Level 1: Onsite
Simulated Technology Failure
MISSION OBJECTIVE:
Each group to resolve assigned IT incident response scenario(s) within assigned timeframe. Unified Command (UC) will be simulated by Blackrock 3 or other designees. Each group will function under an Incident Leader (IL).
ROLES:
Incident Leader: Drive the discussion and delegate tasks.
Person responsible for Communications: Provide briefings as directed.
Person responsible for Tactical Docuementation: Capture details and key events of the discussion and deliverables. Share at the end of the briefing.
EXERCISE PARAMETERS:
- Incident Leader briefs group on written description of a past, present or potential IT incident response scenario. Problem statement to be provided by Blackrock 3.
- Once each group has received the scenario and briefing, the Incident Leader drives a discussion about resolving the scenario. There must be a primary resolution plan and a contingency resolution plan (Plan B).
- The incident should be documented using the spreadsheet template provided below.
- The spreadsheet should be uploaded and submitted using form below.
MINIMUM DELIVERABLES:
- Identify SEV or P level for the incident.
- Create a list of SMEs, vendors, Executives, etc. that would be dispatched to the incident.
- Draw an org chart depicting all the incident responders identified above.
- Draft an overall Mission Objective for the response.
- Draft a CAN report for the primary resolution plan and Plan B.
- Identify any unique aspects or challenges of the response that may pose a challenge to the resolution effort.
- List the cadence and potential audiences for any briefings that need to occur outside the resolution effort.
- The person responsible for Communications delivers the scenario briefing in the main session at the conclusion of the exercise.
- The person responsible for Communications may be called back to the main session to update UC. There may also be other injects to the exercise by Blackrock 3 staff.
Resources for this exercise:
- Blank template for use by the person responsible for Tactical Documentation.
- Example of Tactical Documentation already completed.
The person responsible for Tactical Documentation should DOWNLOAD the Blank Template first, then EDIT directly in Excel or import into Google Sheets. When finished, upload the file using the form below.