Today’s Topics Going Beyond the Standard Tabletop ... 1 Going Beyond the Standard Tabletop:...

3/27/2015

1

Going Beyond the Standard Tabletop: Innovative Ideas for

Expanding Your Exercise Program

Presented by: Grace Burley, Strategic Crisis Advisors

Neeta Adkar, Lockheed Martin Corporation

April 20-22, 2015Talking Stick Resort ● Scottsdale, AZ

Next Generation Resilience

Today’s Topics

•Variations of Formats and Exercise Types

•Case Study Example: Lockheed Martin Corporation• Mini-drills

• Objectives, Overview and Value• Corporate Exercise • Comparison• Process• Roles & Responsibilities

•How to Choose What Type is Right for Your Team?

•Common Pitfalls of Exercise Planning

13th Annual Continuity Insights Management Conference: Next Generation Resilience

2

Exercise Formats

•Paper

•PowerPoint

•Video

•Email/text/collaboration tool

• In person/remote

• Live action

•Assignments and deliverables

•Facilitation: heavy or light?


3

Exercise Types

•Basic tabletop or “Mini Drill”

•Multi-location tabletop

•Multi-day tabletop

•Organization-wide functional exercise (options)

•Forum

• Simulation


4

3/27/2015

2

Basic Single-Team Tabletop: “Mini Drill”

Target Audience:• Typically introductory level team• Any type of team (Emergency Response, Crisis

Management, Business Continuity, Crisis Communications, support teams, etc.)

Objective: To provide a non-threatening learning experience and build team cohesion. OR To work through a response in advance of a probable situation.

Common Pitfalls: Too complex of a scenario for format and team level and/or just letting them talk in circles.


5

Mini Drill Case Study: Lockheed Martin

Corporation


Lockheed Martin Corp.

Headquartered in Bethesda, Md., Lockheed Martin is a global security and aerospace company that employs about 112,000 people worldwide and is principally engaged in the research, design, development, manufacture, integration and sustainment of advanced technology systems, products and services.

7

Aeronautics Information System & Global Solutions

Missiles and Fire Control

Mission Systems and Training Space Systems Company

Business Resiliency Definition

Business Resiliency (BR) includes:

• Crisis Management (CM) – protect human life, contain and control the effects of crises, and minimize the loss of assets

• Business Continuity (BC) – keep key business operations running

• IT Disaster Recovery (IT DR) – recover and restore information technology assets

• Medical Response (MR) – focus on employee health and wellness

Business Resiliency helps ensure the protection of employees, safeguard of

assets, and continuity of operations regardless of the incident or hazard type

Lockheed Martin Corporation

Aero IS&GS MFC MST SSC

Crisis Management (Owner: CSO)

Business Continuity (Owner: CIO)

IT Disaster Recovery (Owner: CIO)

Medical Response (Owner: CMO)

8

3/27/2015

3

Objectives of Mini-Drill

Identify areas of improvement within a particular program, function or site

Opportunity for small team/s to practice collaboration during a response

Chance for teams to practice in advance of a corporate exercise

Exercise a newly drafted response plan

Exercise tools i.e. communication tool, notification tool, etc.

9

Overview of Mini-Drill

Preparations begin about two months early involving key stakeholders

Approximately 10-15 active participants

Smaller scope focusing on a particular function, program or site

Out-brief conducted virtually

10

Value of Mini- Drills

Smaller scope

Deep dive into the documented plans

Training and education on roles and responsibilities

Smaller timeframe (~90 mins)

Gaps in plans identified immediately and remedied fairly quickly

11

Multi-Location Tabletop

Target Audience:

•Mid-level maturity

•Typically a mixture of team types or levels

Objective: To practice or test the interaction between teams.

Common Pitfalls: Inconsistent expectations, unclear assignments and uneven teams.


12

3/27/2015

4

Multi-Day Tabletop

Target Audience:Mature Team(s). Either single ormultiple teams for either crisis management or business continuity.

Objective: To practice responding to a complex scenario addressing escalation, continual assessment and multiple phases of the response.

Common Pitfalls: Allowing the exercise to consume everyone’s entire week!


13

Organizational-Wide Functional Exercise

Target Audience:

Mature Teams. Corporate leadership team in conjunction with single department action or support teams.

Objective: To practice an organization-wide response and the operational rhythm of broad collaboration.

Common Pitfalls: Disjointed or unrealistic scenario requirements OR uneven involvement by participating teams.


14

Corporate Exercise Case Study: Lockheed Martin Corporation


Objectives of Corporate Exercise

Objectives

Integration

Awareness of Incident

Mgmt.

Testing of Tools

Comm. Protocols

Best Practices,

Risks & Gaps

16Raise visibility for areas of risk

3/27/2015

5

Overview of Corporate Exercise

Jan Feb Mar Apr May June July August Sep Oct

17

Scenario development

Training

Report of best

practices, gaps,

lessons learned,

etc.

In 2014 - Over 30

teams & ~800

participants

Value of Corporate Exercise

Integration of Crisis Management, Business Continuity & IT Disaster Recovery teams

Validation of plans and its key contents

Familiarization with Incident Management tools

Communication between multiple Emergency Operation Centers

Awareness of vulnerabilities

Raise the bar

Lessons learned

18

Comparison between Corporate Exercise and Mini-drill

19

Six Business Areas

Programs

Program Plans

P1, P2, P3…

Sites

Site Plans

S1, S2, S3…

Functions

Functional Plans

F1, F2, F3…

Corporate Exercise

Comparison between Corporate Exercise and Mini-drill

20

Six Business Areas

Programs

Program Plans

P1, P2, P3…

Sites

Site Plans

S1, S2, S3…

Functions

Functional Plans

F1, F2, F3…

Check plan validity, workarounds, etc.

