do not include the notes:

Part 1: – Approximately 15 slides. Ground rules for the tabletop, an overview of the company’s business continuity program, emergency response procedures, local /enterprise teams and any other best practices of value to the participants.

Slide 1: I like to use a nice cover page with a picture of the site and the date of the tabletop. I sometimes also show some smaller images of different scenarios – fire, flood in a grid and a tagline at the bottom such as “we will always be prepared” OR “preparation is our culture”. Remember to customize the images to the geographic location of the site. For instance, showing an avalanche in Oklahoma will not have the same impact as a tornado image.

Slide 2:  Exercise Goals and Objectives (walk through a few of them and add insights). Do not read every bullet point verbatim. They can do that for themselves.

  • Discuss the importance of being resilient and business continuity
  • Discuss any issues, ideas, risks and vulnerabilities the attendees feel are important
  • Heighten emergency response and business continuity awareness
  • Validate/update defined roles and responsibilities of Incident Command Team (ICT) members and Emergency Operations Team (EOT) business unit personnel during an event.
  • Evaluate and improve preparedness levels.
  • Discover gaps between current recovery capabilities and what the business requires.
  • Have fun and learn!

Slide 3: Exercise Ground Rules (these will help make the exercise run smoothly with less distractions). Let attendees know:

  • They should relax – this is a no-fault, low stress exercise
  • That issues and concerns will be logged by (name of person Incident Commander assigned) for follow-up discussions
  • They should set their cell phones to ‘Mute’ or ‘Vibrate’. If they must take an urgent call they should step outside for a few minutes

Slides 4 and 5: Give a brief overview of the Crisis Management and Business Continuity Program at your company. Maybe show a picture of the Enterprise team -> Division – Processes… You can describe how each location has an Crisis Management Team and there is one at the corporate level to assist and bring in additional resources to help us.

Slide 6: List the current Corporate/Enterprise Incident Command Team members with their titles and responsibilities. * You must review all teams with the Incident Commander prior to the exercise and make updates as necessary. You do not want incorrect team members listed.

Slide 7: List the local Incident Command Team members with their titles and responsibilities. Ask about prior local incidents and how they went. Were there opportunities for improvement? This can lead to some passionate discussions.

Slide 8:  List the local Emergency Operations Team members (process owners, alternates….).

Slide 9: Provide a brief  high-level value-laden overview of why what we are doing is so important. Emphasize the importance of emergency response – “The Safety of Our Employees is Our Number 1 Concern”. You can then explain Business Resilience and Continuity. Include –  ‘high percentage of companies without a plan that incur a major disruptive event go out of business within 3 years…’ or provide another of your favorite statistics.

Slide 10: Discuss possible catastrophic impacts of not planning: (read a few of them with passion!):

  • Employee injuries or worse
  • Business failure, and the loss of all of our jobs
  • Loss of our customers
  • Regulatory impacts
  • Missed revenue opportunities – I supplied a lot of surprising opportunities throughout the book – such as the Golden Nuggets chapter in Part 1
  • Making front page news – for all the wrong reasons (you can mention some of the ones in the book chapter on C’s Heads That Rolled…)
  • Hurricane Sandy: great impact on homes and businesses
  • Hurricane Katrina:  city destroyed, no roads, utilities, government infrastructure, etc.  New Orleans never fully recovered – and much of the destruction could have been prevented
  • Cyber security issues – every CEO’s worst nightmare!
  • Fukushima Earthquake/Tsunami: tremendous immediate impact, loss of life and decades of financial and quality-of-life losses
  • Companies that lose their computer system for 3 days or more fail
  • Add some of your own hard-hitting bullets. Customize them to your industry and geographic location. For example, bring up your competitor’s factory that was destroyed in a hurricane, a company that had a supply chain disaster and went out of business or a company like Blockbuster that was disrupted by Netflix

Slide 11: Show a montage of threats – risks. It gets people thinking. It is not only the front page huge threats we must plan for. There are some really good public domain pictures on the Internet. I use a few like these (the snow one is wild). Hey, as usual I just cannot resist showing and speaking about squirrel disruptions. You know me by now.

