Guidance

Exercising Best Practice: Annexes and Resources (HTML)

Published 30 September 2024

Annexes

Annex A: Summary of exercise types and purpose checklist

Type	Features	Applications	Remarks
Table Top Exercise (TTX)	Discussion based, seminar or meeting style event. Typically, short duration (hours not days).	Typically used to examine, explore, and familiarise individuals and teams with risks and impacts, existing response plans and command and control systems and structures.	Require relatively little preparation time in comparison to other exercises. Useful for bringing multi agency training audiences together to build collaboration and understanding.
Stress Test	Discussion based exercise to challenge exercise players planning assumptions and operating procedures.	Typically used to ‘stress test’ developing contingency plans or to examine response options to a new risk or Low Probability High Impact risk.	Similar to TTX but usually requires more detailed planning to ensure successful delivery. The ‘constructively adversarial’ approach of this type of exercise delivery will see a more disciplined and structured facilitation methodology.
Live Play Exercise (LIVEX)	An event designed to test individuals and teams in real time, using techniques, drills and equipment in as close a replication of real events as possible.	Often used at lower ‘operational’ levels to test key skills and drills against key performance indicators or to validate against minimum preparedness levels.	LIVEX can often be at a smaller scale to provide a more comprehensive and realistic event and leverage planning and resourcing efficiencies.

Annex B: Example initial planning conference agenda (60 minutes)

Item	Time (mins)	Title	Lead	Output/outcome
1	(5)	Welcome and introductions	Ex director
2	(10)	Exercise outcome and objectives	Ex planner	Understand: Clarity on what the exercise seeks to achieve and why.
3	(10)	Exercise scenario and setting	Ex planner	Inform: The exercise design and working group to write the detailed scenario for the exercise.
4	(15)	Exercise organisation	Ex planner	Understand: Each participant’s role and tasks in the exercise. Enable: The exercise director to decide on how participants should be organised.
5	(15)	Exercise conduct	Ex planner	Understand: How exercise play will be delivered and controlled Enable: The exercise design and working group to design, administer and prepare the exercise.
6	(10)	Open forum	Ex planner Ex director	Identify: Any specific issues or risks requiring action. Agree: Individuals required to join the exercise design and working group.

Annex C: Example final confirmatory conference agenda (60 minutes)

Item	Time (mins)	Title	Lead	Output/outcome
1	(5)	Welcome and introductions	Ex director
2	(5)	Exercise outcome and objectives	Ex director	Confirm: What the exercise seeks to achieve and why. Ensuring all participants understand the Exercise Director’s intent.
3	(15)	Exercise conduct	Ex controller	Confirm: How exercise play will be delivered and controlled.
4	(15)	Exercise Organisation and administration	Ex controller	Confirm: Each participant’s role and tasks in the exercise. Key administration required for participants to arrive at fully prepared at the start of the exercise,
5	(10)	Exercise scenario and setting	Ex controller	Inform: The training audience of any enabling details and information they need to understand before the exercise.
6	(10)	Open forum	Ex controller Ex director	Identify: Any specific issues or risks requiring action. Enable: Participants to ask questions of clarification.

Annex D: Example post exercise report main body

Short form post exercise report for XXXXX

Introduction

This short post-exercise report provides a summary of Exercise XXXXX and signposts where further information can be accessed on any aspect of planning, conduct and post event activity (potential lessons identified).

Exercise Overview

Ex XXXXX took place on date at location and ran for x hours. The intent was to focus how XXXXX should plan to respond to the occurrence of selected operational risks with potential severe disruption to XXXXX day-to-day operations.

The exercise objectives were:

• Rehearse individuals in crisis response processes and procedures at a tactical level using a developed reasonable worst case (RWCS) scenario.
• Identify where current plans require refinement (update, amend, improve). The supporting exercise Key Learning Points (KLP) were:
• Application of the incident response procedure in a complex, sudden onset incident which disrupts XXXXX operations.
• Working within an emergency response/crisis management structure at the tactical (silver/bronze) level.
• Role and function of the communications team in emergencies and crisis management.
• Enabling situational awareness and decision support.
• Maintaining effective information management (IM).

The exercise used a structured, facilitated ‘tabletop exercise’ (TTX) methodology for participants to understand, discuss and where required challenge in a collegiate environment. The exercise was designed to enable a ‘safe space’ approach for XXXXX staff to increase awareness and develop knowledge around operational risk and business continuity.

The exercise was not a test or assessment of individuals competencies and there was no ‘live play’ of simulated events.

Key findings/observations (top 3) – example

Observations and post exercise feedback from participants provide a number of findings for further consideration. A ‘top three’ agreed with the exercise director are:

• The high-level crisis management (‘CM’) structure was not well understood or visible to the tactical level participants on the exercise.

{a paragraph detailing discussion and conclusion of the observation i.e., lesson identified}

Recommendation: XXXXX to review the current crisis management organisation. To consider simplifying the structure and writing a simple, clear set of operating instructions to guide

all staff in a crisis or business continuity incident.

• Existing business continuity (BC) response plans were insufficiently detailed and/or not easily available to participants.

