Latest revision as of 09:42, 13 April 2014

The following sections describe the immediate responses to the most common incidents. This module is intended to be used when there is an incident requiring an immediate response. Team members should consult their team plans for more details.

Requiring Immediate Response

Building Evacuation

Applicability: Activate this response if you must evacuate the building.

Characteristics of this hazard: This may occur at any time when there is apparent danger to the inhabitants of the building. The event may or may not have a sudden beginning.

Immediate Response:

If you are not in immediate danger:
Secure any sensitive documents or valuables.
Power down, shut off or secure computers and other equipment.
Take all personal belongings (only if they are with you at the time of the alarm) and proceed to the assigned exits.
Do not use elevators.
Direct employees and visitors to the nearest exit.
Move quickly and quietly

Response:

Stop what you are doing and walk, do not run, to the primary or alternate stairwell. Close all doors behind you.
Use the stairs. Do not use the elevators. If the power fails, you may become trapped in the elevator. During fire alarms, elevators are taken out of service and returned to the ground floor
Evacuate the building immediately according to your evacuation route.
Proceed to your assigned outside assembly area and check in.
Report to your supervisor for a headcount. Visitors should report to the receptionist for headcount.
Do not leave the assembly area until released unless you are in personal danger.
Do not re-enter the building until the all clear announcement is given by the emergency coordinator.
Fire wardens:
Will assist in the evacuation process
Ensure work areas are evacuated and doors are closed, not locked.
Ensure rest rooms are evacuated.
Coordinate assistance for injured or incapacitated personnel.
Report to the emergency coordinator on evacuation status and employees requiring assistance.
Confirm evacuation status with supervisors or section managers.

Cause: This incident can be caused by a real, known danger such as a fire or by an apparent danger such as a bomb threat. It can be the result of someone with a grudge against your company or by someone wanting to disrupt your operations. Their grievance against your company may be real or imagined.

Effect: In light of increased terrorist activity, some high-profile businesses have found that they may be likely targets for foreign and domestic terrorist groups or a disgruntled employee.

The effect can be disrupted operations for your company, lost time and concerned employees.

Where and When: This type of attack can occur at any time. However, the resulting evacuation is more likely during your hours of work.

Mitigation Measures:

Train managers to recognize threats for which an evacuation is warranted.
Train staff in safe and orderly evacuation procedures

Mail: Suspicious Package

Applicability: Activate this response if you receive mail which appears suspicious.

Characteristics of this hazard: Some characteristics of suspicious packages and envelopes include the following:

Inappropriate or unusual labeling

Excessive postage, no postage or non-canceled postage
Handwritten, cut-and-paste or poorly typed addresses
Misspellings of names, titles or locations
Strange return address or no return address
Incorrect titles or title without a name
Not addressed to a specific person
Marked with restrictions, such as “Personal,” “Confidential,” or “Do not x-ray”
Marked with Fragile-Handle with Care, Rush-Do Not Delay
Marked with any threatening message
Postmarked from a city or state that does not match the return address

Appearance

Powdery substance felt through or appearing on the package or envelope
Oily stains, discolorations, or odor
Lopsided or uneven envelope
Excessive packaging material such as masking tape, string, etc.

Other suspicious signs

Unexpected envelopes from foreign countries
Excessive weight
Ticking sound
Protruding wires or aluminum foil

Immediate Response:

Remain calm
Do not open the package or letter
Do not shake or empty the contents of any suspicious package or envelope.
Do not carry the package or envelope, show it to others or allow others to examine it.
Put the package or envelope down on a stable surface; do not sniff, touch, taste, or look closely at it or at any contents which may have spilled.
Do not touch your eyes, nose or other body part.
Alert others in the area about the suspicious package or envelope. Leave the area, close any doors, and take actions to prevent others from entering the area. If possible, shut off the ventilation system.
WASH hands with soap and water to prevent spreading potentially infectious material to face or skin. Seek additional instructions for exposed or potentially exposed persons.

Response:

Notify a supervisor, a security officer, or the Police. If at home, contact the Police.
Ensure that all persons who have touched the letter or package wash their hands with soap and water.
Make a list of all persons who have touched the letter or package and who were in the area when it was opened.
Have the facility inspected for hazardous material removal prior to employee return.
Enhance security measures if necessary.
Check access records to determine if terrorist act was internal.
Communicate with employees as to the nature of the incident.
Longer Term:
Schedule employee refresher training courses.
Update evacuation plan as needed.
Review crisis communication plan.

Cause: Incoming mail can be used by terrorists, by someone with a grudge against your company or by someone wanting to disrupt your operations. Their grievance against your company may be real or imagined.

Effect: In light of increased terrorist activity, some high-profile businesses have found that they may be likely targets for foreign and domestic terrorist groups or disgruntled employees with access to chemical and biological weapons. Improper mail handling and removal or a terrorist attack could potentially result in a fire, explosion, or employee illness, facility damages, loss of life, financial loss, litigation, and temporary or permanent closures.

Where and When: This type of attack can occur at any time. However, you should be more vigilant during periods of high incoming mail such as holidays, or coinciding with external events such as political rallys, religious holidays or national actions.

Mitigation Measures:

Train staff in mail-handling procedures
Examine unopened mail and look for suspicious features
Handle incoming mail in a designated and separate mail area
Wash your hands after mail is opened
Restrict mailroom access to authorized persons.

Unknown Powder in Workplace

Applicability: Activate this response if unknown powder, of a suspicious nature, is found anywhere in the workplace

Characteristics of this hazard: This hazard can occur when unauthorized persons have direct or indirect access to your facilities or it can occur by mail or delivered packages.

Immediate Response:

Remain calm
Do not shake or empty the contents of any suspicious package or envelope.
Do not carry the package or envelope, show it to others or allow others to examine it.
Put the package or envelope down on a stable surface; do not sniff, touch, taste, or look closely at it or at any contents which may have spilled.
Do not touch your eyes, nose or other body part.
Alert others in the area about the suspicious package or envelope. Leave the area, close any doors, and take actions to prevent others from entering the area. If possible, shut off the ventilation system.
WASH hands with soap and water to prevent spreading potentially infectious material to face or skin. Seek additional instructions for exposed or potentially exposed persons.

Response:

Isolate the workplace and the people who may have been exposed.
Notify a supervisor, a security officer, or the Police. If at home, contact the Police.
Ensure that all persons who may have come into contact with the powder wash their hands with soap and water.
Make a list of all persons who were in the area when it was discovered.
Have facility inspected for hazardous material removal prior to employee return.
Enhance security measures if necessary.
Check access records to determine if terrorist act was internal.
Communicate with employees as to the nature of the incident.
Longer Term:
Schedule employee refresher training courses.
Update evacuation plan as needed.
Review crisis communication plan.
Periodically revisit and update list of chemicals at site(s).

Cause: The use of powder, as a terrorist threatening activity, is relatively new. The objectives seem to be to disrupt your operations, create fear and cause bodily harm. Both deliveries and direct planting of the powder have been used to place the powder. These techniques can be used by terrorists, by someone with a grudge against your company or by someone wanting to disrupt your operations. Their grievance against your company may be real or imagined.

Effect: In light of increased terrorist activity in recent months, some high-profile businesses have found that they may be likely targets for foreign and domestic terrorist groups or disgruntled employees with access to chemical and biological weapons. Improper mail handling and removal or a terrorist attack could potentially result in a fire, explosion, or employee illness, facility damages, loss of life, financial loss, litigation, and temporary or permanent closures.

Where and When: This type of attack can occur at any time. However, you should be more vigilant during periods of high incoming mail such as holidays, or coinciding with external events such as political rallys, religious holidays or national actions.

Mitigation Measures:

Train staff in the procedures for responding to this type of threat.
Ensure that you maintain a clean workplace policy so that this threat can be readily spotted.
Conduct regular inspections of your workplace.
Restrict workplace access to authorized persons.

Bomb Threat

Applicability: Activate this response if a bomb threat is received, usually by telephone.

Immediate Response:

Follow the instructions provided by the Security Officer for Telephone Bomb Threat Procedures.
Remain calm
Keep talking
Signal a co-worker to get on an extension telephone
Ask caller to repeat the message and write it down.
Repeat questions, if necessary
Ask where the bomb is and when it is set to go off.
Listen for background noises
Write down noises, gender, pitch of voice and accent.
Ask person's name, exact location and telephone number.
Signal a co-worker to call police
Notify your immediate supervisor

Response:

Notify the Police immediately.
Do not touch any suspicious package.
Leave the area where the suspicious package was found.
If evacuation order is issued, guide and assist in the evacuation of employees and clients from the building.
After evacuating a building, avoid standing in front of windows or other potentially hazardous areas.
Do not block the sidewalk or street, which will need to be kept clear for emergency officials.
Follow the prescribed sequence of notification as established in the bomb incident plan.
Remain available, as law enforcement personnel will want to interview you.
When a written threat is received, save all materials, including any envelope or container. Once the message is recognized as a bomb threat, further unnecessary handling should be avoided.
Every possible effort must be made to retain evidence such as fingerprints, handwriting or typewriting, paper, and postal marks. These will prove essential in tracing the threat and identifying the writer.
Notify a supervisor, a security officer, or the Police.

Cause: Bomb threats are used to disrupt your operations and create fear. They are normally used by someone with a grudge against your company or by someone wanting to disrupt your operations. Their grievance against your company may be real or imagined.

Effect: The effect of a bomb threat will be nervousness in your employees. They will be concerned because they don't know if the threat is real.

Where and When: This type of attack can occur at any time although it will be more likely during working hours.. However, you should be more vigilant during periods of high business activity as this is when the disruption to your operations would be the most effective..

Mitigation Measures:

Train staff
Designate a chain of command.
Establish a command center.
Decide what primary and alternate communications will be used.
Establish clearly how and by whom a bomb threat will be evaluated.
Decide what procedures will be followed when a bomb threat is received or device discovered.
Determine to what extent the available bomb squad will assist and at what point the squad will respond.
Provide an evacuation plan with enough flexibility to avoid a suspected danger area.
Designate search teams.
Designate areas to be searched.
Establish techniques to be used during search.
Establish a procedure to report and track progress of the search and a method to lead qualified bomb technicians to a suspicious package.
Have a contingency plan available if a bomb should go off.
Establish a simple to follow procedure for the person receiving the bomb threat.
Review your physical security plan in conjunction with the development of your bomb incident plan.

Bomb

Applicability: Activate this response if a package is discovered, which appears to be a bomb

Immediate Response:

Remain calm
Do not touch the package
Do not open the package
Do not shake or empty the contents of any suspicious package
Do not carry the package or allow others to examine it.
Alert others in the area about the suspicious package. Leave the area, close any doors, and take actions to prevent others from entering the area. If possible, shut off the ventilation system.
Notify police and company security.

Response:

Evacuate the workplace as quickly and calmly as possible.
If items are falling off bookshelves or from the ceiling, get under a sturdy table or desk until the situation has stabilized enough for your safe passage.
Ensure your own safety before trying to help others.
Sound the alarm, likely by pulling the fire alarm.
Notify a supervisor, a security officer, or the Police.
Make a list of all persons who may have touched the letter or package and who were in the area when it was discovered.
Have facility inspected for more hazardous material removal prior to employee return.
Enhance security measures if necessary.
Check access records to determine how the bomb was received.
Communicate with employees as to the nature of the incident.
Longer Term:
Schedule employee refresher training courses.
Review evacuation plan as needed.
Review crisis communication plan.

Cause: Bombs are used to disrupt your operations and create fear. They are normally used by someone with a grudge against your company or by someone wanting to disrupt your operations. Their grievance against your company may be real or imagined.

Effect: The effect of a bomb in your workplace will be fear amongst your staff and clients and disruption of your workplace and operations. There will likely be physical damage and associated costs.

Where and When: This type of attack can occur at any time.

Mitigation Measures:

Train staff
Designate a chain of command.
Establish a command center.
Decide what primary and alternate communications will be used.
Establish clearly what the procedures will be when an explosion occurs.
Decide what procedures will be followed when a bomb threat is received or device discovered.
Determine to what extent the available bomb squad will assist and at what point the squad will respond.
Provide an evacuation plan with enough flexibility to avoid a suspected danger area.
Establish a simple to follow procedure for the person receiving the bomb threat.
Review your physical security plan in conjunction with the development of your bomb incident plan.

Explosion

Applicability: Activate this response if an explosion, of unknown origin, occurs.

Immediate Response:

Remain calm
Evacuate the workplace
Alert others in the area about the suspicious package. Leave the area, close any doors, and take actions to prevent others from entering the area. If possible, shut off the ventilation system.
Notify police and company security.

Response:

Evacuate the workplace as quickly and calmly as possible.
If items are falling off bookshelves or from the ceiling, get under a sturdy table or desk until the situation has stabilized enough for your safe passage.
Ensure your own safety before trying to help others.
Sound the alarm, likely by pulling the fire alarm.
Notify a supervisor, a security officer, or the Police.
Enhance security measures if necessary.
Communicate with employees as to the nature of the incident.
Longer Term:
Schedule employee refresher training courses.
Review evacuation plan as needed.
Review crisis communication plan.

Cause: The explosion could have been caused by a bomb or by a gas leak. If it was a bomb, refer to the previous section.

Effect: The effect of an explosion in your workplace may be fear amongst your staff and clients and disruption of your workplace and operations. There will likely be physical damage and associated costs. If the cause was accidental, as in the case of a gas leak, the fear will be considerably lessened but, in the few hours following the explosion, there will be fear and uncertainty.

Where and When: An accidental explosion can occur at any time. Inspect your premises to determine if this is a possibility. For an explosion resulting from a bomb, refer to the previous section.

Mitigation Measures:

Train staff
Designate a chain of command.
Establish a command center.
Decide what primary and alternate communications will be used.
Establish clearly what the procedures will be when an explosion occurs.
Decide what procedures will be followed when a bomb threat is received or device discovered.
Determine to what extent the available bomb squad will assist and at what point the squad will respond.
Provide an evacuation plan with enough flexibility to avoid a suspected danger area.
Establish a simple to follow procedure for the person receiving the bomb threat.
Review your physical security plan in conjunction with the development of your bomb incident plan.

