Introduction. Overview. Every Crisis Management Team Needs a Critical Decision Checklist. Presented by Roseanne Rostron, CBCP President Raido Response

Similar documents
INFORMATION SECURITY- DISASTER RECOVERY

Florida State University

BUSINESS CONTINUITY. Topics covered in this checklist include: General Planning

Keeping it Simple Driving BCM Program Adoption Through Simplification

NUIT Tech Talk. Emergency Preparedness. March 1, Sharlene Mielke. Jay Bagley. Disaster Recovery / Business Continuity Coordinator

Appendix 3 Disaster Recovery Plan

Emergency Operations Center Management Exercise Evaluation Guide

Business continuity management and cyber resiliency

MassMutual Business Continuity Disclosure Statement

Business Continuity Planning Keeping Pace with New Technology

Table of Contents. Sample

Disaster Recovery and Business Continuity Planning (Mile2)

WHITE PAPER OCTOBER 2017 VMWARE ENTERPRISE RESILIENCY. Integrating Resiliency into Our Culture and DNA

Security Director - VisionFund International

TSC Business Continuity & Disaster Recovery Session

BCP At Bangkok Bank, Thailand

BUSINESS CONTINUITY MANAGEMENT PROGRAM OVERVIEW

Implementing a Global Business

Business Continuity Management Standards A Side-by-Side Comparison

Role of BC / DR in CISRP. Ramesh Warrier Director ebrp Solutions

Frontiers of Risk. Don t Be Afraid: Business Continuity Plan Development Only Hurts A Little!

L18: Integrate Control Disciplines to Increase Control and Save Money

ACTIVE SHOOTER RESPONSE CAPABILITY STATEMENT. Dynamiq - Active Shooter Response

Global Crisis Management at Target

For ACP-South Texas chapter program meeting in October 2012 only. Do not cite, copy or distribute without the author's consent. 1

Industrial Control System Cyber Security

Addressing Vulnerabilities By Integrating Your Incident Response Plans. Brian Coates Enaxis Consulting

Emergencies: Protecting Staff & Assets. Presented By: Tom Heebner, CSP, ARM, ABCP AVP / Risk Consultant HUB International Limited

Global Crisis Management at Target

Facilities Management and Business Continuity. 10 May 2017

Crisis Management at Disneyland Paris Eric Cosset (Disneyland Paris) 27/09/2017

UL and Business Continuity

Number: USF System Emergency Management Responsible Office: Administrative Services

People Assets Reputation

Global Security Advisor

Business Continuity - An Inside Perspective

Integration of Business Continuity, Emergency Preparedness, and Emergency Response

St. Joseph s General Hospital LOCKDOWN EMERGENCY RESPONSE PLAN

HOTEL RESILIENT Plan ahead stay ahead. With support from the German Government through

Business Continuity Planning

Natural Disaster Preparation Checklist

UF CEMP Support Group Annex: IT Group

BCP evolution at the Colombian Central Bank

CERT Organization. CERT Basic Training Unit 6

MHCC Emergency Notification System (ENS) Protocols

Business Continuity Plan Executive Overview

Keys To Disaster Preparedness

NERC Staff Organization Chart 2015 Budget

NERC Staff Organization Chart

Prepare your Emergency respons, continuity plan, recovery plan

2 ESF 2 Communications

TUFTS HEALTH PLAN CORPORATE CONTINUITY STRATEGY

Template. IT Disaster Recovery Planning: A Template

Making YOUR Organization More Efficient and Effective Through Business Continuity / Continuity of Operations Planning

Hurricane and Storm Commercial Damage Assessment

Risk Management. Continuity Management

Building a BC/DR Control Library and Regulatory Response Program

REGIONAL UTILITY COORDINATION PLAN. Portland, Oregon / Vancouver, Washington Metropolitan Area

Kodagu District Disaster Management Plan

BUSINESS CONTINUITY PLAN Document Number: 100-P-01 v1.4

3.4 DISASTER RECOVERY (L , M.3.9, comp_req_id 806)

HAMILTON COUNTY EMERGENCY OPERATIONS PLAN ANNEX L - EMERGENCY SUPPORT FUNCTION #12 ENERGY

Infocomm Professional Development Forum 2011

Data Recovery Policy

Build a viable plan for disaster recovery and crisis management.