{a paragraph detailing discussion and conclusion of the observation}

Recommendation: XXXXX to review process and currency of key BC risks (impacts) and mitigations available as contingency plans or ‘playbooks’.

• There has been little if any ‘low level’ training and rehearsal for CM and BC working in the recent past.

{a paragraph detailing discussion and conclusion of the observation}

Recommendation: XXXXX to consider how best to design and implement regular CM and BC awareness events alongside in house competence training to improve the organisation’s existing capability.

The consolidated register of participants observations is attached.

Planning – example

Exercise planning was conducted by a small core team led by XXXXX. The Exercise planning cycle is attached. The initial planning conference (IPC) was key to enable follow up activity and to issue outline detail to exercise participants.

The key decisions and outputs required during the planning phase were (in sequential order);

• A credible scenario relevant to XXXXX and the audience. The work to establish, develop and write a detailed and specific scenario was key and required a significant input from the XXXXX leadership team. The credibility and detail of the scenario proved key to ensure discussion on the day remained focussed and relevant.
• Identifying key participants and their specific roles and responsibilities for the exercise.

Preparation – example

One important criterion for success was to ensure every participant was able to join the exercise fully prepared and informed of what they would be considering and how they would contribute. To achieve this a written joining instruction was sent out to all participants including sharing outline details of the scenario to be played through

Conduct – example

The exercise (4 hours) was conducted as a ‘hybrid’ event although the majority of the exercise participants were present in the room. The scenario presented is played through 2 discrete ‘turns’.

• Turn 1 crisis management: The no notice loss of all XXXXX ICT systems; followed 24 hours later by
• Turn 2 business continuity. The loss of physical use of the XXXXX office

Exercise participants were organised into a ‘primary training audience’ of players who were the focus of the exercise play. Other XXXXX colleagues provided guidance and advice in a senior leadership as required. XXXXX provided the facilitation and ‘exercise control function’.

A schematic of the exercise organisation is attached in Annex E.

Post exercise follow-up – example

As part of the exercise consolidation phase every exercise participant was asked to provide observations on the exercise along with resulting conclusions and any recommendations they wished to offer. The format of the return is under a generic example.

Observation/factor (what you observed/ understood and the context)	Discussion conclusions (causes, effects, consequences, issues, assumptions)	Recommendation/action (what should be changed or what action you or others need to take)
As the impacts of the attack persisted into the second and third day many staff were unable to be quickly re-deployed, tasked and coordinated.	The lack of a robust, simple emergency communication system which can be accessed by all staff meant many hours of staff availability were lost in the early hours and days of the incident. Even where remote working staff were called into physical hubs the lack of functioning communications systems in the 96 hours after the attack meant that vital, time sensitive business operations were not brought back to normal operating capacity in an acceptable time span.	The current emergency communication system coverage should be widened and potentially should be available to all permanent staff.

Further information – example

Access to the exercise library including written instructions, attendance lists, planning documents and presentation slide decks can be obtained from name of contact at [(firstname.surname@exercising-agency.gov.uk).](mailto:(firstname.surname@exercising-agency.gov.uk) Referenced Annexes in this example not provided.

Annex E: Example scenario narrative and main events list for a TTX (BC exercise)

Exercise ‘handbook’: scenario and main events list matrix

Section one: event narrative/storyboard

Organisation, XXXXX, Type of activity/ location/date

Exercise starting narrative (not for prior release to the exercise players)

The exercise is split into a number of turns designed to meet the exercise objectives and key learning points (KLP). The scenario will be explained to the participants at the start of each phase and played through in real time where possible or managed using ‘time jumps’ with the exercise controller leading players through the scenario as it progresses. The players will also be given a number of focussed questions (FO) at the start of each turn as well as appropriate strategic/operational direction and guidance as each turn progresses.

BC and crisis/emergency response exercise / XXXXX office date: dd/mm/yy

Exercise objectives

Rehearse individuals in crisis response process and procedures at a tactical level using a business continuity (BC) scenario.

Identify where current plans require refinement (update, amend, improve).

Organisation, XXXXX, Type of activity/ location/date

Exercise setting

The exercise is set in the ‘real world’ (i.e. referencing real people and organisations) and in the very near future. There are no significant changes to the current geo-political situation or to XXXXX strategic objectives and operations.

Exercise scenario (refer to controller script for the scenario briefs to players)

Turn one. It is Tue 10 Xxx 202X. The first working day following a bank holiday weekend. During the morning all XXXXX IT users experience no notice loss of access to an increasing number of its ICT systems. By midday the XXXXX business operation and normal daily working ceases to function.

The cause is a suspected cyber attack, but this cannot be confirmed immediately. The responsible team will need to refer to and enact extant BC or emergency response playbooks or procedures.

The scenario will see appropriate senior manager(s) absent or otherwise unavailable which will test/ rehearse authorities, delegations or other freedoms/ constraints to swift and effective decision making.

Turn two. It is Wed 11 XX 202X. (i.e. 24 hrs on from turn one). Overnight the Aberdeen office has been illegally entered and significantly vandalised making it unfit for occupation and normal daily business use. The responsible team will need to refer to and enact extant BC or emergency response playbooks or procedures for this scenario. It will also generate significant press and social media attention focussed on whether XXXXX is being targeted and by whom?

