Every IT organization should have an Incident Response Plan (IRP.) It is intended as a guide for IT staff to use in the event the organization suffers any disaster described in the plan.
The National Institute of Standards and Technology (NIST) recommends and provides guidance on how to conduct an IRP Tabletop Review. NIST Special Publication 800-84 outlines the importance of the tabletop exercise to ensure the organization has considered threats to business continuity. The exercise also can reveal the extent to which the IT team understands how they should respond to different kinds of threats.
Why Conduct an Incident Response Plan Tabletop Review Exercise?
- Test whether your Incident Response Plan sufficiently addresses likely threats to business continuity
- Understand best practices for addressing threats
- Understand how Microsoft workloads can help to mitigate threats
- Improve staff’s understanding of and familiarity with the IRP so they are ready to respond to, manage, and recover from disasters
"Working with Enabling on developing tabletop exercises for our top threats was an integral part of upgrading our information security risk management plan. It was a great experience and helped us identify and fill critical gaps in our own internal procedures. These documented exercises are serving as a training tool for all IT staff as well."
Erica Feldkamp Vice President, Information Technology and Security, Internews
What This Assessment Covers
This engagement can be adjusted to help the organization create an Incident Response Plan in the case that one doesn’t exist and then move into the Tabletop Review Exercise to ensure the IT team understands it and how they can use it when a disaster occurs.