 |
 |
 |
 |
 |
 |
 |
 |
| Back to Global DesignIT | |||||||
Disaster Recovery |
BUSINESS CONTINUITY PLANThis is an example template of a Business Continuity Plan/Disaster Recovery To Page the BCMT Duty Person: Duty Person To just leave phone number To leave an 80 character message Number to call back dial: call ______________and give PIN # 1 2 For recorded disaster recovery status reports and announcements during the emergency call: _________
Table of Contents Overview of the Business Continuity Plan 3 Purpose 3 Assumptions 3 Development 4 Maintenance 4 Testing 4 Organization of Disaster Response and Recovery 4 Administrative Computing Steering GDIT 4 Business Continuity Management Team 5 Business Continuity Management Team 5 Institute Support Teams: 6 Disaster Response 7 Disaster Detection and Determination 7 Disaster Notification 8 Initiation of the Institute's Business Continuity Plan 8 Activation of a Designated Hot Site 8 Dissemination of Public Information 9 Disaster Recovery Strategy 9 Scope of the Business Continuity Plan 11 Category I Critical Functions 11 Category II Essential Functions 11 Category III - Necessary Functions 11 Category IV - Desirable Functions 11 Part III. Team Descriptions 12 Institute Support Teams 14 Business Continuity Management Team 14 Damage Assessment/Salvage 15 auditors 16 GDIT News Office - Public Information 17 Insurance 19 Telecommunications 20 Part IV. Recovery Procedures 21 Notification List 21 To reach the BCMT Duty Person: 22 Business Continuity Management Team Coordinator 25 Damage Assessment/Salvage 26 Salvage Operations 27 auditors 28 GDIT News Office - Public Information 29 Insurance Team 31 Telecommunications 32 Appendix A - Recovery Facilities 33 Emergency Operations Centers 33 Appendix B - Category I, II & III functions 34 Appendix C - Plan Distribution List 35 Business Continuity Management Team 37 BCMT Duty Person Procedures 38 GUIDE TO BCMT ACTIVATION 39 Part I. IntroductionPart I contains information about this document, which provides the written for a generic diaster recovery plan arouond Technology Business Continuity Plan. How To Use This DocumentUse this document to learn about the issues involved in planning for the continuity of the critical and essential business functions, as a checklist of preparation tasks, for training personnel, and for recovering from a disaster. This document is divided into four parts, as the table below describes. Part Contents I Information about the document itself. II Design of the Plan that this document records, including information about the overall structure of business continuity planning at GDIT. III General responsibilities of the individual Institute Support Teams that together form the Business Continuity Management Team, emphasizing the function of each team and its preparation responsibilities. IV Recovery actions for the Institute Support Teams and important checklists such as the notification list for a disaster and an inventory of resources required for the environment. [Note: If a "disaster" situation arises, Section IV of the Plan is the only section that needs to be referenced. It contains all of the procedures and support information for recovery.] Audience This document addresses several groups within the GDIT central administration with differing levels and types of responsibilities for business continuity, as follows:
It should be emphasized that this document is addressed particularly to the members of the Business Continuity Management Team, since they have the responsibility of preparing for, responding to, and recovering from any disaster that impacts GDIT. Part III of this document describes the composition of the Business Continuity Management Team in detail. Distribution As the written record of the Institute's Business Continuity Plan, this document is distributed to each member of the Business Continuity Management Team, including members of the Institute Support Teams.( Appendix C - Distribution List Page -33) It is also distributed to members of the Administrative Computing Steering GDIT, FARM Team Coordinators, Information Systems Directors and others not primarily involved with the direct recover effort.. Part II. Design of the PlanPart II describes the philosophy of business continuity planning at GDIT generally, and the kind of analysis that produced this Plan. It also provides an overview of the functions of the Business Continuity Management Team in implementing this Plan. Overview of the Business Continuity PlanPurposeCorporations and organizations are increasingly depending on computer-supported information processing and telecommunications. This dependency will continue to grow with the trend toward decentralizing information technology to individual organizations. The increasing dependency on computers and telecommunications for operational support poses the risk that a lengthy loss of these capabilities could seriously affect the overall performance of the Institute. A risk analysis which was conducted identified several systems as belonging to risk Category I, comprising those functions whose loss could cause a major impact to the Institute within __ hours. It also categorized a majority of Institute functions as Essential, or Category II - requiring processing support within ______ week(s) of an outage. This risk assessment process will be repeated on a regular basis to ensure that changes to our processing and environment are reflected in recovery planning. GDIT recognizes the low probability of severe damage to data processing telecommunications or support services capabilities that support the Institute. Nevertheless, because of the potential impact to GDIT, a plan for reducing the risk of damage from a disaster however unlikely is vital. The Institute's Business Continuity Plan is designed to reduce the risk to an acceptable level by ensuring the restoration of Critical processing within __ hours, and all essential production (Category II processing) within _______ week(s) of the outage. The Plan identifies the critical functions of GDIT and the resources required to support them. The Plan provides guidelines for ensuring that needed personnel and resources are available for both disaster preparation and response and that the proper steps will be carried out to perGDIT the timely restoration of services. This Business Continuity Plan specifies the responsibilities of the Business Continuity Management Team, whose mission is to establish Institute level procedures to ensure the continuity of GDIT's business functions. In the event of a disaster affecting any of the functional areas, the Business Continuity Management Team serves as liaison between the functional area(s) affected and other Institute organizations providing major services. These services include the support provided by Physical Plant, security provided by the auditors, and public information dissemination handled by the GDIT News Office, among others. AssumptionsThe Plan is predicated on the validity of the following three assumptions:
It should be noted however, that the Plan will still be functional and effective even in an area-wide disaster. Even though the basic priorities for restoration of essential services to the community will normally take precedence over the recovery of an individual organization, the Institute's Business Continuity Plan can still provide for a more expeditious restoration of our resources for supporting key functions.