BC and crisis/emergency response exercise / XXXXX office date: dd/mm/yy

Supporting key learning points (KLP)

• application of the incident response procedure in a complex, sudden onset incident which disrupts XXXXX business operations
• working within an emergency response/crisis management structure at the tactical (silver/bronze) level
• role and function of the communications team in emergencies and crisis management
• enabling situational awareness and decision support.
• maintaining effective information management (IM)

Exercise type and structure

Office based table top exercise

• leaming in ‘safe to fail’, low risk setting
• analysis and discussion of factors, roles, responsibilities in specific crisis management scenarios
• use of planning and problem solving tools and techniques in specific crisis management scenarios

Section two: scenario main events and injects

Real time on the day	Exercise time period	Activity	Delivered by	EXCON actions and injects Exercise controller (Ex Cont) / director	Supporting injects Gold, silver BC and cyber SME Functional specialist advisers: comms, legal, HR, finance	Remarks (expected reaction from ex platers)
1000	N/A	Scenario brief and Ex directors guidance	Ex director	Welcome players. Summarise exercise objectives and stress the event is a safe space to learn and rehearse
1000	N/A	Scenario brief and Ex directors guidance	Ex cont	Briefs players on the structure, conduct and timings of time of the exercise and explains the exercise setting. Opportunity for players to confirm any uncertainties/assumptions regarding exercise play.

Turn one: crisis management

Real time on the day	Exercise time period	Activity	Delivered by	EXCON actions and injects Exercise controller (Ex Cont) / director	Supporting injects Gold, silver BC and cyber SME Functional specialist advisers: comms, legal, HR, finance	Remarks (expected reaction from ex platers)
1010	Tue	Turn one brief	Ex controller	Ex-controller reads out the start of the exercise scenario and situation for turn one. Gives opportunity for players to confirm any uncertainties/ assumptions regarding scenario and assumptions.	Silver provides appropriate initial advice, direction and guidance to the players. At the start of the turn this will be minimal but will outline that crisis management structures will be stood up, refer player to XXXXX ERS guidance and direct them to make some initial assumptions that disruption to BAU will be significant and prolonged.	See controller script and slides for scenario brief
1010	Tue	Turn one brief	Silver	Issue the task and focussed question (FQ) set to the players.	Silver provides appropriate initial advice, direction and guidance to the players. At the start of the turn this will be minimal but will outline that crisis management structures will be stood up, refer player to XXXXX ERS guidance and direct them to make some initial assumptions that disruption to BAU will be significant and prolonged.	See controller script and slides for scenario brief
1010	Tue	Turn one
Action phase	ExCon	Task one: confirm the ability to play all XXXXX staff monthly salary on the usual date XXXXX - identify any variations to the usual process and procedures which require implementation and by whom - identify any risks that may threaten this outcome - be prepared to verbally brief (?) on the contingency plan at 1140. Task two: Identify within HR, FIN and comms and other critical business as usual (‘BAU’) outputs at risk from the current outage if it persists for more than 7 days. FQ 1. What ‘desk level’ functional area contingency plans will need to be implemented for this scenario?
1020			Gold/ silver		Inject: silver direct all XXXXX ICT users to log off central applications and close all ICT hardware as a precautionary measure to prevent further potential compromise of and damage to XXXXX ICT assets and data.

Annex F: Example Indicative Planning Timeline for a TTX

(Please note timings can be either much longer or shorter, depending on the scale and size of the exercise)

March 

• 20th March - IPC - initial planning conference 
• 27 March - 1st exercise development working group meeting

April 

• 3rd April - 2nd exercise development working group meeting
• 17th April - 3rd exercise development working group meeting
• 24th April - 4th exercise development working group meeting

May

• 1st May - FPC - final planning conference 
• 2nd-8th May - participants briefing pack released 
• 8th-14th May - participants briefing and rehearsals 
• 15th May - exercise delivery day 
• 22nd-29th May - post exercise report

Annex G: Examples of evaluation methodologies

The following examples are given simply to highlight approaches commonly used across disciplines (risk, project and programme management for example) which have applications for planning the how and what of evaluating exercises.

Critical success factors (CSFs)

CSFs are essential aspects of performance that are necessary for the organisation to fulfil its mission or for a project to accomplish its intended aims.

Conditions which if met or adhered to contribute to the required operational or training aims being exercised.

Usually applied to higher, strategic objectives.

Training objectives (TO)

A training objective is a specific goal or target that outlines what participants are expected to learn or achieve during the exercise.

Statement setting out the conditions (environment) under which the evaluation is to be observed, the performance that is required and the standards that are to be met or achieved.

Often used for specific assessments carried a rating or grading such as RAG (red, amber, green) against a process or drill.

Will often be part of a compendium or library maintained by a capability owner or other organisation.

Are distinct from the overall exercise aim & objectives. Should be written using SMART methodology.

Performance indicators

A performance indicator is a measurable and quantifiable metric used to assess the effectiveness, efficiency or success of the exercise audience.

