Gaming the System:A Business Continuity Tabletop Exercise Simulation

Copyright Christine Brisson, 2012.This work is the intellectual property of the author. Permission is granted for this material to be shared for non-commercial, educational purposes, provided that this copyright statement appears on the reproduced

materials and notice is given that the copying is by permission of the author. To disseminate otherwise or to republish requires written permission from the author.

Christine Brisson, Ph.D.School of Arts & SciencesUniversity of PennsylvaniaEducause Security ConferenceMay 16, 2012

Business Continuity Planning• Planning for extended loss of services or resources that the

university depends on (also called “Mission Continuity Planning”)

• Related to DR planning but not the same:• DR: What is the procedure to restore services if our email server

dies?• BC: How can we plan to function at the university if we lose email

services for several days or longer? What actions can we take now to help ensure continuity?

Cautionary tale: eg Hurricane Katrina. But smaller wins along the way: planning for personnel outages and then someone is out for an extended period.

Business Continuity Planning at the School of Arts & Sciences

• Enrollment: 6500 Undergrad, 1500 Grad• 40 Academic departments in 23 buildings• A centralized BC planning team that works with individual

departments to develop in-depth analysis of needs and detailed BC plans

• Tackled toughest first: science departments in buildings with complex infrastructure needs

• “BETH 3”: Buildings, Equipment, Technology, Human Resources, 3rd Party providers.

• Once we’d put together a plan: now what? How do we know if it would be useful?

Tabletop Exercise: who attends?

• People with a role in the plan (typically a Department administrator, a building administrator, IT support, other facilities staff, at least one faculty member, sometimes the chair.)

• Other stakeholders (eg faculty)• One or two facilitators, and one or two note takers• In our case here at Educause, we will have more “actors” to

give a chance for more people to participate

About the Chemistry Department

• 40 faculty, most of whom have large labs of between six and 12 grad students and postdocs

• Four buildings, attached, over 250,000 square feet

• Plan has several parts: Building Outage, Technology Outage, Equipment Outage, and NMR Facility Outage

• Central Facilities provides most services

• “Incident Response Team”

Cohen LabsFranklin

10th Ave.

Spruce St. Labs

What, why, and how

• A tabletop exercise (aka TTX) is a simulation of an adverse situation in an informal environment.• There are two primary benefits to doing a tabletop:• It gives people the chance to practice using the plan to

respond to an emergency.• It’s one of the best ways to evaluate the plan: what works,

what doesn’t, and what can be changed and improved.

What, why, and how, cont’d.• We are particularly interested in:• whether the channels of communication are working as they

should, • whether there is the right amount of specificity in the plan

(should it be more specific or more general?), and • whether anything important has been left out.

What, why, and how cont’d:How will this work?• We will set the scene, and hand out cards with

“triggers” on them.• Sometimes one or more individuals will be asked to

step outside of the room to decide/consult on what to do.• Information you can get in a crisis is not always as

complete as you might like.• Use the laptop if you decide to send email to the

whole group.• Ground rules are on the table.• The last 20 minutes (or so) are for debriefing

Wednesday, May 42nd day of final examsIt has been warm and very rainy for the last few days.

Wednesday, May 4, 3:00 am

Wednesday, May 4, 5:30 am

Wednesday, May 4, 10:00 am

Wednesday, May 4, 1:00 pm

Wednesday, May 4, 3:00 pm

Wednesday, May 4, 4:00 pm

Wednesday, May 4, 8:00 pm

Thursday, May 5, 11:00 am

Thursday, May 5, 3:00 pm

Thursday, May 5, 6:00 pm

Friday, May 6, 10:00 am

Friday, May 6, 11:00 am

Friday, May 6, 2:00 pm

Saturday, May 7, 3:00 pm

Monday, May 9, 11:00 am

Tuesday, May 10, 11:00 pm

Wednesday, May 11?Some other date?

Discussion• Questions? Comments?• Differences between our “simulation of a simulation” and the

way we do a TTX at Penn• Fewer participants• Communication issues: email, phone calls, “thinking out loud”• Reserve a second room• Buy lunch!

Final Points• Planning: • Allocate several weeks• Enlist ‘informants’• Make it believable• Buy them lunch!

• People who need to use the plan can give feedback about how to improve it

• Using a plan in a TTX helps people see how the plan could be useful to them (not just paperwork)