Emergency and Incident Response Action Plans
It is imperative that Entities be prepared for the unknown, sometimes unseen and usually unpredictable events. Redmond Worldwide, Inc. develops, prepares, and documents an Emergency Management Process for the organization to use to prevent, mitigate, respond, and recover from emergencies. Redmond Worldwide, Inc. will support Entities capacity to direct, control and coordinate response and recovery operations, by developing Incident Management Standard Operating Procedures (IMSOP’s) for all emergency support functions that are consistent.
Redmond Worldwide, Inc. utilizes an Emergency Plan Documentation Process that will maintain, catalogue, organize and document the entire complement of the Entities emergency plans. The Emergency Management Process consists of planning, preparedness, and response and readiness assurance activities.
Redmond Worldwide, Inc. assists Entities in supporting the overall management and coordination of the planning and emergency preparedness, response, and recovery and mitigation program.
Redmond Worldwide, Inc. will support Entities to ensure that the adequate legislative and regulatory procedures for its emergency management program are adhered to and reviews current legislation and regulatory language, prepare and submit reports of the review to supporting emergency management functions.
Redmond Worldwide, Inc. will prepare and maintain emergency plans/annexes that address such topics as continuity of operations, continuity of government, security (physical, personnel and information), general evacuation, terrorism, and radiological responses.
Redmond Worldwide, Inc. will review the Entities Response Plan (DRP). The GAP analysis will outline how effectively the Entities’s will be able to work collaboratively within the Entities and with its regional and federal partners in the event of a disaster.
Redmond Worldwide, Inc. will review Entities’ current Emergency capability to implement the City’s planning and emergency preparedness, response and recovery, and mitigation activities in its role as coordinator of the city’s response to potential and natural, civil, technological disasters, catastrophic events and acts of terrorism.
Redmond Worldwide, Inc. will develop an assessment of the resource capability gaps and the procedures to overcome these gaps. Redmond Worldwide, Inc. will support Entities in establishing procedures to locate, acquire, distribute, and account for services, resources, materials, and facilities procured to support the program.
Redmond Worldwide, Inc. will develop a computer tracking system for material accountability in emergency situations.
Redmond Worldwide, Inc. will assist Entities in maintaining a management resource capability system which will include personnel, equipment training, facilities, funding, expert knowledge, materials and schedules and a process for identifying points at which they will be needed.
Redmond Worldwide, Inc. combines the vulnerability analysis and the risk analysis to determine the potential hazards, and the likelihood and the extent of harm that may result from these hazards.
We determines the potential for detrimental impacts of hazard on the full array of health services, safety, and environmental, economic and business and technology. .
We analyzes past risks associated with the Entities’ hazards, which will include at a minimum natural events, technological events, and man-made events on persons, public and private property and structures.
Redmond Worldwide, Inc. then assesses and maintains a current inventory of internal and external emergency resources including voluntary donations, shelters, and mutual aid agreements.
We conduct a hazard-specific risk assessment/impact analysis based on past occurrences, which is used to determine the potential for future detrimental impacts of the risks and hazards within a community, city, region, or region, through analysis of past disasters and their effects, and an analysis of the community’s location and demographics.
Redmond Worldwide, Inc. reviews designated categories of critical activities, which will provide the framework to prepare for adverse situations and assess risks, which may impact these functions.
We identify natural and human activities whose occurrence pose danger for persons, property, installations, and the environment.
Redmond Worldwide, Inc. identifies the activities that may be mitigated allowing for the alleviation of the effects of a major disaster any emergency. In addition, long-term activities that can me used to minimize the potentially adverse effects of future disasters in the affected area will also be identified.
a. Identify threats from both internal and external sources. These should include, but not be limited to, the following:
1. Natural, man-made, technological, and political emergencies
2. Accidental versus intentional
3. Internal versus external
4. Controllable risks versus those beyond the organization’s control
5. Events with prior warnings versus those with no prior warnings
b. Determine the probability of events
1. Information sources
2. Credibility
c. Create methods of information gathering
d. Develop a suitable method to evaluate probability versus severity
e. Establish ongoing support of evaluation process
f. Identify the relevant key security and legislative issues
g. Establish cost benefit analysis to be associated with the identified loss potential
a. Identify primary threats the organization may face, and secondary/collateral events that could materialize because of such threats (e.g., hurricane threat could result in several events including high winds, flood, fire, building and roof collapse, etc.)
b. Select vulnerabilities most likely to occur and with greatest impact
a. Location(s) and security considerations. The actions taken and facilities installed to reduce the probability of occurrence of incidents that would impair the ability to conduct their mission.
1. Physical protection
§ Understand the need to restrict access to buildings, rooms, and other enclosures.