Building resilience. Delivering assurance.

Emergency Management BC Update

NHS Gloucestershire Clinical Commissioning Group. Business Continuity Strategy

locuz.com SOC Services

2013 STRATEGIC PLANNING SCHEDULE

NERC Staff Organization Chart Budget

Loss of Control Center Functionality: EOP-008-1, CIP-008-3, CIP September 30, 2014

RESILIENCY MESSAGE MAPS

UF CEMP Support Group Annex: Public Safety

EMERGENCY SUPPORT FUNCTION (ESF) 13 PUBLIC SAFETY AND SECURITY

Cybersecurity Overview

FDIC InTREx What Documentation Are You Expected to Have?

Emergency Management BCERMS Orientation

Accessibility Policy and Multi-Year Accessibility Plan for Enterprise Holdings

BC vs. DR vs. HA vs. EM vs. RM vs. CM: is the difference only terminology?

University Information Systems. Administrative Computing Services. Contingency Plan. Overview

Disaster Recovery Planning: Is Your Plan in Place? Presented by: Steve Shofner, CISA, CGEIT

RFP Questions Guideline For Data Center Buyers

BCM Program Development

Business Continuity & Disaster Recovery

Banff Mineral Springs Hospital LOSS OF TELEPHONE EMERGENCY RESPONSE PLAN

Disclaimer Ground Rules

STANDARD OPERATING PROCEDURE Critical Infrastructure Credentialing/Access Program Hurricane Season

Global Statement of Business Continuity

Bundling Arrows: Making a Business Case for Adopting an Incident Command System (ICS) 2012 The Flynt Group, Inc.; All Rights Reserved. FlyntGroup.

BME CLEARING s Business Continuity Policy

PROTECT YOUR DATA, SAFEGUARD YOUR BUSINESS

Policy Title; Business Continuity Management Policy. Date Published/Reviewed; February 2018

Applications/Data To Include in Survey (include applications that meet one or more of the following criteria)

Implementing NFPA 3000 (PS)

VMware vcloud Air Accelerator Service

IT Audit Essentials. Date: 10 th 12 th March 2015 Time: 9 am to 5.30 pm Venue: Iverson Associates, Center Point Bandar Utama, Kuala Lumpur

WHY BUILDING SECURITY SYSTEMS NEED CONTINUOUS AVAILABILITY

Business Continuity Management Framework. (Includes Emergency, Critical and Local Incident Management)

RFP/RFI Questions for Managed Security Services. Sample MSSP RFP Template

Transcription:

Every Crisis Management Team Needs a Critical Decision Checklist Presented by Roseanne Rostron, CBCP President Raido Response Tuesday, May 9, 2006 Introduction Roseanne Rostron, CBCP - President Raido Response Over 13 years Crisis Management / Business Continuity / DR experience Certified Business Continuity Planner (CBCP) Industry experience includes Banking & Financial Services, Wireless & Data Services, Academic, Retail, Insurance, E-Commerce, Real Estate, Petroleum, Manufacturing, Utilities, and Government Consulting to Fortune 100 and Global 500 clients developing Business Continuity and Crisis Management programs Specializes in development and facilitation of tabletop and mock exercises Specializes in Executive Crisis Management Training Offers Training Workshops focused on BCP and Crisis Management. Corporate program trainer & public speaker Overview This session will discuss the process for: Creation of a critical decision checklist Elements of the checklist: Shelter in place vs. evacuation protocols Critical timeline Roles, Responsibilities / Activities Use in crisis management exercises Include examples 1

Purpose What is a Critical Decision Checklist? Who uses it? How do you use it? Where do you keep it? When do you use it? This is NOT a Critical Decision List Crisis Management Team Players Strategic vs. Tactical roles 2

Command Center Operations Example Crisis Management Team Subject Matter Experts Chairperson Deputy Chairperson Executive Executive -- --- CEO COO CIO CFO KEY DECISION MAKERS Crisis Coordinator ------ CM / BCP Support Team Info Coor. Support Team Documentation, Catering, Coordination, Supplies Onsite Incident Commander --------------------------- Incident Info Core Advisors Communications Internal / External Human Resources Triage / Headcount IT Systems / Network Facilities Assets / Logistics Security Security / Info Creating the Critical Decision Checklist Be clear about your Goals & Objectives Goals: Snapshot of Crisis Management Plan (CMP) Executive checklist Exercises Objectives: Outlines critical immediate decision considerations Timeframe for decisions Considerations Who are your players? What types of decisions are key? Think Keep it Simple How are decisions affected during non-bus? What about events out of span of control? How are decisions affected by Shelter In Place (SIP) or Evacuation? 3