Slide 12: Discuss the importance of emergency response / employee safety issues. For example evacuations, rally points, accounting for employees, vulnerabilities, local threats such as the chemical company down the block or the airport behind the fence. Employee safety will also be part of the scenario but it is so important to get employee safety right I begin discussing it here. It is our #1 concern.

You want to gauge awareness and opportunities for improvement. This discussion may induce active participation on successes, lack of awareness or specific needs, such as evacuation stairway lights that are not working. Be sure all of the takeaways are captured in the notes and documented into action items.

See if people are aware of your Employee Hotline Number. Have them raise their hands if they know it. Is it on the back of everyone’s employee badges?

If I discover even a few improvements in employee safety it was worth travelling across the country to host and participate in the tabletop. Everything else is gravy. Seriously!

Slide 13:  Discuss five myths of business continuity: (add your own ‘myths’ to these)

  • Myth # 1 Nothing ever happens here. (Discuss a recent event such as the small plane crash a few miles away)
  • Myth # 2 If something happens, it will occur during normal  business hours. (Oh sure)
  • Myth # 3 Only large offices need a Business Continuity Plan. (All offices need a plan and all small businesses need a plan)
  • Myth # 4 We’re covered – all our files are backed up and sent to a nearby storage facility. (Explain why there is much more to resilience)
  • Myth # 5 Keeping plans up-to-date is a clerical function. (Business function)

Slide 14: Discuss what works during a disruptive event: (add your own favorite suggestions.). These are some of my favorites:

  • Stay calm
  • Communicate well
  • Analyze the situation
  • Use checklists
  • Everyone must know their role(s)
  • Have your plan(s) and call trees/lists easily accessible

Slide 15: Ask for Questions. Take a breath and ask if the participants have any questions or concerns. Sometimes they have many and sometimes very few.

PART 1 ENDS HERE

PART 2 BEGINS HERE – THE SCENARIO  I will present some suggested slides and bullets that work for me.  You must customize for your organization . The double-brackets <<location>> indicates a variable – replace it with your specific info. There are hundreds of scenarios to choose from, it depends on the needs of your organization.

Slide 16: Create a scenario introductory  slide mentioning the type of scenario we will be discussing. Have an appropriate picture. Remind the attendees that the goal is for interactivity and discovery of gaps prior to a real crisis event- not getting 100% correct answers. Encourage creativity and thinking-outside-the-box.

Slide 17: Good Morning! (set the stage)

  • It is Monday 10:27 am – <<location>>
  • You are sipping a great cup of coffee. (If you have an automated aroma machine – blast out the smell of coffee now : )
  • You have noon reservations at that popular new restaurant on <<restaurant location>> everyone is talking about. I heard the food is great! (people may even chime in right now which is good – it means they are ‘getting into it’. It seems real…
  • Sipping coffee and a great tasty lunch a few hours away. Your biggest concern is deciding what you will order. What could be better???

Slide 18: Fire Alarms!!! (I play audio alarms – but only so the room can hear them. You do not want to clear the nearby offices. Yikes – been there, done that – once!)

  • The fire alarms go off!
  • Smell of smoke! (don’t use that aroma machine smoke flavor for this one : )

Here are some possible discussion items at this point in the scenario: You can start the discussion by asking what happens now? Or you can ask a few of the following questions and add your own. It depends how the discussion takes off. You can add insight, best practices and anecdotes for each discussion item.

  • What happens during the first few minutes?
  • Should employees expend time getting their keys, going to their cars and going home or to brunch? Why or why not?
  • Should employees wait for their friends before evacuating?
  • Has a full evacuation ever been done? When? If in a high rise and only to a meeting place on that floor – that is not enough. During the 9/11 World Trade Center tragedy 90%+ of people never did a full evacuation drill to the street. Many people did not even know where the exits to stairwells were. Some went up toward the roof and it was locked! Spend time on making sure there is a process in place and ample awareness
  • If your recovery strategy is work-from-home, should employees waste precious minutes getting their laptop from their desks? I have received some scary responses to this one (cited one true story in the book)