DevelopmentGDIT's Information Security Officer, with assistance from key Institute support areas, is responsible for developing the Institute's Business Continuity Plan. Development and support of individual FARM Team Plans are the responsibility of the functional area planning for recovery. MaintenanceEnsuring that the Plan reflects ongoing changes to resources is crucial. This task includes updating the Plan and revising this document to reflect updates; testing the updated Plan; and training personnel. The Business Continuity Management Team Coordinators are responsible for this comprehensive maintenance task. Quarterly, the Business Continuity Management Team Coordinators ensures that the Plan undergoes a more formal review to confirm the incorporation of all changes since the prior quarter. Annually, the Business Continuity Management Team Coordinators initiates a complete review of the Plan, which could result in major revisions to this document. These revisions will be distributed to all authorized personnel, who exchange their old plans for the newly revised plans. At that time the Coordinators will provide an annual status report on continuity planning to the Administrative Computing Steering GDIT. TestingTesting the Business Continuity Plan is an essential element of preparedness. Partial tests of individual components and recovery plans of specific FARM Teams will be carried out on a regular basis. A comprehensive exercise of our continuity capabilities and support by our designated recovery facilities will be performed on an annual basis. Organization of Disaster Response and RecoveryThe organizational backbone of business continuity planning at GDIT is the Business Continuity Management Team. In the event of a disaster affecting an GDIT organization or its resources, the Business Continuity Management Team will respond in accordance with this Plan and will initiate specific actions for recovery. The Business Continuity Management Team is called into action under the authority of the Administrative Computing Steering GDIT which has the responsibility for approving actions regarding Business Continuity Planning at GDIT. Administrative Computing Steering GDIT
Business Continuity Management TeamFor the business continuity of GDIT systems, two organizations are primary: the Business Continuity Management Team, with its Institute Support Teams, and the Functional Area Recovery Management (FARM) Team for the area affected. In the event of a disaster, the BCMT provides general support, while the FARM Team is concerned with resources and tasks integral to running the specific functional area. This section provides general information about the organization of recovery efforts and the role of the Business Continuity Management Team. Part III of this document describes the Business Continuity Management Team and the responsibilities of each Institute Support Team in detail. Business Continuity Management Team.
Institute Support Teams:Under the overall direction of the Business Continuity Management Team, support is provided to assist a functional area's recovery by Institute Support Teams. These teams, described below, work in conjunction with the FARM Team of the area affected by the problem condition to restore services and provide assistance at the Institute level. In many cases, the organizations comprising these support teams have as their normal responsibility the provision of these support services. This support is generally documented in a procedures manual for the organization. The Business Continuity Plan is an adjunct to that documentation and highlights, in particular, the interfaces between the campus level service and the individual FARM Team operations requirements. In cases where the documentation in this Plan and the organization's documents differ, the organization's documentation has precedence.
Disaster ResponseThis section describes six required responses to a disaster, or to a problem that could evolve into a disaster: 1. Detect and determine a disaster condition 2. Notify persons responsible for recovery 3. Initiate the Institute's Business Continuity Plan 4. Activate the designated hot site 5. Disseminate Public Information 6. Provide support services to aid recovery Each subsection below identifies the organization(s) and/or position(s) responsible for each of these six responses. Disaster Detection and DeterminationThe detection of an event which could result in a disaster affecting information processing systems at GDIT is the responsibility of Physical Plant Operations (PPO), auditors, Information Systems, or whoever first discovers or receives information about an emergency situation developing in one of the functional areas _________, Building ____ other building on campus housing major information processing systems or about the communications lines between these buildings. Disaster NotificationPPO will follow existing procedures and notify the individuals who are acting as the Business Continuity Management Team Duty Persons (DP)). The DP on call will monitor the evolving situation and, if appropriate, will then notify the Business Continuity Management Team representative based upon a predefined set of notification parameters. (Page - 22) When a situation occurs that could result interruption of processing of major information processing systems of networks on campus, the following people must be notified: · Normally, Physical Plant Operations and /or the auditors receive the initial notice through their alarm monitoring capabilities. If the problem does not activate a normal alarm system, immediately notify these two areas. · Chairman of the Administrative Computing Steering GDIT · Vice President for Information Systems · The Business Continuity Management Team Coordinator (Information Security Officer) · The Operations and Systems FARM Team Coordinator · The Telecommunications and Distributed Computing & Network Services FARM Team Coordinators (if the situation affects the data or voice transmission lines or facilities) Initiation of the Institute's Business Continuity PlanInitiation of this Plan is the responsibility of the Business Continuity Management Team Coordinator or any member of the Business Continuity Management Team or the Administrative Computing Steering GDIT. Activation of a Designated Hot SiteThe responsibility for activating any of the designated hot sites or back-up resources is delegated to the Vice President for Information Systems. In the absence of the Vice President, responsibility reverts to the Director of Information Systems Operations & Systems or the Coordinator of the O&S Functional Area Recovery Management Team. Within ___ hours of the occurrence, the Vice