Fire

Applicability: Activate this response in the event of fire.

Immediate Response:

Remain calm
Sound the alarm for others in the immediate area
Attempt to deploy fire suppression systems if appropriate and safe to do so.
Floor Wardens should guide and assist in the evacuation of employees and clients from the building to a safe location.

If the smoke is thick, drop to the floor and crawl to the nearest exit. Cover your mouth to avoid inhaling smoke and gases.

If time permits, end any jobs running on CRT's or PC's, sign off and unplug all equipment. All tapes and diskettes should be placed in a fireproof safe or vault.

IS personnel should power down the core system and the UPS (Computer Room). All tapes and diskettes should be placed in a fireproof safe or vault. Any equipment not attached to the UPS should be unplugged, if time permits.

The Operations Manager should lock all vaults and fireproof safes.

Check all non-working areas to make sure all personnel have been alerted (canteen, rest rooms, etc.).

Close all exterior office doors.

Exit the area and ensure that everyone does as well.

Evacuate the building. Go to the Designated Meeting Place and wait for further instructions.

At the Designated Meeting Place (DMP), the DMP Supervisor will attempt to account for all personnel.

The DMP Supervisor will contact the Team Leader of the Emergency Reponse Management Team.'

Response:

Notify a supervisor or a security officer, or the Police.
If the fire occurred in only one section of the workplace, close it off and relocate employees and equipment.
Inventory all equipment and products that were damaged. Keep written records of all items and estimate the cost of loss for insurance purposes.
Don't turn on computers or other electrical equipment. They may have suffered smoke and soot damage.
Decide whether it's necessary to temporarily relocate or close the facility.
If moving temporarily, alert suppliers and clients of the move.
Contact a contractor to make structural repairs. Inquire about smoke and odor removal processes.
Keep employees notified of conditions. Have a system in place for workers to turn to for information, including key executive contacts and regularly-updated status reports.
Work with local fire officials to regain access to the site as soon as possible.

Cause: Fires can start in countless ways - an electrical short, a smoldering cigarette, an open flame, a gas explosion, arson - and the results can be devastating.

Effect: Impact will depend on the size of the fire, its location in the building, and the success of fire detection and prevention measures. But any fire has the potential, if not detected early enough, to destroy records and equipment, cause human injury or death, result in smoke damage, or completely burn a facility.

When and Where: Fire is a universal threat. Whether it's located in a larger building or a one-story building, no business is immune. A blaze can be triggered at any time of day or night, making preparedness a must. Fire will often piggyback other disasters. Damage sustained during an earthquake or flood often results in the release of flammable materials. These compound crises are even more dangerous and difficult to fight since critical infrastructure may have been damaged as well.

Mitigation Measures:

Install smoke detectors in key locations. Test batteries annually.
Install a fire alarm and suppression systems that will automatically notify fire officials.
Clean out storage areas.
Purchase proper insurance coverage.
Be aware of community fire codes and regulations and comply.
Ask your local fire department to inspect your facility on a regular basis.
Assess whether automatic sprinkler systems, fire hoses, and fire-resistant walls and doors are necessary.
Station fire extinguishers prominently throughout the building. Make sure employees are familiar with locations and usage. Also ensue that the fire extinguishers are of the correct type and capacity.
Assign an employee to check all appliances at the end of the workday to make sure they are turned off.
Establish safe personnel evacuation routes.
Training and periodic exercises are essential. Conduct fire drills at least twice a year to ensure that all employees know the proper exit procedure.
Select several key individuals within the company to coordinate communication procedures with employees, clients, and suppliers.
Enforce no smoking policies. If smoking is allowed, permit it only in designated areas where large, non-tip ashtrays are located.
Establish a tight security system to help prevent arsons.
Replace damaged electrical cords. Avoid plugging several cords into one outlet.
Leave room for air to circulate around heaters, copy machines, etc.
Keep flammable liquids and contaminants in proper storage containers and designated locations.
Investigate or contract with a recovery service provider to reduce clean-up costs.

Break-in

Applicability: Activate this response if a break-in occurs

Immediate Response:

Sound the alarm
Do not confront the intruder if it is unsafe

Response:

Notify a supervisor, a security officer, or the Police.
Do not move any items and alert police immediately.
Change all locks and/or combinations to the facility and all secured areas that were broken into.
Check to see if access control and security products that are currently in use need to be upgraded or if additional items need to be purchased.
If documents or computer files were stolen, check lists to see who had access to the information.
Compile a list of what documents, files, etc. were taken.
Procure back-up copies of documents and disks from their off-site storage location.
Determine whether it is necessary to change computer passwords and add more security measures to the system.
Make sure all personnel who noticed suspicious activity or have relevant facts pertaining to the break-in are willing to participate in police and/or company interviews in order to reconstruct the events.

Cause: If an individual obtains physical access to a company's facility or documentation and was not given permission for the activity, unauthorized access has occurred. Various people, such as industry competitors, burglars, or one's own personnel, can be responsible for an illegal entry.

Effect: If an intruder does gain access to the facility or data/documentation, irreparable damage can be the result. Materials could be stolen or tampered with, classified information could be obtained and used by outsiders without knowledge of its occurrence, the office could be vandalized, etc.

Where and When: An individual can gain unauthorized access to a large or small business at any hour of the day. The amount of unauthorized access a company is susceptible to depends upon the type of illegal entry that is attempted. All organizations are just as likely to have an employee attempt to gain access to a restricted area, whether intentional or not. However, a burglar may not try to break into a facility if it has appropriate security measures installed.

Mitigation Measures:

Tour the office in search of areas that may be vulnerable to a physical break-in, such as windows and easily accessible doors.
Keep a written log of who has keys to the facility and/or authorized access to secured areas of the office.
Have security guards posted at secured areas of the facility to check entries. Decide whether it is necessary to have guards 24-hours a day.
Evaluate access control products, such as employee slash cards and biometric systems, and security items, such as surveillance cameras, to see if they should be implemented.
Ensure that all computer resources are password protected and safeguarded with security measures such as firewalls, security routers, etc.
Limit access to company-sensitive documents and files to a minimal amount of employees and keep a running list of who has access to what.
Perform background checks on all employees that will have access to classified company documents/computer files and secured areas of the facility.
Instruct employees as to the proper usage of computers, stressing the need to keep passwords secure and to log off of their terminals at the end of the business day.
Secure all computer disks and copies of documents daily in a protected area on-site, with backup copies of pertinent information also stored off-site.
Immediately report any missing or altered documents/computer files or suspicious activity to the proper supervisor.

Computer Intrusion

Applicability: Activate this response if a computer intrusion occurs

Immediate Response:

Shut down the affected systems
Sound the alarm

Response:

Notify a supervisor and information services.
Check to see if access control and security products that are currently in use need to be upgraded or if additional items need to be purchased.
If documents or computer files were stolen, check lists to see who had access to the information.
Compile a list of what documents, files, etc. were taken.
Procure back-up copies of documents and disks from their off-site storage location.
See if a computer specialist can determine whether someone performed the illegal entry from within the company or an outside source.
Determine whether it is necessary to change computer passwords and add more security measures to the system.
Make sure all personnel who noticed suspicious activity or have relevant facts pertaining to the break-in are willing to participate in police and/or company interviews in order to reconstruct the events.

Cause: If an individual obtains either access to a company's computer data or other documentation and was not given permission for the activity, unauthorized access has occurred. Various people, such as hackers, industry competitors, burglars, or one's own personnel, can be responsible for an illegal entry.

Effect: If an intruder does gain access to data/documentation, irreparable damage can be the result. Materials could be stolen or tampered with, classified information could be obtained and used by outsiders without knowledge of its occurrence.

Where and When: An individual can gain unauthorized online access to a large or small business at any hour of the day. The amount of unauthorized access a company is susceptible to depends upon the type of illegal entry that is attempted. All organizations are just as likely to have an employee attempt to gain access to a restricted area, whether intentional or not.

Mitigation Measures:

Keep a written log of who has authorized access to secured areas of your systems.
Ensure that all computer resources are password protected and safeguarded with security measures such as firewalls, security routers, etc.
Limit access to company-sensitive documents and files to a minimal amount of employees and keep a running list of who has access to what.
Perform background checks on all employees that will have access to classified company documents/computer files and secured areas of the facility.
Instruct employees as to the proper usage of computers, stressing the need to keep passwords secure and to log off of their terminals at the end of the business day.
Secure all computer disks and copies of documents daily in a protected area on-site, with backup copies of pertinent information also stored off-site.
Immediately report any missing or altered documents/computer files or suspicious activity to the proper supervisor.

Medical Incident

Applicability: Activate this response if there has been an injury to anyone on or near any of your worksites. This could be a work-related injury, a vehicle accident, a heart attack or a stoke, or as the result of a violent incident.

Characteristics of this hazard: This hazard can occur whenever there are people present at your worksite..

Immediate Response:

Remain calm
If it is not clear what the nature of the incident is, then ask the person in distress if possible. If it is obvious, then activate your medical response procedure.
Perform First Aid or CPR as appropriate
If the victim is in continued danger, remove them from the danger.

Response:

Call 911
Notify a supervisor, a security officer, or the Police.

Cause: The type of incident can be caused by a heart attack or stroke, an injury, an attack or an accident, usually by a vehicle or a machine.

Effect: An incident can occur at any time that there are people on or near your premises.

Where and When: This type of incident can occur at any time.

Mitigation Measures:

Train sufficient numbers of staff in medical response procedures (First Aid, CPR)
Train other staff to do such things as direct the incoming emergency responders, handle elevators in stop cycles, and control small crowds to lessen the trauma and disruption.
Conduct periodic audits of your preparedness to respond to this type of incident.

Weapon Threat

Applicability: Activate this response if there is a threat with a weapon in the workplace.

Immediate Response:

Remain calm
If possible, move away from the danger area
Sound the alarm for your co-workers

Response:

Sound a general alarm. Use the fire alarm system.
Notify a supervisor, a security officer, or the Police.

Cause: This could be caused by someone with a grudge against your organization, or an armed robbery or by an estranged spouse.

Effect: The effect of a weapon in the workplace will a complete disruption to operations and there will be longer term effects on your employees. You will need to provide conselling services.

Where and When: This type of attack can occur at any time.

Mitigation Measures:

Have in place a workplace violence prevention policy
Develop a threat notification system
Institute a threat response
Develop and maintain termination policies
Provide managerial training
Provide security

Water Leaking

Applicability: Activate this response if there is water leaking into any area of the workplace.

Immediate Response:

If the water is from a pipe, turn off the flow of water.
Move or cover any materials to protect them from water damage.

Response:

Call facility maintenance immediately to report the incident.
Notify a supervisor or a security officer.

Cause: This can be caused by a broken or burst water pipe (clean or soil), a broken window or by a leak in the roof of the building. Effect: The effect can be to damage or destroy records, equipment, computers, or furniture. It can also have the effect of rendering the workplace unusable.

Where and When: This type of incident can occur at any time.

Mitigation Measures:

Ensure that you know where all shutoff valves are.
Have protective covers readily available to cover equipment, computers and records.

Requiring Short-term Response

Biological Hazards

Immediate Response:

Move away from the area and warn others of the hazard
Cordon off the area
Notify hospital, police, and fire contacts of incident.

Response:

Notify hospital, police, and fire contacts of incident.
Bring in appropriate personnel for cleanup.
Have facility inspected for hazardous material removal prior to employee return.
Enhance security measures if necessary.
Check access records to determine if terrorist act was internal.
Purchase additional protective equipment for replacements.
Schedule employee refresher training courses.
Update evacuation plan as needed.
Review crisis communication plan.
Periodically revisit and update list of chemicals at site(s).

Cause: The use and misuse of biological and chemical agents is an increasingly common concern for all businesses, whether a business handles hazardous materials itself or a neighbor handles them at a nearby site. While every business should be well-informed about its facilities' water and air quality, chemical/hazardous materials usage, and cleanup methods, this level of preparation is very basic.

Effect: In light of increased terrorist activity in recent months, some high-profile businesses have found that they may be likely targets for foreign and domestic terrorist groups or disgruntled employees with access to chemical and biological weapons. Improper waste handling and removal or a terrorist attack could potentially result in a fire, explosion, or employee illness, facility damages, loss of life, financial loss, litigation, and temporary or permanent closures.

Where and When: In many cases, chemical and biological waste becomes a disruption accidentally. While companies that deal with these materials daily appear more susceptible, all organizations should be concerned about possible accidents in their surrounding environments. Mistakes by inadequately trained employees, spills, leaks, and poor adherence to standards and regulations are all contributing factors to crises involving hazardous materials.

Seemingly random terrorist attacks are often meticulously geared towards a specific industry or company and may be based on the perpetrator's relationship with the business or beliefs about the organization, or the organization's political involvement or proximity to densely populated areas. While there may be indications of a possible spill or other hazardous waste problem at a business, there are often no warnings given for an attack with chemical or biological weapons.

Mitigation Measures:

Check with water providers to ensure proper filtration procedures are used.
Have specialists inspect ventilation systems. Clean vents regularly.
Monitor air periodically to classify and quantify hazardous substances.
Keep a record of individuals with access to all hazardous materials.
Ensure that regulations are followed for chemical storage, handling, and disposal.
Provide proper protective equipment and shower stations where needed.
Decontaminate materials properly.
Clearly label all containers; compile a list of chemicals at site(s).
Provide material safety data sheets (MSDS) to educate employees.
Inquire into delivery service companies' security measures.
Brainstorm with local and state agencies about terrorist attack preparedness.
Ensure personnel are knowledgeable about biological and chemical weapons.
Enact strict facility and peripheral security measures to safeguard against terrorism.
Train employees in dealing with chemicals and hazardous substances and first aid.
Inform employees of communication measures and evacuation routes from hazardous sites.
Establish contacts at local fire and police departments and hospitals.

Blizzards

Cause: Blizzards are a brutal combination of gusting winds, low temperatures, and large amounts of snow. While blizzards are best known for their tremendous snowfalls, they can be coupled with ice. Another danger is snowdrifts, which occur when winds move snow about. Once snow begins to melt, businesses may also be faced with potential flooding.