§ Understand the need for barriers and strengthened structures to deter willful and accidental and/or unauthorized entry
2. Physical presence
§ Determine the need for the use of specialist personnel to conduct checks at key entry points
§ Determine the need for manned and/or recorded surveillance equipment to control access points and areas of exclusion
3. Logical protection
§ Understand the need for system-provided protection of data stored, in process, or in translation
4. Location of assets
§ Understand the inherent protection afforded key assets by virtue of their location relative to sources of risk.
b. Location: physical construction, geographic location, neighbors, facilities infrastructure, community infrastructure
c. Protection: detection, notification, suppression systems
d. Security and access controls, insurance, leasehold agreements
e. Personnel procedures
f. Procedural controls
g. Information backup and protection
h. Information security: hardware, software, data, network
i. Preventive maintenance and equipment preplanning
j. Utilities: duplication of utilities, redundancies in utilities
k. Interface with regional and federal partners
l. Services: electricity, air conditioning, water, communications, maintenance, equipment replacement and spares, documentation
a. Identify alternative risk analysis methodologies and tools
1. Qualitative and quantitative methodologies
2. Advantages and disadvantages
3. Reliability/confidence factor
a. Basis of mathematical formulas used
b. Select appropriate methodology and tool(s) for agency-wide implementation
a. Develop a strategy consistent with issues and organizational policy
b. Determine a viable strategy that can be managed across divisions and organizational locations
c. Identify credible information sources
d. Create organization-wide methods of information collection and distribution
1. Forms and questionnaires
2. Interviews
3. Meetings
4. Documentation review
a. Identify communications flow with appropriate internal departments/divisions
b. Establish service level agreements for both suppliers organizations and groups
c. Develop preventive and pre-planning options
1. Cost/benefit
2. Implementation priorities, procedures, and control
3. Testing
4. Audit functions and responsibilities
d. Understand options for risk management and selection of appropriate or cost-effective response, i.e. risk avoidance, transfer, or acceptance of risk
e. Develop interface with suppliers and utilities
f. Develop security practices
g. Identify methods to minimize the effects of the loss potential
h. Brief responders, ensuring they understand their objectives and reporting structure
a. Establish emergency scenarios based on risks to which the organization is vulnerable. The emergency scenarios should be based on these types of criteria: severe in magnitude, occurring at the worst possible time, resulting in severe impairment to the organization’s ability to respond. .
b. Evaluate risks and classify them according to relevant criteria, including: risks under the organization’s control, risks beyond the organization’s control, threats with prior warnings (such as tornadoes and hurricanes), and threats with no prior warnings (such as acts of terrorism).
c. Evaluate impact of risks and threats on those factors essential for conducting operations: availability of personnel, availability of information technology, availability of communications technology, status of infrastructure (including transportation), etc.
d. Evaluate controls and recommend changes, if necessary, to reduce impact due to risks and threats
1. Controls to inhibit impact threats: preventive controls (such as passwords, smoke detectors, and firewalls)
2. Controls to compensate for impact of threats: reactive controls
a. Identify the organization’s possible physical security exposures, including the following specific categories of security risks
1. Physical /plant security
2. Information security - computer room and media storage area security
3. Communications security - voice and data communications security
4. Network security - intranet security, Internet security
b. Advise on feasible, cost-effective security measures required to prevent/reduce security-related risks and threats
a. Identify vital record needs in the organization, including paper and electronic records
c. Advise on and implement feasible, cost-effective backup and restoration procedures for all forms of the organization’s vital records
Business Impact Analysis (BIA)
Redmond Worldwide, Inc. will conduct a vulnerability analysis to determine the potential for detrimental impacts of hazards on the full array of health services, safety, and environmental, economic and financial assets.
Redmond Worldwide, Inc. will conduct a management level analysis, which will identify the impacts that losing resources will have on the entity. . This analysis will measure the effects of resource loss and escalating losses over time in order to provide reliable data upon which to base decisions on hazard mitigation and continuity planning.
This BIA, as it applies to federal, state and local government will be a means to assess impacts of interruptions on essential business processes. It will not require going beyond requirements as applied by normal government policies and procedures
a. Identify and obtain a project sponsor for the Impact Analysis activity
b. Define objectives and scope
c. Choose an appropriate project planning methodology/tool
d. Identify and inform participants of the project and its purpose
e. Identify training requirements
f. Establish a training schedule and undertake training
g. Ensure the project leader has a sound understanding of the purposes of the organization
h. Obtain agreement on final project time schedule and initiate the project
a. Effects of disruptions
1. Loss of assets: key personnel, physical assets, information assets, intangible assets
2. Disruption to the continuity of service and operations
3. Violation of law/regulation
4. Public perception
b. Impact of disruptions on
1. Financial
2. Customers and suppliers
3. Public relations/credibility
4. Legal
5. Regulatory requirements/considerations
6. Environmental
7. Operational
8. Personnel
9. Other resources
c. Determine Loss Exposure
1. Quantitative
§ Property Loss
§ Revenue loss
§ Fines
§ Cash flow
§ Accounts receivable
§ Legal liability
§ Human resources
§ Additional expenses/increased cost of working
2. Qualitative
§ Human resources
§ Morale
§ Confidence
§ Legal
§ Social and corporate image
§ Financial community credibility
a. Data collection methodologies
1. Finalize an appropriate data collection method (e.g., questionnaires, interviews, workshop, or in agreed combination)
2. Recommend and obtain agreement as to how potential financial and non-financial impact can be quantified and evaluated
3. Identify and obtain agreement on requirements for non-quantifiable impact information and gain agreement
4. Develop questionnaire (if used) and completion instructions
5. Determine data analysis methods (manual or computer)