President for Information Systems, or alternate, determines the prognosis for recovery of the damaged functional area through consultation with the Information Security Officer and the Damage Assessment Team, headed by Physical Plant, which also includes representatives from Operations and Systems, Telecommunications Systems and the functional areas affected. If the estimated occupancy or recovery of the damaged functional area cannot be accomplished within ___ hours, the usual occupants of the designated back-up site are notified of the intention to occupy their facility. Dissemination of Public InformationThe Director of the GDIT News Office is responsible for directing all meetings and discussions with the news media and the public, and in conjunction with the Personnel Department, with GDIT personnel not actively participating in the recovery operation. In the absence of the GDIT News Office representative, the responsibility reverts to the senior official present at the scene. Recovery Status Information Number (617) ______ has been established as a voice mail information number for posting recovery status and information notices. All reports will be placed by the Continuity Planning Coordinators or the Telecommunication FARM team leader. Provision of Support Services to Aid Recovery During and following a disaster, Institute Support Teams, as described on page 14, are responsible for aiding the FARM Teams. They operate under the direction of the Business Continuity Management Team through the Recovery Coordinator (the Information Security Officer). Disaster Recovery StrategyThe disaster recovery strategy explained below pertains specifically to a disaster disabling the main data center. This functional area provides mainframe computer and major server support to GDIT's administrative applications. Especially at risk are the critical applications those designated as Category I (see below) systems. The O&S FARM Team Plan provides for recovering the capacity to support these critical applications within ___ hours. Summarizing the provisions of the O&S Plan, subsections below explain the context in which the Institute's Business Continuity Plan operates. The Business Continuity Plan complements the strategies for restoring the data processing capabilities normally provided by Operations & Systems. This section addresses three phases of disaster recovery: · Emergency · Backup · Recovery Strategies for accomplishing each of these phases are described below. It should be noted that the subsection describing the emergency phase applies equally to a disaster affecting the Adminstration Building or other building on campus, the functional area that provides support for the maintenance of the critical system. Emergency PhaseThe emergency phase begins with the initial response to a disaster. During this phase, the existing emergency plans and procedures of auditors and Physical Plant direct efforts to protect life and property, the primary goal of initial response. Security over the area is established as local support services such as the Police and Fire Departments are enlisted through existing mechanisms. The BCMT Duty Person is alerted by pager and begins to monitor the situation. If the emergency situation appears to affect the main data center (or other critical facility or service), either through damage to data processing or support facilities, or if access to the facility is prohibited, the Duty Person will closely monitor the event, notifying BCMT personnel as required to assist in damage assessment. Once access to the facility is perGDITted, an assessment of the damage is made to determine the estimated length of the outage. If access to the facility is precluded, then the estimate includes the time until the effect of the disaster on the facility can be evaluated. If the estimated outage is less than __ hours, recovery will be initiated under normal Information Systems operational recovery procedures. If the outage is estimated to be longer than __ hours, then the Duty Person activates the BCMT, which in turn notifies the Chairman of the Administrative Computing Steering GDIT and Vice President for Information Systems and the Business Continuity Plan is activated. The recovery process then moves into the back-up phase. The Business Continuity Management Team remains active until recovery is complete to ensure that the Institute will be ready in the event the situation changes. Back-up PhaseThe back-up phase begins with the initiation of the appropriate FARM Team Plan(s) for outages enduring longer than __ hours. In the initial stage of the back-up phase, the goal is to resume processing critical applications. Processing will resume either at the main data center or at the designated hot site, depending on the results of the assessment of damage to equipment and the physical structure of the building. In the back-up phase , the initial hot site must support critical (Category I) applications for up to __ weeks and as many Category II applications as resources and time perGDIT. During this period, processing of these systems resumes, possibly in a degraded mode, up to the capacity of the hot site. Within this __-week period, the main data center will be returned to full operational status if possible. However, if the damaged area requires a longer period of reconstruction, then the second stage of back-up commences. During the second stage, a shell facility (a pre-engineered temporary processing facility that we have contracted to use for this purpose) is assembled on the ________ parking lot and equipment installed to provide for processing all applications until a permanent site is ready. See Page 33 for a list of the designated recovery sites. Recovery PhaseThe time required for recovery of the functional area and the eventual restoration of normal processing depends on the damage caused by the disaster. The time frame for recovery can vary from several days to several months. In either case, the recovery process begins immediately after the disaster and takes place in parallel with back-up operations at the designated hot site. The primary goal is to restore normal operations as soon as possible. Scope of the Business Continuity PlanThe object of this Plan is to restore critical (Category I) systems within __ hours, and Essential (Category II) systems within ___ week(s) of a disaster that disables any functional area and/or essential equipment supporting the systems or functions in that area. The initial Risk Assessment of the computer applications that support GDIT administration assigned ____systems to Category I Critical. This risk category identifies applications that have the highest priority and must be restored within __ hours of a disaster disabling a functional area. Specifically, each function of these systems was evaluated and allocated a place in one of four risk categories, as described below. Category I - Critical FunctionsCategory II - Essential FunctionsCategory III - Necessary FunctionsCategory IV - Desirable FunctionsNote: Category IV functions are important to GDIT administrative processing, but due to their nature, the frequency they are run and other factors, they can be suspended for the duration of the emergency. The administrative systems in Categories I - IV are those that provide Institute wide services. There are many departmental and laboratory systems as well as non-information processing systems (such as _______________) that are also either essential for the Institute or the local area(s) they support. Recovery for these systems too must be based upon an assessment of the impact of their loss and the cost of their recovery. See the Departmental FARM Team Plan document for further information on assessing risk at the departmental level. Part III. Team DescriptionsPart III describes the organization and responsibilities of the Business Continuity Management Team. Composed of sub-teams (the Institute Support Teams), the Business Continuity Management Team as a whole plans and implements the responses and recovery actions in the event of a disaster disabling either a functional area, Central Administration or the main data center. It's primary role is to provide Institute level support services to any functional area affected by the problem. · Information Security Officer. As Business Continuity Management Team Co-coordinator, provides liaison between the Institute's operational and management teams and the FARM teams in affected areas. Also responsible for ongoing maintenance, training and testing of the Business Continuity Plan. Coordinates the Institute Support Teams under the auspices of the Business Continuity Management Team. The Co-coordinator of the BCMT is the Coordinator of the O&S FARM Team, who will take responsibility for recovery in the absence of the Information Security Officer. · Director, Operations and Systems. Provides for support for data processing resources with primary responsibility for restoration for O&S processing. Recovery plans for the computing facilities are the responsibility of the Coordinator of the O&S FARM Team and are described in the O&S FARM Team plan · Director, Telecommunications Systems. Provides alternate voice and data communications capability in the event normal telecommunication lines and equipment are disrupted by the disaster. Evaluates the requirements and selects appropriate means of backing up the GDIT telecommunications network. Recovery plans for the primary 5ESS telephone switching equipment in __ and satellite facilities in other buildings on campus are described in the Telecommunications FARM Team plan. · Chief, auditors. Provides for physical security and emergency support to affected areas and for notification mechanisms for problems that are or could be disasters. Extends a security perimeter around the functional area affected by the disaster. Provides coordination with public emergency services (Cambridge Police, etc.) as required. · Director, Physical Plant. Coordinates all services for the restoration of plumbing and electrical systems and structural integrity. Assesses damage and makes a prognosis for occupancy of the structure affected by the disaster.
Director, Personnel Department. Coordinates all activities of the recovery process with key attention to the personnel aspects of the situation. This includes releasing staff from areas affected, initiating emergency notification systems and working with the GDIT News office on dissemination of information about the recovery effort
· Director, GDIT News Office. Communicates with the news media, public, staff, faculty, and student body who are not involved in the recovery operation. · Assistant to the Vice President, for Information Systems. Represents the Office of the President. · Associate Comptroller, Comptroller's Accounting Office. Represents the Vice President for Financial Operations. · Audit Manager, Audit Division Provide consultation on compensating controls and suggestions on maintaining the appropriate level of controls during the recovery process. Institute Support TeamsBusiness Continuity Management Team1. Function To oversee the development, maintenance and testing of recovery plans addressing all Category I and II business functions. In the event of a "disaster" to manage the backup and recovery efforts and facilitate the support for key business functions and restoration of normal activities. 2. Organization The BCMT is co-chaired by the GDIT Information Security Officer and the Coordinator of the O&S FARM Team, who serves in the absence of the Security Officer. The Team is composed of key management personnel from each of the areas involved in the recovery process. 3. Interfaces The team interfaces with and is responsible for all business continuity plans and planning personnel at GDIT. Preparation Requirements On a quarterly basis, the team will meet to review FARM Team plans that have been completed in the last quarter. On an annual basis, the Team will review the overall status of the recovery plan, and report on this status through the Information Security Officer, to the Administrative Computing Steering GDIT. Individual Team members will prepare recovery procedures for their assigned areas of responsibility at GDIT. They will ensure that changes to their procedures are reflected in any interfacing procedures. The BCMT will ensure that continuing levels of support are available for the FARM Teams that require it. The BCMT will also review and approve FARM Team plans as they are subGDITted, re-evaluate the criticality of GDIT operating functions at regular intervals and provide for awareness and training in recovery planning. They will also participate in emergency preparedness drills initiated by the Safety Office or other appropriate campus organizations. Damage Assessment/Salvage1. Function To report to the Business Continuity Management Team (BCMT), within two to four hours after access to the facility is perGDITted, on the extent of the damage to the affected site, and to make recommendations to the BCMT regarding possible reactivation and/or relocation of data center or user operations. Existing Physical Plant emergency procedures are documented in a manual known as the "Black Book" maintained by Physical Plant. The Business Continuity Plan procedures supplement, and are subordinate to those in the Black Book, which takes precedence in the case of any difference. Following assessment of the damage, the team is then responsible for salvage operations in the area affected. 