Due to the uncertain global situation and constant new threats, Sweden needs to strengthen its cyber capabilities. One way to strengthen this cyber capability is to offer exercises in incident response that aims to develop the participants' abilities to detect and manage cyber threats and cyber-attacks. Critical operations in sectors such as energy, transport, telecom, finance and healthcare, are part of the societal structure with high protection value. This report presents the results of developing an exercise concept focused on incident response for participants in critical operations. The exercise concept has been developed in close collaboration with central relevant actors at the national level in the cybersecurity area. The concept consists of a core idea that is supported by a number of fundamental principles. The principles are clearly linked to exercise objectives and goals to ensure the intended effect and results. Through its clear focus on generalizability, scalability, modularity and flexibility, the exercise concept is intended to provide new and better conditions for offering exercises to the intended target group. In addition to responding to a clearly formulated societal need, the exercise concept also addresses several formulated needs within research, such as an integrated pedagogical perspective and a clear logic for measuring results and impact.