b. Data collection via questionnaires
1. Understand the need for appropriate design and distribution of questionnaires, including explanation of purpose, to participating departmental managers and staff
2. Understand the role of, and manage, project kick-off meetings to distribute and explain the questionnaire
3. Understand the role of, and support respondents during completion of questionnaires
4. Review completed questionnaires and identify those requiring follow-up interviews
5. Conduct follow-up discussions when clarification and/or additional data is required
c. Data collection via interviews only
1. Understand the need for consistency, with the structure of each interview predefined and following a common format
2. Ensure the base data to be collected at each interview is predefined
3. Understand the need for initial interview to be reviewed and verified by the interviewee
4. Schedule follow-up interviews, if initial analysis shows a need to clarify and/or add to the data already provided
d. Data collection via a workshop
1. Understand the need for, and set a clear agenda and set of objectives
2. Identify the appropriate level of participating management and obtain agreement
3. Choose appropriate venue, evaluating location, facilities, and staff availability
4. Act as facilitator and leader during discussions
5. Ensure workshop objectives are met
6. Ensure all issues outstanding at the end of the workshop are identified and responsibility for their resolution agreed upon
e. Impact Analysis report
1. Prepare draft report containing initial impact findings and issues
2. Issue draft report to participating managers and request feedback
3. Review manager feedback and, where appropriate, revise findings accordingly or add to outstanding issues
4. Schedule a workshop or meeting with participating manager(s) to discuss initial findings, when necessary
5. Ensure original findings are updated to reflect changes arising from these meetings
6. Prepare final report according to organization or house standards
7. Prepare and undertake formal presentation of findings to peers and executive bodies
a. Establish definition of criticality, and negotiate with management single or multiple levels of criticality
b. Identify critical functions
1. Functions
2. Support functions
3. Interdependencies
c. Identify vital records to support emergency operations
d. Prioritize critical functions
a. Determine recovery windows for critical emergency functions based on level of criticality
b. Determine the order of recovery for critical emergency functions, and support functions and systems based on parallel and interdependent activities
c. Determine minimum resource requirements for emergency, recovery and resumption of critical functions and support systems
1. Internal and external resources
2. Owned versus non-owned resources
3. Existing resources and additional resources required
a. Interrelationship between the processes
b. Process dependencies
1. Intra-department
2. Inter-department
3. Technology
4. Processes
a. Equipment
b. Key personnel
c. Raw materials/sub-assemblies
d. Other
The Emergency Strategies will be developed based on the vision, mission, goals and objectives of the DC Emergency Management Program.
The Strategy activities will include identification of alternatives to address the immediate and short-term effects of an emergency or disaster. The strategy will include immediate actions to save lives, protect property, and meet basic human needs. The Strategy will be based on the requirements of the situation, response assistance will be provided to an affected state under the Federal Response Plan (FRP) using a partial activation of selected Emergency Support Functions (ESF’s) or the full activation of all ESF’s to meet the needs of the situation.
Redmond Worldwide, Inc. will develop a hazard mitigation strategy to mitigate effects of hazards that cannot be mitigated or eliminated. These will include mitigation of the risk associated with natural and human activities that pose danger for persons, property, installations and the environment
Redmond Worldwide, Inc. will develop a processes and procedures for using, maintaining, augmenting, and providing backup for all types of communication devices required in day to day emergency response and operations and for emergency notification and alert system.
Redmond Worldwide, Inc. will assist Entities in maintaining a management resource capability system which will include all personnel, major items of equipment, training, facilities, funding, expert knowledge, materials and schedules, identifying when they will be needed.
Redmond Worldwide, Inc. will review the Emergency Operating Center to determine the adequacy of security, communications capabilities, staffing and the procedures required to activate it during an emergency situation.
Redmond Worldwide, Inc. will prepare and maintain a strategic plan that defines the vision, mission, goals, and objectives of the DC Emergency Management Program.
a. Review recovery issues
1. Timeframes
2. Options
3. Location
4. Personnel
5. Communications
b. Review technology recovery issues for each support service
c. Review non-technology recovery issues for each support service, including those support services not dependent upon technology
d. Compare internal/external solutions
e. Identify alternative recovery strategies
1. Do nothing
2. Defer action
3. Manual procedures
4. Reciprocal agreements
5. Alternative site or facility
6. Alternate source of product
7. Service bureau
8. Consortium
9. Distributed processing
10. Alternative communications
11. Mitigation
12. Preplanning
f. Compare internal and external solutions
g. Assess risk associated with each optional recovery strategy
a. Effectively analyze Agency needs criteria
b. Clearly define recovery planning objectives
c. Develop a consistent method for evaluation
d. Set baseline criteria for options
a. Employ a practical, understandable methodology
b. Set realistic time schedules for evaluation and report writing
c. Deliver concise specific recommendations to senior management
a. Criteria
b. Communications
c. Agreement considerations
d. Comparison techniques
e. Acquisition
f. Contractual consideration
a. Understand and prepare requirements statements for use in formal agreements for the provision of emergency services
b. Formulate any necessary technical specifications for use in "invitation-to-tender" format
c. Interpret external agreements proposed by suppliers in relation to the original requirements specified
d. Identify specific requirements excluded from any standard agreements proposed
e. Understand and advise on the inclusion of optional elements and those that are essential
a. Develop, implement, and exercise enterprise-wide plans for emergency management to emphasize coordination of unit continuity, information technology, and communications technology recovery and continuity
b. Develop, implement, and exercise enterprise-level crisis management plans for media handling, crisis communications, etc.