Measures of success, typically less specific or focused than training objective.

Will often reference doctrinal principles or operating procedures.

Will often reference contingency plans.

Will often be included as a component of a training objective.

Will contribute to meeting good practice standards.

Resources

Exercise planning and delivery

Document	Link/reference	Remarks
Australian Institute for Disaster Relief Handbook Collection: Managing Exercises	Managing Exercises Handbook	Comprehensive good practice guidance sponsored by the Australian Govt
European Centre for Disease Control Simulation exercises in public health settings Step-by-step exercise design	Simulation exercises in public health settings – Step-by-step exercise design	Comprehensive good practice guidance sponsored by the EDC. Focused on health settings but contains good generic detail.
MOD Wargaming Handbook	Wargaming Handbook (PDF, 1,349KB)	Useful context for Stress Test exercising
US Dept of Homeland Security Exercise and Evaluation Programme Guidance	Homeland Security Exercise and Evaluation Program (HSEEP) (fema.gov) (PDF, 2.9MB)	Comprehensive good practice guidance sponsored by the US Govt

Wider resilience focus

Document	Link/reference	Remarks
British Standard 65000: Organisational Resilience Code of Practice	BS 65000	Provides guidance and a code of practice on building resilience.
Building Resilience Together – NI Civil Contingencies Framework	Building Resilience Together – NI Civil Contingencies Framework (PDF, 13.4MB)	The document that underpins, and provides greater detail related
to, the NI Civil Contingencies Framework 2011 (see below)
Cabinet Office Lexicon of Civil Protection dated Feb 13	Cabinet Office Lexicon of Civil Protection dated Feb 13	Whilst now dated (may be re-issued in 2024) this document is the definitive list of abbreviations, acronyms and terms related to Resilience in the UK
Civil Contingencies Act 2004 (CCA04)	Civil Contingencies Act 2004 (CCA04)	The primary piece of UK legislation related to civil contingencies
Civil Contingencies Act 2004: a short guide (revised)	Civil Contingencies Act 2004: a short guide (revised) (PDF, 328KB)	CCA04 explained in simpler language
Civil Contingencies Framework Northern Ireland 2011 revised 2023	Civil Contingencies Framework Northern Ireland 2011 revised 2023 (PDF, 13.4MB)	The Northern Ireland-specific version of CCA04
Civil Contingencies Act 2004 (Contingency Planning) (Scotland) Regulations 2005	Civil Contingencies Act 2004 (Contingency Planning) (Scotland) Regulations 2005	The Scotland- specific version of CCA04
College of Policing Briefing and Debriefing	College of Policing Briefing and Debriefing	Police-specific guidance on processes for briefing and debriefing operations
Cyber exercising infographic	Cyber exercising infographic (PDF, 136KB)	One pager step by step guide on planning a cyber exercise
Effective steps to cyber exercising	Effective steps to cyber exercise creation – NCSC.GOV.UK	Guidance for organisations looking to create their own cyber incident response exercises
Emergency Planning College (EPC) publications	Emergency Planning College (EPC) publications	A library of publications related to a wide range
of emergency planning-specific issues maintained by the EPC
Emergency Preparedness	Emergency Preparedness	Guidance on Part 1 of the Civil Contingencies Act 2004, its associated regulations and non-statutory arrangements.
Emergency Response and Recovery	Emergency Response and Recovery (PDF, 1,756KB)	Non-statutory guidance that accompanies CCA04
International Standards Organization 22300 – Security and resilience – Vocabulary, 3rd edition	ISO 22300:2021	The international standard that contains a range of emergency planning – related definitions
International Standards Organization 22361 – Security and resilience Crisis management Guidelines	ISO 22361:2022	The international standard that aids in the design and development of an organisation’s crisis management capability
International Standards Organization 22398 - Societal Resilience - Guidelines for Exercises	ISO 22398:2013	The international standard that provides guidelines for the conduct of exercises
JESIP Combined Tactical Air Cell guidance	JESIP Combined Tactical Air Cell guidance (PDF, 1,365KB)	Guidance related to the role and responsibilities of CTACs at the local level
JESIP Joint Doctrine v3	JESIP Joint Doctrine v3 (PDF, 3.2MB)	Multi-agency doctrine setting out how responding agencies work together at the local strategic, tactical and operational levels
JESIP Multi-agency Information Cell guidance dated Jun 22	JESIP Multi-agency Information Cell guidance dated Jun 22	Guidance related to the role and responsibilities of MAICs at the local level
Joint Doctrine Publication 02 (JDP-02) 4th edition	Joint Doctrine Publication 02 (JDP-02) 4th edition (PDF, 4.1MB)	An MOD document that sets out the principles of Military Aid to the Civil Authorities (MACA) and how Defence supports the civil authorities in the UK in response to disruptive challenges and related events
Joint Services Publication 822 (JSP 822)	Joint Services Publication 822 (JSP 822)	A document that provides Defence direction for training and education
MOD Red Teaming Handbook	Red Teaming Handbook, 3rd Edition (PDF, 4MB)	Useful context for Stress Test exercises and application of critical thinking
National Recovery Guidance	National Recovery Guidance	Guidance primarily aimed at local responders and developed in line with CCA04 on recovering from an emergency in the UK
National Resilience Standards version 3.0 dated Aug 23	National Resilience Standards version 3.0 dated Aug 23 (PDF, 933KB)	This document sets out expectations of good and leading practice for Local Resilience Forums (LRFs), which build on and complement statutory duties under CCA04.
National Risk Register 2023	National Risk Register 2023	A public-facing document setting out the primary risks that face the UK. It complements the classified National security Risk Assessment (NSRA)
NHS England Minimum Occupational Standards for Emergency Preparedness, Resilience and Response (EPRR) version 1 dated Jun 22	NHS England Minimum Occupational Standards for Emergency Preparedness, Resilience and Response (EPRR) version 1 dated Jun 22 (PDF, 256KB)	This document sets out the minimum national occupational standards that health commanders, managers and staff responding to incidents as part of an incident management team and other staff involved in EPRR must achieve in order to be competent and effectively undertake their roles
Preparing Scotland – Exercise Guidance	Preparing Scotland – Exercise Guidance (PDF, 719KB)	Guidance that sets out the factors involved in the exercise process and incorporates a set of templates that can be used across the diverse area of civil contingencies, from individual agency internal exercises to multi-agency live play exercises
Preparing Scotland – Preparing for Emergencies Guidance	Preparing Scotland – Preparing for Emergencies Guidance	Scotland-specific guidance related to the preparation for emergencies and disruptive challenges
Preparing Scotland – Responding to Emergencies	Preparing Scotland – Responding to Emergencies (PDF, 727KB)	Guidance to responders to assist them in planning and response. It establishes good practice based on professional expertise, legislation and lessons learned from planning for and dealing with major emergencies at all levels.
Resilience Framework dated Dec 22	Resilience Framework dated Dec 22 (PDF, 6MB)	The new strategic approach to Resilience on the Reslience Framework remarks
Responding to Emergencies: the UK Central Government Response, Concept of Operations dated Apr 13	Responding to Emergencies: the UK Central Government Response, Concept of Operations dated Apr 13 (PDF, 673KB)	Another dated document but one that sets out arrangements for the UK’s approach to responding to, and recovering from, emergencies and related events
UK National Leadership for Risk Identification, Emergency Preparedness, Response and Recovery dated Aug 23	UK National Leadership for Risk Identification, Emergency Preparedness, Response and Recovery dated Aug 23 (PDF, 294KB)	This document explains which department will lead on the main potential challenges.