Slide 19:  Evacuation – Discussion points

  • When did we last conduct an evacuation drill? Were there any issues? For example, did anyone throw a shoe at the fire alarm or not participate because they were on an important phone call? (that true story is also in the book)
  • Do we have wardens /searchers and backups in place? What type of equipment do they have? Do they use two-way radios to communicate? Are conference rooms and bathrooms checked? Do we have a ‘check-in’ app?
  • Do you have a buddy system for your employees who have self-identified that they require assistance during an evacuation?  How does that work? Has HR been consulted on the self-identification process? Do we have any special equipment to help them evacuate? Special carry-down chair, stretcher, etc? If so, where are they stored?
  • Do ALL associates know where the rally (assembly) points are located? Do we have a new employee on-boarding process for awareness of rally points? Are rally points a safe distance from the building? Are the rally points clearly marked? Do other companies in the building or campus use the same rally points? If so, can we all talk to mitigate the potential confusion by assigning separate rally point areas?
  • Do we have a process for accounting for all employees and visitors at the rally points? How would that work? (Rally point accountability is challenging. – Spend time on this one as well)

Slide 20: Emergency Tools – Discuss the types of  tools that are currently being using for emergency response at the site.

  • Flashlights –Wardens and searchers
  • Whistles –Wardens and searchers
  • Two-way radios and/or push to talk (PTT) apps –Wardens and searchers
  • Hats and vests –Wardens and searchers
  • First aid  Kit – where is it located?
  • Use chalk to mark bathrooms and conference rooms that have been checked (X on door). This way searchers do not waste precious seconds re-checking rooms that have already been checked
  • Do you have ‘Go Bags’?
  • Have you considered shelter-in-place rations and cots?

Slide 21: Scenario Update – 10:47 am

Elapsed Time: 20 minutes

Place: <<Location>> Parking Lot

  • The Fire Department and EMS have arrived at our site and have entered the building
  • Fortunately, all staff has been accounted for at the rally points
  • Local media – <<local TV station>>, <<Local Newspaper>>… have arrived at the site. They are trying to ask employees questions about the fire.

Slide 22: Discussion points

  • Do cars ever park around the building so that fire trucks and ambulances could not get through?
  • What are Safety and Security doing at this point?
  • Where would the Incident Command Team (ICT) members, including the Incident Commander, meet to manage the crisis and make important decisions? Are the locations documented in the plans?
  • If the event occurred after hours, how would the ICT communicate? Has this been tested? What were the results? What improvements can we think of?
  • How should our employees deal with media questions? Are they aware of proper communication channels?
  • What else is happening at this point?

Slide 22: Scenario Update – 12:27 pm / Place: <<Location>>

Event: Assessment

  • The fire department did a great job of extinguishing the fire. Fortunately no one was hurt!
  • Unfortunately, the building has been severely damaged from the fire, smoke and water (sprinklers and fire department). The server room has been completely destroyed.
  • The Fire Department has authorized only  <<names of your ICT members – facilities, security… (use real names to add realism)>>  to conduct a survey of the building.  No other associates may enter the building

Slide 23: Discussion

  • What are we concerned with at this point?
  • Who is in charge of managing the crisis? Who will be assisting that person?
  • What should the employees at the rally point do at this point? Where should they go? What should you tell them? Also, to make it more interesting, it is starting to rain (or snow) heavily!
  • What are our next steps to insure we can continue our operations with as little impact as possible?
  • Who do we contact to help us, beyond our local teams?
  • How will we communicate updates to our employees now and throughout the event? Have you tested contact information recently? Is everyone aware of their call trees? Does our company have a mass notification system? How do we use it? Has anyone been trained locally? Were there any issues during previous tests and, if so, were the issues fixed?

Slide 24:  Scenario Update – 3:24 pm

  • The situation assessment indicates the clean up and restoration of services will take 5 weeks
  • <<Name of Incident Commander>> requests the business processes to activate their Business Continuity Plans
  • Recovery will take place as indicated in the plans
  • The alternate recovery site is being readied for employees to report

Slide 25: Discussion – Recovery (Ask for a few volunteers to describe the process specific actions they would take in response to the questions below. Maybe reward them for being brave and volunteering)

