Instrument -- CISA Exercise Participant Survey Combined

Download: docx | pdf

Screener Section

Please note that starred questions (*) in blue are from CISA’s existing follow-up survey.

1. *Our records indicate you participated in [EXERCISE NAME] Exercise on [DATE]. Is that

correct?

• Yes - Go to A2

• No

2. Thank you. This survey is for those who participated in [EXERCISE NAME] on [DATE] and are familiar with the recommendations in the After-Action Report.

Please provide the name and email address of the person from your organization who attended the Exercise and would be better suited to complete this survey.

Name:

Email address:

Go to end

Section A. Organization Characteristics

A2. Approximately, how many employees does your organization have?

• 1- 100

• 101 – 999

• 1000 or more

A3. *What classification best describes your organization?

• Public

 State

 Local

 Tribal

 Territorial

• Private Sector

 Chemical

 Commercial Facilities

 Communications

 Critical Manufacturing

 Dams

 Defense Industrial Base

 Emergency Services

 Energy

 Financial Services

 Food and Agriculture

 Government Facilities

 Healthcare and Public Health

 Information Technology

 Nuclear Reactors, Materials, and Waste

 Transportation Systems

 Water and Wastewater Systems

• Non-Governmental Organization

• Other (please specify) _____________________________

A3A. [shown if public selected in question A3 above] Please select the type of public organization from the following list:

• 9-1-1 or Dispatch Center

• Public Health Department or Emergency Medical Service (EMS)

• Fire Department

• Law Enforcement

• School District or Education Department

• Emergency Management or Homeland Security

• Information Technology Department

• Elections Office

• Public Utility

• Other (please specify) ___________________________

A4. *What role did you play during the exercise?

• Player

• Observer

• Planner

• Controller or Facilitator

• Evaluator

• Simulator

• Actor

A5. *Using a scale of 1 to 5, where 1 = Strongly Disagree and 5 = Strongly Agree, please indicate how much you agree or disagree with the following statements:

Based on participation in this exercise…

Statement	Strongly disagree (1)	Disagree (2)	Neither agree nor disagree (3)	Agree (4)	Strongly agree (5)
I am better prepared to respond to threats or incidents.					
My organization is better prepared to respond to threats or incidents.					
My organization has taken or is now taking action(s) to enhance its preparedness to respond to threats or incidents.					
I would recommend similar exercises hosted by CISA to colleagues or other relevant professionals.					

The question below if shown if statement “c” in question A5 above = agree or strongly agree

A6. *Which action(s) has your organization taken, or is now taking, in response to the exercise to enhance its preparedness?

Mark all that apply.

□ Updated policies or plans.

□ Created new positions or functions within the organization.

□ Developed new relationships with partner organizations.

□ Introduced new security measures.

□ Implemented new training courses or programs.

□ Conducted additional exercises.

□ Other (Please specify) _____________________________

Section B. After-Action Report Recommendations

Questions in this section are newly developed and focused on following up on actions related to the AAR.

B1. The next questions are about the After-Action Report (AAR) and the recommendations listed

by CISA in that report.

Did you agree with all, most, some, or none of the strengths that were identified in the AAR about your organization?

• All

• Most

• Some

• None

B2. Did you agree with all, most, some, or none of the recommendations provided in the AAR based on the identified areas of improvement?

• All

• Most

• Some

• None

B3. Using a scale of 1 to 5, where 1 = Strongly Disagree and 5 = Strongly Agree, please indicate how much you agree or disagree with the following statements regarding the AAR report:

Statement	Strongly disagree (1)	Disagree (2)	Neither agree nor disagree (3)	Agree (4)	Strongly agree (5)
The AAR was clear and easy to understand.					
The recommendations in the AAR were “on the mark” as far as what my organization needs to do to improve security and preparedness.					
The AAR gave my organization the guidance it needed to implement necessary changes.					

B4. Approximately how many recommendations, for your organization (verses for partner organizations), were provided in the AAR?

____________________________

B5. The next questions are about the statuses of the recommendations in the AAR. As a reminder, this is not an assessment of your organization and responses are confidential.

Please indicate the current status of the recommendations for your organization in the AAR. The total should add up to [# ENTERED AT B4].