Effect: The effects of a blizzard can be devastating. Snow and/or ice can collapse power and telephone lines, knocking out services for hours or even days. Employees may be unable to get to work due to icy conditions or unplowed roadways. Buildings may collapse under the enormous weight of snow.

Where and When: In North America, Blizzards are most commonly found along the Mid-Atlantic Coast to New England and in the Midwest and Alaska; some storms also occur between the Rockies and the West Coast. Blizzards are a part of the nation's winter season, which typically spans November through March. Be aware of all weather advisories. If a winter storm warning is declared for your area, it means that snowfall of more than six inches within 24 hours and winds of 35mph or more are either already occurring or are expected within the next 12 hours.

Mitigation Measures:

Stock flashlights, first aid kits, and a battery-operated radio.
Keep water and non-perishable food on hand.
Buy an emergency heating source and appropriate fuel.
Purchase uninterruptible power supplies and a generator.
Make cellular phones and/or pagers available to key personnel.
Have computer data backed up offsite.
Evaluate alternate site options.
Create a plan for telephone backup. If considering rerouting calls, determine how it would be done and where the calls would go.
Decide which winter conditions will warrant early dismissals or closings, and develop employee notification procedures for these events.
Find out how your community handles snow plowing and determine if it is necessary to contract for private services.

After the Incident:

Have snow removed from all walkways and parking lots.
Assess whether the company should temporarily move to its alternate site.
Listen to radio weather updates.
If telephone lines are down, make sure calls have been rerouted properly.
Keep employees regularly updated on conditions. If an early dismissal has been approved, follow procedures to notify workers.
Ensure parking lots have been sufficiently plowed before employees return to work.
If part of the building collapses due to heavy snowfall, immediately block off access to that section of the facility. Make any temporary fixes possible, but hire a repair crew and contact insurance agents immediately.

Computer Failure

Cause: Computer system threats are many and varied. These essential business tools can come under attack seemingly from all sides, and sometimes from all sides at once.

Power outages can cause data loss; surges and sags can damage both data and equipment. Power problems may also affect climate control systems that maintain proper environmental conditions for sensitive computing equipment. Water leaks and fires each bring computer system hazards. Even a loose cable can put systems in jeopardy.

But physical threats aren't the only ones of which to be wary. Saboteurs from within or those who infiltrate your company's computing network can delete data, access proprietary information, and install viruses -- destructive software codes hidden in an apparently legitimate program -- and worms -- invasive programs that can replicate themselves and send copies to other computers across networks -- that can bring your systems to a halt. Even well-intentioned employees pose a threat when user mistakes become system-wide errors.

Effect: The effects of even a minor computer failure can be devastating to the production of the organization. The loss of computing can cause the loss of email, which is critical to communications, or, in the case of computer-controlled equipment, the loss of production. Computers are so critical to a modern organization that the effects can be huge.

Where and When: Although computer system threats are ever-present everywhere, regional natural hazards should be considered when planning to thwart disruption. Securing the structure and environment in which hardware is housed can go a long way toward safeguarding both equipment and operational capacity. Computer-specific and security threats must be addressed as well to ensure that a systems failure is both unlikely and recoverable.

Mitigation Measures:

Conduct a system-wide vulnerability assessment.
Conduct background checks of all employees and periodic checks of anyone with access to sensitive information.
Develop a communal sense of computer security responsibility. Inform employees how their actions could adversely affect systems.
Bolster security measures in order to limit physical access to computers by outsiders, and to secure disks, back-ups, and related materials.
Protect access to computers connected to phone lines. Be wary of Internet communications security and associated vulnerabilities.
Never leave an active terminal; always log off. Remove sensitive data from the PC when not in use, and disconnect from networks.
Report suspected intrusions and altered data, and do not use unsolicited or borrowed software.
Safeguard data from individual component failure by installing duplicate components, such as disk assemblies and power cords.
Evaluate need for uninterruptible power supplies, power conditioners, and surge suppressors.
Back up climate control systems.
Consider fastening devices that will secure computer equipment and help prevent toppling and breakage.
Institute good housekeeping policies, and invest in computer equipment covers that are water-resistant and flame-retardant.
Be aware of the life expectancy of your media as well as proper storage conditions. Clean tape drives regularly, and rotate tapes frequently to guard against wear.
Determine what constitutes critical data, an optimum back-up method, who is responsible for back-up, and how and where tapes will be transported and stored.
Back up all data on a regular basis with "compare" or "verify" options.
Service and maintain back-up hardware annually. Have a computer equipment leasing arrangement in place.
Reformat hard drives before retiring old computers, and erase diskettes before disposal.
Keep a current roster of names, phone numbers, and addresses of employees involved in re-establishing computer operations. Pre-qualify vendors if in-house expertise is lacking.
Cross-train recovery staff and assign each team member a full-access password so that recovery plan execution is not dependent upon one person.

After the Incident:

Do not attempt to operate a visibly damaged computer.
If your computer is making an unusual noise, turn it off. There is a good chance it has suffered or will suffer a disk crash. The faster it is deactivated, the better the chance for data recovery.
Avoid exposing the disk drive to environmental hazards by refraining from shaking or removing hard drive and tape covers.
Don't automatically turn to recovery software. If you suspect that you may have lost access to data due to electrical or mechanical failure, software can't help. Using file recovery utilities on a faulty hard drive can destroy what was recoverable data. When a drive failure is suspected, turn off the machine.
Be sure to call in a computer systems recovery specialist with the proper training and experience.
Lost data can become unrecoverable data when un- or under-qualified personnel misuse file recovery utilities, open disk drives, and lack the basic skills necessary to properly maintain and repair computer equipment and data.

Computer Hacking

Cause: Computers have become an integral part of today's business world. Whether used for time clocks, registers, PCs, laptops, or otherwise, businesses rely heavily on the stability of these technological instruments. Unfortunately, as our nations grows more computer-savvy, so grows the threat of computer-related criminal practices. Computer hackers are individuals who gain access to restricted or private systems for the purpose of profit or destruction.

A hacker can be described in both positive and negative terms. A hacker is generally an expert at programming and solving problems relating to computers. But a hacker is also someone who uses their expertise for criminal purposes.

Effect: In gaining illegal access, hackers are able to download confidential files, tamper with them, steal them completely, or even use the lifted information for blackmail purposes.

Where and When: Hacking can occur anywhere at anytime. No matter where you are or what you do, it is likely that you are dealing with a computer, whether directly or indirectly. Paying with a credit card, making reservations on an airplane, depositing money in your bank account, and even making a phone call involves computers.

Part of the problem is a combination of naiveté and, consequently, vulnerability. Most businesses are unaware that hackers are able to access their secret files, much less tamper with them. The solution, therefore, is knowledge and computer security.

Mitigation Measures:

Create a tough set of passwords.
Create backup copies of all appropriate electronic documents.
Research, evaluate and select an off-site storage facility. Ask about storage methods, facility locations, security, access, climate control issues and classification and labeling procedures.
Keep track of employees that have authorized access to classified documents.
Make it clear to all employees that desktop modems are not allowed and that all traffic must be via sanctioned equipment and systems.

After the Incident:

Try to assess whether an employee or an external source is responsible for the record loss.
Confer with MIS director immediately after an accidental computer deletion to determine if data can be retrieved.
Contact a data recovery specialist.
Obtain backup copies if working offsite and/or if computer data was lost.

Computer Viruses

Cause: As computers have become the primary tool in business operations, it has become more and more necessary to protect these systems from potentially damaging viruses. It is of paramount importance to protect your company's information from infection that can come in the form of a virus or its close cousin, the worm.

Effect: Like a virus, a worm is a damaging organism that has the ability to self-replicate, but unlike a virus a worm does not need to live in another program and can spread through your system by itself. This makes it a nastier, more dangerous type of virus that can spread rapidly.

While it is almost impossible to completely eliminate the threat posed by computer viruses, there are precautions that can be taken to lessen the risk.

Where and When: Combating the threat of computer viruses is a task that entails both prevention and recovery after an infection strikes. A virus can strike a network without warning, crippling business operations for a substantial amount of time, so it is essential to have an antivirus program set up in your computer.

Even when a well-publicized virus, such as the Melissa virus, is out there and you have prior knowledge about it, it can still sneak into your system. The most common way for a computer to become infected is through e-mail or by visiting a website that carries a virus. Reliable firewall protection is the best way to protect against these types of infections.

Once your computer is infected, the most important thing to do is to isolate the virus and protect critical data. Compromising the security of your company by spreading confidential data is the worst-case scenario in situations involving viruses and worms.

Mitigation Measures:

Make sure that you have a license for all software applications installed on all of your computers.
Acquire software only from reliable sources.
Make sure that you have a good antivirus program set up on your computer.
Consult technology-related news sources regularly to stay informed about the latest viruses and their characteristics.

After the Incident:

After an attack, make sure that all passwords are changed.
Take account of your company's records and make sure all of your information is accounted for and intact.
If you have a system supervisor or network coordinator, get in touch with him or her immediately. If you are the system supervisor, call your vendor.
Make sure that people are aware of the virus. Alert fellow colleagues and people to whom you may have passed the virus.

Electrical Storms

Cause: Lightning emerges from thunderstorms, caused by the opposite charges between the thunderstorm and the ground surface area. The negatively charged particles from the storm cloud are attracted to the positively charged particles from the ground. The particle attraction produces an electrical current. A large attraction causes lightning to strike between the storm cloud and the ground.

Effect: While lightning may only take seconds to occur, its impact can last much longer. Lightning can cause power outages and fires, or may damage office wiring and computers. There is also the threat of human injury if employees are working outside during an electrical storm. Structural damage can also occur if a tree or object located outside the facility hits the building after it is struck by lightning.

Where and When: The prevalence of thunderstorms across the U.S. increases the risk of electrical activity eventually affecting your business. In addition, lightning is very unpredictable, which makes it difficult to determine when your organization is most vulnerable.

Knowing the warning signs may help your business in its preparations. It is often common for lightning to take place without heavy rain, which is sometimes referred to as "heat lightning." Thunder can also be indicative of lightning. If thunder and lightning occur in close succession, the lightning is near your location.

Mitigation Measures:

Research the frequency of severe thunderstorms for your geographic area.
Find out if your community has a thunderstorm warning system in place.
Have trees located near the building trimmed regularly.
Purchase power protection devices to safeguard electrical items.
Have lightning rods installed.
Buy flashlights. Keep them in an easily accessible area.
Consider the purchase of an emergency generator.
Find out from an insurance agent about coverage.
Establish a plan to have telephone calls rerouted to an alternate location.
Educate employees on lightning safety.
Buy a battery-operated radio for weather reports.
Ensure computer data is backed up off-site regularly.
Make sure employees working off-site have safe locations to go to during a storm.

After the Incident:

Make sure all employees are inside the facility.
Contact employees working off-site to confirm they are in a safe area.
Make sure injured worker(s) receive appropriate medical attention.
Utilize flashlights and other backup power options.
Listen to the radio for additional weather information.
Do not utilize computers unless deemed safe.
Ensure telephone calls were properly rerouted. Have calls switched back to the office at
an appropriate time.
Tap into off-site backup tapes if necessary.
Have damaged trees and shrubbery appropriately trimmed and broken branches
disposed of properly.
Call your insurance agent to detail damages and discuss coverage.
Take photographs of physical damages for insurance purposes.

Environmental Hazards

Cause: Environmental hazards can creep into your facility without a trace. Unlike natural disasters, where outward evidence of a threat exists, some disruptions caused by environmental hazards can go undetected for long periods of time.

Indoor air quality, water pollution, chemicals, and asbestos are some of the hazardous conditions and materials that can disrupt a business. Common causes of indoor air pollution include smoke, paint, new carpeting, mold/mildew buildup in ventilation systems, and chemical emissions from copy machines.

Effect: Many environmental hazards result in employee illness, which, in turn, can lead to a decline in productivity or a temporary or permanent facility shutdown. In some jurisdictions, unsuitable environmental conditions will force the buildings to be evacuated.

Where and When: Businesses invite environmental problems when they neglect hazardous conditions, improperly store chemicals and cleaning solvents, or do not thoroughly investigate preexisting conditions at all locations. Companies are more susceptible to environmental threats if those responsible for business continuity lack an understanding of the properties, location, and volatility of these hazards.

Mitigation Measures:

Regularly inspect ventilation systems to avoid mold and mildew buildup.
Implement procedures for upper management or supervisor approval of hazardous chemical purchases. Minimize these purchases.
Know the purpose of each chemical/solvent used.
Clearly label all hazardous chemicals/solvents and restrict employees access.
Locate equipment, such as copy machines, in rooms with appropriate ventilation.
Open windows to circulate air.
Have a licensed asbestos inspector examine your facility.
Test water for contaminants. Based on water sample test results, consult a specialist for possible alternatives/remediation methods.
Be aware of volatile organic compounds (VOCs) that can be found in office furniture. These gases emitted by some furniture glues, cushion foams, and carpeting - can contribute to indoor air pollution and cause headaches or illness. When purchasing furniture, choose items that do not emit VOCs.
Open windows before new furniture is delivered in order to minimize impact on indoor air.
Establish a designated area within the facility for smokers or implement a no-smoking policy.
Encourage employees to report physical symptoms/illnesses that may be work-related.

After the Incident:

Locate the source of the pollutant and eliminate the hazard.
Keep chemicals in appropriate containers and regularly clean areas where they are stored.
Consult with local and state health departments or a private firm to evaluate indoor air quality.
Hire a cleaning specialist to remove mold/mildew from ventilation systems.
Refer employees with potential work-related illnesses to a physician. Stay apprised of health reports and determine whether company action is necessary.
If asbestos is detected, properly dispose of the contaminant.

Equipment Failure

1) Procedures for equipment failures depend on the type of equipment failed and the length of down time for that equipment.

2) Log the failure and notify management personnel so that maintenance can be scheduled as soon as possible. Be sure to document any error messages and/or other details that might be required for repair.

For critical equipment, you may need to declare a disaster if the downtime is longer than 24 hours. The BR Administrator or BR Coordinator should be notified of any equipment failure that could result in a declared disaster.