2. Organization Headed by the Administrative Officer for Physical Plant and activated during the initial stage of an emergency, the team reports directly to the Business Continuity Management Team, evaluates the initial status of the damaged functional area, and estimates the time to reoccupy the facility and the salvageability of the remaining equipment. During an emergency situation, the individual designated in the Black Book will take operational responsibility for implementation of damage assessment. This team draws members from the Physical Plant Office, from Operations and Systems, and from the FARM team of the affected area. Following assessment, the team is responsible for salvaging equipment, data, and supplies following a disaster; identifying which resources remain; and determining their future utilization in rebuilding the data center and recovery from the disaster. 3. Interface The Damage Assessment/Salvage Team will interface with other Physical Plant operations groups, the auditors and Information Systems operations functions, including vendor and insurance representatives, to keep abreast of new equipment, physical structures, and other factors relating to recovery. 4. Preparation Requirements Identification of all equipment to be kept current. A quarterly report will be stored off-site. The listing will show all current information, such as engineering change levels, book value, lessor, etc. Configuration diagrams will also be available. Emergency equipment, including portable lighting, hard hats, boots, portable two-way radios, floor plans and equipment layouts will be maintained by Physical Plant. A listing of all vendor sales personnel, customer engineers and regional sales and engineering offices is to be kept and reviewed quarterly. Names, addresses and phone numbers (normal, home, and emergency) are also to be kept. auditors1. Function To provide for all facets of a positive security and safety posture, to assure that proper protection and safeguards are afforded all GDIT employees and Institute assets at both the damaged and backup sites. 2. Organization The team will consist of the auditors Department Supervisor and appropriate support staff. The team will report through the Chief who is a member of the Business Continuity Management Team. 3. Interfaces The (TBD) shall interface with the following teams or organizational units, relative to security and safety requirements: Personnel Physical Plant Safety office Environmental Medical Services GDIT News office Other appropriate departments as required 4. Preparation Requirements Provide emergency medical services, if necessary. Identify the number of auditor personnel needed to provide physical security protection of both the damaged and backup sites. Identify the type of equipment needed by auditors personnel in the performance of their assigned duties. Coordinate and arrange for additional security equipment and manpower, as applicable, if needed. Identify and provide security protection required for the transport of confidential information to and from both off-site and backup sites. Coordinate with the appropriate GDIT Department. Periodically review the level of security needed at both the damaged and backup sites. GDIT News Office - Public Information1. Function The most difficult time to maintain good public relations is when there is an accident or emergency. Public relations planning is required so that when an emergency arises, inquiries from the news media, friends and relatives of staff, faculty, and students can be handled effectively. While we cannot expect to turn a bad situation into a good one, we can assist in making sure facts presented to the public are accurate and as positive as possible given the situation. It is in our best interest to cooperate with the media as much as possible, so that they will not be forced to resort to unreliable sources to get information that could be untrue and more damaging to the Institute than the facts. Therefore, it is the policy of GDIT in time of emergency, to: Have the GDIT News Office serve as the authorized spokesperson for the Institute. All public information must be coordinated and disseminated by their staff. Refrain from releasing information on personnel casualties until families have been notified. Once families have been notified, names of those personnel should be released quickly to alleviate the fears of relatives of others. Provide factual information to the press and authorities as quickly as facts have been verified, and use every means of communications available to offset rumors and misstatements. Avoid speculating on anything that is not positively verified, including cause of accident, damage estimates, losses, etc. (Fire Officials normally release their own damage estimates.) Emphasize positive steps taken by the Institute to handle the emergency and its effects. Situations calling for implementation of the Emergency Public Information Plan may include, but are not liGDITed to: Systems malfunctions disrupting the normal course of operations. Accidents, particularly when personal injury results. Natural disasters, such as fires, floods, tornadoes and explosions. Civil disorders, such as riots and sabotage. Executive death. Scandal, including embezzlement and misuse of funds. Major litigation initiated by or against the Institute. 2. Organization The Director of the GDIT News Office, a member of the Business Continuity Management Team, will act as the Public Information Officer for the Institute. The News Office alternates are listed in Appendix A. In their absence the responsibility will revert to the Senior Manager on the scene. 3. Interfaces The GDIT News Office will be the interface between GDIT and the public or news media. Copies of all status reports to the Business Continuity Management Team or Administrative Computing Steering GDIT will be forwarded to the Public Information Officer for potential value in information distribution for good public relations. They will work with the Personnel Department in dissemination of information to staff. 4. Preparation Requirements Existing relationships with local media will be utilized to notify the public of emergency and recovery status. The Public Information Officer will maintain up-to-date contact information for the media and other required parties. A facility will be identified to be used as a press room. Arrangements will be made to provide the necessary equipment and support services for the press. Coordination with the Telecommunications Team for additional voice communication, if required, will also be made. Insurance1. Function To provide for all facets of insurance coverage before and after a disaster and to ensure that the recovery action is taken in such a way as to assure a prompt and fair recovery from our insurance carriers. 