|
Any plan or management system must be validated. Historically this
was done by "testing" plans or systems.
Pure testing, however, has its drawbacks, mainly associated with
the feelings it creates and the effect it has on people and cultures.
InfoSec Associates are committed to exercising plans or management
systems. The fundamental difference is that exercising is a positive
inclusive process.
Exercising delivers a number of benefits and, depending on the
precise set of objectives, can provide:
- Validation
- Training, education and
conditioning
- Organisational buyin throughout
the organisation
- Accelerated requiremetns
analysis
- Business efficiency
The key to successful exercising
There are a number of critical factors if exercising is to be successful.
These include the following:
- Clear objectives
- A credible scope
- A clear plan
- Imaginative and credible
scenarios
- Effective feedback
Types of Exercise
Exercises can take numerous forms, we routinely deploy the following
formats:
- Table top exercises to
address or explore specific issues
- Communication and call
tree exercises
- Physical exercises on site
- Physical exercises offsite
in standby faciliites
- Physical exercises in purpose
built training facilities
Informed or Not informed
There is often a temptation to "surprise the workforce".
Though this is sometimes effective, it should be deployed with care
as it can undermine plans and policies and the credibility of management
systems.
Exercising should be part of a strategy which involves a combination
of informed and uninformed events that build up a credible management
system.
Download our "exercising
infosheet"
|