Goals & Objectives Example Focuses on the immediate management actions of the Crisis Management Team. Identifies critical crisis actions that need to be considered and may need to be implemented at time of crisis. Contains a decision timeline protocol for evacuation, and shelter-in-place events. Is an easy to use, portable tool that contains critical information that the Crisis Management Team will use as a guide during a crisis. Used as guide during exercises Shelter in Place vs. Evacuation Evacuation Protection against fire, smoke, etc. (internal) Disruption to business / facilities Movement of people to 2 floors below CMT evacuates with staff Shelter in Place / Non-Evacuation Protection against contaminated air, severe weather, utility outages, etc. (external) No serious disruption to business Movement of people to safe location in building (s) Sealing of building Considerations Physical facility constraints Ability to lockdown (SIP) Air intakes (SIP) Glass lobbies (SIP) Span of control Building Management (Evacuation & SIP) Local Authority Control / Emergency Declarations (Evacuation & SIP) People (Evacuation & SIP) Security of Command Center (Evacuation & SIP) Logistics Food / Water (SIP) Transportation (Evacuation) Emergency lighting (SIP) Hygiene (SIP) 4

Evacuation / Shelter in Place Example Evacuation Decision Protocol: Notifications (CMT) Initial Assessment / Decision Communications / Public Address System Evacuation / Rendezvous points headcount Resource Management Staff Assessment Damage Assessment Shelter In Place Decision Protocol: Notifications (CMT) Resource Management Seal Building / Contact Building Mgmt Coordination with Local Authorities Staff Communications Staff Assessment Critical Time Line Define your critical time line 0-15 minutes 15 min - 1 hour 1-4 hours First Day Immediate Response Process / Focus on critical priorities People Facilities Recovery Process / Focus on business priorities Business Reputation Considerations Organization priorities Use of tools Notification tools Virtual Command / Command Center Communication tools Recovery Time Objectives (RTOs) Business criticalities? 5

Critical Time Line Example Immediate Response Process (0 30 minutes?) Notifications voice / email / SMS blasts People / Safety evacuation, security, local authorities, triage Initial Assessment first CMT meeting Communications (staff, external, regulators, vendors) blasts, websites, staff Resource Management primaries / alternates Damage Assessment Security, Facilities, HR, IT Declarations - IT Recovery Process (1 8 hours?) Press statements spokesperson prep, hotel setup Vendor contacts critical support / outsourcing Ongoing Communications - status Logistics hotels, recovery sites Business Priorities primary business functions, regulations, tiers (1, 2, 3) Critical staff remote access, standby, support roles Insurance business interruptions, damage assessment, assessors Personal belongings security, local authorities, logistics, communications Security - ongoing Roles, Responsibilities / Activities Remember what roles responsible for: Chairperson drives decision process Executives key decision makers Security safety / incident information / liaison to authorities Communications internal / external / customers HR triage / headcount / next of kin Facilities damage assessment / lockdown / bldg mgmt / vendors Crisis Coordination process expert / program mgmt / support Command Center Support Team command center / tools SMEs areas of business / business impacts Resulting Critical Decision Checklists 6

