All
All

Guide to Test, Training, and Exercise Programs for IT Plans and Capabilities

552 KB | 3 files |  DOC, PDF

A TT&E methodology is key to ensuring desired functionality through both the development and implementation phases of a project. This tutorial covers the basics of getting a plan in place for your team.

Organizations have information technology (IT) plans in place, such as contingency and computer security incident response plans, so that they can respond to and manage adverse situations involving IT. These plans should be maintained in a state of readiness, which should include having personnel trained to fulfill their roles and responsibilities within a plan, having plans exercised to validate their content, and having systems and system components tested to ensure their operability in an operational environment specified in a plan. These three types of events can be carried out efficiently and effectively through the development and implementation of a test, training, and exercise (TT&E) program. Organizations should consider having such a program in place because tests, training, and exercises are so closely related. For example, exercises and tests offer different ways of identifying deficiencies in IT plans, procedures, and training.

This document provides guidance on designing, developing, conducting, and evaluating TT&E events so that organizations can improve their ability to prepare for, respond to, manage, and recover from adverse events that may affect their missions. The scope of this document is limited to TT&E events for single organizations, as opposed to large-scale events involving multiple organizations, involving internal IT operational procedures for emergencies. This document does not address TT&E for a specific type of IT plan; rather, the TT&E methodology described in this document can be applied to TT&E events built around any IT plan or around an IT emergency-handling capability that is not necessarily documented in a plan, such as computer security incident response.

The attached Zip file includes:

  • Intro Page.doc
  • Cover Sheet and Terms.pdf
  • Guide to Test, Training, and Exercise Programs for IT Plans and Capabilities.pdf
IT Downloads help you save time and money while executing essential IT management tasks. Download this useful resource now and put it to work for your business.

This Download is provided by:

Partner logo

NIST is a non-regulatory federal agency within the U.S. Department of Commerce. NIST's mission is to promote U.S. innovation and industrial competitiveness by advancing measurement science, standards and technology in ways that enhance economic security and improve our quality of life.

All IT Downloads from National Institute of Standards and Technology» | Visit National Institute of Standards and Technology »
Related IT Downloads

Security7 Risk Management for Replication Devices

This publication provides guidance on protecting the confidentiality, integrity, and availability of information processed, stored, or transmitted on replication devices. ...  More >>

DataM25 Guidelines for Media Sanitization

This guide will assist organizations and system owners in making practical sanitization decisions based on the categorization of confidentiality of their information. ...  More >>

Security44 Assessing Security and Privacy Controls in Federal Information Systems and Organizations

This publication provides a set of procedures for conducting assessments of security controls and privacy controls employed within federal information systems and organizations. ...  More >>

Subscribe to our Newsletters

Sign up now and get the best business technology insights direct to your inbox.


 

Thanks for your registration, follow us on our social networks to keep up-to-date