comprehensive emergency management program
TRANSCRIPT
Comprehensive Emergency Management
Presented by Steve Davis
Principal, DavisLogic & All Hands Consulting
“Stuff” Happens
How do we manage the next emergency?
Are We Ready For Anything?
Eighty-one per cent of CEOs say that their company's plans were inadequate to handle the myriad of issues arising from the World Trade Center tragedy
Worst Case Scenario
“Plan for the worst possible event and then deescalate your strategies and procedures based on the impact of the threat.”
- Mark Weimerskirch, Emergency Management Coordinator
General Motors Global Headquarters June 1, 2000
What is a Comprehensive Emergency Management Program (CEMP)?
Emergency Management is the process of mitigating threats and preparing for,
responding to, and recovering from an emergency.
Planning is only one component of a CEMP. All hazards, mitigation, preparedness, training, testing, and coordination are all equally important activities.
Emergency Planning Concepts
Incident Command System (ICS/SEMS)All Hazards AddressedAll-inclusive – Everyone ParticipatesEmergency Response CoordinationEffective Crisis CommunicationTraining for Responders and EmployeesDisaster Recovery Communication and Information Sharing
What Does Comprehensive Emergency Management Include?
Comprehensive Emergency Management
Contingency Planning Disaster Recovery
Security Business Continuity/Recovery
Crisis Management Centers
CEMP Plan Components
CEMP MitigationDisaster Recovery
Business Continuity
Business Resumption
Contingency Planning
ObjectivePrevent or Reduce Impact
Critical Computer Apps
Critical Business Processes
Process Restoration
Process Workaround
Focus PreventionData Recovery
Process Recovery
Return to Normal
Make Do
Example
EventFlood Proofing
Mainframe or server failure
Laboratory Flood
Building FireLoss of Application
Solution Check ValveHot Site Recovery
Dry Out & Restart
New Equip. New Bldg.
Use Manual Process
Planning Process
Assess - identify and triage all threats (BIA)Evaluate - assess likelihood and impact of each threatMitigate - identify actions that may eliminate risks in advancePrepare – plan for contingent operations Respond – take actions necessary to minimize the impact of risks that materialize Recover – return to normal as soon as possible
Building a CEMP Plan
Business Impact Assessment
Identify critical systems, processes and functions;
Establish an estimate of the maximum tolerable downtime (MTD) for each business process;
Assess the impact of incidents that result in a denial of access to systems, services or processes; and,
Determine the priorities and processes for recovery of critical business processes.
BIA Review Factors
All Hazards Analysis Likelihood of Occurrence Impact of Outage on Operations System Interdependence Revenue Risk Personnel and Liability Risks
Risk Analysis MatrixP
rob
abil
ity
of
Lik
elih
oo
d
Severity of Consequence
High
Medium
Low
Low Medium High
Area of Major
Concern
Type of Prob- Human Property Business Mitigation Internal External
Hazard ability Impact Impact Impact Activities Resrcs Resrcs Total
Flooding 5 4 5 5 2 2 3 4.4Windstorm (IncludingTornado) 3 4 5 3 3 3 3 2.9Explosion 1 5 5 5 2 2 3 2.9Hardware/Software Failure 5 1 3 5 3 4 4 2.9Hazardous Material Incidents 4 3 2 4 3 2 3 2.8Terrorist Acts 1 5 4 4 1 2 2 2.7Fire 3 4 4 4 4 3 5 2.6Workplace Violence 3 5 2 3 1 4 4 2.4Loss of Lifelines 4 1 3 5 4 4 4 2.3Hurricanes and Tropical Storms 3 3 3 3 4 2 2 2.3Winter Storm 3 2 2 4 2 2 3 2.2Transportation Accidents 4 2 2 3 4 3 2 2.2Loss of Key Supplier/Customer 3 1 1 4 1 1 1 2.2Computer Crime or Attack 3 1 2 5 3 4 4 1.8Communications Failure 3 1 1 5 3 3 4 1.7Radiological Accident 2 4 1 4 3 4 3 1.7Civil Disturbance 1 3 4 3 2 3 4 1.6Earthquake 1 3 3 3 2 2 4 1.5Crime 2 2 2 1 4 4 4 0.6
Hazard Vulnerability Analysis Chart
Score based on a scale of 1 to 5 with 5 being the highest
Review External Dependencies
Suppliers
Contractors
Vendors
Your Organization
Clients / Customers
Conduit Organizations
Sister Businesses
Infrastructure Dependence (power, telecom, etc.)
System Up Time (computing, data,networks, etc.)
Develop Scenarios
How bad will the “big one” be? Loss of Lifelines? Supply Chain Disruptions? Civil unrest?
Develop various scenarios and pick which ones to plan for.
Developing Strategies
1. Understand alternatives and their advantages, disadvantages, and cost ranges, including mitigation and mutual aid as recovery strategies.
2. Identify viable recovery strategies with business functional areas.
3. Consolidate strategies.4. Identify off-site storage requirements and
alternative facilities.5. Develop business unit consensus.6. Present strategies to management to obtain
commitment.
Contingency Planning Process Phases
Assessment - organizing the team, defining the scope, prioritizing the risks, developing failure scenarios
Planning - building contingency plans, identifying trigger events, testing plans, and training staff
Plan Execution - based on a trigger event, implementing the plan (either preemptively or reactively)
Recovery - disengaging from contingent operations mode and restarting primary processes of normal operations by moving from contingency operations to a permanent solution as soon as possible.