  • Who can officially can ‘declare a disaster’ in your organization? What if that person is on vacation? Does the backup know what to do and who to call? Perhaps, they are one of the tabletop attendees and they can provide input
  • Do you know what your time-sensitive (critical) business processes are? How? (BIA and Plans)
  • Where would you recover your time-sensitive business processes?
  • Does everyone have access to their Business Continuity Plan?  Where do you keep copies of your plans? Remember, you cannot re-enter the building! What if there was no power and systems were down? Could you access your plans? (push them to think resilience). This is where all of the alternatives I provide in the Business Continuity Plans part of the book could be a business saver. Imagine showing them the ‘tiny plan’ in you sock! Or pull out your Kindle and show them the eBook! They will love it!!!
  • Do you know who is part of your recovery staff? Do you have recent contact information for them? When did you last review the information?
  • How will you communicate with your staff direct reports and all department employees?
  • Does the fact that the IT server room and building telecom is destroyed impact your communicating with employees? (IT and Telecom representatives should be in attendance at the tabletop and help with these answers)
  • Do you have special equipment you will require? How will you get it? Is it stored offsite? Is there anything critical in your office that is not backed up? (this always elicits conversation and uncovers possible gaps). I once learned of a data center in the basement in a potential flood zone!!!

Slide 26: Scenario Update – Recovery Site /Tuesday/ 10:00 am

Place: Recovery Site(s)

  • The ICT and IT worked through the night and have coordinated the readiness of the in-house and vendor alternate recovery sites to accept employees
  • Some employees arrived at the recovery sites but many others are lost in transit as they never visited it during the work area recovery exercises. They thought they would be able to work-from-home but they do not have their now melted laptops (that is why work-from-home employees should travel to the alternate work area as part of testing). Point out visiting the recovery site before a real disaster provides great value.

Slide 27 – Discussion – Recovery

  • Have you tested your recovery strategies? Alternate work area? Mobile trailers? Work-from-home?
  • If your department’s recovery strategy is work-from-home, do employees take laptops home every night? If you do not have your laptop (evacuation in this case ) or (power outage at home) how will you recover? Have you tested recovering from other recovery sites?
  • Are there manual procedures your business unit can perform until systems have been restored or are you completely dependent on the critical systems being available? Are all tasks and procedures detailed in in your plan?
  • Security – how will we keep the production and recovery sites secure? Do you have enough personnel? If not, how will you get more?
  • Process Owners and telecom rep – Are there plans to redirect our critical toll free phone numbers? If you are redirecting toll free numbers, have you tested these at the recovery location(s)? If the calls must be recorded for compliance, have you tested call recording capabilities? What is the process to reroute calls?
  • Are local/on-site servers backed-up daily? Is the data for all critical systems stored offsite or only in our now destroyed local data center? Does the type of backup align with the business required RTO’s and RPO’s? Have all critical systems performed annual disaster recovery testing? Were process users involved in the DR testing?
  • How do you retrieve critical supplies and information necessary to perform your department’s functions (e.g., support documentation, forms, reports, contracts, stamps, invoices, customer lists etc.)? Remember, you no longer have access to your office.
  • Do you have all vital records stored off-site or imaged in digital format? Remember, you no longer have access to your office.
  • If you have to contact clients, suppliers and vendors how will you do it? What information do you give them?

Slide 28 – Scenario – Return to production site 6 weeks later!

  • Our <<Location Name>> Office has been restored as a result of a valiant 24×7 effort by <<names of the facilities people for realism>>!
  • If there are many employees returning to the site ask how they will do it? All at once? IT may be overwhelmed and there could still be IT and telecom issues. Suggest they consider using  a phased approach.
  • Slide 29 – Scenario Recap  – Plan Review Recap
  • Review open issues that were captured and who will own the issues
  • Review improvement ideas
  • Make suggestions

Slide 30: Discuss the next steps and upcoming exercises scheduled for the site.

Slide 31 – Provide Business  Resilience Team contact information. Stress that your team is available 24×7 and mean it!

Slide 32 – Request attendees complete the printed or online survey today. You will receive nice comments and hopefully some suggestions to improve your process. All of the feedback you receive, whether it is good or bad, is valuable.

Slide 32 – End the presentation with a smile and a heartfelt ‘Thank You’ slide. I use the following to end the meeting. Please replace it with your own heartfelt custom message:

Failure to plan is planning to fail  OR  Our employees depend on us – our business depends on us. (or your favorite quote)

Thank You for Making Today’s Business Continuity Tabletop Exercise A Big Success!