A tabletop exercise does not test whether your plan is good. It tests whether your people can execute it under pressure. Those are different questions.

What is a tabletop exercise?

A tabletop exercise is a facilitated discussion in which a crisis team works through a simulated incident scenario. Unlike a full drill or live exercise, a tabletop does not activate real systems or require real responses. The team talks through what they would do at each stage of the scenario: who they would contact, what they would communicate, through which channels, in what order, and what decisions they would make.

The tabletop is the most cost-effective way to identify gaps in a crisis communication plan. It surfaces the assumptions that are wrong, the contact details that are out of date, the approval paths that are unclear and the channel dependencies that would fail during the type of incident being simulated. It does all of this without the consequences of a real event.

Who should be in the room

A crisis communication tabletop exercise should include the people who would actually be involved in managing communications during a real incident. At a minimum, this means the crisis communications lead, the executive sponsor or a deputy, and a representative from legal or compliance. For a more complete exercise, include the IT lead, the HR lead, a facilities or operations representative, and any external communications function (media relations, customer communications).

Observers — people who would not be in the crisis team but whose understanding of the process would benefit the organisation — can attend separately or as a secondary group. Mixing responders and observers in the same session can inhibit honest discussion of gaps and failures.

Designing the scenario

The scenario is the foundation of the exercise. A well-designed scenario is realistic, specific and designed to stress the parts of the plan most likely to fail.

Choosing the scenario type

Scenarios should be drawn from the organisation's own risk register, not generic templates. The five most common crisis scenario types that benefit from communication-focused tabletops are: IT or cyber incident, natural disaster or severe weather, workplace safety incident, reputational crisis, and supply chain or operational disruption. Each type places different demands on the communication plan.

Building the inject sequence

A tabletop exercise works through a sequence of injects: new pieces of information or development that arrive during the scenario and require the team to make decisions. A basic exercise might have four to six injects over a 90-minute session. Each inject should be designed to test a specific aspect of the communication plan: the initial notification process, the staff communication, the escalation path, the external communication, the all-clear.

Example inject sequence for a cyber incident:

  • Inject 1: IT reports unusual network activity. No systems are confirmed affected. What do you communicate, to whom, and through which channel?
  • Inject 2: A ransomware attack is confirmed. Email and intranet are unavailable. Three sites are affected. What is the first staff communication and how is it delivered?
  • Inject 3: A member of staff has posted about the incident on LinkedIn. The post is factually inaccurate. How do you respond internally and externally?
  • Inject 4: The regulator contacts the organisation requesting a preliminary notification. What is the process?
  • Inject 5: Systems are restored. Draft the all-clear message and define the distribution list.

Facilitation

The facilitator's role is to keep the discussion moving, surface assumptions, and introduce the injects at appropriate points. The facilitator should not be a member of the crisis team — their role is to observe and probe, not to participate in the response. Good facilitation questions include: who makes that decision? What if that person is unavailable? What channel would you use if email was down? How do you know that message reached everyone?

The facilitator should take notes throughout, recording not just what the team said they would do but where they hesitated, where they disagreed, and where they reached for information that was not available. These moments are the findings of the exercise.

Common findings from tabletop exercises

Organisations running tabletop exercises for the first time typically surface a consistent set of gaps:

The contact directory is incomplete or out of date. Key contacts have changed roles, left the organisation or changed their phone numbers since the directory was last updated. The exercise makes this visible before it matters.

The approval process is slower than assumed. The plan says communications can be approved in 15 minutes; the exercise reveals that the required approver is often in meetings, travelling or otherwise unavailable, and that no deputy has been formally designated.

The channel strategy has single points of failure. The default communication channels depend on infrastructure that may be unavailable during the type of incident being simulated. The exercise reveals this and prompts the team to identify alternatives.

Templates do not exist or are not where people expect them to find them. The team knows they should have holding statements but cannot locate them quickly under simulated pressure. A crisis communication tool that makes templates immediately accessible — without navigating through a shared drive — makes a measurable difference.

After the exercise: turning findings into improvements

An exercise that generates findings but does not change the plan has limited value. The post-exercise review should produce a short list of specific, actionable improvements with named owners and timelines. Typical outputs include: updated contact directories, revised approval chains, new or improved message templates, channel strategy changes, and scheduled re-tests of specific elements.

The review should be completed within two weeks of the exercise, while the findings are fresh. Each improvement should be verified — not just made but confirmed to have been made — before the next exercise.

How often to run tabletop exercises

Most organisations with a mature crisis communication capability run at least one tabletop exercise per year, with a more targeted exercise following any significant real incident. Organisations in higher-risk industries, or those with regulatory requirements for crisis preparedness, typically run exercises more frequently and at different scales: a full-team exercise annually and smaller, function-specific exercises quarterly.

The goal is not to pass an exercise. The goal is to find the gaps before an incident does.

See Heed in Action

See how Heed streamlines internal communication across desktop, mobile, and shared screens - so every message gets noticed.

We’ll walk you through creating, targeting, and tracking notifications in real time, tailored to your organisation’s goals.

Schedule a Demo

Related Resources

Scrolling Ticker

Crisis Communication Plan

What to include in a crisis communication plan, how to build one, and how to test it before you need it.
Surveys

Crisis Communication Strategy

The principles that guide how your organisation communicates in a crisis — covering speed, consistency and audience prioritisation.
Corporate Wallpapers

Incident Response Communication

What to communicate at each stage of a live incident — from first notification through status updates to all-clear.

Book a demo

See how Heed works across your channels, sites and shifts, and get answers to the questions specific to your industry and team size.

Schedule a Demo

Cta Image
Icon

FAQ

Common Questions

Common questions about running crisis communication tabletop exercises.

Contact Us

What is a tabletop exercise in crisis communication?
Faq Icon
How long does a tabletop exercise take?
Faq Icon
Who should facilitate a tabletop exercise?
Faq Icon
What scenarios make the best tabletop exercises?
Faq Icon
Trusted by leading enterprise organisations
Brand LogoBrand LogoBrand LogoBrand LogoBrand Logo

Read our latest blogs

phishing Lock Screen
May 27, 2026
10 Corporate Lock Screen Ideas to Improve Internal Communications
sharepoint heed integration
May 12, 2026
How Integrated Internal Communication Tools Create Better Employee Experiences
Compliance
April 27, 2026
Audit-Ready Communication: Ensuring Messages Are Seen, Acknowledged and Compliant

Let's have a chat

Talk to use about keeping your employees informed, engaged and inspired - book a call today!

Book a Call

Cta Image

Proudly connecting teams worldwide, enhancing communication, and boosting employee engagement for a unified workforce.

ISO 27001 Information Security Certification

Product

All Products

Desktop Alerts

Desktop Ticker

Wallpaper

Screensaver

Lock Screen

Newsletter

Employee Survey

Emergency Alert

SMS Alerts

Digital Signage

AI Generation

Solutions

Crisis Comms

Cybersecurity

Health and Safety

Internal Comms

Approvals

Compliance

Incident Management

Government

Construction

Healthcare

Company

About Us

Careers

Contact Us

Employee Comms Programme

Lock Screen Management

On-Premise Guide

Security Overview

Support

Privacy Policy

Terms and Conditions

Acceptable Use Policy

EULA

Service Status

© Heed 2026 - All Rights Reserved