Current status of recommendation	# recommendations that fall in this status
The recommendation has been addressed completely. (By addressed completely we mean that your organization has implemented the change to the extent suggested in the AAR).	_____
The recommendation is currently in progress. We expect to fully implement this recommendation in the next year.	_____
The recommendation was in progress, but status is currently stalled. The recommendation may or may not be fully implemented.	_____
Work to implement the recommendation is expected to start in the next year.	_____
Currently, there is no plan to implement this recommendation.	_____
Other status (Please describe): __________________________________________	_____

The question below is shown if statement “e” in question B5 if greater than 0

B5a. Thinking about the (most important) recommendation that is not being implemented, why is your

organization not addressing it at the moment?

Mark all that apply.

□ Other priorities take precedence

□ Resource constraints (such as money, equipment, etc.)

□ Leadership engagement

□ Availability of qualified personnel

□ Legal or regulatory constraints

□ Other (please specify)__________________________________

The question below if shown if at least two responses are selected for question B5a

B5b. Of these reasons, which would you say has been the biggest obstacle in implementing the most important) recommendation?

 Other priorities take precedence

 Resource constraints (such as money, equipment, etc.)

 Leadership engagement

 Availability of qualified personnel

 Legal or regulatory constraints

 Other (please specify)__________________________________

B6. Since attending the [EXERCISE NAME], has your organization taken other actions to enhance

preparedness that were not part of the AAR?

• Yes

• No

Question below shown if question B6=Yes

B7. Which action(s) has your organization taken to enhance its preparedness?

Mark all that apply

□ Updated policies or plans.

□ Created new positions or functions within the organization.

□ Developed new relationships with partner organizations.

□ Introduced new security measures.

□ Implemented new training courses or programs.

□ Conducted additional exercises.

□ Other (Please specify) _____________________________

B8. The next questions are about partner organizations. Did any partner organizations participate

in [EXERCISE NAME] on [DATE]?

• Yes

• No - Go to C1

B9. Did the tabletop exercise or AAR prompt conversations with the partner organization on our preparedness to respond to a cyber incident?

• Yes

• No

Section C. Satisfaction with Exercise

C1. Did you attend any of the planning meetings in preparation for the [EXERCISE NAME]?

• Yes

• No – Go to C6

C2. Do you feel the right people from your organization attended the planning meetings, or do you feel there are others from your organization that should have attended (please list roles rather than names of specific people)?

• The right people from my organization attended.

• Different/additional staff from my organization should have attended.

C3. Please list the job roles of others within your organization that should have attended (please list job roles or positions rather than names of specific people)? ____________________________

Question below shown if question B8 =Yes

C4. Do you feel the right partner organizations attended the planning meetings, or do you feel there are partner organizations that should have attended?

• The right partner organization(s) attended.

• Different/additional partner organization(s) should have attended.

C4a. Which partner(s) do you think should have attended? (please list partners rather than specific names of individuals) _____________________________________

C5. In your opinion, what, if anything, would have made the planning meeting(s) better?

_______________________________________________________________________

C6. Now shifting the focus to the actual [EXERCISE NAME] held on [DATE], please indicate how much you agree with the following statements:

Statement	Strongly disagree (1)	Disagree (2)	Neither agree nor disagree (3)	Agree (4)	Strongly agree (5)
The Exercise was the right length of time--not too long or too short.					
The exercise facilitation was effective.					
The scenarios presented were relevant to my organization.					
The format of the Exercise was easy to follow.					
The right people from all levels of my organization \were present					
The right people from all levels of my partner organizations were present.					

C7. Please indicate how helpful you found each of these parts of the exercise.

Exercise components	Not at all helpful (1)	Slightly helpful (2)	Neither helpful nor unhelpful (3)	Helpful (4)	Very Helpful (5)	N/A
Pre-planning Meeting						
Threat briefing						
Scenario presentation and facilitated discussion						
Hotwash						
After-Action Report						
After-Action Meeting						

Thank you for your participation! We may be contacting you for an in-depth interview about your experience since the exercise. As with this survey, responses to the in-depth survey will be confidential. We appreciate your continued partnership in defending against today’s threats and collaboration to build more secure and resilient infrastructure for the future.

File Type	application/vnd.openxmlformats-officedocument.wordprocessingml.document
File Title	Exercise Participant Survey 050421
Author	Tswaedi, Mmamohau
File Modified	0000-00-00
File Created	2024-10-26