Cause: Equipment failure can occur for various reasons. The cause may be the result of deferred maintenance or the result of an accident or sabotage

Effect: Depending on the piece of equipment that failed, the effect could be as minor as deferred processing to closing of the facility.

Where and When: Equipment failure can occur at any time. Procedures for equipment failures depend on the type of equipment failed and the length of down time for that equipment.

Mitigation Measures:

Regularly inspect equipment.
Be aware of other equipment that can perform the same tasks.
Be aware of where to borrow, rent or buy replacement equipment for each type of equipment.
Log the failure and notify management personnel so that maintenance can be scheduled as soon as possible. Be sure to document any error messages and/or other details that might be required for repair.
For critical equipment, you may need to declare a disaster if the downtime is longer than 24 hours. The Team Leader of the Emergency Response Planning Team or the Facilities Manager (depending on the equipment that failed) should be notified of any equipment failure that could result in a declared disaster.

After the Incident:

Review the maintenance schedules for all similar equipment
Review the listings of replacement equipment for all susceptible equipment.

Flooding

Cause: Floods are caused by heavy rainfalls, thunderstorms, or snow thaws that create an overflow of water from rivers and other bodies of water.

Effect: Most floods occur over a span of several days. Flash floods, however, can develop within minutes and are caused by dam failures or large storms occurring over a short period of time. Both types of flood can destroy buildings and equipment, cause water damage to structure and contents, result in power failures, damage roadways, and cause human injury or death.

Where and When: Flooding can occur almost anywhere, although the degree of flooding will vary depending upon exact location and proximity to volatile bodies of water.

The issuance of a flood watch means a flood is possible in the projected area. A flood warning signals that a flood is already occurring in the designated area or will strike soon. Businesses should also be cognizant of whether they are located in a flood plain - an area near a river formed from sediment deposited by past floods - as it will increase the likelihood that they will be affected.

Mitigation Measures:

Research your community's flooding history, and determine whether your business is located in a flood plain.
Calculate your facility's elevation in relation to surrounding rivers, streams, and dams.
Consult with insurance company about purchasing flood insurance.
Consider flood proofing your building via permanent, contingent, or emergency flood proofing methods. Permanent flood proofing measures include reinforcing walls to endure water pressure and building floodwalls outside the building. Installing watertight doors and permanent pumps are some contingent measures, while emergency flood proofing includes building walls with sandbags and participating in community flood control efforts.
Identify which records and equipment need to be moved to higher office locations or removed from the building entirely.
Ensure access to records and data stored off site.
Provide suppliers with key company contacts who can answer questions and provide updates.
Make arrangements with a professional restoration company to handle clean-up and recovery.
Create an evacuation plan, including transportation from the site, to avoid confusion among employees leaving the facility.
Structure a communication process for employees to follow so they know when to return.
Contact hot site vendor if anticipating a move to make sure the location is ready.
Alert clients of your move.
Monitor television and radio broadcasts for flood watches, warnings, and updates.

After the Incident:

Keep abreast of current flood conditions via news broadcasts.
Return to the facility once it's safe to re-enter. Avoid further damage by not turning on lights or computer equipment.
Tour the facility to assess damage. Contact insurance provider once all information and photos are collected to determine what's covered.
Enact communication plan, telling employees when to return to work and what roadways to use if any are still blocked or were severely damaged.
If the company relocated, make sure all systems and operations at the facility are running before returning.
Notify clients of your return.
Check with the government agencies to see if your company is eligible for financial assistance.
Make all minor repairs -- such as mopping up areas that have minimal amounts of water and blocking off areas that aren't functional -- to guard against further damage.
Contact vendors for major repair work.

High Winds

Cause: High winds can be associated with hurricanes, or wind shears, or pressure differentials.

Effect: The effects of high winds can be devastating. There likely will be widespread property damage. There may also be loss of services such as power and water. There may also be loss of life.

Where and When: High winds can occur almost anywhere, although the severity will depend on geographical location. Other things such as flooding can accompany high winds.

Immediate Response:

The Physical Security Team Leader should guide and assist in moving employees and clients to a safe place, such as inside a hallway.

It may not be safe to leave the building during the high winds. Stay away from glass, such as windows and mirrors. Get under a piece of sturdy furniture and use your arms to protect your head and neck.

as time permits:

End any jobs running on CRT's or PC's and sign off.

Any equipment not attached to the UPS should be unplugged.

All tapes and diskettes should be placed in a fireproof safe.

IS Personnel should power down the systems and the UPS (Computer Room).

Check all non-working areas to make sure all personnel have been alerted (canteen, rest rooms, etc.).

If necessary, when it is safe, evacuate the building. Go to the Designated Meeting Place and wait for further instructions.

At the Designated Meeting Place, the DMP Supervisor will attempt to account for all personnel.

If people have been injured, contact medical help and contact the Team Leader of the Emergency Response Management Team .

Mitigation Measures:

Research your community's high winds and flooding history, and determine whether your business is located in a flood plain.
Consult with insurance company about purchasing wind insurance.
Consider wind proofing your building via permanent, contingent, or emergency wind proofing methods. Permanent wind proofing measures include reinforcing walls to endure wind and water pressure and building floodwalls outside the building. Installing watertight doors and permanent pumps are some contingent measures, while emergency flood proofing includes building walls with sandbags and participating in community flood control efforts.
Identify which records and equipment need to be moved to higher office locations or removed from the building entirely.
Ensure access to records and data stored off site.
Provide suppliers with key company contacts who can answer questions and provide updates.
Make arrangements with a professional restoration company to handle clean-up and recovery.
Create an evacuation plan, including transportation from the site, to avoid confusion among employees leaving the facility.
Structure a communication process for employees to follow so they know when to return.
Contact hot site vendor if anticipating a move to make sure the location is ready.
Alert clients of your move.
Monitor television and radio broadcasts for weather watches, warnings, and updates.

After the Incident:

Keep abreast of current weather conditions via news broadcasts.
Return to the facility once it's safe to re-enter.
Tour the facility to assess damage. Contact insurance provider once all information and photos are collected to determine what's covered.
Enact communication plan, telling employees when to return to work and what roadways to use if any are still blocked or were severely damaged.
If the company relocated, make sure all systems and operations at the facility are running before returning.
Notify clients of your return.
Check with the government agencies to see if your company is eligible for financial assistance.
Make all minor repairs to guard against further damage.
Contact vendors for major repair work.

Loss of Records

Cause: A records loss can occur as a result of man-made or natural causes. Fires and floods can wipe out thousands of records simultaneously, while employees can mistakenly erase computer files and destroy documents. Power outages, file corruptions, and computer viruses can all cause electronic data to disappear.

Cause: Losing records can devastate a business. If pertinent documentation - such as financial records or sales orders - is lost and can not be replaced, a company could face a loss of business. A records loss may also have legal repercussions, as customers, business partners, and suppliers try to collect on payments, products, and services.

Where and When: Safeguarding important company records and documentation is crucial to corporate survival. Paper, computer disks, tapes, and other media often contain irreplaceable information. Many businesses would not be able to function without this data. A records loss can occur intentionally, such as with an arson or sabotage attempt, or unintentionally, as the result of a mistyped computer command, or human error.

There is no way to determine when a records loss will occur. Realizing that the loss place is another concern. While a large records loss will be immediately apparent, the loss of a single file or computer document is more subtle. This loss typically will not be discovered until the document or file is needed, which may be days or even months after the loss occurred.

Mitigation Measures:

Create a comprehensive filing system to organize documents.
Identify and prioritize all records, eliminating those no longer used.
Educate employees on proper deletion procedures for computer documents.
Create backup copies of all appropriate paper and electronic documents.
Research and select an off-site storage facility. Ask about storage methods, facility locations, security, access, climate control issues, classification/labeling procedures, and transfer of documents to the site.
Install fire safety equipment and alarms.
Purchase fire-resistant safes and filing cabinets for on-site storage.
Keep track of employees that have authorization to access classified documents.

Questions to Ask: The following checklist reflects NARA (U.S. National Archives and Records Administration) regulations and recommended practices for the development and implementation of Federal records disaster mitigation and records recovery programs. Companies and government agencies may find it useful in evaluating their records management procedures for vital records.

Contingency Planning

Have appropriate personnel, including the records officer, program officials, the emergency coordinator, facilities managers, and safety/security personnel, assessed the potential risks to the operations and records?
Has the company determined which of its functions are most critical and would need to be continued if an emergency or disaster struck the agency?
Has the company identified those functions or activities that most impact the rights of the agency and the individuals directly affected by its actions?

Vital Records Program

Has the company prepared and disseminated written information to appropriate company staff, describing the vital records program, including the responsibilities of various company officials?
Has the company assigned a staff member responsibility for managing the vital records program and coordinating it with other appropriate staff?
Have liaison officers been delegated responsibility for implementing the program in the company's field offices?
Has the company identified its vital records, i.e., its emergency operating records and records needed to protect legal and financial rights?
Does the company make copies of the vital records for offsite storage?
Does the company store duplicates at a remote location not subject to the same fire or other risks (such as high-risk geographic areas prone to flooding or earthquakes) present in storage areas where original records are kept?
Are company personnel trained in their vital records responsibilities?
Does the company conduct a periodic review of its vital records plan and update it to ensure that it is current, complete, and usable in case of emergency?
If special records (such as electronic information systems or microform records) are designated as vital records, have provisions been made for access to the equipment needed to use the records in the event of an emergency?

Records Protection

Has the company established protective measures for all its records?
Has the company given special attention to the protection of its vital records, regardless of the media on which these are maintained?

Records Recovery Program

Has the company prepared a written issuance establishing a records recovery program and disseminated it to appropriate company staff?
Has the company designated an official responsible for the records recovery program?
Has the company designated a records recovery team?
Has the records recovery team been trained?
Has the company developed a list of records recovery consultants and reviewed it periodically for accuracy?
Does the company maintain supplies and equipment required to recover records damaged in an emergency or disaster?
Does the company conduct a periodic review of the records recovery plan and update it as necessary?

After the Incident:

Upgrade fire equipment and alarm systems if necessary. Inspect on a regular basis.
Contact off-site storage vendor. Obtain copies of documents that were affected.
Maintain filing system. Conduct periodic checks to ensure system is running properly.
Consult a restoration service provider about document drying/restoration procedures for records damaged by fire or flood.
If an individual act caused the record loss, try to assess whether an employee or external source is responsible.
Confer with MIS director immediately after an accidental computer deletion to determine if data can be retrieved.
Contact a data recovery specialist.

Power Outages

Cause: Power outages are the most common cause of business interruption. Outages can be the result of a natural disaster, such as a flood, or events like car accidents and fallen tree branches. Power can be lost for minutes, hours, or days. Businesses must also plan for power-related incidents such as brownouts, surges, and spikes.

Effect: Computer data could be permanently lost if not properly saved before an outage. Lighting, telephones, and equipment will also be down, which could threaten employee safety and halt communication and production processes. Electric power is critically important to the continued operation of any organization.

Where and When: A business can lose power at any given moment anywhere in the world. Power outages occur more frequently than most interruptions primarily because there are numerous contributing factors, such as thunderstorms, electrical shorts, and overloaded circuits. The length of an outage depends on which power lines have been affected, and whether these lines have caused a partial or complete power loss.

Power fluctuations may cause equipment to power off. Equipment that is attached to the UPS will prevent this situation.

Power outages will eventually result in the power down of all equipment even if it is attached to the UPS. The UPS is not designed for extended alternate power support. Rather, the UPS is designed to keep power up long enough to allow for a normal power down.

Power outages of 1 hour or longer may require different operations. As soon as a power outage of 1 hour or longer duration occurs, the Facilities Manager should contact the power company to try to determine the length of the outage. If the outage is less than 24 hours, operations may be suspended until the power returns. This must be determined by Senior Management.

Power outages, which will extend beyond 24 hours, may require a Disaster Declaration.

Mitigation Measures:

Purchase generators to serve as backup power sources.
Purchase uninterruptible power supplies, which provide interim power to safely shut down computers and other machinery.
Stock flashlights and batteries. Position these strategically throughout the facility.
Supply key personnel with cellular phones and/or beepers to continue communication.
Save computer data regularly and store backup copies off-site.
Install illuminated exit signs.
Buy battery-operated radios.
When possible, distribute work and reroute calls to alternate locations to stay on schedule.
Relocate employees to an alternate site if appropriate.
Compile a list of important telephone numbers, including the local utility provider, clients, and business partners. Update list regularly.
Determine the status of deregulation in your state. Involve businesses in decision-making by contacting legislators. Learn deregulation terminology.

After the Incident:

Determine whether the outage is specific to your building or a widespread problem.
Turn off computers and equipment so an overload does not occur when power is restored.
Monitor radios for updates on conditions and power restoration schedules.
Assess whether more power supply products should be purchased.
Obtain backup copies if working off-site and/or if computer data was lost.

Product Tampering

Cause: Product tampering can occur by industrial terrorists or by disgruntled employees. In some cases, small quantities of food have been contaminated with foreign objects or nonlethal contaminants. In faked or staged tamperings, which are far more common than true tampering, someone contaminates a product to give the appearance that his or her household has been the victim of a random tampering. Cases have included children and adults imitating news stories or desperately seeking attention; criminals scheming to defraud pharmaceutical companies; food processors, or insurance companies' security guards seeking to impress their supervisors with their vigilance; and several suicides in which people hoped to gain money for their estates and conceal the true manner of death. In product extortion cases, an offender threatens to tamper with a product if his demands (usually for a large sum of money) are not met. More common than any of these crimes are suspected tamperings, in which a consumer complains that packaging has been compromised, that a product appears unusual, or that some symptom appeared after a product was consumed. Common irregularities in packaging or product appearance often underlie these complaints.

Effect: There are several possible explanations for increased tampering complaints following widespread publicity. Analysis has indicated that some of the increase reflects legitimate complaints about product defects that do not concern tampering. These complaints involve cuts in packaging caused by careless opening of cartons in retail stores, burns on package seals created by the packaging machinery, or packages containing too little of the product. There is no reason to believe that the true rate of product defects of this sort bears any relationship to news stories about tampering.

