Learning objectives
- Activate COOP per ESF #2 within the first hour.
- Decide on public statement timing under conflicting CISA / state-CISO guidance.
- Map paper-pollbook contingency to precincts within procurement constraints.
- Produce an HSEEP-conformant AAR ready for state auditor review.
Scenario brief
## Scenario context This scenario is one of three public-sector anchor scenarios surfaced on the home page demo. It targets county Boards of Elections and their parent county emergency management offices. The scenario is framework-aligned to NIST 800-84, FEMA HSEEP, and the CISA Election Security Toolkit. ## Sample inject sequence 1. **T+00:00** — Vendor reports encryption event; details unconfirmed. 2. **T+00:22** — State CISO calls; asks whether you've notified CISA. 3. **T+00:45** — Local press picks up vendor's status page; first reporter call. 4. **T+01:30** — IT confirms backups are 11 days stale. > The full inject set unlocks in the live product. The marketing demo runs the > first three injects only.