CISA Tabletop Exercise Package (CTEP)
[Insert Exercise Name]
After-Action Report / Improvement Plan (AAR / IP)
Appendix B: Core Capabilities B-3 [Sponsor Organization]
[INSERT CAVEAT]
1. Execute operations with functional and integrated communications among appropriate
entities to prevent initial or follow-on terrorist attacks within the United States in
accordance with established protocols. (Prevention)
2. Establish and maintain partnership structures among Protection elements to support
networking, planning, and coordination. (Protection)
3. Establish protocols to integrate mitigation data elements in support of operations with
local, state, tribal, territorial, and insular area partners and in coordination with Federal
agencies. (Mitigation)
4. Mobilize all critical resources and establish command, control, and coordination
structures within the affected community and other coordinating bodies in surrounding
communities and across the Nation and maintain as needed throughout the duration of an
incident. (Response)
5. Enhance and maintain command, control, and coordination structures, consistent with the
National Incident Management System (NIMS), to meet basic human needs, stabilize the
incident, and transition to recovery. (Response)
6. Establish tiered, integrated leadership, and inclusive coordinating organizations that
operate with a unity of effort and are supported by sufficient assessment and analysis to
provide defined structure and decision-making processes for recovery activities.
(Recovery)
7. Define the path and timeline for recovery leadership to achieve the jurisdiction’s
objectives that effectively coordinates and uses appropriate local, state, tribal, territorial,
insular area, and Federal assistance, as well as nongovernmental and private sector
resources. This plan is to be implemented within the established timeline. (Recovery)
Intelligence and Information Sharing (Prevention, Protection)
Definition: Provide timely, accurate, and actionable information resulting from the planning,
direction, collection, exploitation, processing, analysis, production, dissemination, evaluation,
and feedback of available information concerning physical and cyber threats to the United States,
its people, property, or interests; the development, proliferation, or use of weapons of mass
destruction (WMDs); or any other matter bearing on U.S. national or homeland security by local,
state, tribal, territorial, Federal, and other stakeholders. Information sharing is the ability to
exchange intelligence, information, data, or knowledge among government or private sector
entities, as appropriate.
Preliminary Target:
1. Anticipate and identify emerging and/or imminent threats through the intelligence cycle.
(Prevention)
2. Share relevant, timely, and actionable information and analysis with local, state, tribal,
territorial, Federal, private sector, and international partners and develop and disseminate
appropriate classified/unclassified products. (Prevention)