a. Develop, implement, and exercise unit response, recovery, resumption, restoration, and return plans
b. Designate and obtain approval for recommended staff and access to essential equipment resources for work area recovery sites
a. Voice communications
1. Develop strategies to recover/restore voice communications
2. Make arrangements with local loop and long distance phone service providers for voice communications recovery (e.g., alternate exchanges, alternate routing, dial backup, foreign exchanges, etc.)
b. Data communications
1. Develop, implement, and exercise plans to recover/restore data communications
2. Evaluate and select appropriate arrangements with local, long distance, and global telecommunications network service providers for data communications recovery strategies and action plans
Redmond Worldwide, Inc. will develop and maintain plans for mitigation, preparedness and response and recovery activities and prepare written management policies, procedures and coordination of the Entities’s planning and emergency preparedness
Redmond Worldwide, Inc. will develop a processes and procedures for using, maintaining, augmenting, and providing backup for all types of communication devices required in day to day emergency response and operations and for emergency notification and alert systems.
Redmond Worldwide, Inc. will develop a Communications and Electronics Operations (CEOI) Manual as part of the planning phase.
Redmond Worldwide, Inc. will develop, coordinate, implement, and maintain procedures that will enhance the ability of the Entities to direct, control, and coordinate response and recovery operations throughout the Incident Command System for Emergency Operations.
Redmond Worldwide, Inc. will assist Entities in supporting the overall management and coordination of the Entities’s planning and emergency preparedness, response, and recovery and mitigation program.
Redmond Worldwide, Inc. will write procedures for utilizing the computer tracking system, which was developed in the Gap Analysis for material accountability in emergency situations.
Redmond Worldwide, Inc. will prepare written management policies and procedures for the Entities’s departments and agencies to ensure that the emergency program is institutionalized. These policies and procedures will clearly indicate your vision, mission, goals, and objectives of the program and support the program’s continuity and viability.
Redmond Worldwide, Inc. shall design a disaster/emergency communication, education, and information plan and program that includes the capability of communicating with the special needs of the population: a method to coordinate and clear information for media and public release; a procedure to notify the public of a disaster/emergency, its effects, and how to protect themselves; and procedures to respond to requests for information.
At a minimum, but not inclusive, Redmond Worldwide, Inc. will review the following documents:
Agency/Organization |
Plan |
Date |
DCEntities |
Entities Response Plan |
April 02 |
|
Metropolitan Washington Council of Governments (COG) |
Regional Emergency Coordination Plan |
April 10, 2002 |
|
DCEntities |
Entities of Columbia Emergency Operations Center Standard Operating Procedures |
Unknown |
|
DCEntities |
Entities of Columbia Hazard Mitigation Plan |
Jan, 00 |
|
DCEntities |
Entities of Columbia Hazardous Materials Plan |
Jan, 00 |
|
DC DOH |
Entities of Columbia Bio-terrorism Plan |
September, 01 |
|
FEntities |
Robert T. Stafford Disaster Relief and Emergency Assistance Act, as amended |
November 23, 1988 |
|
FEntities |
Federal Response Plan |
April, 99 |
|
FEntities |
Federal Radiological Emergency Response Plan |
May, 96 |
|
FEntities |
National Capitol Region Incident Contingency Plan |
Nov. 01 |
|
FEntities |
State and Local Guide for All-Hazards Emergency Planning |
Sept. 96 |
|
EPA |
National Contingency Plan |
June, 82 |
|
|
|
|
Redmond Worldwide, Inc. will support Entities to ensure the adequate adherence to legislative and regulatory procedures for its emergency management program by reviewing current legislation and regulatory language, and prepare and submit reports of the review to supporting emergency management functions throughout the DC government.