Tampering offenses:

impose mental health costs on consumers by creating a climate of fear, arousing suspicions, and decreasing the subjective sense of personal security. The low objective probability of harm is no comfort to consumers; the invisibility of the hazard, the apparent randomness of victimization, and the perception that they are not in control of the risk all lead consumers to grossly overestimate their risk.
cause an increase in the number of faked or staged tamperings. Many people have fabricated complaints about tampering, particularly following widespread publicity. In some instances the primary motive was to gain notoriety in the local press or to try to sue a manufacturer.

Where and When: This offense can occur wherever products and services are sold to the public in large numbers.

Mitigation Measures: Have a plan in place, in conjunction with the legal department to quickly respond to this type of incident. Install equipment to tape incoming phone calls. Install of Caller ID, the technology that lets a company instantly know the caller's name and location

For plans in the U.S.: Call the FDA. Call the FDA's director of emergency epidemiology operations in Rockville, Maryland. They have created a centralized operation that coordinates action among the company, news organizations, trade associations, the FBI, local law enforcement agencies and a variety of public health officials. If the threat is made against a U.S. company, the FDA maintains a 24-hour emergency service to handle marketplace terrorism. In the case of overseas threats, the FDA works with Customs Department, the U.S. Department of Counter-Terrorism and the Justice Department to manage the situation. The FDA is the lead agency in this area. The company should notify the FDA and the FBI that there is a problem with tampering, but the journalist should still call government agencies because different agencies handle different parts of the story. The FDA is in charge of testing products threatened by marketplace terrorists. Companies often test their products as well. Reporters can talk to research people at either the FDA lab or a company lab. The FDA has a threat assessment database designed to track tampering threats. Its information can be obtained by Freedom of Information requests.

Call the FBI. The FBI's Behavioral Science Services Investigative Support Unit is in the Center for the Analysis of Violent Crime. This unit, in Quantico, Virginia, profiles terrorists, serial murderers and other violent criminals. It is staffed with top behavioral scientists. Its background profile information gives depth to stories on marketplace terrorism. The center's Behavioral Science Profiling unit is excellent for interviews or background information about motivations behind these crimes. It also focuses on prosecution. Under the 1983 anti-tampering legislation, the FBI is responsible for prosecuting people charged in tampering threats and incidents. As incidents move from marketplace terrorism to other types, the FBI is a good source of information for statistics on prosecution. .

After the Incident:

In order to show concern to the general public, respond with your side of the story within 24 to 48 hours of a crisis.

Provide broadcast journalists visual evidence of action the company is taking for the safety of the public.

Don't speculate. Report the facts.

Demand responsible reporting from journalists.

Be open with the media, but be brief.

Employ high-tech solutions like decision-aiding software and computerized threat assessment to secure information quickly. Then use global news conferences when they are needed.

Advice from Security Experts The reporting of product tampering incidents should not to be instructive to current or future perpetrators. It is suggested that company spokespersons:

Provide essential, accurate information.
Combat the spread of rumors.
Avoid premature or unnecessary publicity.
Play down the incident as much as possible.
Express confidence in those charged with handling the case.
Discourage media contact with friends and family of victims, because even a seemingly unimportant remark could damage negotiations.
Avoid inflammatory language in press statements because kidnappers may well have access to newspapers, radio, and television.

Storm Advisory

Cause: In case of a Storm Advisory, the Operations Manager is responsible for monitoring weather forecasts. If it appears that the storm intensifies, the Emergency Response Management Team will be convened to assess the danger and evaluate the probable intensity.

Effect: The effects of high winds can be devastating. There likely will be widespread property damage. There may also be loss of services such as power and water. There may also be loss of life.

Where and When: High winds can occur almost anywhere, although the severity will depend on geographical location. Other things such as flooding can accompany high winds.

Immediate Response:

The Physical Security Team Leader should guide and assist in moving employees and clients to a safe place, such as inside a hallway.

It may not be safe to leave the building during the storm. Stay away from glass, such as windows and mirrors. Get under a piece of sturdy furniture and use your arms to protect your head and neck.

The following must be verified:

Operability of the Hurricane Shutters

Security of the building - windows, doors.

Movement of all furniture and equipment from glass windows in the building.

Make a video tape of the interior and exterior of the facility and property. (This often saves hassles when dealing with insurance companies.) Describe items as you film.

The availability of the following supplies : computer covers; First Aid equipment; purchase/stock upon water, toilet paper, soap, coffee, tea, sugar, sleeping bags, etc; Deisel oil or battery for the generator; tapeline; plywood for ATM sites.

Operability of the generator.

Stationery supplies (check and restock a minimum one month’s supply).

Operability of the UPS

Emergency preparedness meeting with staff.

Accessibility of documentation (NBD policies, procedures, manual processing procedures)

Employee Lists (name, telephone #, contact person, address)

Cell phones operable

Adequacy of cash, travelers cheques, cheque books

Vehicle fuel

Listing of vendors and contact information

Reassignment of Vault keys and combinations.

as time permits:

End any jobs running on CRT's or PC's and sign off.

Any equipment not attached to the UPS should be unplugged.

All tapes and diskettes should be placed in a fireproof safe.

IS Personnel should power down the systems and the UPS (Computer Room).

Check all non-working areas to make sure all personnel have been alerted (canteen, rest rooms, etc.).

If necessary, when it is safe, evacuate the building. Go to the Designated Meeting Place and wait for further instructions.

At the Designated Meeting Place, the DMP Supervisor will attempt to account for all personnel.

If people have been injured, contact medical help and contact the Team Leader of the Emergency Response Management Team .

Mitigation Measures:

Research your community's storm history.
Consult with insurance company about purchasing strom insurance.
Consider storm proofing your building via permanent, contingent, or emergency wind proofing methods. Permanent wind proofing measures include reinforcing walls to endure wind and water pressure and building floodwalls outside the building. Installing watertight doors and permanent pumps are some contingent measures, while emergency flood proofing includes building walls with sandbags and participating in community flood control efforts.
Identify which records and equipment need to be moved to higher office locations or removed from the building entirely.
Ensure access to records and data stored off site.
Provide suppliers with key company contacts who can answer questions and provide updates.
Make arrangements with a professional restoration company to handle clean-up and recovery.
Create an evacuation plan, including transportation from the site, to avoid confusion among employees leaving the facility.
Structure a communication process for employees to follow so they know when to return.
Contact hot site vendor if anticipating a move to make sure the location is ready.
Alert clients of your move.
Monitor television and radio broadcasts for weather watches, warnings, and updates.

After the Incident:

Keep abreast of current weather conditions via news broadcasts.
Return to the facility once it's safe to re-enter.
Tour the facility to assess damage. Contact insurance provider once all information and photos are collected to determine what's covered.
Enact communication plan, telling employees when to return to work and what roadways to use if any are still blocked or were severely damaged.
If the company relocated, make sure all systems and operations at the facility are running before returning.
Notify clients of your return.
Check with the government agencies to see if your company is eligible for financial assistance.
Make all minor repairs to guard against further damage.
Contact vendors for major repair work.

Winter Weather

Cause: Winter, which typically spans from November to March in the Northern Hemisphere, is generally regarded as the coldest season of the year. The weather associated with winter is best known for its low temperatures which, coupled with precipitation, can provide for dangerous conditions. The most common dangers include severe snowfalls, ice, and snowdrifts, as well as potential flooding once snow begins to melt.

Effect: Excessive amounts of winter weather conditions can prove devastating. Primary concerns include the potential loss of heat, power, telephone service and a shortage of supplies if storm conditions continue for more than one day. Your business may also have to deal with the inability of employees to get to work due to icy conditions or unplowed roadways.

Where and When: Winter weather can and does occur almost anywhere across the United States, Canada, and Northern Europe. The degree of severity will vary depending upon exact location and proximity to the equator.

A winter storm consists of heavy snow accumulations as well as a mixture of ice, snow, and wind. A winter storm watch is issued 12 to 48 hours before the onset of a winter storm. This "watch" means that there is the potential for dangerous winter weather. In more severe cases, a winter storm warning is issued up to 24 hours prior to a storm that is expected to bring dangerous weather conditions. The issuance of a winter storm "warning" means that conditions are presently occurring or there is an extremely high probability that they will occur within the estimated time frame.

Mitigation Measures:

Keep flashlights, first-aid kits, an emergency heating source and appropriate fuel, and a battery-operated radio on hand.
Stock water and non-perishable food items.
Buy uninterruptible power supplies and a generator.
Create emergency communication plans. If considering rerouting calls, determine how it would be done and where the calls would be received.
Have computer data backed up offsite.
Decide which weather conditions will warrant early dismissals or closings and develop employee notification procedures for these events.
Determine if it is necessary to contract private services for snow plowing.

After the Incident:

Have snow removed from walkways and parking lots.
Tour building to assess damages.
Update employees on conditions through appropriate company contacts.
Determine whether the company should temporarily move to its alternate site.
If telephone lines are down, make sure calls have been rerouted properly.
Inform suppliers, customers, and business partners of the company's status.
Revise contingency plans as needed.

Workplace Violence

Cause: Violent or aggressive acts can adversely affect productivity by lowering morale, increasing absenteeism, creating conflict between labor and management, and increasing the rate of personnel turnover.

Effect: Workers who feel threatened are less focused and more prone to injury and illness. Violence in the workplace also diverts company resources with demands for increased security measures, workers' compensation, training, crisis response, and/or litigation.

There are six common types of violent offenders: 1. strangers, 2. customers, 3. murderous workers, 4. threatening workers, 5. spouses or lovers, and 6. individuals who are infatuated with or who stalk employees.

The typical offender is a male at least 35 years of age who has a past history of violent behavior, is mentally ill and a substance abuser, belongs to groups that condone the use of violence, and is interested in guns. This type of person often feels mistreated by "the system," files trivial grievances, and brags to co-workers about harmful intentions. When the offender snaps, it is usually in the wake of a crisis.

Where and When: The triggering of workplace violence can be attributed to personal or societal pressures or to job-related factors such as workload overload, downsizing/elimination of positions, outsourcing, workforce relocation, or replacement of permanent employees with temporary hires.

Companies at especially high risk for violent incidents are those that have recently experienced a significant reorganization or restructuring, enacted a notable change in senior management, demanded a higher level of performance from employees, increased the gap between the highest and lowest levels of pay, or experienced a worsening of morale or relations with organized labor.

Other factors associated with a high incidence of workplace violence include inadequate training programs and unclear policies and procedures regarding stress, substance abuse, and violence; insufficient background screening; poor communication to employees regarding company strategies and initiatives; general organizational instability; poor performance review procedures; lax or arbitrary enforcement of rules and procedures; ineffective physical security; and lack of programs to maintain ethics and increase the acceptance of diversity.

Mitigation Measures:

Investigate workplace violence histories and identify current conditions or changes that might spark violent reactions.
Carefully screen prospective employees. Beware of employment history gaps. Consider police record and felony conviction checks as well as drug testing.
Create a pleasant working environment. Treat people with respect. Give employees the opportunity to vent frustrations and to discuss ideas and solutions.
Assess current workplace violence and associated policies involving such matters as drug abuse and harassment. Make changes based on past record, security assessment, and current working conditions. No matter what the particulars, be sure to establish a zero-tolerance policy.
Educate employees on acceptable workplace behavior and on precautions they can take, including walking in pairs to parking areas after dark, wearing ID badges, and cooperating with security personnel.
Assess security policies, procedures, and needs. Improve accordingly. Limit/control access to the facility with security guard service, card access system, closed circuit TV monitoring, etc.
Address office layout, especially for human resources personnel responsible for dismissing or disciplining problem workers. Ensure that exit/escape routes are accessible and clearly marked.
Institute a formal process for employees and management to follow for reporting co-workers suspected of potentially violent behavior. Include a mechanism for tracking threats and incidents of violence.
Provide counseling and early intervention services via an employee assistance program (EAP).
Train employees and supervisors on how to handle violent situations should they arise.
Establish an emergency response and crisis management team that can be called in quickly to provide counseling and tend to such priorities as clean-up and media interaction.

After the Incident:

Contact appropriate authorities and secure the area.
Keep employees away from media by designating a single spokesperson and segregating the press in an area away from the crime scene.
Provide counseling and support for employees who may be traumatized, as well as for their families.
Be honest and open with employees. Talk about the incident, and reinforce the company's commitment to a safe work environment.
Communicate with customers.
Perform a thorough, objective investigation of what happened and why. Take appropriate corrective measures.
Consult legal counsel.

Requiring Long-Term Planning

Business Location

Cause: Relocation may be an effort to increase or decrease workspace, allow a new start after a natural disaster, or be financially prudent. Regardless of the circumstances, a business must prepare for a move in order to achieve a smooth transition.

Effect: Handled incorrectly, relocation can quickly turn chaotic, resulting in lost materials, inoperable telephone lines and lights, and disoriented employees.

Where and When: Any business can relocate within the same town or to another state or country. Compelling reasons such as financial concerns or space constraints typically prompt a move. Whatever the reason, the decision to relocate is often a long process that takes months of planning, while the actual move may take only hours or days.

Mitigation Measures:

Provide new contact information to business associates.
Inspect new facility. Ensure carpeting and painting are complete prior to move.
Assess new geographic vulnerabilities.
Create a floor plan, detailing placement of furniture and supplies. Designate an employee to supervise movers, using the floor plan as a guide.
Make a checklist of materials to be shipped.
Contact shipping and moving companies about services, pricing, and time specifications.
Contact telephone service providers to make sure lines are installed and configured correctly.
Call utility provider to designate new power specifications.
Coordinate efforts between service providers and staff to have computer lines, programs, etc. installed at the new location.
Order supplies in advance.
Arrange for garbage pickups.
If moving to another state or country, work with a relocation agency on employee housing.
Designate a staff member as an employee contact to field questions.
Notify business partners and service providers. Determine how the move will affect these relationships.
Alert customers via advance telephone calls or mailings.
Have mail forwarded.
Determine if it is necessary to relocate records stored offsite.