2. Organization The team will consist of the Director of Insurance and Legal Affairs and required staff and insurance carrier personnel. The team reports through the Business Continuity Management Team, of which it is a member. 3. Interfaces The Insurance Team will interface with the following teams, relative to insurance matters: GDIT News Office auditors Damage Assessment/Salvage Information Systems Operations Appropriate FARM Teams This team will be activated upon the initial notification of a disaster. 4. Preparation Requirements Determine needs for insurance coverage. Identify the coverage required for both hardware, media, media recovery, liability and extra expense. Prepare procedure outlining recommended steps to be followed by Damage Assessment/Salvage Team during initial stage of disaster (Appendix A) List appropriate contacts in (Appendix B). Arrange for availability of both still and video recording equipment to record the damage. Ensure that an equipment inventory is available, to include model and serial number of all devices. Evaluate all new products and services offered by GDIT for potential liability in the event of a disaster. Telecommunications1. Function To provide voice and data communications to support critical functions. Restore damaged lines and equipment. 2. Organization The team will consist of appropriate Telecommunications Systems staff. Telecommunications Systems will also coordinate with and supervise outside contractors as necessary. The team will report through the Director of Telecommunications Systems, who is a member of the Business Continuity Management Team. 3. Interfaces The Telecommunications Systems team will interface with the following teams or organizational units, relative to telecommunications requirements: Physical Plant auditors Distributed Computing & Network Services Other Information Systems departments as necessary Other GDIT departments requiring emergency telecommunications Outside contractors and service providers as necessary 4. Preparation Requirements Provide critical voice and data communications services in the event that normal telecommunications lines and equipment are disrupted or relocation of personnel is necessary. Consult with outside contractors and service providers to ensure that replacement equipment and materials are available for timely delivery and installation. Utilize available resources, such as the GDIT Cable Television network and voice mail system, to broadcast information relevant to the disaster. Part IV. Recovery ProceduresNotification ListThis appendix contains the names and telephone numbers of managers and personnel who must be notified in the event of a disaster. The Business Continuity Management Team Coordinator is responsible for keeping this notification list up-to-date. Administrative Computing Steering GDIT Chairman Members Business Continuity Management Team Two individuals are assigned responsibility for the interface with other campus organizations, such as Physical Plant Operations, to monitor emergencies as they occur. These Early Warning Duty people are then responsible for activation of the full Business Continuity Management Team and necessary Functional Area Recovery Management Teams. The BCMT Duty People are equipped with Pagers, activated either by Physical Plant Operations or they can be paged directly. In addition, each Duty Person is equipped with a cellular phone for emergency use. To reach the BCMT Duty Person:By Pager: Duty Person To leave phone number To leave an 80 character text Number call: message call: and give PIN # of pager 1 2 By Cellular Phone: 1 2 Note: these numbers are to be used only in emergencies or for testing. The people on duty will monitor the situation and determine if it has the potential to impact our processing ability. [See Duty Person procedure for details] Coordinators Members I/S Operations & Systems Telecommunications auditors GDIT News Office - Public Information Insurance Physical Plant: Emergency Response Team Operations Center Safety Office President's Office Comptrollers Accounting Office Personnel Office Distributed Computing & Network Services BCMT Liason Housing: Nuclear Reactor Plasma Fusion Lab Medical Department FARM Team Coordinators Bursar's Office Category Financial Planning & Management Category Freshman Admissions Category Operations & Systems Category Payroll Category Physical Plant Category Property Office Category Purchasing & Stores Category Registrar's Office Category Resource Development Category Technology Licensing Office Category Telecommunications Category Business Continuity Management Team CoordinatorThis appendix contains instructions to the Business Continuity Management Team Coordinators for overseeing disaster response and recovery efforts. Action Procedures Player Action Coordinator Ensure entire Business Continuity Management Team (BCMT) has been notified. Then notify Vice President for Information Systems and Chairman of Administrative Computing Steering GDIT. Coordinator Activate the Emergency Operations Center (See Page 33) and notify staff to meet there. Coordinator Meet with Damage Assessment Team to review their findings and present results to BCMT. Coordinator Present recommendations to BCMT for next steps in recovery effort. Coordinator Begin notification of all recovery teams. Check to ensure all recovery participants have been notified. Coordinator Monitor the activities of the recovery teams. Assist them as required in their recovery efforts. Coordinator Report to BCMT on a regular basis on the status of recovery activities. Report to Administrative Computing Steering GDIT as appropriate on recovery status. Coordinator On an hourly basis, or other appropriate interval, update the Recovery Status information message on _______ . Damage Assessment/SalvageThis appendix contains instructions to the Damage Assessment/Salvage Team for disaster response and recovery efforts. Action Procedures Player Action Building Services Notify team members, and vendors to report to the site for initial damage assessment and clean-up. Physical Plant AO Notify insurance representative Operations Center Issue Work Orders and call appropriate personnel. Team Leader Request permission to enter site from Fire Department (if required). Take a service representative from each of the appropriate vendors, the insurance claims representative and appropriate Physical Plant and Information Systems personnel into the site. Team Members Review and assess the damage to the