If a business continuity exercise is too hot to handle

Full-on business continuity exercises can be big, intimidating, lengthy, costly (although hopefully still valuable!) and (to some extent) risky affairs for complex organisations or industry groups that really go to town on them ... but that's not the only way.

Alternatives include:
  • Solitary plan review/maintenance update - where the person responsible for a particular part of the whole plan (such as a section or department head) sits quietly in a dark corner imagining how things would play out in practice, carefully checking their part, liaising with colleagues as appropriate (e.g. on interfaces, coordination and reporting), taking advantage of their knowledge of that part of the business and any results from previous checks, working within the constraint of agreed strategies, policies and objectives.
  • Cross-checking - same as the above except someone else does the review, perhaps someone who might be called upon to lead and enact a plan following an incident in which the intended leader is "unavailable".

  • Desktop walk-throughs - team meetings where knowledgeble people treat the business continuity plans like play scripts, running through one or more simulated scenarios checking things such as hand-offs between functions or making reports.
  • Small-scale simulations - focused on the arrangements for specific processes, departments etc. that form parts of a bigger enterprise plan.

  • Case studies, tests and audits - using hypothetical but realistic incident scenarios to check that the prepared plans are workable, reasonable, and hopefully optimal.

  • Classroom exercises - learning sessions led or facilitated by business continuity specialists, examining actual and potential responses, comparing and contrasting the plans with alternative options, considering legitimate challenges etc.

  • Tech-bounded exercises - such as failing-over particular systems to alternative servers, communications/network links, data centres etc., or recovering systems from backups onto test hardware (not on top of live systems, please!).

  • Time-bounded micro- or snap-exercises - lasting just 30 minutes to maybe half a day, designed to put people through their paces and practice their anticipated activities (such as evacuating a building, standing up an emergency coordination function, or holding an urgent press briefing), then debrief.  The deliberately short timescale enhances the adrenaline rush and stress levels, much like a genuine incident, while containing the costs, disruption and risks.

  • "This is not a drill"  - genuine incidents leave the organisation no option but to depend on its resilience and recovery arrangements: these may be all-hands-to-the-pumps emergencies, or smaller scale incidents where uninvolved onlookers or auditors can observe and take notes for the debrief.

  • "That was not a drill" - where a relatively minor, constrained incident is deliberately treated as if it was more serious and expansive, either at the time of the incident (e.g. artificially up-rating the incident evaluation and categorisation rather than concluding the incident, as a way to exercise the associated plans) or subsequently (using one or more real events as the basis for follow-up exercises).
  • Blind faith - the "Let's see how it goes" laissez-faire approach involves expending no effort to check, review, test or prove the continuity arrangements. 
What have I missed?  Have you used or heard of any other approaches?