After the Incident:

Follow up with customers and business associates.
Ensure that telephone, power, and computer services were successfully implemented.
Use a checklist to see if all shipped materials arrived. Contact shipping company concerning missing items.
Conduct a walk-through with previous landlord to be sure all items were removed and to verify facility condition.
Keep employees and business partners abreast of important developments.
Establish methods to safeguard against geographic vulnerabilities.
Determine appropriate police, fire, and emergency management contacts.

Earthquakes

Cause: Caused by underground volcanic forces or by the breaking and shifting of rock beneath the surface, earthquakes are sudden ground motions that may result in surface faulting, shaking, and failure.

Effect: With significant quakes, the greatest threat to employee safety comes from falling objects, broken glass, and structural failures. Depending upon the severity of the earthquake, proximity to the epicenter, surrounding environment, and construction materials and techniques, buildings are also at risk.

Severe earthquakes can destroy power and telephone lines as well as gas, sewer, and water mains. Resulting damage may induce fires and hinder firefighting or rescue efforts. Earthquakes may also trigger landslides, rupture dams, and generate seismic sea waves called tsunamis.

Where and When: Earthquakes can strike any location, but are more apt to occur in regions located within the three earthquake belts -- the circum-Pacific seismic belt, Alpine, and mid-Atlantic Ridge. The belt with the most earthquake activity is the circum-Pacific, which is found along the rim of the Pacific Ocean and includes the West Coast of the United States. The Alpine runs from Java to Sumatra through the Himalayas, Mediterranean, and into the Atlantic Ocean. The mid-Atlantic Ridge extends underwater from the Arctic Ocean to beyond the southern tip of Africa. However, earthquakes can occur outside of these areas.

In the U.S.:

Earthquakes occur most frequently in the United States in states west of the Rocky Mountains, but the most violent quakes have occurred in the central U.S. The two states that have experienced the most earthquakes are Alaska and California; Florida and North Dakota have experienced the fewest.

Wide areas of the United States are prone to earthquakes, thousands of which occur each year. Most, however, are too small in magnitude to be felt by humans. Although earthquakes occur most frequently in states west of the Rocky Mountains, the most violent ones historically have occurred in the central U.S.

High seismic activity puts California at especially high risk. Other highly vulnerable areas include Charleston, SC, and the central U.S. New Madrid Seismic Zone in Missouri, both of which were devastated by earthquakes in the last century. Intraplate earthquakes -- shocks within the interior of the crustal plates are less common and more typical of the quakes that occur in the eastern United States. While earthquakes are relatively infrequent in this region, a significant one in the eastern states could cause more damage than it would in California due to geographic differences, more lenient seismic construction codes in the east, and a general lack of awareness and preparation.

Mitigation Measures:

Determine if your facility is located in an earthquake-prone area.
Make sure your building is structurally sound. Repair any cracks in walls and ceilings.
Secure computers to desktops with restraining materials such as elastic cords, chains, or cables.
Obtain the products/services of all necessary business continuity providers (i.e. records storage, restoration, alternate site).
Purchase first aid materials, emergency supplies, and portable radios.
Fasten bookcases and shelves to walls.
Check into earthquake insurance coverage.
Install seismic switches for automatic equipment shutdown.
Teach employees earthquake safety procedures.
Structure emergency communication procedures. Alert workers of key personnel contacts.
Establish contacts at fire, police, and emergency services departments/offices.
Conduct an earthquake drill.
Research seismic information about your region in order to accurately assess your risk.
Investigate earthquake insurance coverage.
Assess potential for damage to structural and nonstructural elements. Develop mitigation and emergency response measures accordingly.
To prevent equipment and furniture toppling, move heavier items to lower storage shelves; brace racks; secure cabinets and light fixtures, tall furniture, and desktop equipment including computers.
Store hazardous chemicals according to appropriate guidelines.
Identify piping vulnerable to snapping; provide a clearance allowance around these pipes using flexible couplings or flexible piping.
Install seismic switches that will shut down major equipment automatically.
Plan for a backup power source to be in use.
Inventory critical supplies and establish vendor agreements for post-earthquake operations.
Explore mutual aid agreements.
Store vital records off-site, including copies of design drawings for use in assessing facility's safety after an earthquake.
Review building codes to ensure current compliance. Upon inspecting your facility, a structural engineer may recommend adding steel bracing or sheer walls to frames, strengthening columns and foundations, and replacing unreinforced brick filler walls.
Assemble and train emergency teams covering all shifts.
Provide company-wide employee education and training programs, including periodic drills.
Delineate primary and alternate evacuation routes, and establish a safe personnel assembly area.
Specify means of communication with employees and customers -- hot line, media advertisement, etc.
Stock survival and emergency response kits including water, food, first aid materials, radios, flashlights, heavy gloves, and sanitation supplies.
Establish a plan for handling missing persons inquiries and searches.

After the Incident:

Be ready for aftershocks.
Locate all employees. Assist those injured.
Listen to portable radios for updates.
If possible, make temporary fixes to continue business.
Contact local fire, police, and emergency personnel.
Inspect facility. Take photographs for insurance purposes.
Prohibit access to areas deemed unsafe.
Contact all continuity service providers needed.
Determine if a temporary relocation is necessary.
Update customers, suppliers, and other business partners on company's status and progress.
Do not try to use equipment that appears damaged.
Conduct a comprehensive facility survey in coordination with local authorities and insurance underwriters.
Itemize structural, nonstructural, equipment, utility, and communications systems damages. Include photographs.
Identify need for contracted services, labor, and material for repair and restoration. Estimate repair costs and recovery schedules.
Establish temporary on-premises dump sites for debris.
Remove hazardous materials and activate decontamination procedures if necessary.
Ensure that fire protection systems are functioning.
Notify utility companies of the extent of damage and service disruption. Request restoration to minimum operating levels.
Post relocation addresses and phone numbers of alternate sites.
Inform the public of revised service hours, location, and changes in services or procedures.
Keep personnel and customers apprised of recovery progress.

Multi-Tenant Facilities

Cause: The establishment of a business in an office building or office park may signal its initial startup, expansion, or downsizing. Moving into a facility where your business is one of multiple tenants - instead of the owner or sole occupant - has risks as well as rewards.

Effect: While a multi-tenant environment may allow your company to take a hands-off approach to building maintenance and repair, it's smart to know who is responsible for such tasks and to familiarize yourself with the policies and procedures by which those responsible are governed. Ignorance, combined with a complacent approach, could result in downtime, physical damage, strife with neighboring tenants, and a strained relationship with the landlord, owner, or property manager.

Where and When: Office buildings housing multiple tenants are everywhere you look; office parks are common as well. Many businesses find the flexibility of these arrangements appealing. But with flexibility comes fluidity; neighboring businesses, property owners, and policies can change with little or no notice. That leaves tenants vulnerable.

While it is difficult to plan for and protect your own business from threats, companies located in multi-tenant sites must also consider those threats posed by their neighbors. A fire next door or a security breach on the next floor isn't just your neighbor's problem; it's your problem too. And if the crisis stems from your business, it's your duty to notify your neighbors as well.

Mitigation Measures:

Tour the site with your facility or security specialists. Address concerns as they arise and compile a list of follow-up issues.
Ask for a list of key facility contacts and incorporate them into contingency plans. Get to know those responsible for maintenance and security.
Solicit property manager, landlord, and other building authorities' input for contingency plan development.
Investigate the facility's contingency plans, including security, fire, and emergency response preparations. Are plans required of all tenants? Are they integrated and coordinated?
Determine what type of security system is installed. If upgrades/additions are necessary, reach an agreement with the landlord in advance.
Read the lease thoroughly. Ensure that it supports your response and recovery plans, including provisions for locating a mobile recovery unit on-site if necessary.
Inquire into space availability and the feasibility of future expansion.
Address geographical hazards to which the facility is vulnerable.
Pinpoint and mark all building entrances/exits.
Discuss accessibility to the building on weekends, after business hours, and during and after a crisis.
Interview current and former tenants. Is maintenance reliable? Was there ever a need for emergency response, and if so, what was the result?
Foster amicable relationships with neighboring tenants. Offer planning assistance to those in need.
Test contingency plans, fire alarms, and security systems. Invite neighbors to join in contingency plan exercises.

After the Incident:

Alert authorities, building officials, and neighboring businesses to your crisis.
Conduct a damage assessment.
Fixed damaged areas as soon as possible.
Install additional security/fire equipment if deemed necessary.
Determine if relocation within the building/park is possible during repairs.

Human Error During Disaster

Cause: The human factor of a disaster recovery plan is uniquely vulnerable in that humans, unlike computers, telecommunications equipment, and power supplies have unique, individual responses to disaster situations. That makes human error during crisis response and subsequent recovery one of the most challenging threats for which to prepare or plan.

Effect: Prominent post-disaster cognitive responses include disorganization and sluggishness in thinking and decision-making, confusion/uncertainty, lack of awareness of immediate events, decreased concentration, racing thoughts, hypervigilance, exaggerated startle response, narrowing of attention, and inability to delimit attention.

Emotional responses involve intense feelings including fear, rage, depression/sadness, euphoria, panic, reckless sense of invulnerability, and generalized anxiety or feelings of despair. Reactions can range from emotional outbursts to simple inability to feel at all.

Any one or combination of these reactions put employees at risk of jeopardizing their health and safety or your business' potential recovery.

Where and When: Unlike natural hazards, the threat of human error knows neither geographic nor seasonal boundaries. The success of every business continuity plan rests with the people who design, test, maintain, and enact it.

Mitigation Measures:

Define roles of all employees. Make sure everyone -- from the CEO to the temp answering the phones -- knows what's expected of them during a disaster. Secure in that knowledge, people are less likely to panic.
Training is key to effective personnel response. Employees are apt to carry out assigned duties correctly if they've had time to review, question, and internalize.
Disaster recovery plan testing allows employees to "try out" disaster circumstances, evaluate their potential for panic, and see if actions expected of them are practical and appropriately assigned.
Having experienced a dry run will help employees adjust more quickly during an actual crisis. Be sure to include role-playing scenarios.
Communication networks must be dependable and far-reaching. People who are isolated will feel more at risk, and lack of vital communications links jeopardizes mission-critical messages and crisis decision-making. Make sure call-down lists are updated regularly and include home, office, pager, and cellular numbers.
Employees who are unsure about the well-being and safety of their families in a regional disaster won't report to or remain at work during a crisis. Set up a toll-free number for family connections and provide home-oriented contingency planning information as well as opportunities to purchase emergency supply kits at a discount for home use.
Stock appropriate response supplies, including first aid, search and rescue, and survival kits.
Ensure that employees know where they are and how to use them. Identify employees with first aid, CPR, or other medical/emergency response training.

After the Incident:

During a recovery operation, schedule and manage personnel efficiently. Be careful not to set up conflicting team assignments and time frames, and watch for signs of excessive stress and fatigue.
Even exceptionally good performers reach a point where they no longer can think clearly and are prone to serious error.
Identify "at risk" employees -- those who are deeply affected by traumatic stress. Move them to a safe environment under the care of counselors or friends, and assess the need for professional intervention.
Make all meetings mandatory. It's not uncommon for those who need help most to be the ones least likely to seek it.
Expect and accept a period of uncharacteristic thoughts, feelings, and behaviors among staff.
Violence, harassment, or inappropriate expressions of anger should never be tolerated. But in the aftermath of a crisis, mangers should carefully consider disciplinary action.
Provide on-site counseling and post-incident debriefings through trained trauma intervention specialists.

Hurricanes

Cause: When large amounts of air heat up over the ocean and absorb moisture, conditions are ripe for a hurricane -- typically characterized as a storm with heavy circular wind rotations exceeding 74 mph.

Effect: Fierce rains and strong winds gravitate around the center, or eye, of the hurricane. If they travel inland, hurricanes rapidly lose strength -- but can still cause flooding and massive destruction to businesses and homes, structural and power failures, economic disruption, and injury or death.

Where and When: Hurricanes are predominantly active along the East Coast, particularly in the southeastern most United States and the Caribbean, but can occur anywhere from Maine to Texas. Tropical areas of the western Pacific Ocean, including Hawaii, are susceptible to typhoons, the Pacific Ocean version of a hurricane.

The season usually lasts from June 1 to November 30, with prime activity in August and September.

Mitigation Measures:

Create a checklist to prioritize response. Determine the approximate time frame needed to accomplish tasks and when each should begin.
Have an expert assess your building's structural integrity, including making sure the roof is secure and that walls can withstand high winds.
Be aware of what your business insurance covers and what it does not.
Develop a plan to communicate with employees and their families.
Inform clients and vendors of your plan and provide contact information for key executives.
Keep abreast of weather developments via news and radio broadcasts in order to know when to start taking appropriate action. A hurricane watch means hurricane conditions are possible in the designated area within 36 hours of its issuance. With a hurricane warning, conditions are likely in the specified area within 24 hours.
Tour the office/building thoroughly to identify and secure any items that could fall and be damaged or cause damage.
Move printers, computer terminals, etc. to safe storage areas.
Check the company grounds to ensure that all outside equipment is secure.
Determine which records, files, and other documentation are of primary importance and need to be brought to an alternate site. Check that backup files stored at off-site locations can be tapped into quickly.
Review and test evacuation procedures.
Make sure emergency and medical supplies are stocked and easily accessible to all.
Ensure availability of portable pumps for floodwater as well as temporary power sources, such as generators or gasoline-powered pumps and battery-powered lighting.
Test all fire extinguishers and inspect building sprinkler systems.
Properly secure and board up windows.
If an evacuation is in order, plan for alternate method by which your company can continue "business as usual," whether at a hot site, via telecommuting, etc.
Be certain that employees know what their role is in the process.

After the Incident:

Supply first aid where necessary, but do not remove seriously injured individuals unless, by remaining where they are, they could be hurt further.
Listen to local radio and news broadcasts for additional information.
Activate plan to communicate with suppliers and employees' families.
Check for live power lines, leaking flammable gases, or flammable items in danger of falling.
Determine if water or sewage pipes were damaged.
Use portable pumps to remove water caused by flooding.
Call utility companies to restore services if necessary.
Assess damage to the office, photographing areas/materials for insurance purposes.
If damage is not severe, make quick repairs in order to resume business and safeguard against more damage.
Evaluate how well your business' hurricane plan worked and make necessary modifications.

