This resource is provided free of charge by Jim McConnell, Principal Owner, Ask McConnell, LLC — a Converged Security Services Provider with 36+ years of experience. It is a starting point, not a legal standard. Please consult your legal counsel and insurance provider for requirements specific to your organization.
Jim McConnell | info@askmcconnell.com | askmcconnell.com
Table Top Exercise (TTX) Inject Questionnaire
Ask McConnell, LLC — Inject Development Questionnaire
A Table Top Exercise is only as good as the scenario — and the scenario is only as good as the preparation. This questionnaire is designed to be distributed to key stakeholders before the TTX planning session. The responses surface leadership priorities, capability assumptions, and single points of failure that should drive the exercise design. Collecting this information in advance is the difference between a generic exercise and one that actually tests your organization’s real gaps.
How to use this: Distribute this questionnaire to participants before the TTX planning session. Collect responses to calibrate the scenario complexity, identify leadership alignment gaps, and surface key dependencies before the exercise begins.
Section 1: Participant Identification
List each role participating in the TTX. Collect the responsible leader’s name and email for each role before the planning session.
| Role | Name | Email Address |
|---|---|---|
| Executive Leader | ||
| Municipal “CEO” / “COO” | ||
| Chief Information Security Officer (CISO) | ||
| Chief Security Officer (CSO) | ||
| Emergency Operations Manager |
Section 2: #1 Goal for This TTX
Ask each leader: “What is your single most important outcome from this exercise?” Misalignment at this stage predicts misalignment during the exercise — surface it early.
| Role | #1 Goal for This TTX |
|---|---|
| Executive Leader | |
| Municipal “CEO” / “COO” | |
| Chief Information Security Officer (CISO) | |
| Chief Security Officer (CSO) | |
| Emergency Operations Manager |
Section 3: People / Process / Technology Assessment
For each leader and across the three dimensions — People, Process, and Technology — collect their honest assessment of organizational strengths and weaknesses. Distinguish between what they know as fact and what they believe to be true. The gap between those two is often where the best TTX scenarios live.
Strengths You Know as Fact
| Role | People | Process | Technology |
|---|---|---|---|
| Executive Leader | |||
| CISO / CSO |
Strengths You Believe to be Fact
| Role | People | Process | Technology |
|---|---|---|---|
| Executive Leader | |||
| CISO / CSO |
Weaknesses You Know as Fact
| Role | People | Process | Technology |
|---|---|---|---|
| Executive Leader | |||
| CISO / CSO |
Weaknesses You Believe to be Fact
| Role | People | Process | Technology |
|---|---|---|---|
| Executive Leader | |||
| CISO / CSO |
Section 4: Redundancy Assessment
Identify the person and role in the organization with the least amount of redundancy — the role where the loss of one individual most significantly degrades your response capability. This is often where the best inject scenarios begin.
| Answering Role | Person / Role with Least Redundancy |
|---|---|
| Executive Leader | |
| CISO / CSO |
🖶 To save or print this document, use your browser’s Print function (Ctrl+P / Cmd+P) and select “Save as PDF” if needed.