Glossary of abbreviations, acronyms, terms and definitions

For reasons of brevity this glossary is not intended to duplicate existing similar documents; rather, its purpose is to complement them, focussed on those abbreviations, terms and definitions related most closely to training:

Abbreviation/Term	Definition/meaning	Remarks/source
Activity	A set of one or more tasks with a defined output	ISO 22300
AAR – After Action Review	A method of evaluation used to collate and examine learning when outcomes of an a particularly successful or unsuccessful event to avoid failure and promote success in the future	NHS England: Patient safety learning response toolkit (2022)
AAR – After Action Review	A document that records, describes and analyses the actual disruption or exercise drawing on debriefs and reports from observers and derives lessons from it.	ISO 22300/ ISO 22398
Aim	A statement of intent that provides direction as to what is required to be achieved.
Assess(ment)	An opinion or a judgement about someone or something that has been thought about very carefully. To appraise formally a team, capability, concept or plan.	Oxford English Dictionary
Assurance	A statement or an assertion intended to inspire confidence or give encouragement.	Collins English Dictionary
Assurance	Assurance is a general term for the confidence that can be derived from objective information over the successful conduct of activities, the efficient and effective design and operation of internal control, compliance with internal and external requirements, and the production of insightful and credible information to support decision making.	HM Treasury Orange Book: Management of Risk – Concepts and Principles
Audit	A systematic, independent and documented process for obtaining audit evidence and evaluating it objectively to determine the extent to which the audit criteria are fulfilled	ISO 22300
BS – British Standard	British Standards are the standards produced by the BSI Group which is incorporated under a Royal Charter and which is formally designated as the national standards body for the UK.
BC – Business Continuity	Strategic and tactical capability of an organisation to plan for and respond to incidents and business disruptions in order to continue business operations at an acceptable pre-defined level	Cabinet Office Lexicon of Civil Protection
BCM – Business Continuity Management	A holistic management process that identifies potential threats to an organisation and its impacts to business operations that those threats, if realised, might cause, and which provides a framework for building organisational resilience with the capability for an effective response.	Cabinet Office Lexicon of Civil Protection
Capability	A demonstrable ability to respond and recover from a particular threat or hazard.	Cabinet Office Lexicon of Civil Protection
Cold Debrief	A structured event or meeting, ideally held within days of the event, to review experiences, outcomes, and capture learning.
Command	The exercise of a vested authority that is associated with a role or rank within an organisation to give direction in order to achieve defined objectives.	Cabinet Office Lexicon of Civil Protection
C2 – Command and Control	The exercise of a vested authority through means of communications and the management of available assets and capabilities in order to achieve pre-defined objectives.	Cabinet Office Lexicon of Civil Protection
CRR – Community Risk Register	A register communicating the assessment of risks within a Local Resilience Forum area which is developed and published as a basis for informing local communities and directing civil protection workstreams.	Cabinet Office Lexicon of Civil Protection
Competency	The performance of a specific skill, attitude or behaviour needed to do a job.	JSP 822: Defence Direction and Guidance for Training and Education Part 1 (adapted)
Competences	Knowledge, judgement, skills, energy, experience and motivation required to respond adequately to the demands of one’s professional responsibilities.	Cabinet Office Lexicon of Civil Protection (adapted)
Competencies	The conditions and standards that enable an individual to be successful in a role.	JSP 822: Defence Direction and Guidance for Training and Education Part 1 (adapted)
Control	The application of authority, combined with the capability to manage resources, in order to achieve defined objectives.	Cabinet Office Lexicon of Civil Protection
Coordination	The integration of multi-agency efforts and available capabilities, which may be interdependent, in order to achieve defined objectives.	Cabinet Office Lexicon of Civil Protection
Crisis	1.  General definition: an inherently abnormal, unstable and complex situation that represents a threat to the strategic objectives, reputation or existence of an organisation. 2.  Specific definition – emergency of magnitude and/or severity requiring the activation of central government response 3.  Personal – acute emotional reaction to a powerful stimulus or demand	Emergency Response and Recovery 5th edition October 2013
CM – Crisis Management	The implementation of measures that attempt to prevent or avert an imminent emergency, along with work that puts in place protective or other measures to mitigate the effects of an emergency, prevent further damage or disruption and secure the scene.	Cabinet Office Lexicon of Civil Protection