a. Reporting procedures
1. Internal (escalation procedures)
§ Local
§ Organization (decision-making process)
2. External (response procedures)
§ Public agencies and media
§ Suppliers of products and services
b. Pre-incident preparation
1. By types of emergency
§ Acts of nature
§ Accidental
§ Intentional
2. Management continuity of authority
3. Roles of designated personnel
c. Emergency actions
1. Evacuation
2. Medical care and personnel counseling
3. Hazardous material response
4. Firefighting
5. Notification
6. Bio-terrorism
d. Facility stabilization
e. Damage mitigation
f. Testing procedures and responsibilities
a. Protection of personnel
1. Recognize and understand the value of supplementing any relevant statutory precautions
2. Identify options for immediate deployment and subsequent contact
3. Provide for communication with staff, next-of-kin, and dependents
4. Understand implications of statutory regulations
b. Containment of incident
1. Understand the principles of salvage and loss containment
2. Understand options available to supplement the efforts of the emergency services in limiting impact
3. Understand possibilities within emergency functions to limit the impact of an emergency, within statutory constraints
c. Assessment of effect
1. Analyze the situation and provide effective assessment report
2. Estimate the event’s direct impact on the organization
3. Communicate situation to employees at involved facility and any other organization locations
4. Demonstrate awareness of the likely media interest and formulate a response in conjunction with any existing public relations and/or existing marketing unit
d. Decide optimum actions
1. Understand the issues to be considered when recommending or making decisions on recovery options
2. Understand the roles of emergency services providers
3. Maintain principles of security, especially in regard to the disposal of stored/archived materials or damaged materials with retained value
a. Designing and equipping the Emergency Operations Center
b. Command and decision authority roles during the incident
c. Communication vehicles (e.g., radio, messengers, and cellular telephones)
d. Logging and documentation methods
a. Opening the Emergency Operations Center
b. Security for the Emergency Operations Center
c. Scheduling the Emergency Operations Center teams
d. Management and operations of the Emergency Operations Center
e. Closing the Emergency Operations Center
a. Develop, implement, and exercise emergency response and triage procedures, including determination of priorities for actions in an emergency
b. Develop, implement, and exercise triage procedures such as first aid and medical treatment; identify location and develop procedures for transportation to nearby hospitals
a. Assemble reaction team
1. Understand the need for effective diagnosis of incident by telephone
2. Understand the need for effective assembly of relevant resources at affected sites
3. Develop internal escalation procedures to provide required level of resources as incident/response develops
b. Define strategy for initial on-site activity
1. Understand the need to identify immediate loss mitigation and salvage requirements
2. Understand the need for and, if necessary, prepare an action plan for site safety, security, and stabilization
3. Identify appropriate methods for protection of assets on-site, including equipment, premises, and documentation
4. Recognize potential need to establish liaison with external agencies (e.g., statutory agencies, emergency services such as fire departments and police, insurers, loss adjusters, etc.), and specify type of information these agencies may require
5. Understand emergency requirements and interpret them to aid physical asset recovery
6. Establish procedures with all appropriate public authorities for facility access
Coordination with Public Authorities
1. Identify Applicable Laws and Regulations Governing Emergency Response
a. Gather/identify sources of information on applicable laws and regulations
b. Gather emergency recovery, environmental cleanup, and resumption requirements
a. Identify statutory requirements for the agency
b. Identify and coordinate with other public agencies providing emergency assistance; establish liaison procedures
c. Work with statutory agencies to conform to legal and regulatory requirements.
a. Ensure that plans conform to statutory requirements
b. Ensure that plan execution is coordinated with other appropriate public authorities where necessary or required under law.
c. Periodically review liaison procedures
a. Internal (corporate and unit level) groups
b. External groups
c. External agencies
a. Local/state emergency services
b. Local/state/national civilian defense authorities
c. Local/state/national weather bureaus
d. Other governmental agencies as appropriate
a. Responders
b. Employees and their families
c. Key customers
d. Key suppliers
e. Corporate/headquarters management
f. Other stakeholders
a. Policies and procedures for media handling
b. Plans and preparations for media handling
c. Implement and exercise media handling plans
a. Planning aids
b. Tools
1. Job descriptions
2. Action plans
3. Checklists
4. Matrices and flowcharts
5. Forms
6. Other supporting documentation
a. Define emergency
1. Differentiate between an interruption and an emergency
2. Suggest severity criteria that may be used to create a definition
3. Design escalation criteria
b. Identify and agree on approach to key phases of recovery; document agreed approach
c. Recovery team concept
1. Team description
2. Team organization
3. Responsibilities
§ Recovery coordinator
§ Group coordinators
4. Support staff
5. Emergency Operations Center
d. Establish procedure to transition from emergency response plan to recovery plan.
