X Organization

Business Continuity Plan

Incident Action Team -Administration and Control

Introduction and Purpose / This section of the plan addresses authority and control procedures that are to be followed during a business interruption/crisis. This chapter sets forth the Decision Authority, Financial Authorities, Chain of Authority/Line of Succession, Plan Activation Process, and detail table of the Incident Action Team and their procedures.
Decision Making Authority:
The Executive Director
The Declaration Team / Authority to declare a disaster is a crucial element of the plan and is assigned to a restricted number of individuals within the organization. They are known as the Declaration Team.
The Executive Director has authority over decisions made by the organization in a business interruption.
Authority to declare a disaster rests with the following individuals who make up the Declaration Team::
Once the plan is activated – or the alert is issued - the Disaster Response Coordinator convenes the Incident Action Team(“Emergency Management Team”) and the Disaster Response Coordinator is responsible for coordinating the plan.
Financial Authority / Financial authority is retained to those individuals as stated in the operations manual. However, required large purchase authorizations are expedited to the Incident Action Team during Recovery Phase operations.
The Administrative Recovery Team is responsible for monitoring and controlling disaster related expenses during the recovery process. All disaster related expenses will be controlled through the accounts and cost centers on the general ledger. A disaster event may cause circumstances where normal purchasing policies cannot be followed due to the need to quickly obtain equipment and supplies. Whenever possible, purchasing policies should be followed. In the event of a disaster, certain team members will have the authority to purchase emergency supplies based on the following policies:
For a vendor that is currently under contract, the maximum is _____. For a vendor that is not under contract, the maximum is $__5,000____.
The team members that will have this authority are:
Plan Activation Process
Step 1:
Pre-Crisis Stage
Involving the Declaration Team
Activation Matrix
Step 2:
Active Stage
(Plan is activated)
Disaster Declaration
The Incident Command System
The Incident Action Plan (IAP) as the tool used
Step 3: Create and Communicate through the IAP / The Declaration Team formally declares an emergency declaration if it concludes that damage to the organization and its critical services and/or infrastructure significantly disrupts the normal course of business. This is done for safety, insurance and financial reasons. If at all possible the declaration should be in writing, but if the nature of the event is such that it is not immediately possible to do so, they must follow-up at the earliest possible opportunity to do so in writing and include the date and time and reason for the declaration.
X organization uses a category ranking system (Level 0-Level 3) to determine emergency levels to guide the Declaration Team and Disaster Response Coordinator in assessing and activating emergency procedures.
Two stages exist in x’s declaration team process: the pre-activation stage and the activation stage. The stages are determined by the assessment of the severity of the pending or current business interruption.
  1. Pre-Activation Stage:
Key Features:

Key Players:

Decision making rests with the Declaration Team

  • No declaration has been issued
  • Emergency Management Team and Plan has not been activated

During this stage, the Executive Director and the Declaration Team are focused upon the following:

Assessing scale of impact (scope)

Assessing likely impact upon organization (reputational, financial)

Protection of Personnel

Containment of Incident

Decide optimum actions

Senior Other staff are involved on an as needed basis using relevant sections of the plan.

  1. Assessing the Impact and Scope of the Incident
The Interruption Declaration Team assesses the scale and potential impact using the Activation Matrix and asking the following questions and mapping their likely impact.
Questions:
  1. Life Safety/People: Is there a life safety issue? Is there an impact for our people?
  2. Facilities: What is the risk to the x offices?
  3. Technology: What is the impact upon our ability to do work if there is a disruption of our critical technology?
  4. Clients: How does the event impact our customers?
  5. Financial/Reputational Impact: Does the situation have a significant financial impact for X? For our reputation?
Stakeholder / Life/Safety Issues / Facility / Technology / Financial / Brand
X org
City
Region (i.e. floods)
Nation (i.e. 9/11)
International (i.e. financial crisis)

2.Active Stage:

Key Features:

Key Players: Incident Action Team/Emergency Management Team activated

Disaster Response Coordinator acts as “Incident Commander”

  • Incident Action Plan (IAP) created
  • Recovery Teams activated and implement responses to objectives issued in the Incident Action Plan

At this point, the Incident Command System is utilized and the organization’s response occurs through the decision making, problem solving, and communication of the Incident Action Plan (IAP).

As a planning and action process and documentation, the IAP is concerned with:
  1. The overall incident status and strategy to resolve crisis and return to normal
  2. Specific strategic objectives and any necessary supporting information
  3. Assignment of responsibility for each objective
  4. The length of the operational period
The IAP can be either oral or written, ideally written. Additions and attachments are added to the original IAP through the resolution of the interruption.

The core objectives of x’s Incident Action Plan include: Command; Control; Collaboration; Coordination; Communication; Consistency.