Data Capturer	Someone who records, captures and articulates the discussions, arguments, agreements, frictions and decisions made by the players during the game.
Discussion Exercise	This is an exercise in which the participants, usually working in teams, are required to reflect on the organisation’s response to one or more hypothetical scenarios. It is a form of ‘what if..?’ analysis.	Discussion exercise
Drill	An activity that practises a particular skill and often involves repeating the same thing several times.	ISO 22300
Education	The provision of teaching to develop intellectual capability, knowledge, mental skill and attitude to adapt and solve complex and changing problems.	JSP 822 Part 1
Emergency	An event or situation which threatens serious damage to human welfare in a place in the UK, the environment of a place in the UK, or the security of the UK or of a place in the UK. Note: to constitute an emergency this event or situation must require the implementation of special arrangements by one or more Category 1 responder.	Emergency Response and Recovery 5th edition October 2013
EPC – Emergency Planning College	The leading provider of training for emergency preparedness and crisis management, run for and on behalf of the Cabinet Office by Serco Ltd.	Cabinet Office Lexicon of Civil Protection
EPG – Emergency Preparedness Group	The local-level forum in Northern Ireland for the purpose of facilitating co-operation in planning for and responding to emergencies.	Northern Ireland Civil Contingencies Framework
ENDEX – End of the Exercise	A word used to communicate the cessation of the exercise.
Evaluate / Evaluation	The systematic assessment and appraisal of something to determine its value, worth, effectiveness or significance.
Evaluate / Evaluation	A systematic assessment of the design, implementation and outcomes of an intervention.	HM Treasury
Evaluate / Evaluation	A systematic process that compares the result of measurement to recognised criteria to determine the discrepancies between intended and actual performance.	ISO 22398/ISO 22300
Exercise	A process to train for, assess, practice, and improve performance in an organisation	ISO 22300
Exercise	A simulation designed to validate organisations’ capability to manage incidents and emergencies. Specifically, exercises will seek to validate training undertaken and the procedures and systems within emergency or business continuity plans.	Cabinet Office Lexicon of Civil Protection
Exercise Controller	The controller is the person accountable for running the exercise in accordance with the exercise scenario and main events list or other detailed instructions. In some cases (smaller exercises usually) the exercise controller and exercise planner will be the same person. For smaller TTX events the Controller will often be referred to as the ‘Exercise Facilitator’.
EXCON – Exercise Control Organisation	The assembled team of qualified and experienced people who work to the Exercise Controller in delivering the exercise in accordance with the Scenario and Main Events List or other detailed programme.
Exercise Coordinator	The person responsible for planning, conducting and evaluating exercise activities.	ISO 22300
Exercise Director	The individual who is charged with designing and directing an exercise.	Cabinet Office Lexicon of Civil Protection
Exercise Evaluator/Mentor	The Evaluator is the person responsible to the Exercise Director for observing, recording and assessing the exercise (including participants, controllers and scenario outcomes as directed) in accordance with its aim and objectives. The Evaluator will brief the exercise director during the exercise and may also provide planned or opportune ‘hot debriefs’ to the exercise participants planner and hand over responsibility for delivery of the exercise to the Exercise Controller.
Exercise Evaluation Team	The assembled team of qualified and experienced people who work as the Exercise Evaluator in assessing the exercise in accordance with the exercise evaluation plan.
Exercise Planner	The planner is the person responsible to the Exercise Director for the detailed design, planning and preparation of the exercise in accordance with its aim and objectives. The planner will hand over responsibility for delivery of the exercise to the Exercise Controller.
EPT – Exercise Planning Team	The assembled team of qualified and experienced people who work with and to the Exercise Planner in designing and preparing the exercise.
EPT Exercise Project Team	A group of individuals responsible for planning, conducting and evaluating an exercise project.	ISO 22300
Exercise Staff	All personnel involved in the management and delivery of the exercise.
F2F – Face to face	As opposed to virtual or hybrid activity.
FCC – Final Confirmatory Conference	An event to allow the Exercise Director to carry out a ‘conditions check’ that the exercise is ready in all respects and to engage with the key participants and confirm they are fully engaged in the process.
FLA – Forward Look Assessment	An occasional document produced by the Cabinet Office’s Resilience Directorate to highlight risks that may be felt in the UK in the short/medium term.
Hazard	Source of potential harm	ISO 22398
Hot Debrief	An event or meeting held straight after an exercise or incident to capture any urgent feedback, important observations and immediate actions, before those involved disperse.