a. Plan design and structure
1. Identify examples of alternative plans and structures
2. Define how plan structure is tied to the organization
3. Document structure and design of departmental continuity plans
4. Ensure built-in mechanisms to ease maintenance
5. Plan and implement the gathering of data required for plan completion
b. Allocate tasks and responsibilities
1. Differentiate between recovery teams and departmental teams
2. Identify tasks to be undertaken
3. Identify necessary teams to perform required tasks
4. Assign responsibilities to teams
5. Identify and list key contacts, suppliers, and resources
a. Draft the Emergency Response Plan, ensuring adequate and appropriate involvement of personnel required to implement the Plan
b. Continue gathering data as needed to ensure Plan is complete and accurate
a. Locate and catalogue organization information
1. Identify and confirm information and documentation critical to the organization
2. Select or recommend appropriate methods of backup
3. Determine which information should be duplicated
4. Establish duplication or replication methods
5. Set up regular schedules for duplication
6. Quantify storage requirements
7. Identify suitable storage facilities
8. Establish schedules for safe transfer of information to suitable storage facilities
9. Understand retention periods
10. Identify key suppliers
b. Protection and replication strategies
1. Define assumptions governing the choice of replication and storage strategies
2. Define program for replication and storage of specific classes and types of information
3. Understand the advantages and disadvantages of
§ Duplication methods
§ Replication methods
§ Storage methods
4. Understand the advantages and disadvantages of available protection methods
5. Predict shelf-life of stored information
6. Understand suitable treatment that may be required during storage, according to the media used and environmental conditions
c. Information recovery
1. Recommend suitable procedures, taking into account:
§ Most suitable sequence of recovery
§ Compatibility of reading and writing equipment and storage media
§ Timeframes determined by the requirements
§ Timeframes determined by the legislative requirements
§ Requirements of daily or weekly routines, where applicable
2. Identify recovery or starting point for processing or handling information
3. Develop a reasonable set of assumptions, taking various realistic scenarios into account
d. Develop optional methods
1. Recommend alternative ways to conduct business when normal resources are unavailable following a emergency or other disruptive event that will be effective until recovery procedures are successfully completed
2. Recommend method/procedures to easily transfer functions from any alternative, temporary, or emergency operation into the re-installed service
a. Damage assessment
1. Create an action plan for assessing damage
2. Understand economics of repair versus replacement
3. Understand the capabilities of salvage specialists in selecting and applying relevant methods of contamination analysis
4. Understand the criteria for selecting appropriate sub-contractors for salvage operations
5. Clearly relate damage assessment to continuity of organization
b. Define restoration strategy
1. Employ a logical but relevant and practical approach to recovery requirements
2. Demonstrate ability to reduce consequential losses
3. Agree upon restoration methods for assets (e.g., equipment, electronics, documents, data, furnishings, premises, plant, computers, etc.)
4. Security
5. Human Resource and Personnel Considerations
6. Develop General Introductions or Overview
a. General information
1. Introduction
2. Scope
3. Objectives
4. Assumptions
5. Responsibility overview
6. Testing
7. Maintenance
b. Plan activation
1. Notification
§ Primary
§ Secondary
2. Emergency declaration procedures
3. Mobilization procedures
4. Damage assessment concepts
§ Initial
§ Detailed
§ Team members
c. Team organization
1. Team description
2. Team organization
3. Team leader responsibilities
d. Policy statement
e. Emergency Operations Center
a. Identify recovery functions for specific support functions
1. Personnel/human resources
2. Security
3. Insurance/risk management
4. Equipment/supplies purchasing
5. Transportation
6. Legal
b. Understand need for public relations/media communications coordinator
1. Qualifications
2. Responsibilities
c. Other specialist coordinator/team responsibilities
1. Relations/liaison with regulatory bodies
2. Investor relations
3. Relations with other involved groups (e.g., customers and suppliers)
d. Identify components of vital records program
e. Action sections
1. Recovery team
§ Personnel
§ Responsibilities
§ Resources
f. Action plans
1. Department/individual plans
2. Checklists
3. Technical procedures
a. Operating department plans
1. Essential functions
2. Information protection and recovery
3. Activation actions
4. Emergency site recovery/restoration actions
b. Components of a vital records program
c. Action sections
1. Recovery team
§ Personnel
§ Responsibilities
§ Resources
d. Action plans
1. Specific department/individual plans
2. Checklists
Implement Solutions
Determine Plan Development Requirements
b. Planning aids
c. Tools
1. Job descriptions
2. Action plans
3. Checklists
4. Matrices and flowcharts
5. Forms
6. Other supporting documentation
b. Define emergency
1. Differentiate between an interruption and an emergency
2. Suggest severity criteria that may be used to create a definition
3. Design escalation criteria
c. Identify and agree on approach to key phases of recovery; document agreed approach
d. Recovery team concept
1. Team description
2. Team organization
3. Responsibilities
§ Recovery coordinator
§ Group coordinators
4. Support staff
5. Emergency Operations Center
e. Establish procedure to transition from emergency response plan to recovery plan.