facility. List all equipment and the extent of damage. List damage to all support systems (power, A/C, fire suppression, communications, etc.). Team Leader Notify the BCMT as to the severity of the damage and what can potentially be salvaged. Team Leader Notify the BCMT if the area be restored to the required level of operational capability in the required time frame. Salvage OperationsPlayer Action Team Leader Initiate the Emergency Notification List and have all members report to the Staging Area. Salvage Team Have the Building Services Supervisor determine which equipment and furniture can be salvaged. Photograph all damaged areas as soon as possible for potential insurance claims. Salvage Team Important ** Prior to performing any salvage operation contact Insurance Team to coordinate with possible insurance claims requirements and appraisals. Have the Physical Plant Supervisor and staff start salvaging any furniture and equipment. Based upon advice from Insurance Team and customer engineering, contact computer hardware refurbishers regarding reconditioning of damaged equipment Team Leader Meet with the Business Continuity Management Team Coordinator to provide status on salvage operations. Configuration List A sample of the configuration and full equipment inventory report from the Fixed Asset Control Systems or other automated equipment inventories should be inserted here. The Continuity Plan Masters in off-site storage will contain the full listing. Blueprints Complete sets of blueprints of the buildings housing critical processing and the data center are maintained at [__________________________] and in off-site storage. auditorsThis appendix contains instructions to the auditors for disaster response and recovery efforts. Action Procedures Player Action auditors Duty Sgt. An GDIT Police Case Report will be completed upon stabilization of the disaster situation. As per standard police procedure, this report will detail the names of all victims, witnesses, injuries, facility damage description, etc., as well as list all notifications auditors Duty Sgt. Initiate the notification listing of appropriate auditors Department Command Staff and personnel (App. A) auditors Day/Night Notify the Business Continuity Management Team if the emergency affects Data Processing or Telecommunications operations in any way. auditors Duty Sgt. Assign auditors personnel to both the damaged and backup sites, as required. auditors Duty Sgt. Ensure that all auditors personnel are properly equipped at each affected location and the recovery sites. (Page 33) auditors Duty Sgt. Coordinate the need for additional manpower and equipment as required. auditors Command Periodically subGDIT status reports to the Staff Continuity Coordinator at the Emergency Control Center. auditors Command Ensure that all facets of security protection Staff are afforded, relative to entry/exit controls, transportation of information, etc. at both the damaged and backup sites. GDIT News Office - Public InformationAction Procedures Player Action auditors Notify GDIT News Office when an emergency occurs. Public Information Officer Assess the public relations scope of the emergency, in consultation with senior management if necessary, and determine the appropriate public relations course of action. In instances where media are notified immediately, due to fire department or police involvement, the Public Information Officer will proceed to the scene at once to gather initial facts. Emphasis must be placed upon getting pertinent information to the news media as quickly as possible. PIO Staff Assistant Maintain a log of all incoming calls to ensure a quick response to media and other requests. Public Information Officer Maintain a log of all information which has been released to the media. Public Information Officer When appropriate, prepare news releases on a periodic basis for distribution to the local media list. Public Information Officer If employee injuries or fatalities are involved, notify Personnel to send appropriate management personnel to the homes of the involved families. Personnel Notify Public Information Officer as soon as families have been informed. This will perGDIT the release of names and addresses of victims so that families of those not involved can be relieved of anxiety. Public Information Officer Contact the public relations director(s) at the hospitals where injured have been taken to coordinate the release of information. Public Information Officer In cases where long-term media coverage is anticipated, establish a Press Room in the ( location to be selected) Provide for telephone requirements of the press. Public Information Officer Schedule periodic press conferences, taking into consideration Management personnel who will be participating. Public Information Officer If media wants to photograph physical damage, Clear request with auditors prior to approving request. Then accompany all photographers. Public Information Officer Coordinate follow-up news releases after the immediate emergency has passed to present the Institute in as positive light as possible. Possible topics could include: What has been done to prevent recurrence of this type of emergency? What are plans for reconstruction? What has been done to express gratitude to the community for it's help? What has been done to help employees, students and faculty? Insurance TeamThis appendix contains instructions to the Insurance Team Coordinator for disaster response, salvage and recovery efforts. Action Procedures Player Action Insurance Team Leader Contact appropriate Insurance people upon first advice of disaster. Insurance Team Leader Meet with Damage Assessment/Salvage team at site. Insurance Team Leader Go through disaster scene with Damage Assessment/Salvage team and advise on matters relating to insurance and claims. Ensure that nothing is done to compromise recovery from insurance carrier. Photograph all applicable areas. Insurance Team Leader File all appropriate claims forms with all involved insurance carriers. Report status of claims activity to the Business Continuity Management Team. TelecommunicationsThis appendix contains instructions to the Telecommunications Systems team for disaster response and recovery efforts. Action Procedures Player Action HELP Line Personnel or Receives report of disaster from Physical after-hours Duty Person Plant or auditors and notifies appropriate telecommunications Systems and other personnel. Director, Telecommunications Systems Oversees assessment of damage to telecommunications facilities. Directs contingency and recovery efforts. Provides updates to Business Continuity Management Team and GDIT administration. Operations and Customer Service