All
All

Guide to Test, Training, and Exercise Programs for IT Plans and Capabilities

552 KB | 3 files |  DOC, PDF

A TT&E methodology is key to ensuring desired functionality through both the development and implementation phases of a project. This tutorial covers the basics of getting a plan in place for your team.

Organizations have information technology (IT) plans in place, such as contingency and computer security incident response plans, so that they can respond to and manage adverse situations involving IT. These plans should be maintained in a state of readiness, which should include having personnel trained to fulfill their roles and responsibilities within a plan, having plans exercised to validate their content, and having systems and system components tested to ensure their operability in an operational environment specified in a plan. These three types of events can be carried out efficiently and effectively through the development and implementation of a test, training, and exercise (TT&E) program. Organizations should consider having such a program in place because tests, training, and exercises are so closely related. For example, exercises and tests offer different ways of identifying deficiencies in IT plans, procedures, and training.

This document provides guidance on designing, developing, conducting, and evaluating TT&E events so that organizations can improve their ability to prepare for, respond to, manage, and recover from adverse events that may affect their missions. The scope of this document is limited to TT&E events for single organizations, as opposed to large-scale events involving multiple organizations, involving internal IT operational procedures for emergencies. This document does not address TT&E for a specific type of IT plan; rather, the TT&E methodology described in this document can be applied to TT&E events built around any IT plan or around an IT emergency-handling capability that is not necessarily documented in a plan, such as computer security incident response.

The attached Zip file includes:

  • Intro Page.doc
  • Cover Sheet and Terms.pdf
  • Guide to Test, Training, and Exercise Programs for IT Plans and Capabilities.pdf
IT Downloads help you save time and money while executing essential IT management tasks. Download this useful resource now and put it to work for your business.

This Download is provided by:

Partner logo

NIST is a non-regulatory federal agency within the U.S. Department of Commerce. NIST's mission is to promote U.S. innovation and industrial competitiveness by advancing measurement science, standards and technology in ways that enhance economic security and improve our quality of life.

All IT Downloads from National Institute of Standards and Technology» | Visit National Institute of Standards and Technology »

Related IT Downloads

Money3 PCI Compliance: The Definitive Guide

In this excerpt from chapter 20, the author briefly discusses the challenges and success factors that the organization must be aware of to maintain compliance and achieve optimum information security for the enterprise. ...  More >>

Approximate Matching: Definition and Terminology

Approximate matching is a promising technology designed to identify similarities between two digital artifacts. This can be very useful for filtering data for security monitoring and digital forensics. ...  More >>

Security3TN Guidelines for the Selection, Configuration, and Use of Transport Layer Security (TLS) Implementations

Transport Layer Security (TLS) provides mechanisms to protect sensitive data during electronic dissemination across networks. ...  More >>

Subscribe to our Newsletters

Sign up now and get the best business technology insights direct to your inbox.


 

Resource centers

Business Intelligence

Business performance information for strategic and operational decision-making

SOA

SOA uses interoperable services grouped around business processes to ease data integration

Data Warehousing

Data warehousing helps companies make sense of their operational data