Industrial Espionage

Cause: Employees and industry competitors are among those most likely to commit espionage. Eavesdropping and "planted" spies are some of the methods used to gather privileged corporate information. Employees may also spy on employers to exact personal revenge or as a means to try to advance within the company or industry.

Effect: Spying can result in proprietary information being "leaked" to outsiders, financial loss, and negative publicity. When espionage is coupled with sabotage, data is often corrupted and equipment damaged.

Where and When: A company typically does not realize it is at risk until after it has been victimized. It is rare for a spy to be caught in the act. Spies can garner information from paper/computer documents, voice mail messages, emails. An individual or business is most likely to resort to spying when there is a personal interest in corporate information/materials, especially in a highly competitive industry where importance is placed on being the first to introduce a new product or service.

A business is more apt to detect espionage quickly if sabotage also took place, such as materials/documents being stolen or tampered with. However, if nothing has been physically removed or noticeably altered, it may take longer to discover the attack.

Mitigation Measures:

Consult an espionage specialist for assistance in implementing security measures.
Install video surveillance cameras and an access control system.
Allow a minimal access to confidential documents. Compile a list of employees with access to restricted areas and those authorized to view classified documents.
Instruct employees not to discuss confidential information.
Require identification from contractors, technicians, and any non-employees. Track arrivals and departures of all visitors and limit visitors to business hours. Allow access to approved areas only.
Use firewalls, passwords, anti virus software, and other protection devices.
Implement stringent passwords/codes on voice mail messaging systems and computer log-ons.
Instruct employees not to disclose passwords and to log-off computers at the end of each business day.
Shred all paper documentation containing proprietary information before discarding.
Keep fax machines in a secured area, allowing only authorized personnel to remove documents.

After the Incident:

Check your facility for listening devices.
If computer data or paper documents were stolen or tampered with, retrieve backup copies for use.
Check surveillance videos, computer records, logs, to assess whether an internal or external party is to blame.
Determine appropriate legal action.
Assess whether upgrades or additions to security systems are appropriate.
Change all passwords and codes.
Consult public relations department to arrange a press conference if necessary.

Labor Disputes

Cause: A labor dispute or strike may occur when a union or group of workers, dissatisfied with one or more working conditions, is unable to reach a satisfactory agreement with employers. Employees may strike due to a conflict with an employer over wages, contract negotiations, hours, work environment, or other factors deemed crucial.

Effect: Businesses unprepared for the consequences of many workers walking off the job for days, weeks, or months face potential production delays, financial loss, resentment from workers, negative press, and/or a temporary or permanent closing.

Where and When: While labor disputes are volatile by nature, they are somewhat predictable. Businesses involved in contract negotiations are those most likely to encounter such an occurrence. Planning for a strike includes developing an awareness of all elements that could cause a walk-out. In most cases, a strike, or the threat of one, is the final course of action workers will use to try to resolve their grievances. Being aware of potential grievances gives businesses an opportunity to resolve differences before murmurs of striking begin.

Employees typically give advanced notice to employers - either through a union representative or other negotiator - that a strike will take place if the two parties fail to come to an agreement. Businesses should use this time to try to reach a compromise to curb the strike, while simultaneously preparing strike contingency plans.

Mitigation Measures:

Assemble a planning committee to coordinate company efforts.
Review strike history to discover past weaknesses.
Contact other branches of the company and independent staffing services to arrange for temporary staffing.
Tour the facility to pinpoint locations that could be vulnerable to unauthorized entry during a strike.
Consult with security firms regarding services they could provide during a labor dispute.
Determine who has access to secured areas and how those areas will be protected during a strike.
Instruct the public relations department in media relations during a crisis and designate spokespeople.
Determine how strike activities are to be documented/logged and by which employee(s).
Consider distributing identification badges with employee photographs and signatures to those who work during a strike.
Designate where employees, contractors, and customers will enter and exit the facility during a strike.
Make sure all mission-critical paper and computer documents are properly backed up and that other valuable equipment and materials are protected.
Warn the local police department of the potential for a strike and discuss strike notification procedures.

After the Incident:

Bring in temporary employees from branch offices or staffing services as needed.
Fix or replace all damaged equipment, windows, etc. as soon as possible.
Hold a meeting with the strike planning committee. Review lessons learned and modify the strike contingency plan.
Review log activities. Keep logs and video surveillance tapes in a secure area for possible use in legal action.
Consult with legal department regarding pending court cases. Provide appropriate documentation.
Keep contractors, business partners, and customers updated on conditions and results.
Critique media coverage of the strike. Have the public relations department assess coverage the company received as opposed to that of striking employees.
If facility vulnerabilities were identified, consider upgrading or expanding security systems.
Meet with police officials to review strike procedures.

Loss of Workforce

Cause: Businesses suffer from a loss of workforce when employees -- whether a single individual relied upon for payroll processing or an entire manufacturing assembly line crew -- are unable or unwilling to report to work. Any number of factors may be attributable, including inclement weather, illness, labor disputes, group travel, work access restrictions, etc.

Effect: The reason for the staffing deficiency will dictate whether fill-in personnel or skeleton crews can maintain business continuity, and whether impact on the company will be short- or long-term.

Where and When: Any business can experience a loss of workforce at almost any time -- sometimes involving the entire company, others times confined to specific individuals, workgroups, departments, or divisions.

Most potential staffing shortages can be anticipated prior to their onset, giving businesses some time to prepare for and minimize the impact. Some planned events, such as a business trip or maternity leave, allow companies to conclude how long employees will be out of the office.

Other workforce losses can arise without warning, with time frames for the resumption back to normal staffing uncertain. The ramifications of many unplanned disruptions, such as a snowstorm or company-wide contagious illness, must be dealt with on a daily or even hourly basis.

Mitigation Measures:

Prioritize critical processes and workflow. Be aware of interpersonal and interdepartmental reliances.
Develop a sense of workforce shortage thresholds -- the minimum staffing required for critical job functions to be executed.
Assess personnel strengths and weaknesses in terms of knowledge, skill, and performance in order to compensate accordingly with skeleton crews.
Have all employees compose thorough job descriptions and procedures manuals specific to their roles and responsibilities. Then, test to see if substitute personnel, guided solely by the documentation provided, can fulfill duties.
Cross-train employees in critical business processes so all personnel can perform multiple job functions when necessary.
Establish a mechanism to borrow personnel from other departments/divisions or branches/facilities within the company. Arrangements can be on a mutual exchange basis, depending on who needs what when.
Arrange for company management to fill in wherever and whenever needed. Include managers in ongoing training sessions to ensure up-to-date skills.
Establish mutual aid programs with local businesses to increase resource pool.
Contact a temporary worker employment agency in advance to ensure availability of qualified support.
Job-seekers with diverse experience often find short-term assignments appealing. Compose a ready-to-run "Help Wanted" classified advertisement for local newspapers. Be aware that submission deadlines may be strict.
Allow ample time for to-be-absent employee(s) to familiarize fill-in personnel with job intricacies, and to prioritize assignments.
Arrange to consult with employees in their absence, ideally with them being accessible to answer questions at any time. Prepare a communications plan to facilitate emergency contacts.
Coordinate a formal company-wide carpool program.
For certain circumstances, arrange for transportation -- either company-supplied or contracted from an outside service -- to shuttle employees to and from work.
Establish home offices for key executives, if not all employees, for telecommuting purposes.
Incorporate a phase-in program for employees returning to work following extended leave.
Adjustment period provides an opportunity for employees to integrate as well as assimilate change.
Institute employee assistance programs (EAPs) and implement succession planning for all levels of personnel.

After the Incident:

Activate communications strategies for employees and management to ensure coordinated notification and response.
Apply available workforce strategically to ensure mission-critical systems continuity.
Where practical, re-assign or reschedule jobs and projects to alleviate workload.
Through equitable division of labor, avoid over-taxing existing resources.
Keep working relations harmonious in what may be tense, stressful times. Encourage spirit of cooperation, camaraderie, teamwork. Be especially tolerant of and flexible with the existing workforce.
Consider flexible work schedules -- having employees on rotating shifts, making their own hours, etc. Consider establishing weekend hours. Make sure appropriate personnel have keys to work sites as well as security clearance.
If necessary and/or feasible, offer incentives such as overtime pay or comp time to personnel who make an extra effort to report to work or who serve long hours.
In the event available personnel would be required to spend long hours on site, ensure adequate food provisions, and possibly sleeping accommodations.
Maintain careful records of employee time on the job. Ensure that everyone expected to report for work is accounted for.
Determine how long temporary employees will be needed and budget accordingly.
Meet with mutual aid partners to make necessary adjustments to agreements concerning shared staffing potential.
Make sure all work done at alternate sites or via telecommuting is transferred to the main office.
Avoid "getting by" day to day. Plan for tomorrow. As a safety net, intentionally over-estimate potential staffing needs in order to guarantee actual requirements will be met.
Keep apprised of anticipated return of workforce -- but don't count on it. Plan for worst-case scenarios.

Negative Publicity

Cause: A newsworthy event at any business in any industry can bring with it bad press or negative publicity. An improperly handled crisis - such as a strike, product recall, or lawsuit - can snowball into a publicity nightmare if the company does not react appropriately. Disgruntled employees, dissatisfied customers, and industry competitors can also prompt unfavorable media coverage.

Effect: Each situation must be handled carefully and immediately. If your response is weak, it could cause a new wave of negative publicity and employee stress, as well as financial and customer loss.

Where and When: Any company can become the victim of negative publicity. Once the media gets wind of a corporate crisis, the onslaught of bad press can occur rapidly if proper strategies are not in place to field questions. Attempting to keep the press at bay until your organization is ready to face them may worsen the situation. Deadline-driven reporters will find other sources to interview, and this information may not be accurate. The longer a company goes without responding, the longer the event stays in the headlines.

Mitigation Measures:

Establish a crisis communications plan.
Consider hiring a public relations firm and/or consultant specializing in media relations.
Support media relations' efforts with input from key individuals and departments.
Research media outlets and find appropriate contacts. Develop relationships with reporters covering your area and/or industry now.
Designate company spokespersons.
Prep spokespersons on how to handle a press conference and interviews.
Determine who will write press release(s).

After the Incident:

Implement a communications plan. Construct a succinct message detailing verified facts. Disperse information immediately via press conference, interviews, etc.
Review press release(s) for accuracy and content. Distribute information through appropriate channels.
Schedule follow-up interviews and press conferences.
Brief employees on the situation and how the organization is handling it. Establish plans for addressing customers, shareholders, suppliers, etc.
Submit letters to the editors to further explain the event.
Assess whether television and/or print advertising is necessary.
Review articles and television interviews to determine if proper message/image is being presented.
Rework corporate statements and messages as needed.
Avoid "No comment." If answers are not immediately known, do the research and get back to reporters.

Pandemic

Cause: A pandemic is a disease that affects people over an extensive geographical area. Examples include smallpox, diphtheria, tuberculosis, the plague, AIDs, influenza, and SARS (Severe Acute Respiratory Syndrome).

Effect: Large numbers of your employees, suppliers, and customers can be infected by a pandemic and, as a result, be unable to work or purchase your products and services.

Where and When: By definition, a pandemic is widespread. As an example, 10-20% of the world's population contracts influenza in any given year, In some years, as many as 25% get it.. 500,000 to one million deaths are caused by the flu annually.

Experts believe another pandemic is inevitable. There will be very little warning and vaccines will likely not be available quickly enough. It will likely occur simultaneously, thus preventing shifts of resources that normally occur with natural disasters.

Mitigation Measures:

Develop an infectious disease plan now.
Surveillance
Vaccination (offer annual flu shots at your firm)
Antiviral delivery
Emergency Response preparation
Communications
Command and Control management structure in place
Supplement existing plans now in place for 'all hazards'
Develop a plan for what to do with a person who suddenly gets ill at work. Do you isolate and mask them until transported ? Do you clean their work area ? Who does it and how ?
Have a supply of N-95 face masks and nitrile gloves in your medical kits.
http://www.hhs.gov/nvpo/pandemicplan - this is a good reference site.

After the Incident:

Dispense with unnecessary meetings and gatherings. Cafeterias, on-site gyms, and day care should be reconsidered immediately
Hygiene Concerns: No shaking hands. Use your own phone when possible. Have antiseptic wipes available
Develop and enact worked quarantine as necessary. Insist that staff who are ill or have symptoms stay home.
Have all phones and hard surfaces cleaned every night with approved disinfectants.
Reorganize your work and workforce immediately.
Immediately offer mental heath assistance - invoke your Employee Assistance Program.

Sick Building Syndrome

Cause: Foreign particles flowing through the air in office buildings, including those from mold or invisible gases, can contribute to Sick Building Syndrome (SBS). While there is no particular illness directly linked to SBS, victims are known to experience dizziness, allergies, colds, headaches, eye and upper respiratory irritation, nausea, fatigue, and other symptoms.

The syndrome should not be confused with humanly contagious employee-sourced illnesses, such as "a 'bug' going around the office," with symptoms consistently felt away from the building as they are in the workplace.

One variable most commonly linked to the occurrence of SBS is indoor air quality (IAQ). Office pollutants fall into four major categories: outside air, building materials and furnishings, equipment, and people and their activities.

Outside air that is polluted from surrounding businesses can travel into one's office through the ventilation system. Equipment such as photo-copiers and printers and the construction or installation of new office materials or furnishings can generate foreign particles and/or cause them to circulate in the air. Employees also contribute to air pollution by passing germs along to coworkers.

Improper ventilation, attributable to a building's heating, ventilating, and air conditioning (HVAC) system inadequately distributing air, is bound to intensify SBS.

Effect: Sick Building Syndrome causes staff to miss time from work. If the problem is sufficiently severe, then the organization will move to another building or even close that office.

Where and When: Related either to an entire structure or a specific section, SBS occurs most often in new or tightly sealed buildings. If the pollutants enter the building's air more quickly than they can be weakened or removed, the workplace environment can become overwhelmed, potentially bringing about SBS.