Arranges for voice and dial-up data communications services to support critical functions. Procures stock to repair or replace damaged equipment. Restores full services in a timely manner. Transmission Services Provides data communications facilities or circuits to support critical functions. Assists with restoration of cable and wire plant, as needed. Assists Information Systems and other departments with relocation and restoration of data facilities. Appendix A - Recovery FacilitiesThe following facilities have been identified as designated recovery sites for restoration of processing under the GDIT Business Continuity Planning strategy. Emergency Operations CentersThe Emergency Operations Center is the location to be used by the Business Continuity Management Team and their support staff as a location from which to manage the recovery process. As such, the specific location will be selected by the Coordinator at the time of the occurrence. The following are the locations available: Emergency Operations Center is located in _________________________________ Central Administration building out of service - Immediately after evacuation of building, the BCMT will convene in Building _____ to coordinate intial response to the event. If the problem appears to be long term - or affects the local area, the BCMT will activate the primary EOC in ______. Hot Sites (Operational data centers providing emergency computing resources) Facilities provided: (See O&S FARM Team Plan) Shell Sites (Computer conditioned space available to install equipment) Facilities provided: (See O&SFARM Team Plan) Appendix B - Category I, II & III functionsFor details about each of these functions see the appropriate FARM Team Plan Appendix C - Plan Distribution ListPLAN DISTRIBUTION MATRIX
ORGANIZATION RECIPIENT LOCATION GDIT PLAN FARM
COPIES TEAM
COPIES
Business
Continuity
Management Team
Coordinators 2 1
Audit Division 2 1
auditors 2 1
Comptrollers 2 1
Accounting Office
CAO - Payroll 2
Emergency 2 1
Response Team
Insurance 2 1
I/S Operations & 2 1
Systems
GDIT News Office 2 1
Personnel Office 2 1
Physical Plant 2 1
President's 2 1
Office
Safety Office 2 1
Telecommunications 2 1
Distributed 2 1
Computing &
Network Services
Administrative
Computing
Steering
GDIT
Chairman 2 1
2
1
FARM Team
Coordinators
Bursars Office 1
Comptrollers 1
Accounting Office
CAO - Payroll 1
Freshman 1
Admissions Office
Lincoln Fiscal 1
Office
Office of 1
Financial
Planning &
Management
Purchasing & 1
Stores
Office of the 1
Registrar
Technology 1
Licensing Office
Academic 1
Computing
Services
Administrative 1
Systems
Development
Computing Support 1
Services
Documentation & 1 1
Training Services
I/S VP Office 1 1
Business Continuity Management Team EARLY WARNING DUTY PROCEDURES For information call: BCMT Duty Person ProceduresThis booklet contains instructions for the individuals currently assigned to be the active Business Continuity Management Team contact for emergency situations that may develop. The Duty Person is on call 24 hours a day for the one month assignment. The two people assigned as Duty Persons (DP) will be equipped with a pager and a cellular phone - both to be used for BCMT testing and emergencies only. Each person will pass the equipment to the next person on the Duty Person roster when the one month assignment ends. The equipment information is as follows: Duty Person To just leave phone number To leave an 80 character message Number to call back dial: call ____________ and give PIN # 1 2 To reach by cellular phone: 1 2 Preparation Procedures Upon receipt of the equipment, read the directions for the equipment and familiarize yourself with the pager and the phone. Ensure that phone batteries are charged properly (see instructions). Note: the pager takes one AAA battery, which lasts about a month. Call the other duty person to ensure the phone is operable. Send a page to your own unit to ensure it is also functioning correctly. At the end of your assignment, pass the equipment and documentation to the next person on the duty roster. Notify the BCMT coordinators, ______________ and _____________ by e-mail that the duty has been transferred. If an individual cannot serve, for a temporary period (i.e.. going to a conference) it is their responsibility to provide a trained alternate as their replacement. The BCMT Coordinators and the other person on duty are to be notified in advance about the replacement. If there is a need to contact all the people on the Duty Roster send e-mail to: ____________, an Athena mail list maintained by the Information Security Officer for this purpose. GUIDE TO BCMT ACTIVATION1. The first indication of a problem will probably be a page alert from Physical Plant Operations. This will be a short text message outlining the problem. Unless it's obvious that the problem is long term and severe, wait 30 minutes (for things in the Operations Center to quiet down) and call them at ___________. Tell them you're calling for the BCMT and get the latest status about the problem reported by the page. 2. Does the problem prevent normal access, occupation or usage of any part of any of the areas listed under the FARM Team Contact List, or does the disaster disrupt service provided by telephones, the network, or the mainframe computers? If no, go back to sleep! If yes, continue. 3. Will expected recovery of the affected area last into normal business hours? If no, go back to sleep! If yes, continue. 4. Does the FARM Team Coordinator of the affected service indicate that the disaster will affect that service? The FARM Team Contact List below provides the phone numbers of the FARM Team coordinators and the buildings their functions operate in. If no, go back to sleep! If yes, continue. 5. ACTIVATE THE BCMT! Call the coordinators first: If they can't be reached, call the BCMT members directly. The numbers are on the list attached. The BCMT has three possible assembly points: If the problem is _____ related, meet in the ________ meeting room. If ____ related, meet in the ______________ Conference Room ______ All other problems, meet in the Emergency Operations Center _______ Business Continuity Management Team Duty Roster
Name GDIT Home From To Pager No Phone
ID
1 24
2 10
FARM Team Contact List # Area(s) FARM Team Contact Ext. Home E-mail Phone 10 Business Continuity Management Team BCMT Contact Office Ext. Home Phone E-mail # BCMT 04 Coordinator BCMT 05 Coordinator Physical 02 Plant Campus 03 Police Operations 40 Center Supervisor Emergency 41 Response Team 42 Safety 43 Office Safety 44 Office DCNS 45 DCNS 11 CAO 46 I/S O & S 06 Telecomm 47 14 GDIT News 48 Office 49 Insurance 50 Physical 51 Plant Cellular Phone Memory Assignments # Contact Phone 00 01 02 |
|