F1

Corporate Exercise

Mini-Drill

3/27/2015

6

Exercise and Mini-Drill Process


21

Process

Carrying out an exercise or mini-drill includes three steps:

22

Development

• Planning, preparation & creation of the exercise or mini-drill

Execution

• Delivery of scenario & facilitation of simulated response & recovery

Follow-up

• Develop and share summary of exercise or mini-drill & manage after actions

Development

23

Development Execution Follow-up

Process – Development

Define objectives, scope and methodology

Identify drill planning team members and schedule meetings

Work with experts and review related artifacts to design scenario

Design scenario that meets objectives

24

3/27/2015

7

Process – Development (cont.)

Develop exercise package and artifactsCreate scenario material that will be shared during the drill

Identify participants for resulting scenarioActive players, facilitators, observers and others

Communicate and train participantsRoles and responsibilities, tools, processes, documentation, expectations and

format

Finalize and share logistics

25

Execution

26


Process – Execution

Use the following as checklist for physical location Set up desks and chairs; preferably in a “U” shape

Test teleconference line, microphones and speakers throughout the room

Post “THIS IS A DRILL” sign on the door or near the entrance to the room

Print and place placards for participating functions or write-in once present

Create distribution list for people participating virtually

Check network connectivity and tools (e.g. IM, projector, etc.)

Use the following as checklist for virtual location Remind people to be on mute if in a noisy area

Suggest participants have instant messaging available

Create distribution list for participants in advance

In advance of the drill, ask people not to dial in if they are later than a certain time

27

Process – Execution (cont.)

Share agenda, ground rules, facility logistics, etc. Stress that the drill is an opportunity to learn (i.e. not pass or fail) and

establish trust so participants feel comfortable and actively participate

Deliver each phase and inject of the drill as per the timeline

Reference and utilize pre-defined questions and considerations

28

3/27/2015

8

Execution

29


Process – Follow-Up

Conduct exercise debrief to gain valuable information

Distribute and collect exercise survey and feedback

Gather observations, lessons learned, best practices and actions

Develop and conduct out-brief with key stakeholders and participants

Develop a post-exercise report

Assign, manage and close action items

30

Exercise and Mini-Drill Roles and Responsibilities


31

Role – Facilitator

Manages drill – doesn’t participate

Oversee logistics; room setup, food

Authorized to halt, suspend or redirect drill if needed

Identifies follow-up actions with responsible individuals

Collects feedback from participants and observers

32

3/27/2015

9

Role – Observer

Does not participate in scenario response

Documents observations including, but not limited to: Effectiveness of escalation procedures, best practices, lessons learned, etc.

Uses observation form as guidance for capturing activities

May participate in debrief

Responsible for providing observations to the Facilitator

33

Role – Scribe

Role normally used for Corporate-Wide Exercises

Participant in scenario response and may be fulfilled by more than one individual

Active participant and may contribute to response activities

Enters status reports in the incident management tool

Documents and tracks decisions and action items

Uses tools to communicate with other teams

Tool administrators monitor incident reports and support any technical questions

34

Pandemic Forum


35

Pandemic Forum Format

Based on the Medical Grand Rounds presentation format

Pandemic event as“Complex Case” Interactively discuss

mitigation actions with a panel of SMEs

36

3/27/2015

10

Objectives - Pandemic Forum

Gather internal multi-disciplined team to address a Pandemic Scenario

Bring together a cross functional team of SMEs to focus on the processes in place to effectively deal with a Pandemic

Prepare Lockheed Martin’s population for future pandemic exercises

Evaluate the innovative learning format and process

37

Overview - Pandemic Forum

A 3.5 hour Pandemic exercise conducted in June 2014

Live webcast for virtual attendees (~75 attendees)

Onsite attendees (~25) – Active Participants and Observers

Scenario shared and responses recorded in advance

Scenario recorded using the LM media team with employees playing role of a patient, nurse, etc.

38

Overview - Pandemic Forum (cont.)

Each participant provided a summary of action items for their area of expertise for each phase

Observers asked questions after each phase

Virtual attendees submitted questions via webcast

Recorded scenario is available internally for use in conducting additional training/exercises

39

Value - Pandemic Forum

Format and content was very well received

Business area representatives were largely consistent and demonstrated a high level of preparedness

Participants identified helpful improvements to the business resiliency initiatives

High level of engagement and collaboration

40

3/27/2015

11

Scenario Template

41

Exercise Observation Form

General Observations

Key Impacts

Communications

Dependencies

Lessons Learned

Best Practices

Top 3 actions for improvement

42

Post Exercise Survey

Roles & Responsibilities

Scenario

Exercise Materials

Training

Debrief

Suggestions for

improvement

43

How to Choose the Right Type for Your Team?

•Take a harsh look at your objective. What are you really trying to accomplish?

•Consider the maturity level of all participants.

•Consider the time-frame you are allowed.


44

3/27/2015

12

Common Pitfalls of Exercise Planning

•Testing the wrong team

•Too much content, too little time

• Jumping the shark

• Setting nebulous objectives

•Not setting expectations clearly: Wait…what are supposed to do?


45

Questions?


46

Going Beyond the Standard Tabletop: Innovative Ideas for

Expanding Your Exercise Program

Presented by: Grace Burley, Strategic Crisis Advisors

Neeta Adkar, Lockheed Martin Corporation

April 20-22, 2014Talking Stick Resort ● Scottsdale, AZ


Today’s Topics Going Beyond the Standard Tabletop ... 1 Going Beyond the Standard Tabletop:...

Documents

Transcript of Today’s Topics Going Beyond the Standard Tabletop ... 1 Going Beyond the Standard Tabletop:...