The situation can be classified as SBS when more than 20 percent of employees complain of symptoms, complaints continue for more than two weeks, and the symptoms decrease in intensity or disappear when employees are away from the building. Symptoms will typically worsen for employees as the day or work week progresses.

Mitigation Measures:

Companies must improve their IAQ by attempting to garner more control over how pollutants enter the building.
Office upkeep, using proper cleaning agents, is critical in keeping pollutants from settling over time.
Some pollutants only become a problem when they build up into excessive amounts. If they cannot be eliminated, such pollutants should be maintained at their minimal levels by ventilating with clean air and applying appropriate exhaust practices.
HVAC systems should comply with ventilation standards and building codes. Companies should try to meet the American Society of Heating, Refrigerating, and Air Conditioning Engineers (ASHRAE) Standard 62-1989. The voluntary standard provides the minimum acceptable ventilation rates and IAQ to avoid adverse health effects. Outside air must be supplied to each office room in the 15 to 60 cfm/person range, depending on the room's use. HVAC systems should be turned on before the workday starts and shut down after all employees leave to get rid of pollutants that may have accumulated during non-working hours. Keep systems clean to reduce the probability of bacteria or mold growth.
Raise ventilation rates when there are activities being performed that will increase the amount of pollutants entering the building (e.g., carpeting installation, painting).
Perform maintenance inspections of HVAC systems on a regular basis to make sure they are working properly. Keep a written record of any problems.

After the Incident:

Once employee complaints are checked into and there is a suspicion that symptoms relate to the office environment, call local and/or state health departments or a private firm having expertise in evaluating the quality of indoor environments.
Try to pinpoint the source of the problem. Evaluate whether it could be related to a specific activity within the building, the outside environment, or ventilation system.
Carbon dioxide testing during the first stages of an IAQ investigation may determine that enough outside air is not entering the building.
Test the air in different locations in the building and at various times.

Staffing Issues

Cause: Staffing concerns are an issue for all businesses. Employee well-being is paramount to a business because employees are what keep the business up and running. Staffing issues can range from employee screening, to staff counseling, to disgruntled workers. There are countless issues that face employees in their day-to-day assignments, and successful employers are those who do not discount or minimize the problems and concerns that challenge staff members.

Effect: Staff-related problems can and will affect all aspects of a business. It is important that companies handle human resource issues smoothly and with good communication. This extends to hiring, promotion, and termination, as well as day-to-day direction of employees. The human side of running a business is something that is often ignored when a company draws up a contingency plan, even though it is one of the most important aspects of a business.

Where and When: A company should be consistent and objective in the processes by which they hire and terminate employees, recognizing that such events also carry an emotional component. It is wise to adopt an employee screening process that not only incorporates an assessment of a candidate's skills, but touches on the goals, priorities, and enthusiasm that the individual will bring to the business. Likewise, termination should always be carried out in a professional manner, regardless of the circumstances.

When a business is hit by a traumatic event, it is important that recovery efforts include allowing employees to recover. Whether the tragedy is a natural disaster, a workplace accident, or the death of a coworker, it is wise for an employer to demonstrate compassion. This includes providing workers time to grieve, offering counseling if appropriate, and resisting the urge to return too quickly to "business-as-usual."

Workplace violence is a serious staffing issue-one that can be especially devastating to a business and its employees. With recent high-profile shootings in the news, violence in the workplace seems to be a troubling trend in corporate America. It can happen anywhere at any time, and it is not just relegated to gunfire and physical abuse, but to any type of aggression. This includes sexual, verbal, and all other type of harassment.

Mitigation Measures:

Question whether your company has an organized, structured protocol to deal with the human element.
Screen employees before they are hired to avoid potential problems.
Make sure there is open communication between employees and management, particularly in the Human Resources department or representative.
Implement a program designed to address employee problems as they develop.
Institute a backup plan to hire temporary employees in the event of a work stoppage or labor crisis.

After the Incident:

In the event of workplace violence, set up counseling programs that will deal with possible employee trauma.
If appropriate, hire workplace security.
Make sure that your company's Public Relations department is prepared to handle media inquiries following a workplace disaster, and is available to media.

Succession Planning

Cause: An unexpected health ailment, such as a heart attack, can lead to death and change a corporate structure overnight. The permanent loss of an employee can have a lasting, damaging effect on any business that is not properly prepared. Unforeseen events - including automobile accidents, airplane explosions/crashes, and recreational mishaps - and resulting incapacitation or death of key employees can also have an instant impact on a company.

Effect: In some cases, as when an airplane crash or a bombing occurs, a company may even be confronted with the loss of several employees at once. Other occurrences, such as retirements, an unexpected resignation, or prolonged terminal illnesses, will provide companies with some advance notice of what is to come.

Succession plans establish the identity of the individual who will step in and assume the role of a departed CEO, executive, project manager, or other key employee, allowing companies to make the transition and continue performing. However, the repercussions of an employee loss, particularly when coupled with the lack of a succession plan, can lead to corporate disorganization, negative press coverage, loss of customers, loss of market share, and low employee morale.

Where and When: The unpredictable nature of death creates a serious dilemma for businesses and necessitates succession plan preparation. Unless dealing with a retirement or other planned departure, it is difficult - if not impossible - for a company to know exactly when it will encounter an employee loss. The departure can occur at any location or time, but will ultimately produce the same result: a void that the company must fill in order to successfully continue operations.

Mitigation Measures:

Compile a list of positions that require successors, accounting for short- and long-term needs.
Include jobs such as CEO, executives, Year 2000 project manager, etc.
Determine if succession planning software or a consulting firm is warranted.
Establish an evaluation process for all employees thought to be likely successors for each job.
Consider constructing a ranking system of succession for each position. Determine who the first successor should be. Identify at least two other individuals for each job.
If there is a position without a likely successor, evaluate how the company will fill the position (external hire, temporary successor, etc.).
Make sure successors are trained and knowledgeable about all aspects of the position that they will potentially assume.
Never allow all key personnel to take the same flight, automobile, or other mode of transportation when out of the office on business trips.
Caution employees against participating in unsafe activities during non-business hours.
Research trauma/counseling centers to find one that could adequately assist employees in coping with a company death.

After the Incident:

Evaluate how the successor is performing in his/her new capacity. Consider bringing in a former employee to train the successor or make staffing changes to remedy any problems.
Determine whether additional personnel must be hired to fill positions.
Contact the chosen trauma/counseling center to have them meet with employees who are distressed by the loss.
Update the succession plan, adding employees to the succession list to replace those who filled vacancies.

Tornadoes

Cause: Tornadoes are rotating air columns that extend from the base of a thunderstorm cloud to the ground. The advent of a twister is often preceded by hailstorms. Tornadoes are best known for their funnel shape, which is created as the wind of the storm rotates.

Effect: The high winds that classify tornadoes can spin at incredible speeds, with winds around the funnel sometimes reaching more than 200 miles per hour. Contradictory in nature is the tornado's forward motion, which can be 70 miles per hour or less. These twisters usually pass through areas quickly, but can cause immense damage. Structural damage from high winds and airborne debris as well as death can result from tornadoes.

Where and When: Tornadoes are most common during the spring and summer in the Midwest region of the United States (typically in the area stretching from Nebraska southward through central Texas). However, if the right conditions prevail, a twister can form at any time, as most recently witnessed when several tornadoes struck down in Tennessee and Arkansas in January.

These acts of Mother Nature can not be contained or controlled. The best approach your business can take is to implement tornado preparedness efforts and be aware of when twisters are anticipated. Knowledge of weather terminology can assist in preparations. A "tornado watch" means that a twister may occur in your area. If a "tornado warning" is issued, it means a tornado has already been sighted. Aside from these precautionary measures, riding out the storm - and hoping for the best - is the only option.

Mitigation Measures:

Purchase portable radios to listen to weather updates.
Establish alternate communication methods via cellular telephones, two-way radios, etc.
Ensure facility is structurally sound.
If advanced notice is received, board all windows, secure large movable objects (i.e. computers, shelves), and remove unstable outside items.
Work with local emergency management officials to learn about your community's tornado preparedness and warning procedures.
Create an emergency contact list.
Educate employees on the safest building locations and evacuation routes.
Conduct a tornado simulation exercise.
Assess which areas will be covered under business insurance.
Keep a sufficient amount of water, food, and emergency supplies on hand.
Consider obtaining the contractual services of alternate site providers, restoration service providers, and others.

After the Incident:

Search for missing employees. Assist the injured.
Listen to radio broadcasts for weather updates.
Contact contracted business continuity vendors to enact services.
Reenter facility only after it is deemed safe by appropriate personnel.
Tour building to assess damages.
Update employees on conditions through appropriate company contacts.
Inform suppliers, customers, and business partners of the company's status and progress.
Revise contingency plans as needed.

Transport Disruption

Cause: Travel is a mainstay among many businesses -- whether it's an employee's daily commute, sales call road trips, or conference travel. An unexpected break in the transportation process could create a ripple effect throughout an organization, causing key executives to be away from their projects longer than anticipated or stranding part of a team away from colleagues.

Effect: Transportation is also part of the lifeblood of companies that provide or require shipping, mailing, and trucking services. If transport vehicles suffer a disruption, it could cause a catastrophic lull in the supply chain and a loss of revenue for businesses dependent on just-in-time inventory.

Transportation disruptions such as traffic accidents, flight delays, and lack/loss of drivers occurring at any business could cause employee stress, loss of work hours, reputation damage, and delay of receipt of packages and/or mail, as well as present the potential for human injury or death.

Where and When: Whatever method of transportation you use for personal travel or for shipping materials, there is always the possibility that a disruption could occur. Part of the problem is unpredictability, as one can never tell when or where there might be traffic on the road or a delay in flight/train schedules.

While certain methods of travel or transport may be chosen because they are quicker or are considered safer options, there is no method of transportation for business travel or shipments that is foolproof.

Mitigation Measures:

Call in advance to confirm flight reservations.
Allow extra time when driving to an unfamiliar area.
Get precise directions for office visits. Bring your contact's telephone number in case you get lost.
Listen to radio traffic reports or purchase a device to map out the best route.
Carry a cellular phone.
Encourage key personnel to travel separately.
Obey traffic regulations and speed limits.
Conduct background checks on all company drivers.
Look into providing driver safety training courses for employees.
Have all corporate vehicles inspected regularly.
Plan for alternate workers to be used if drivers go on strike.
Purchase tracking devices for all vehicles.
Ensure all packages being shipped can be tracked by the service provider.
Obtain the services of alternate shipping providers for emergency purposes.

After the Incident:

If flight/train is delayed, reschedule appointments and travel arrangements as necessary.
Use cellular phone to alert company/clients of your situation.
In the event of an accident, find out location and status of injured employee(s).
If alerted to a traffic accident, take an alternate route.
Confirm all packages have arrived. Track whereabouts of missing items.
Trace location/route of missing vehicles.
Contact alternate shipping providers for use of services.
If necessary, hire additional drivers.
Purchase new corporate vehicles as needed.

White-Collar Crime

Cause: White-collar crime is usually an unlawful act committed by a person while on the job. Employee theft, embezzlement, fraud, and computer crimes such as espionage and sabotage are all forms of white-collar crime.

Effect: These criminal acts can result in significant financial loss, employee mistrust, computer failures, loss of confidential information, and loss of merchandise. It can take a serious toll on a business if not identified and rectified early.

Where and When: White-collar crime can occur in any company in any business sector. However, small businesses may be more likely to become a victim, since small companies tend to be more trusting of their employees, leaving themselves more vulnerable to attacks.

Other companies that should be particularly watchful include those that deal with large sums of money, such as businesses in the financial/banking industry. Employees that work with money on a regular basis may be more tempted to commit a criminal act than those that are not in that position. Other workers to keep an eye on include disgruntled employees and former employees that harbor ill will towards the organization.

Mitigation Measures:

Have employees take a psychological examination prior to hiring.
Perform employee background checks.
Implement appropriate computer security measures.
Limit access to company-sensitive information. Keep a list of employees who have authorized access to confidential computer files.
Don't give any one employee too much financial control. Disperse duties (payroll, purchasing, etc.) among several workers.
Prenumber all receipts, invoices, and purchase orders.
Review bank statements and canceled checks regularly.
Require upper management approval for all checks over a certain monetary amount.
Keep backup copies of all classified computer documents off-site.
Immediately report missing or altered computer documents or web pages to a supervisor.
Protect all merchandise with security tags.
Keep inventories of all merchandise and perform inventory checks regularly.
Verify the accuracy of financial documents before signing off on them.
Have an outside accounting firm perform an audit of your business on an annual basis.

After the Incident:

Retrieve backup copies of computer data.
Assess whether computer security upgrades/additions are necessary.
Change all computer passwords.
If a name or monetary figure on a canceled check or bank statement looks suspicious, check into it.
Consult an attorney to determine appropriate legal action.
Hire an independent accountant to check the records in question.
Do not accuse an employee of misconduct until substantial information has been gathered. When the criminal activity is confirmed, terminate all employees that participated.
Go through inventory records to determine missing items. Report to police.
Enhance security program to safeguard against stolen merchandise.

Difference between revisions of "INCIDENT RESPONSES"

Latest revision as of 09:42, 13 April 2014

Contents

Requiring Immediate Response

Building Evacuation

Mail: Suspicious Package

Unknown Powder in Workplace

Bomb Threat

Bomb

Explosion

Fire

Break-in

Computer Intrusion

Medical Incident

Weapon Threat

Water Leaking

Requiring Short-term Response

Biological Hazards

Blizzards

Computer Failure

Computer Hacking

Computer Viruses

Electrical Storms

Environmental Hazards

Equipment Failure

Flooding

High Winds

Loss of Records

Power Outages

Product Tampering

Storm Advisory

Winter Weather

Workplace Violence

Requiring Long-Term Planning

Business Location

Earthquakes

Multi-Tenant Facilities

Human Error During Disaster

Hurricanes

Industrial Espionage

Labor Disputes

Loss of Workforce

Negative Publicity

Pandemic

Sick Building Syndrome

Staffing Issues

Succession Planning

Tornadoes

Transport Disruption

White-Collar Crime

Navigation menu

Search