Evacuation Complete Protocol Timeline Role Activity Crisis Alert 0-20 minutes Chairperson / Crisis Coordinator / Security CMT Activation Initial Assessment 0-20 minutes CMT / Crisis Coordinator / Security Decision to Evacuate Evacuation 0-20 minutes Security Activate Public Address System Tool Activation 0-20 minutes Command Center Team Conference Bridge / Notification Tool / Emergency Website Communications 0-20 minutes Communications Notification to Staff to Evacuate Command Center Setup 0-20 minutes Command Center Team Information Management Activate / Monitor Employee Bridge 0-20 minutes Human Resources Headcount Coordinate with Local Authorities 0-20 minutes Security Triage 0-20 minutes Human Resources Injured Employees / Evacuation / Search & Rescue Activate Triage Volunteers to Assist Affected Staff Resource Management 20-60 minutes CMT Activate Alternates as Required Staff Assessment 20-60 minutes Human Resources / SMEs Affected / Injured Staff Damage Assessment 20-60 minutes Security / Facilities / IT Status of Impact Disaster Declaration 20-60 minutes IT Declare Disaster / Activate Recovery Site (s) Status 1-2 hours Communications Update Emergency Website / Status Update Status 1-2 hours Human Resources Update Missing Employees Status Status 1-2 hours Security Pull Turnstile / Staff Lists for Facilities Status 1-2 hours Human Resources Account for Traveling Staff Notify Regulators 1-2 hours CMT / Compliance / Risk Notification to Regulators of Impact Media Statement 1-2 hours Communications Media Statement as Required Secure Facilities 1-2 hours Facilities / Security Secure Affected Site (s) Management Meetings 2-4 hours CMT / Senior Management SMEs Senior Management Briefing / Define Critical Staff & Business Priorities Press Conference 4-8 hours Communications / Corporate Spokesperson Hold Press Conference / Prep Corporate Spokesperson Shelter In Place C om plete Protocol Tim eline R ole Activity Crisis Alert 0-20 minutes Chairperson / Crisis Coordinator / Security CMT Activation Initial Assessment 0-20 minutes CM T / Crisis Coordinator / Security Initial Determination Communications 0-20 minutes Communications Em ail Staff M essage to R em ain Inside / PA System / Intranet Website Conference Bridge Activation 0-20 minutes Command Center Staff / CMT Activate Conference Bridge Command Center Setup 0-20 minutes Command Center Team Information Management Coordinate with Local Authorities 0-20 minutes Security Event Status Information Resource Management 20-60 minutes CMT Activate Alternates as Required Staff Assessment 20-60 minutes Human Resources / SMEs Monitor Staff Response Seal Building (s) 20-60 minutes Security / Facilities / Building M anagement Seal Building / Shutdown Air Intakes Communications 20-60 minutes Communications Event Status Information / Update from CMT Enforce Shelter In Place 20-60 minutes Security / Facilities / Building Management Secure Entrances / Elevators / Stairwells Update Intranet W ebsite / E mail Staff / PA Status 1-2 hours Communications System Status 1-2 hours Human Resources / SMEs Coordinate Staff Meetings Secure Building (s) 1-2 hours Security / Facilities / Building Management Post Notices on Doors Establish Provision D istribution U nlock Vending Areas / Post Security / Notify 1-2 hours Security / Facilities / Building Management Areas Staff of Access / Distribute Water Status 1-2 hours Human Resources Account for Traveling / Missing Staff Inform Organization 1-2 hours CMT Notify Global / Regional Business Management Meetings 2-4 hours CMT / HR / Senior Management SMEs Senior Management Briefing Provide Provisions 2-4 hours Security / Facility / Building Management Monitor & Distribute Provisions Address Staff Issues / Activate Volunteers as Triage 4-8 hours HR / SM Es R equired Monitor Washrooms 4-8 hours Facility / Building Management Address Sanitation / Water Availability Issues Use in Crisis Management Exercises Practice using Critical Decision Checklist Get Crisis Management Team Feedback on Critical Activities Augment Checklist as Result of Activity Put Checklist to the test! 7

Considerations Visual Support for Command Center Create Wall Chart of Checklist Include in Exercises Alternates Building Management OEM / Local Authorities Command Center Team Use tools Monitor how CMT responds to Support / Tools Use of strategies Monitor how Crisis Management Team uses DR / Work Area / Logistics How to Present to CMT Consider audience Will not carry large book when traveling Need just critical information Contact information & numbers Wallet cards Critical decisions - Checklist Summary Roadmap of critical decision CONSIDERATIONS Keeps Crisis Management Team on track Helps manage stress Ensures critical decisions are not overlooked Provides critical timeline Straightforward presentation (checklist) Hybrid of Crisis Management Plan Executive focus (think like an executive) Keep it simple Remember to use in Training Exercises Build your Critical Decision Checklist! 8

Q & A Contact Information Roseanne Rostron, CBCP President Raido Response www.raidoresponse.com info@raidoresponse.com 201.281.7225 office 866.614.7460 fax Website Training Link: http://www.raidoresponse.com/registration.asp 9

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback