Skip over navigation
Ultima Risk Management Logo linking to homepage
  • Contact us
  • Site map
  • Home
  • Consultancy
    • Introduction
    • Information Security (ISO 27001)
    • Business Continuity Management (BS 25999)
    • PCI DSS
    • IT Service Management (ITIL & ISO 20000)
    • Data Protection
    • Information Risk Management
    • Software Asset Management
    • Polices & Procedures
  • Training
    • Training Courses
    • CISMP - ISEB Certificate in Information Security Management Principles
    • PCBCM - ISEB Practitioner Certificate in Business Continuity Management
    • PCIRM - ISEB Practitioner Certificate in Information Risk Management
    • SAM - ISEB Certificate in Software Asset Management Essentials
    • PCSAM - ISEB Practitioner Certificate in Software Asset Management
    • BCM - BCI Understanding BCM Principles and Good Practice
    • All other courses
    • Training Schedule
  • Products
    • ISO 27001 Risk Assessment Tool
    • BS 25999 Risk Assessment Tool
  • Events
    • BS 25999 Implementation Seminar
  • Case Studies
    • Audatex - Global first Dual certification
  • About us
    • Company Profile
    • URM's Partners
    • How to contact us
Home / Consulting / BS 25999 / Crisis Management Simulation Exercises
getting the balance right
Getting the Balance Right

BS 25999 Crisis Management Simulation Exercises

As part of the exercising, maintenance and review stage of the BS 25999 lifecycle, URM has found that crisis management simulation exercises are an extremely effective and practical means of exercising business continuity plans (BCPs) and:

  • evaluating the capability of the organisation's crisis management team (CMT)
  • identifying any gaps in the organisation's incident response.

The aim of a simulation exercise is to provide the CMT with the assurances that its BCP will work, as anticipated, when required. URM has delivered a wide range of crisis management simulation exercises and has universally found them to be invaluable in helping the client organisation to:

  • confirm the suitability of the CMT members
  • practise the ability to recover from an incident
  • verify that the BCP incorporates all of the organisation's critical dependencies and priorities
  • assess the knowledge and understanding of the current crisis management plan and previous lessons learned
  • assess the effectiveness of the current crisis management plan
  • provide information to and instill confidence in the exercise participants
  • raise awareness of business continuity and its importance

The approach that URM has taken on a number of BS 25999 certification and compliance projects is to provide a simulated and escalating incident response situation based on an initial low-key scenario. The incident then escalates to provide a more challenging situation conducted in a demanding, yet stress free environment. This approach has been very successful as participants can 'believe' that the scenario may actually happen. URM's facilitator walks the CMT through this realistic and tailored scenario utilising a structured PowerPoint presentation. The facilitator will prompt discussions on the BCP actions and responsibilities. The role of the facilitator will also be to:

  • keep the session flowing
  • introduce 'roadblocks' during the exercise
  • challenge assumptions
  • ensure issues are documented
  • keep the session on schedule
  • provide summary comments at the conclusion
  • discuss next step activities and time frame responsibilities.

In order to ensure that the client organisation gains maximum benefit from the exercise, URM will conduct a post exercise de-briefing session and provide an exercise feedback report.

  • Introduction
  • Information Security (ISO 27001)
  • Business Continuity Management (BS 25999)
    • Significance of BS 25999
    • How to deploy BS 25999 - Lifecycle Stages
    • Crisis Management Simulation Exercises
  • PCI DSS
  • IT Service Management (ITIL & ISO 20000)
  • Data Protection
  • Information Risk Management
  • Software Asset Management
  • Polices & Procedures

Copyright © Ultima Risk Management, 2008. All Rights Reserved.

contact us | careers | terms of use | privacy | site map