It’s Not Enough Just to Plan
Use focus groups and brainstorming Seek “what can go wrong” Find alternate plans & manual work arounds Find innovative solutions to risks
Plans must be exercised Hold table top exercises for disasters Conduct “fire drills” of plans Train staff for action during emergencies
Emergency Management
Work with local and regional disaster agencies and business associations
Assess special problems with disasters Loss of lifelines Emergency response
Review and revise existing disaster plans
Look for new areas for disaster plans
Include Disaster Recovery Planning
Emergency Support Functions
1 Laws And Authorities 2 Hazard Identification And Risk Assessment 3 Hazard Management 4 Resource Management 5 Planning 6 Direction, Control And Coordination 7 Communications And Warning 8 Operations And Procedures 9 Logistics And Facilities 10 Training 11 Exercises 12 Public Education And Information 13 Finance And Administration
Capabilities Assessment for Readiness Benefits
Identify existing strengths and weaknessesEvaluate the current state of readinessDevelop strategic plans to improve identified weaknesses for terrorism and other threatsJustify existing program staffing and budgetDemonstrate need for additional program development resources, e.g. staff, budget, support from other community agencies, etcSupport professional development and accreditation programs
Using the Incident Command Structure
Background
The Incident Command System in use today is an outgrowth of California’s FIRESCOPE program developed in the 1970s to improve management of large wildfires. It was designed to provide a commonly accepted management structure that would result in better decisions and more effective use of available resources. It was specifically designed for incidents that involve many local, state, and federal agencies and multiple political jurisdictions.
ICS Features
Standard OrganizationIncident Facilities Incident Action Plan Span Of ControlUnity of CommandCommon Responsibilities
Common ICS Terminology
Organizational Functions: Operations, Intelligence, Logistics, and Finance. Functions pre-designated and named for the ICS.
Resources: Refers to the combination of personnel and equipment
used in response and recovery.
Facilities: Common identifiers used for those facilities in and around
the incident area which will be used during the course of the incident. These facilities include the command center, staging areas, etc.
Modular Organization
ICS's organizational structure is modular.
As the need arises, functional areas may be developed.
Several branches may be established.
Structure based upon the needs of the incident.
One individual can simultaneously manage all major functional areas in some cases.
If more areas require independent management, someone must be responsible for that area.
Typical EOC Organization
P u b lic In fo rm ationE xte rn a l R e la tion s
In fo rm ation Tech n o log yA n a lys is
V u ln erab ility an dTh rea t A ssessm en tC on tin g en cy P lan s
P lan n in g
C os tTrack in gP o lic ies
A d m in /F in an ce
S u p p liesR esou rces
L og is tic s
In fras tru c treP rocesses
L in e-o f-B u s .L ife S a fe ty
O p era tion s
E m erg en cy M an ag er
C h ie f E xecu tive
Emergency Response and Recovery Teams
Incident Commander
SAFETY
Liaison
PublicRelations
LOGISTICS OPERTATIONS PLANNINGFINANCE
MEDICALUNIT
SECURITYFACILITIES
FOOD
COMMUNICATIONS
SUPPORTSERVICES
TIME
COST
DOCUMNETATION
Cisco’s EOC
Based on the Incident Command System
Incident Commander
In Charge At The Incident
Assigned By Responsible Jurisdiction Or Agency
May Have One Or More Deputy Incident Commanders
May Assign Personnel For Command Staff & General Staff
EOC Manager
Manages the EOC - not the incident
Makes sure everything is working
Maintains a safe environment
Optimizes efficiency
Facilitates and coordinates
Solves problems
EOC Staff Members
Check-in with the EOC Manager. Review the situation report (sit reps) and incident
logs. Make sure that your name is listed on the current
EOC organization chart. Review the staff Operating Guide (SOG) and set
up your work station. Start an incident log which details your actions
(chronologically.)
Ready to Roll?
Keys to Success
Vulnerabilities Clearly IdentifiedComprehensive Plan in PlacePlan Understood, Communicated and Updated Tested quarterly Adequately funded
Management Strategies
Lead a top-notch teamUpdate risk/threat assessmentsAssess all hazards and risksComplete and test contingency plans Design a robust Command CenterDrill the Command CenterImplement a system for command, control, communication, and intelligence
The Challenge of Coordination
Event Information Tracking
1. Stakeholder notices possible disruption
2. Alert message sent to the Command Center
3. Alert message evaluated by response managers
4. Incident Log opened to track each event
5. SOPs implemented using checklists
6. Tasks assigned according to plan
7. Resource allocation tracked in log
8. Task performance tracked in log
9. Status briefings and updates to stakeholders
External
Your Organization
CommandCenter Organization
Emergency Response Teams
Post toOperations Log
Task Assigned
ExecutiveBriefing
IncidentResponse Mgm’t
Plan ResponseTasking
TaskTracking
Stake-holders
Public
PublicRelations
ExecutiveGroup
ContingencyPlan Activated SOP Checklist
Activated
ProceduresImplemented
TeamsDeployed
PersonnelResourcesAssigned
Resources
PerformanceTracked
IncidentEstablished
EmergencyInput
Command Center Information Flow
Employee Customer Contractor Call Center ERT
State/FedGovt.
Local Govt.
Supplier
Other Businesses
Vendor
The Ideal Information System
Easy to use and robust information and decision management system
Central command and control Early alert communications function Event tracking and logging SOP and automated check lists Resource management Documentation of response actions for due
diligence
Elements of a Good Plan
Prevention, Response, Recovery, Remediation, Restoration
Top Priorities addressed first
Elements of a Good Plan
Action Plan responsibilities clearly definedCommunication alternatives are consideredRedundancies are in place
Elements of a Good Plan
Product sources are identified
Personnel sources are identified
For More Information
Contact:
Steve Davis, Principal
All Hands Consulting
AllHandsConsulting.com
Steve@ AllHandsConsulting.com