Hazard	Accidental or naturally occurring (i.e., non-malicious) event or situation with the potential to cause death or physical or psychological harm, damage or losses to property, and/or disruption to the environment and/or to economic, social and political structures.	Cabinet Office: UK Civil Protection Lexicon
Impact	The scale of the consequences of a hazard, threat or emergency expressed in terms of a reduction in human welfare, damage to the environment and loss of security.	Cabinet Office Lexicon of Civil Protection
Improve	To make something better than before.	Oxford English Dictionary
IPC – Initial Planning Conference	A forum to provide all participants with the essential information and guidance they need to plan for and then prepare for the exercise.
Inject	A scripted piece of information inserted into an exercise that is designed to elicit a response or decision and facilitate the flow of the exercise.	ISO 22300
IEM – Integrated Emergency Management	A multi-agency approach to emergency management entailing eight key activities: anticipation, assessment, prevention, preparation, validation, response, recovery and learning.	JESIP Joint Doctrine (adapted)
ISO – International Standards Organization	An independent, non-governmental organisation that brings together experts to share knowledge and develop voluntary, consensus-based, market-relevant international standards that support innovation and provide solutions to global challenges.
JESIP – Joint Emergency Services Interoperability Principles	A multi-agency process with the purpose of enhancing joint ways of working and models across all policies, procedures and processes.	Cabinet Office: UK Civil Protection Lexicon (adapted)
JOL – Joint Organisational Learning	A strategy used to capture lessons identified that may impact on multi-agency working and allow for continual improvement. Lessons identified or notable practice may come from training, testing and exercising or incidents.	JESIP Joint Doctrine
KLP – Key Learning Points	Specific aspects or elements that support broader exercise objectives.
LGD – Lead Government Department	A department of the UK Government or devolved administration designated as responsible for overall management of the government response to an emergency or disaster. There are LGDs identified for both the response and recovery phases of emergencies.	Cabinet Office: UK Civil Protection Lexicon (adapted)
Learning	The acquisition of knowledge and skills through training, education and/or experience that leads to a positive change in behaviour, attitude and/or capability.	JSP 822 Part 1
LIVEX – Live Exercise	An event designed to test individuals and teams in real time, using techniques, drills and equipment in as close a replication of real events as possible.
LRF – Local Resilience Forum	A process for bringing together all the Category 1 and 2 responders within a police force area for the purpose of facilitating co-operation in fulfilment of their duties under the Civil Contingencies Act 2004.	Cabinet Office: UK Civil Protection Lexicon
LRP – Local Resilience Partnership	In Scotland, a process for bringing together all the Category 1 and 2 responders within a police force area for the purpose of facilitating co-operation in fulfilment of their duties under the Civil Contingencies Act 2004.	Cabinet Office: UK Civil Protection Lexicon (adapted)
MEL or MIL – Main Events List/ Main Inject List	A detailed overview of each exercise serial including the time each serial will be introduced who by, for what purpose and with what desired outcome.	Known also as the Master Events List
Main Instruction	A document that provides a more detailed and formal document which provides all the details that participants need to join the exercise.
MPC – Main Planning Conference	A forum designed to see efficient and effective collaborative working across all interested parties to progress exercise planning to the completion stage.
Measurement	A process to determine a value	ISO 22300
Monitor	A process to determine the status of a system, process or activity.	ISO 22300
National Cyber Security Centre		National Cyber Security Centre
NRR – National Risk Register	A publicly available statement of the assessment of likelihood and potential impact of a range of different risks that might directly affect the UK.	Cabinet Office: UK Civil Protection Lexicon
NSRA – National Security Risk Assessment	A classified version of the NRR which assesses, compares, and prioritises the top national level risks facing the UK, focusing on both likelihood of the risk occurring and the impact it would have, were it to happen. It is the main tool for assessing the most serious civil contingencies risks facing the UK.	Cabinet Office: UK Civil Protection Lexicon (adapted)
Observation	A singular, documented perspective or opinion on a noteworthy problem or practice, in the context of a specific incident, exercise, project, or report.	Australian Institute for Disaster Resilience:Lessons Management Handbook (2019) p.33 (PDF, 1,212KB)
Observer	A participant who witnesses the exercise while remaining separate from exercise activities.	ISO 22300
Objective	A specific statement that describes what is to be achieved by an individual, team or organisation.
Participant	A person or organisation who performs a function related to an exercise.	ISO 22398
