
Go to Part 1
I was hoping the next installment of the scenario structure challenge would feature a battlefield scenario structure, but what I did instead was beat my head against a wall for six months failing to come up with a structure that made sense. (The only thing I really came up with that seemed to have a chance of working well also featured such a massive amount of over-prep / wasted prep that I couldn’t reasonably recommend that anyone actually use it.)
So instead I’ve shifted my attention to a different target: Ocean’s 11.
(The good one. From 2001.)
Ocean’s 11 is a heist film. Danny Ocean puts together a crew of eleven criminals to simultaneously rob three Las Vegas casinos owned by Terry Benedict. Once the crew is recruited, over the course of the rest of the film we see them plan the heist, cope with a number of unexpected complications which disrupt their plans, and then execute the heist.
Heists are a fantastic scenario structure for a GM to have in their pocket. Heists aren’t limited to cash robberies: You need a thing (document, artifact, maybe even a person). It’s being held some place under heavy security. Come up with a plan to circumvent that security. Carry out your plan and get the thing you need.
That structure is incredibly flexible in its utility. It can be used with endless variety in support of any number of scenarios.
PLANNING THE HEIST
The heist scenario superficially resembles the location-crawl (usually featuring a room-and-key design), but with the – very important! – distinction that the PCs are expected to know the floorplan and some (or all) of the defensive measures present before the heist actually begins. In this it also closely resembles the raid structure, but the difference is that, whereas in the raid scenario the PCs can quickly figure out the floorplan and defensive measures largely through observation in the immediate moment, in the heist discovering these elements usually requires additional effort during the prep phase of the heist.
The heist structure is heavily player-driven, but if the players haven’t done proper heists before, they can prove unusual enough that the GM should let the players know that they have opportunities they might not normally consider viable. This is particularly true specifically because of the heist’s similarity to the location-crawl: Players may assume that they’re “supposed” to engage the heist in the same way that they engage a traditional dungeon.
Once players get comfortable with heists being part of their toolkit, things can start getting really interesting: You won’t necessarily prep something specifically to be a heist. You’ll just prep a situation and it will be up to the players to decide whether or not a heist is the right solution for that situation.
The heist structure consists of five steps.
STEP 1: IDENTIFY THE SCORE. In Ocean’s 11 (like many heist movies), this moment actually happens before the movie begins. But we see a suggestion of it in a newspaper clipping Danny Ocean is studying early in the film:

Often the target of a heist will arise organically out of other events. An urbancrawl structure might allow the PCs to dynamically search for scores and then choose their target. A patron, like “Mr. Johnson” in a Shadowrun game, might hire the PCs as freelancers to target a specific score.
STEP 2: GATHER INFORMATION. The next step is for the PCs to gather information about their target. This should include being able to gain access to some or all of the blueprints and defensive measures in the targeted complex. It may also include an event schedule, which will often feature one or more opportunities for performing the heist (by either providing unique access to the target and/or providing cover for the operation).

In Ocean’s 11, Danny Ocean and his partner Rusty Ryan exploit contacts they’ve made to gain after hours access to the files of the security firm that designed the Bellagio’s vault. They’ve already identified, from their previous research, that the ideal time to stage their heist will be on the night of a big fight (which will provide both a distraction for their operation and also increase the amount of money in the vault for them to steal).
In prepping a heist scenario, the GM should give some thought to what form the Gather Information phase might take for the target, but they should always remain open to alternative thinking from the PCs.
It’s important for the GM to remember that, in a heist scenario, the expected outcome is for the PCs to succeed in getting this information. That doesn’t mean it’s guaranteed: The expected outcome of combat in an RPG is for the PCs to win, right? But that doesn’t mean it always happens. But GMs can sometimes get a little too enamored of keeping their cards close to their chest, and you may need to consciously remind yourself to fight that instinct: 90% of the fun in a heist scenario comes from seeing a problem and coming up with a solution for it. Only about 10% comes from being surprised by the unknown in the middle of the heist (and that will usually arise organically as the heist plays out).
STEP 3: ONSITE SURVEILLANCE. After the initial gathering of information, most heist stories will give the protagonists an opportunity to conduct onsite surveillance before the heist happens. This surveillance allows them to gain information they missed or were unable to gather earlier, clarify the information they already have, and/or discover that some of their information was inaccurate or outdated (and now they have a whole new set of problems to solve!).
In the case of Ocean’s 11 this is relatively easy for Danny and Rusty to achieve because the casinos they’re robbing are public spaces: They literally check into the hotels and can have their crew scope out the place at their leisure.
Other targets, however, may require the PCs to take advantage of special circumstances (or create those circumstances for themselves). The event schedule they found in Step 2 can provide opportunities not only for the heist itself, but also for surveillance. In other cases, they may need to interact with the target under false pretenses or using forged credentials in order to carry out their initial surveillance.
In prepping a heist, it can be useful to figure out explicitly what information can only be obtained through onsite surveillance. One really easy division is to make it easy to obtain floor plans of the target, but to only be able to ascertain limited information about the security measures in place without being onsite.
When running the surveillance opportunity, once again remember that the expected outcome is for the PCs to succeed in carrying out their surveillance. Barring complete and utter catastrophe, the worst outcome for the PCs should be only one of the following:
- They only get some of the information they need
- They get misleading information
- The do something sufficiently suspicious that security is heightened or changed
STEP 4: PREP WORK. Possibly running in tandem with the onsite surveillance, the team will also need to make preparations for the job. This prep often takes the form of altering the information the PCs have received – creating new entrances, blinding security cameras, subverting guards, etc. It may also involve creating bespoke resources (or simply shopping for necessary supplies).

