Emergency and crisis team drill
Verify the effectiveness of your defined emergency and crisis measures.
Training in the professional league: emergency and crisis drills
What have top soccer players, experienced firefighters and confident members of crisis teams got in common? Despite fixed roles and defined procedures, they regularly practice familiar, but above all unusual situations.
After all, due to changing lineups and different problem constellations, every exercise is always an important preparation for an emergency, even for professionals.
Critical elements are:
Training for the worst case scenario
Fortunately, the worst-case scenario occurs very rarely. Nevertheless, it is important to be prepared for it, because despite all preventive measures, targeted attacks, technical defects or force majeure cannot be ruled out. This is why, for example, the German Federal Financial Supervisory Authority (BaFin) requires all credit institutions to conduct regular emergency tests. In addition, regular emergency and crisis drills are, among other things, a prerequisite for successful certification in the area of information security in accordance with the internationally recognized ISO 27001 standard.
But companies should also train emergencies regularly in their own interest, because in emergencies or crises, other authorities and other processes apply. Being a security service provider, we know a lot about emergencies and crisis scenarios from practical experience. Our focus is on events related to information security.
Selection of the exercise
Depending on the planned need, the available resources and the maturity of your emergency/crisis management, different types of exercises can be considered. These differ in both exercise content and overall effort, as well as in the insight gained:
- Plan briefings: Discussion and verification of existing emergency/crisis documentation for timeliness, completeness and accuracy with individual specialists and areas.
- Technical/organizational functional tests: verification of individual technical measures (e.g., switchover tests between redundantly designed systems) or organizational precautions (e.g., availability of emergency equipment).
- Alerting exercises: Test of information and escalation procedures and associated responses and (theoretical) outcomes.
- Staff exercise: training of the cooperation of the emergency/crisis staff (e.g. roles and responsibilities, substitutes, etc.).
- Full-scale exercise/simulation: Exercise of all processes with the involvement of all required areas (emergency/crisis staff, external specialists if necessary) based on a complex incident (e.g. cyber attack, blackout, data leaks, manipulation of data, etc.).
Selection of the exercise
How real should it be?Exercise preparation
Realistic and target-oriented exercises require thorough planning and preparation. Therefore, HvS-Consulting designs the exercise scenario together with a few "insiders" on the basis of the existing emergency/crisis management precautions. This includes, for example, the joint elaboration of the contents of the exercise, the definition of the objectives and the flow of the exercise, the identification of the necessary areas and staff for the preparation and execution, the clarification of important parameters (e.g. is the exercise announced in advance).
Especially in the case of large-scale exercises such as simulations, it is also important to prepare the feeds and associated material during the preparation phase and to anticipate the likely activities and reactions of the decision-makers and solution teams.
Exercise preparation
What does the scenario look like?Exercise Execution
To ensure that an exercise reflects practice as closely as possible, it is important that the parameters are clear to all participants and that clear "rules of the game" are established and adhered to. Accordingly, a good briefing is important for the direction team, which initiates the various events and confronts the exercise participants with them, respectively. All exercise participants should know these rules to ensure that the exercise proceeds in an orderly manner and does not "take on a life of its own" in an unforeseen manner.
Another important aspect of the exercise is the observation of the progression, so that corrective action can be taken if necessary. An initial feedback - with regard to emergency/crisis management as well as preparation and execution - is usually shared out of fresh experience in the immediate aftermath of the actual exercise part.
Exercise Execution
Does your emergency management system keep its promise?Feedback & Evaluation
The be-all and end-all of the exercise is the evaluation and preparation of the scenario. The aim must be to have the knowledge available in case of an emergency and to be able to implement the necessary measures correctly.
It makes sense to hold a "lessons learned workshop" in the medium term. Optimization potential, positive feedback - but also mistakes and errors - can be reviewed and evaluated from a distance.
In the long-term follow-up, the consistent implementation of the results and measures must be ensured in order to bring the crisis exercise to sustainable success.
Feedback & Evaluation
Learn and get better and better from it.