Skip to content
Illustration of a woman standing with a giant red ball in her hands.

Illustration by iStock, Security Management

Scenario Planning: Going Beyond the Tabletop

No disparaging tabletop simulations here. When done well, getting the key players together to run through a scenario is a valuable exercise in security and emergency planning. Organizations can validate their processes and procedures and perhaps add or change them as a result.

Tabletops often occur at the management level or at the team level, meaning input from the front line or from other departments that could be highly valuable is not uncovered. Enter the Red Ball Technique, developed by Aric Mutchnick at the Experior Group.

Anyone can adopt this technique—you don’t even need a red ball—Mutchnick said in his Tuesday GSX session, “Preparedness Without Fear: How a Global Manufacturer Transformed Its Crisis Exercise Program” with Buffy Christie, CSO at Novelis.

Why is it the Red Ball Technique? In his simulations, Mutchnick carries around a red ball, and displaying the red ball is a signal that the scenario is about to unfold. Individuals can use other objects--or nothing at all—though Mutchnick has found that having a focal point can aid awareness of the overall program.

Like a tabletop, the goal of the simulation/training/discovery tactic used in the Red Ball Technique is to run a series of exercises in a nonthreatening way that serve to test an organization’s emergency response and update policies and procedures as necessary. Security—or whoever is leading the effort—informs staff that whoever is designated as running the drill may approach any staff person, present a scenario, and ask how they would react. It’s important the staff knows that they personally are not being tested and that no matter the outcome their role will only be viewed as a positive contribution to the organization.

Mutchnick shared several of his experiences in the session. Here are three illustrative examples.

Back to Work Lessons

A team has one of their infrequent, in-person meetings, while their employer gears up for a larger return to office. As part of reopening, the organization is using the red ball technique to understand if it needs to change its policies and procedures after the extended work-from-home time. The short answer is: Yes.

As Mutchnick tells it, the Red Ball made its appearance and he got the same first reaction he usually gets: “Oh no, am I dead?” No, the employees are not dead in the scenario training, Mutchnick explained, but he wanted their help. He pointed to two men the group could see in a glass-enclosed office and asked what the group would do if the men became visibly angry with each other.

The manager of the group said she would call security, but upon further questioning revealed that she did not know who the security contact was anymore. She also disclosed that she did not remember the Employee Assistance Program anonymous hotline number or how to contact IT. She said it was like she needed onboarding training again.

Can You Spare a Minute?

At a mining facility in Kenya, 16 people worked at one of the facilities. Enter Mutchnick and his red ball.

This red ball scenario involved the workers being able to clearly see on the only road into the facility a pick-up truck with four people in the back who look like they might be armed. Augment that with knowledge that armed men travelling by truck had recently attacked others in the area. What would the employees do?

One said he would call the security command center at base camp, before realizing he could not place a call because he did not have any minutes available on his phone. Thirteen of his fellow colleagues were in a similar predicament, meaning they could not communicate with security about the potential threat.

After some discussion, one worker suggested the security command implement a toll-free number so minutes would not be required to contact the department. The organization was able to do that, an easy solution for the communication problem for a relatively low cost.

That Chain of Command Has a Lot of Links

A professional sports team hired a security service with bomb-sniffing dogs. Time for some red-ball action. This time a security agent with a service dog was approached and asked: “The dog finds something, what do you do?” The answer: call his security supervisor.

But then something many organizations can relate to happened. The supervisor notified the company—the sports team—which then notified a security manager, who notified several other supervisors before eventually reaching the security director of the sports team.

The feedback session with the security director was an enlightening moment because he realized that there were hurdles in the way of putting the security plan to respond to the dog’s alert.

Final Recommendations

Done right, this type of scenario planning can help security professionals gain significant insight into what is working and what is not in their emergency management strategies.

There are, however, two things to keep in mind to get the most out of the technique.

First: do not make the scenario training a knowledge test—and be sure the staff knows you are not testing their knowledge of emergency behaviors. It needs to be in fact, and in practice, a conversation where the organization is seeking learn from its employees.

Second, the scenario training is not a simulation, at least not a standard security simulation that, again, is designed to test how well people follow the existing plan. Instead, it’s an engagement tool to reinforce security awareness.

For more on the Red Ball Technique and how it was used to enhance security awareness in houses of worship, read the Security Management online exclusive “Greet, Pray, Love” by Aric Mutchnick and Michael Gipps, CPP.

Scott Briscoe is content development director at ASIS International. In his role at ASIS, he conducts original research; directs internal, cross-functional teams that develop, publish, and conduct content; and works on the overall content strategy of ASIS. Connect with him at [email protected] or on LinkedIn.