In modern or science fiction heists, prep work almost always includes figuring out some way to tap the security feeds so that the PCs can monitor the entire facility. If you’re not comfortable improvising what they see, use adversary rosters combined with daily schedules so that the PCs can figure out the “usual routine” at the site.
STEP 5: THE OPERATION. Finally, the operation itself. The PCs try to carry out their plan.
In running the operation, there may be one or more twists: Unexpected circumstances that the PCs didn’t anticipate or that they missed in their research. These twists can either be gotchas (twists which the GM prepares ahead of time and which the PCs have no way or anticipating – “Oh crap! Mrs. Roberts came home early!”) or complications arising from failed checks (either during their prep work or during the operation itself).
In my opinion, you’re generally going to want to rely more on complications rather than gotchas. First, skipping the gotchas will save you from unnecessary prep work. Second, in my experience it’s simply more interesting for the players to be able to look back and understand where the complications are coming from.
(Which is not to say you should never use a gotcha: One really great gotcha can elevate a scenario to the next level.)
To break this down more explicitly, successfully executing a heist will usually involve a series of skill checks. A single failed check should not cause the entire plan to immediately fail. Instead, you’ll generate complications using fail forward techniques. These complications on failed skill checks are why you can get away with giving the PCs perfect information during Step 2 and Step 3: Among other things, you can use complications to introduce “oh fuck, he got a new safe” obstacles that effectively alter or reveal gaps in the information the PCs acquired on-the-fly.
In Ocean’s 11, for example, you can see how one complication can trigger an escalating chain of additional complications, constantly creating new and interesting problems for the PCs to deal with: Basher Tarr’s prep work turns to shit when the demolition of a casino inadvertently scuttles their plan for cutting power to the casino. (That might be a GM-prepped “gotcha,” but is more likely a complication arising from Tarr’s original Electrical Engineering skill check.) To solve the problem, the team has to put together a mini-heist to boost an EMP generator. During that heist, however, their greaseman injures his hand. And then, when they deploy the EMP, it blows out the team’s earpieces so they can’t communicate any more.
Finally, to reiterate something of primary importance: Avoid twists of any type that automatically scuttle the entire job and/or negate all the PCs’ planning. Not only do they suck, they will also strongly discourage your players from pursuing heist strategies in the future. It’s much more interesting to create a new problem and let the players figure out how to solve it.
ON THE SUBJECT OF BLUEPRINTS
Heists will benefit greatly from having player-friendly versions of the blueprints that can be given as a handout. It’s well worth your time as the GM to spend the time to make these. In fact, you might want to prepare several:
- A full blueprint (i.e., a complete map of everything in the complex)
- A version with some inaccuracies (what these are is situational; for example, maybe the players get their hands on an older set of blueprints from when the facility was first built and it lacks newer features or secret areas added by the new owners)
- Partial versions, particularly those reflecting limited knowledge of certain underlings who might be questioned. (Although it may be easier to simply sketch these ad hoc as they come up during play.)
PREP CHECKLIST
Okay, so what does the GM need to prep for a heist scenario?
- Blueprints (both the GM’s and those intended for PCs to discover)
- Defensive Measures (most likely including adversary rosters, security cameras, traps, etc.)
- Event schedule (including surveillance and heist opportunities)
- Gotchas (optional)
It’s actually a very short list. Everything else flows out of the process of play, rather than any sort of laborsome preparation.
A FEW MORE THINGS ON THE MATTER OF HEISTS

COMPETING GOALS: In Ocean’s 11 robbing Terry Benedict isn’t Danny Ocean’s only goal. He’s simultaneously using the heist to win back his estranged wife. In the course of the movie we’re led to believe that this goal is in conflict with the goals of the rest of the team, and although that eventually turns out not to be true (everyone except the rookie Linus was onboard with what Danny was doing and actively assisting him) there’s no reason it can’t be true for other heists. Introducing multiple, overlapping goals into a single heist is a great way to spontaneously generate more complications and more interest.
NO AUDIENCE TWISTS: On the note of perceived truth versus actual truth in heist stories, it should be noted that most heist movies will feature a twist for the audience. This usually takes the form of thinking that something has gone wrong for the team, but then it’s revealed that the “problem” was actually part of the plan the whole time.
This is an example of where playing through a scenario in an RPG is fundamentally different from being a passive audience member of other storytelling mediums. These types of audience-focused twists simply aren’t possible when the participants ARE the audience. And that’s okay. RPGs offer different forms of reward than passive viewership does.
COMPETING TEAMS: An advanced technique for adding interest to a heist is to add a second team onsite. They might be attempting the exact same heist, or maybe they have a different goal. Either way, their actions can add both complications and opportunities for the PCs.
BEYOND VEGAS

For a very compact version of the heist, consider the opening of Mission: Impossible (the 1996 film). The job at the Embassy at the beginning of the film is a tight little heist, and adds the additional layer of complication by having a traitor on the team.

For a more action-packed heist, look at Fast Five. Often the “ideal” image of a heist features a clean job – the team gets in and out without being detected. But that’s not the only way to run a heist. Sometimes the plan will call for big guns and fast cars. Sometimes the big guns and fast cars will come out because the plan has gone sideways.
Go to Challenge #5