Creating The IAP:
The Declaration Team responds to the emergency by using the IAP and communicating to the Emergency Management Team individuals and teams named in the plan. The steps include:
  1. Assess the incident situation, reporting the status of the event.
  2. Establish strategic objectives. Ensure necessary resources are available to complete the tasks.
  3. All objectives are assigned to a team or an individual.
  4. The operational period is determined.
  5. The plan is communicated to all identified stakeholders.
Form IAP is used as a template. It is found in the software in the folder labeled “important documents.”
Emergency Categories
Roles and Functions
The Disaster Response Coordinator
The DRC as
“Incident Commander”
Emergency Management Team (EMT)
Emergency Operations Center
Location / Executive management will use the following categories in determining whether to issue a disaster declaration.

Emergency Level

/

Definition

/

Examples

Level 0

/

An emergency that is handled as “business as usual.”

/

Medical emergency

  • Short term building evacuation

Level 1

/

An event that occurs in only one department and does not require a response beyond the capability of that department.

  • An emergency that is limited in scope and can be addressed by the normal response of the organization.
  • Event mitigation is expected to require less than 8 hours and will not require relocation to an alternate facility
/

Contained fire

  • Temporary power outage
  • Workplace incident
  • Potential severe weather
  • Potential for Adverse Impact to Reputation
  • Minor loss of critical business systems (e.g. Hardware of Software failures(s).
  • Minor loss of utilities
  • Minor loss of facilities

Level 2

/

An emergency that is moderate to severe in scope.

  • Human life or property harmed and involves coordination with external public authorities.
  • Event mitigation is expected to require less than 48 hours and will not require relocation to an alternate facility
/

Potential of Extended Power Outage.

  • Severe weather
  • Facility damage (i.e. Moderate fire that closes parts of a building)
  • Loss of Data and Telecommunications across org.
  • Data Compromise
  • Moderate impact to customer service

Level 3

/

A catastrophic disaster that has severely damaged the office requiring relocation of staff and/or severe disruption of services

The event is catastrophic in scale and affects the office location and surrounding community as well and prevents access.

  • The severity of the event is high and the duration could last several days.
/
  • Extended loss of critical business systems (e.g. Hardware of Software failures(s))
  • Extended loss of utilities
  • Extended loss of facilities
  • Significant impact to customer services
  • Event mitigation is expected to require more than 48 hours and could require relocation to an alternate facility

Tornado

  • Data/Telecommunications loss or compromise.
  • Extended utility outage

The Disaster Response Coordinator (DRC) heads the Emergency Management Team.

The DRC during a declaration acts as the “Incident Commander” whose role is that of being the front-line management of the incident, for tactical planning and execution. The Incident Commander oversees the technical aspects of the response as outlined in the Incident Action Plan.

In addition, the DRC, acting as Incident Commander:

  • ensures that entire Emergency Management Team has been notified to meet at the designated meeting place.
  • oversees the Emergency Management Team and all functions
  • supports implementation of the Incident Action Plan, overseeing all incident response activities
  • meets with the team to review their assessment the activities of the recovery teams.
  • declares that the incident is “over”
  • reports to the Emergency Management Team on a regular basis on the status of recovery activities.
  • on an hourly basis, or other appropriate interval, updates the recovery status information message on the various communication channels.
  • keeps the plan updated and accurate and is responsible for maintaining the distribution list
  • provides an intentional training schedule and testing schedule.
When the command center is activated, the following sequence of items the Incident Commander facilitates the process, using the following guidelines:

ofact gathering

oprocedures for interaction with public authorities

osituation evaluation

odecide optimal actions

oaction selection

oissuance of instructions

omonitoring of progress

  • scheduled time for next meeting
The EMT controls all incident-related activities and functions to provide support and resources in the effort to recover and resume normal operations. The team is convened in the emergency and is coordinated by the DRC who is in command of the response.
The Emergency Management Team is charged with developing procedures and plans to:
  • Gain control of problem situations early;
  • Prevent an operational outage from significantly impacting customers and users;
  • Gather critical information into a central repository;
  • make decisions effecting the organization and the safety of its employees;
  • Reduce risks to essential information resources;
  • Recommend preventative measures;
  • Make decisions in advance of a crisis; and
  • Test frequently.

A primary Emergency Operations Center (EOC) will be established if the Incident Action Plan is activated. The primary location is:

If the disruption affects the corporate office, the alternative EOC location is Ideally the Team will assemble at the EOC and stay for the duration of the event.

The tertiary location will be communicated in the crisis communications plan if the first two options are affected.

Business Continuity Plan AuC Page 1 of 7 Version Control # 0001

Date Issued: January 2011

X Organization

Business Continuity Plan

Incident Action Team -Administration and Control


Business Continuity Plan AuC Page 1 of 7 Version Control # 0001

Date Issued: January 2011