GUIDE TO TEST, TRAINING, AND EXERCISE PROGRAMS FOR IT PLANS AND CAPABILITIES
deployment of personnel. Exercises are scenario-driven, such as a power failure in one of the
organization’s data centers or a fire causing certain systems to be damaged, with additional
situations often being presented during the course of an exercise. There are several types of
exercises, and this publication focuses on the following two types that are widely used in TT&E
programs by single organizations:
7
– Tabletop. Tabletop exercises are discussion-based exercises where personnel meet in a
classroom setting or in breakout groups to discuss their roles during an emergency and their
responses to a particular emergency situation. A facilitator presents a scenario and asks the
exercise participants questions related to the scenario, which initiates a discussion among the
participants of roles, responsibilities, coordination, and decision-making. A tabletop exercise
is discussion-based only and does not involve deploying equipment or other resources.
Section 4 contains detailed information about tabletop exercises.
– Functional. Functional exercises allow personnel to validate their operational readiness for
emergencies in a simulated operational environment. Functional exercises are designed to
exercise the roles and responsibilities of specific team members, procedures, and assets
involved in one or more functional aspects of an IT plan (e.g., communications, emergency
notifications, IT equipment setup). Functional exercises vary in complexity and scope, from
validating specific aspects of a plan to full-scale exercises that address all plan elements.
Functional exercises allow staff to execute their roles and responsibilities as they would in an
actual emergency situation, but in a simulated manner. Section 5 contains detailed
information about functional exercises.
Although an organization could perform tests, training, and exercises as discrete activities without any
coordination, organizations should consider having a program in place that addresses all three because
they are so closely related. For example, exercises and tests offer different ways of identifying problems
with IT plans, procedures, and training. An effective TT&E program should comprise a combination of
training, exercise, and testing events.
8
The program should include a TT&E plan, policy, event
methodology, and procedures. Using these elements should cause TT&E events to be performed more
consistently and effectively, particularly reducing duplication of effort. A program should also address
resource and budget requirements, and provide a schedule for conducting types of TT&E events. This
section discusses the steps involved in creating a TT&E program.
9
Regardless of the type of IT plans an organization has developed, it should have mechanisms in place to
validate the plans’ effectiveness and manage their maintenance. Organizations that want to establish a
TT&E program should first develop a TT&E plan that outlines the steps to be taken to ensure that
personnel are trained in their IT plan roles and responsibilities, IT plans are exercised to validate their
7
There are many conventions for categorizing exercises. For example, some people use “tabletop exercises” to refer to
discussion-based exercises in general, while other people consider “tabletop exercises” to refer to a specific type of
discussion-based exercise, and use additional terms for other exercises (e.g., “seminar exercises” for exercises that combine
training lectures and group discussion). Similarly, the term “functional exercise” can be thought of as a generic term for
exercises involving simulated operations, or it can be thought of as a specific type of operational exercise, with other terms
used for other exercise types (e.g., “command post exercise” for something very similar to a functional exercise that focuses
on senior management’s decision-making). The definitions used in this publication are not meant to be definitive, but rather
to provide a basis for subsequent discussions of exercises in the publication. For more information on other types of
exercises, see the extensive documentation provided at the Homeland Security Exercise and Evaluation Program (HSEEP)
Web site, located at
https://www.hseep.dhs.gov/.
8
Although “TT&E” stands for “test, training, and exercise”, the remainder of this publication typically discusses the three
types of events in the sequence 1) training, 2) exercise, and 3) test because they usually occur in that order (individuals
should be trained before they participate in exercises, and exercises are usually held before tests are performed).
9
This section assumes that the individuals creating the TT&E program have already requested and obtained senior
management buy-in and support.
2-2