PBR – Participants’ Briefing and Rehearsals	The PBR is the opportunity for the exercise controller and participants to come together and ensure all attendees are well prepared and informed.
Performance	Measurable result	ISO 22300
Plan Validation	Measures to ensure that an emergency plan meets the purpose for which it was designed. Validation may include a range of measures, including various forms of emergency exercises and tests.	Cabinet Office: UK Civil Protection Lexicon
Practise	To rehearse the operational performance of a team or capability.
Red Team	A team that is formed with the objective of subjecting an organisation’s plans, programmes, ideas and assumptions to rigorous analysis and challenge.	The MOD Red Teaming Handbook (Third Edition)
Red Teaming	The independent application of a range of structured, creative and critical thinking techniques to assist the end user make a better-informed decision or produce a more robust product.	The MOD Red Teaming Handbook (Third Edition)
RRP – Regional Resilience Partnership	In Scotland, the structure which supports multi-agency coordination.	Preparing Scotland: Scottish Guidance on Resilience. Philosophy, Principles, Structures and Regulatory Duties
Rehearse	To practise, drill or train.
Review	An activity undertaken to determine the suitability, adequacy and effectiveness of the management system and its component elements to achieve established objectives.	ISO 22300
Risk	The effect of uncertainty on objectives.	ISO 22300
Risk	Measure of the significance of a potential emergency in terms of its assessed likelihood and impact.	Cabinet Office: UK Civil Protection Lexicon
Scenario	A pre-planned storyline that drives an exercise, as well as the stimuli used to achieve exercise project performance objectives.	ISO 22300
Scope of Exercise	Magnitude, resources and extent which reflects the needs and objectives.	ISO 22398
Data Capturer	Someone who records, captures and articulates the discussions, arguments, agreements, frictions and decisions made by the players during the game.
Script	The story of the exercise as it develops, which allows directing staff to understand how events should develop during exercise play as the various elements of the master events list are introduced.	ISO 22300
Secondary Training Audience(s)	One or more groups, or groups of individuals participating or enabling the exercise routinely, who can take part (with little or no extra effort) so as to derive some benefit themselves (such as enhanced knowledge, skill, or awareness).
Skills	The combination of knowledge, skills, experience and behaviours (KSE-B) that enables an individual to successfully perform a task or solve a problem in a work context.	JSP 822 Part 1
SMART – Specific, Measurable, Achievable, Relevant and Time-bound	An acronym commonly used in a variety of circumstances, including the writing of objectives.
STARTEX – Start of the Exercise	Start of exercise.	Cabinet Office: UK Civil Protection Lexicon
SCG – Strategic Co-ordinating Group	A multi-agency body responsible for coordinating the joint response to an emergency at the local strategic level.	Cabinet Office: UK Civil Protection Lexicon
Stress Test (Exercise)	Discussion based Tabletop Exercise but using a constructively adversarial methodology to challenge exercise players plans, ideas, assumptions and operating procedures.
TTX – Table-Top Exercise	Discussion based, seminar or meeting style event.
TCG – Tactical Co-ordinating Group	A multi-agency group of tactical commanders that meets to determine, coordinate and deliver the tactical response to an emergency.	Cabinet Office: UK Civil Protection Lexicon
Technical Controller	Someone who assists both exercise planner and exercise controller in ensuring that exercise ICT and admin support is delivered.
Test	A unique and particular type of exercise which incorporates an expectation of a pass or fail element within the aim or objectives of the exercise being planned.	ISO 22300
Threat	Intent and capacity to cause loss of life or create adverse consequences to human welfare (including property and the supply of essential services and commodities), the environment or security.	Cabinet Office: UK Civil Protection Lexicon
Training	Activities designed to facilitate the learning and development of knowledge, skills and abilities, and to improve the performance of specific tasks or roles.	ISO 22300/ ISO 22398
Training	The acquisition of knowledge, skills, attitudes and behaviours for specific tasks or activities.	JSP 822 Part 1
TA or PTA – Training Audience/ Primary Training Audience	The participating organisation(s) or group(s) or individuals who are the focus of the exercise, and without which the exercise has no purpose.
Validate/validation	The action of checking or proving the validity or accuracy of something.	Oxford English Dictionary
Validate/validation	Measures to ensure that plans, procedures and other emergency response measures meet the purpose for which they were designed.	Cabinet Office: UK Civil Protection Lexicon
Verification	Confirmation, through the provision of objective evidence, that specified requirements have been fulfilled.	ISO 22300
VCS – Voluntary and Community Sector	A generic term to cover a range of organisations that are not categorised under CCA04 but which nevertheless play an important role in the general response to, and recovery from, a disruptive challenge.