••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••

®

Pages  1  2  3  4  5  6  SUBSCRIBE

Exercise objectives

Why exercise in the first place?  The primary objective is to ensure that the plan works when it’s needed.  But it’s not enough to exercise parts of a plan.  Ideally all elements of BCM plans should be exercised at least once a year.  Each exercise may have different objectives, beside the primary one. 

Main exercise objectives include identifying weaknesses and shortcomings, verifying recovery objectives and procedures, validating global efficiency of plans, verifying the adequacy of emergency operations centers (EOCs) and alternate sites, and achieving specific recovery time objectives (RTOs) and recovery point objectives (RPO).

How much should you exercise?

As mentioned earlier, exercises can be simple or complex.  A table-top exercise can establish a plan performance baseline.  A specialized exercise, such as one which focuses on crisis management procedures at an EOC, provides valuable information about specific activities.   At a higher level, an integrated exercise can address multiple BCM plans or plan components.  Finally, an entire plan, with all components, can be exercised.  It is far better to err on the side of exercising too much, rather than not enough. 

Managing human resources

Exercises present human resource issues.  Should employees participate in BCM exercises?  Clearly exercises are important for validating team member expertise and identifying training opportunities.  Conversely, people could refuse to work overnight, weekends or be away from home even a few days.  Be sure to discuss and resolve these issues with human resources management. 

During BCM exercises, it is good practice to treat team members well, especially when they are away from home or working difficult hours.  Be sure to budget for appropriate hotel accommodations and food, while managing costs. 

Effective exercise strategies

The exercise options described in this article will help improve BCM plans and train your staff.  But no matter how often you exercise BCM plans, when reality strikes, your response capability could be much different than in the exercises. 

Key strategies for exercising include starting simple; raising the bar in terms of difficulty; involving vendors and stakeholders in exercises; making objectives increasingly difficult to achieve; and launching surprise exercises. When launching an exercise program, start with plan reviews and table-tops. This will help staff get comfortable with the exercise process.  As they improve, increase the level of exercise complexity.  Remember that if an exercise “fails”, it is not a failure; rather, it is a success.  It is far better to identify systems and procedures that may fail, and rectify them, before a real incident occurs.  Finally, a true test is to launch a surprise incident.  This will truly test how well prepared the organisation is to address a real incident.

What is a successful exercise?

The primary reason to exercise is to identify limitations of BCM plans.  Recognizing that most organizations change frequently, even mature BCM plans may be inappropriate in a given situation or at a given time.  Exercises  that appear to be “successful” and uncover no problem should be suspect.  Maybe the objectives were too easy or the situation was unrealistic. Exercises present opportunities to fix problems before a disaster happens.

Ideally, a successful exercise uncovers and documents problems.  Once the problems have been fixed, consider running a follow-up exercise to ensure the repairs work. Measuring the success of BCM exercises means having relevant objectives that will help uncover problems.  Exercise is your chance to “push” your BCM plans increasingly closer to the reality of a disaster.