b. Plan design and structure
1. Identify examples of alternative plans and structures
2. Define how plan structure is tied to the organization
3. Document structure and design of departmental continuity plans
4. Ensure built-in mechanisms to ease maintenance
5. Plan and implement the gathering of data required for plan completion
c. Allocate tasks and responsibilities
1. Differentiate between recovery teams and departmental teams
2. Identify tasks to be undertaken
3. Identify necessary teams to perform required tasks
4. Assign responsibilities to teams
5. Identify and list key contacts, suppliers, and resources
c. Draft the Emergency Response Plan, ensuring adequate and appropriate involvement of personnel required to implement the Plan
d. Continue gathering data as needed to ensure Plan is complete and accurate
b. Locate and catalogue organization information
1. Identify and confirm information and documentation critical to the organization
2. Select or recommend appropriate methods of backup
3. Determine which information should be duplicated
4. Establish duplication or replication methods
5. Set up regular schedules for duplication
6. Quantify storage requirements
7. Identify suitable storage facilities
8. Establish schedules for safe transfer of information to suitable storage facilities
9. Understand retention periods
10. Identify key suppliers
c. Protection and replication strategies
7. Define assumptions governing the choice of replication and storage strategies
8. Define program for replication and storage of specific classes and types of information
9. Understand the advantages and disadvantages of
§ Duplication methods
§ Replication methods
§ Storage methods
10. Understand the advantages and disadvantages of available protection methods
11. Predict shelf-life of stored information
12. Understand suitable treatment that may be required during storage, according to the media used and environmental conditions
d. Information recovery
4. Recommend suitable procedures, taking into account:
§ Most suitable sequence of recovery
§ Compatibility of reading and writing equipment and storage media
§ Timeframes determined by the requirements
§ Timeframes determined by the legislative requirements
§ Requirements of daily or weekly routines, where applicable
5. Identify recovery or starting point for processing or handling information
6. Develop a reasonable set of assumptions, taking various realistic scenarios into account
e. Develop optional methods
3. Recommend alternative ways to conduct business when normal resources are unavailable following a emergency or other disruptive event that will be effective until recovery procedures are successfully completed
4. Recommend method/procedures to easily transfer functions from any alternative, temporary, or emergency operation into the re-installed service
b. Damage assessment
1. Create an action plan for assessing damage
2. Understand economics of repair versus replacement
3. Understand the capabilities of salvage specialists in selecting and applying relevant methods of contamination analysis
4. Understand the criteria for selecting appropriate sub-contractors for salvage operations
5. Clearly relate damage assessment to continuity of organization
c. Define restoration strategy
1. Employ a logical but relevant and practical approach to recovery requirements
2. Demonstrate ability to reduce consequential losses
3. Agree upon restoration methods for assets (e.g., equipment, electronics, documents, data, furnishings, premises, plant, computers, etc.)
4. Security
5. Human Resource and Personnel Considerations
6. Develop General Introductions or Overview
b. General information
1. Introduction
2. Scope
3. Objectives
4. Assumptions
5. Responsibility overview
6. Testing
7. Maintenance
c. Plan activation
5. Notification
§ Primary
§ Secondary
6. Emergency declaration procedures
7. Mobilization procedures
8. Damage assessment concepts
§ Initial
§ Detailed
§ Team members
d. Team organization
1. Team description
2. Team organization
3. Team leader responsibilities
e. Policy statement
f. Emergency Operations Center
b. Identify recovery functions for specific support functions
1. Personnel/human resources
2. Security
3. Insurance/risk management
4. Equipment/supplies purchasing
5. Transportation
6. Legal
c. Understand need for public relations/media communications coordinator
1. Qualifications
2. Responsibilities
d. Other specialist coordinator/team responsibilities
1. Relations/liaison with regulatory bodies
2. Investor relations
3. Relations with other involved groups (e.g., customers and suppliers)
e. Identify components of vital records program
f. Action sections
2. Recovery team
§ Personnel
§ Responsibilities
§ Resources
g. Action plans
1. Department/individual plans
2. Checklists
3. Technical procedures
b. Operating department plans
1. Essential functions
2. Information protection and recovery
3. Activation actions
4. Emergency site recovery/restoration actions
c. Components of a vital records program
d. Action sections
2. Recovery team
§ Personnel
§ Responsibilities
§ Resources
e. Action plans
1. Specific department/individual plans
2. Checklists
3. Technical procedures
Redmond Worldwide, Inc. will also test the developed processes and procedures for using, maintaining, augmenting, and providing backup for all types of communication devices required in day to day emergency response and operations and for emergency notification alert systems.
Redmond Worldwide, Inc. will develop a comprehensive exercise program that tests the ability of the leadership to quickly organize and respond to all hazardous emergencies.
Redmond Worldwide, Inc. will assist Entities in the design, facilitation, management and conducting of an exercise program that includes functional, tabletop and full field exercises.
Redmond Worldwide, Inc. shall develop, conduct and facilitate exercises, along with developing all of the materials to support the exercises.
Redmond Worldwide, Inc. will provide facilitators to prepare a written scenario narratives and a set of problem statements, directed messages, or prepared questions designed to test and evaluate a local plan and prepare a written report of the results of the test.
The scenarios will address the immediate and short-term effects of an emergency or disaster. The tests will address the response action steps of the plan and cover such areas as the immediate actions to save lives, protect property, and meet basic human needs. The scenarios will incorporate different situations to test the ability to provide response assistance to an affected area using a partial mock activation of selected ESF’s or the full mock activation of all ESF’s to meet the needs of the situation.
The Table Top Tests and Exercises will cover the situation which will be created when an ESF is activated in response to a disaster which will cause each supporting agency for the ESF to cover the operational responsibilities for the ESF. These responsibilities will include but not be limited to: supporting the ESF’s primary agency when requested, conducting operations using its authorities, and supporting the primary agency’s mission assignments.
Redmond Worldwide, Inc. shall support Entities in assessing, developing, and implementing a training/educational program for the Entities’s public/private officials and all emergency response personnel across its agencies.
Redmond Worldwide, Inc. shall conduct a training needs assessment to determine the training required to support emergency preparedness and develop a comprehensive training program based on the identified needs.
