Skip to main content
U.S. flag

An official website of the United States government

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Guide to Test, Training, and Exercise Programs for IT Plans and Capabilities



Timothy Grance, Tamara Nolan, Kristin Burke, Rich Dudley, Gregory White, Travis Good


The National Institute of Standards and Technology (NIST) developed this document in furtherance of its statutory responsibilities under the Federal Information Security Management Act (FISMA) of 2002, Public Law 107-347. This publication seeks to assist organizations in designing, developing, conducting, and evaluating test, training, and exercise (TT&E) events in an effort to aid personnel in preparing for adverse situations involving information technology (IT). The events are designed to train personnel, exercise IT plans, and test IT systems, so that an organization can maximize its ability to prepare for, respond to, manage, and recover from disasters that may affect its mission. The guide describes the design, development, conduct, and evaluation of events for single organizations, as opposed to large-scale events that may involve multiple organizations.
Special Publication (NIST SP) - 800-84
Report Number


contingency plan, exercise, FISMA, incident response plan, test, test, training, and exercise, training


Grance, T. , Nolan, T. , Burke, K. , Dudley, R. , White, G. and Good, T. (2006), Guide to Test, Training, and Exercise Programs for IT Plans and Capabilities, Special Publication (NIST SP), National Institute of Standards and Technology, Gaithersburg, MD, [online], (Accessed July 17, 2024)


If you have any questions about this publication or are having problems accessing it, please contact

Created September 21, 2006, Updated February 19, 2017