For those who aren''t familiar with a tabletop exercise, this is essentially an informal simulation of an emergency or disaster scenario. Key stakeholders gather together and talk though how an enterprise or other organization would respond during such an event. It''s a good practice to conduct such exercises at least periodically in order to simulate practical implementation of a disaster recovery or business continuity plan.
To get one started, first, include representatives of all of the various groups within IT, as well as someone from the applications team if it''s not part of IT. Depending on how broad the simulations are going to be, it might also be a good idea to include someone from the facilities and physical security departments, as they are often relevant during actual business continuity or disaster recovery (BC/DR) events. For instance, if the simulation is going to include someone locking themselves in the data center or an issue with the physical infrastructure such as the HVAC systems, non-infosec folks can be very handy during the drills.
Most people who work through these discussions include topics such as major virus outbreaks as well as natural disasters like fires, tornados, earthquakes, etc. In addition, it''s a good idea to discuss events that don''t necessarily wipe out a data center but might have a major effect on business. Is the data center near a major highway, rail line or manufacturing facility? If so, what would happen if there were a large chemical spill preventing the staff from leaving or getting to the data center?
Another issue to consider is flooding. While key assets may be protected from floods, will the rising water create access issues for staff? Another possible discussion topic is the failure of a single business-critical application. What would happen, for instance, if a central database server is unavailable due to a freak fire or an electrical short?
Finally, don''t assume staff will be available. As part of the exercise, pretend that various groups or key members of teams are inaccessible for one reason or another, and don''t allow them to participate in that portion of the exercise. How well or badly do things go then?
For more information:
This was first published in December 2009