Redmond Worldwide, Inc. shall develop, conduct, and participate in training courses along with developing all of the training materials.
a. Effectively analyze complex issues
b. Employ a logical, structured approach
c. Develop an exercise strategy that
· does not put the organization at risk
· is practical, cost-effective, and appropriate to the organization
· ensures a high level of confidence in recovery capability
d. Create a suitable set of exercise guidelines
a. Define exercise objectives and establish levels of success
b. Identify types of exercises, and their advantages and disadvantages
1. Simulations and Table-Top
2. Modular
3. Functional
4. Announced
5. Unannounced
c. Establish and document scope of exercise
d. Exercise growth or expansion
e. Exercise frequency
f. Logistics and preplanning
a. Create exercise scenarios to approximate the types of incidents the organization is likely to experience and the problems associated with these incidents
b. Train team members in new roles and decision-making falling outside the normal requirements of their permanent positions
c. Exercise opening and communications, as well as logging and documentation requirements for the Emergency Operations Center
1. Reconstruction
§ Damage assessment
§ Facility
§ Equipment
§ Environment
§ Salvage/restoration (specialist services)
§ Insurance
Exercise Evaluation Criteria and Document Findings
a. Observation
b. Documentation
c. Evaluation
1. Expected versus actual results
d. Plan update requirements
a. Develop a progressive, incremental schedule
b. Set realistic time scales
c. Allocate appropriate and realistic resources
a. Understand different methods of exercising
b. Identify advantages and disadvantages of alternate exercise methods
c. Select a sound and appropriate exercise method
d. Define controls and responsibilities
e. Document exercise specifications and circulate to all parties
a. Clearly define exercise objectives and scope
b. Ensure objectives do not put the organization at risk
c. Brief participants, ensuring they understand the objectives and their roles
a. Create realistic exercise scenarios appropriate to the organization
b. Define assumptions and describe limitations
c. Identify resources required to conduct the exercise
d. Identity exercise adjudicators (umpires)
e. Provide an inventory of items required for the exercise and specifications for the exercise environment
f. Provide a timetable of events
g. Provide an alternate exercise plan to ensure that value is gained from the exercise in the event of adverse circumstances
a. Conduct and manage each exercise
b. Audit exercise actions
a. Provide a summary of events for participants
b. Provide a cogent, comprehensive summary with recommendations, commensurate with levels of confidentiality requested by exercise umpire/adjudicator or as specified by the subject organization
a. Ensure that scheduled plan maintenance addresses all documented recommendations
b. Identify actions and owners for recommendations; confirm owner acceptance
c. Confirm time schedules for completing or reviewing agreed actions
d. Monitor (and escalate where necessary) progress to completion of agreed actions
e. Identify recommendations that require specific verification through exercising
a. Periodic review
b. Key change events
c. Exercise results
a. Define ownership of plan data
b. Analyze sensitivity of particular elements to change
c. Develop suitable timeframes for amendment and/or review
d. Prepare maintenance schedules and review procedures
a. Select tools
b. Monitor activities
c. Establish update process
d. Audit and control
a. Analyze changes with planning implications
b. Set guidelines for feedback of changes to planning function
c. Develop change control procedures to monitor changes
d. Create proper version control; develop plan re-issue, distribution, and circulation procedures
e. Understand the potential implications of change on the Plan and, therefore, the requirement for exercising as required
a. Select support tools for the maintenance process
1. Understand the advantages and disadvantages of word processing plans
2. Understand the advantages and disadvantages of software support tools
3. Understand maintenance implications when selecting support tools (e.g., questionnaires, database based, or with combined features, etc.)
b. Integration with organization awareness programs
1. Identify and integrate the various factors that influence the orientation and effectiveness of the continuity program
2. Integrate and establish input to any existing organization orientation training programs
3. Integrate and arrange liaison functions with key users
a. Understand the different audit options and methods
b. Understand possible viable structures for an emergency management plan, and the methods of controlling such a plan
c.
d. Recommend and agree upon objectives and scope for the audit
a. Determine whether to conduct a preliminary study and identify appropriate method (e.g., by use of questionnaires, interviews with key personnel)
b. Develop a schedule of audit activities
c. Assess resource requirements for the audit activities
d. Prepare an audit plan
e. Prioritize audit area
f. Be aware of available techniques for auditing continuity plans, and select appropriate techniques to achieve the audit objectives
a. Devise a schedule to audit any or all the following
1. Awareness and training
2. Documentation
3. Organization
4. Vital records
5. Stand-by facilities
6. Maintenance
7. Contracts, SLAs or other commitments
8. Backup regimes
9. Suppliers
10. Exercises
11. Logistics
a. Determine if a section in the Plan addresses emergency considerations
b. Evaluate the adequacy of emergency provisions and procedures
c. Recommend improved positions if weaknesses exist
a. Determine whether the Plan is available to key personnel
b. Review update procedures
c. Demonstrate that update procedures are effective
d. Examine the provision of secure backup copies of the Plan for emergency use
e. List those individuals with copies of the Plan
f. Ensure that plan copies are current