1 Finance and Resources Committee 29 Report on HPC s Disaster Recovery test 21 st May 2010 Executive summary and recommendations An interdepartmental disaster recovery exercise was carried out on the 21 st of May, following two days of small scale testing. The report below indicates the progress of the test, the background scenario, and changes to be made to the plan. Decision The Council/Committee is requested to note the document. No decision is required. Background information HPC s Disaster Recovery Plan Resource implications Requirement to include additional employees in the testing of the plan will require some accommodation within work plans Financial implications No long term costs, but some OPEX when running future tests. Appendices None Date of paper 30 th June
2 Interdepartmental Disaster Recovery Exercise Lessons Learnt 21 st May 2010 On Friday 21 st May 2010 HPC held its annual exercise of the disaster recovery (DR) plan involving members of all departments, at the ICM Disaster Recovery centre near Uxbridge. Participants were pre warned, and asked to assemble in Uxbridge at 10 am. Roy Dunn created the following scenario, having consulted Marc Seale, in advance of the test. The scenario was designed to be more difficult than previous tests, and more closely emulate what happens in real life incidents, and Emergency Services disaster planning tests. The scenario A serious road traffic accident involving Kennington Park Road and Kennington tube station, the details emerging in stages during the day, see the Appendix to this report for details. The participants The following met in the meeting room at the ICM s disaster recovery (DR) centre at New Denham near Uxbridge, chaired by Marc Seale: Osama Ammar (Education), Manj Dhaliwal (Finance), Guy Gaskins (IT), Michael Guthrie (Policy and Standards), Louise Hart (Secretariat), Teresa Haskins (HR), Jacqueline Ladds (Communications), Chantelle Mayoss (Registration), Denis Risman (Projects), Greg Ross-Sampson (Operations), Eve Seall (Fitness to Practise), Marc Seale (Chief Executive and Registrar). Tom Berrie and Roy Dunn (Business Process Improvement), attended the meeting as observers, and to advise and take notes. David Aboagye observed on behalf of the HPC s internal auditors, PKF (UK). The Council Chair, Anna van de Gaag joined the meeting at 11:20 as a part of the exercise and Jonathan Bracken (Bircham Dyson Bell) at 11:46 to advise on legalities. Tyrone Goulbourne and Rick Welsby set up and operated the IT systems in the recovery suite assigned to the HPC for the day. Information route into the exercise HPC currently receive updates from the City Police force via i-modus, an alerting system supported by Vocal Communications. Reports of planned or adhoc demonstrations, suspicious activity, criminal activity, major road traffic accidents and terrorist activity are pushed out to those organisations signed up to the service. This is designed to bridge the gap between the emergency services and organisations that may be impacted, or need to respond in some way.
3 For the purposes of the test the inbound information emulated i-modus messages. The exact content is indicated in the Appendix. The exercise All members of EMT currently available or their representatives and other members of staff involved in the exercise, arrived as previously instructed at about 10:00 am. Members of EMT brought their own copies of the Disaster Recovery Plan. The meeting received the first item of information at 10:15 hrs; (1 ½ hours since the incident): A multiple vehicle RTA has closed Kennington Tube Station. It is expected to be reopened within an hour and a half. This had occurred at about 8:45 that morning. First stage: Recovery Plan Pages ) Decide if you need to evacuate the building. 2) Decide to stay or go In most instances, as set out in the Disaster Recovery Plan, members of EMT and other senior staff would be at the Council s offices and making the decision there, as set out in 1) and 2) of the Plan, whether or not to go to the DR centre near Uxbridge. In this instance, for the purpose of this exercise, the large majority of members of EMT were at the DR centre already. This could well be the case if a disaster occurred before the official office opening hours and word of this could be got to the Chief Executive and Registrar and EMT beforehand. The decision regarding evacuation therefore in such cases would be made remotely, eg from the DR centre, in consultation with the most senior employees still at Park House. However, it is likely that, as for this exercise, the large majority of the rest of the employees would already be in the Council s offices. The meeting received the second item of information11:15 hrs (2 ½ hours since the incident): A localised fire in the vicinity of the Road Traffic Accident has delayed reopening of Kennington tube station. Local residents are asked to stay in doors with windows closed. Normally this would involve some sort of police cordon, preventing access to the affected area round the station. In this instance, this could include the Council s offices.
4 It was agreed that the disaster recovery process be invoked and that the initial meeting be formally opened, going through each remaining section of the Disaster Recovery Plan Day 1 strictly in sequence. 3) If invoking (If they were not already there, normally EMT and other key staff would now go by the quickest route to the DR centre.) The Council Chair would now be contacted. It was recognised that the general instruction for residents to close their windows was significant, and in this situation it would not be advisable, at this stage, to evacuate the Council s offices. Oz Ammar for the purpose of the exercise rang Park House, and determined that Kelly Johnson was in the building and was the only member of EMT there. It was agreed that Kelly Johnson would be appointed as the Disaster Recovery Coordinator at the Council s offices. The priority was to account for all persons in the building and more important, those likely to be travelling to the Council s offices, in case they were involved in the accident or to prevent them getting caught up in its consequences. It was agreed that it would be necessary to do whatever possible to stop anyone from travelling to the Council s offices and to instruct them to return from whence they came. Kelly Johnson would be asked to organize the closing of all windows and doors in all buildings, and go round the building to ensure that it had been carried out and that staff remained indoors for their own safety. (There was no decision to shut down the fresh air circulation system.) She would also be instructed to arrange an all-staff meeting, immediately, to give them as much information as was available and list all present, She would be instructed to ring a designated individual at the DR centre every 15 minutes with updates. She would also need to determine who else was in the whole building and likely to be travelling to it, ie Council members, as, for the purpose of the exercise, a Council meeting was timed for 10:30 with two substantive items to agree signing off a fee change and Rules change; and decision on signing a major IT contract panel members and other partners, given that there was for the purpose of the exercise a CPD assessment day taking place and likely to be fitness to practise hearings contractors visitors It was noted that in these circumstances, a coordinator would also be needed at the DR centre, as well as at the Council s offices, with a different title. It was agreed that an additional item for the Plan be considered to include reference to this.
5 Second stage: Recovery Plan Pages ) Commencement meeting Normally this would begin as soon as all arrived. In this instance, all except the Council Chair and Jonathan Bracken were already there and the meeting had already begun. This meeting would be of vital importance; at it all present would be assigned appropriate roles and the following would take place, in this order: 2) and 3) a communications and IT continuity plan would be initiated 4) The HPC lockers or war boxes would be accessed. Two participants accessed the three lockers at the centre assigned to HPC, in which there were two more full copies of the Plan, plus stationery, sets of Council cheques and the Finance Department s card-reader, which gives access to the Council s bank account and enables specific members of the Department to make emergency payments etc. 5) a) The four UK health departments would be contacted. b) As many Council members as possible would be contacted to inform them of the situation. The meeting received the third item of information at 12:15 hrs (3 ½ hours since the incident): The Kennington area SW of the tube station is being evacuated by specialist teams. The area will be closed for at least a week. It was recognised that being evacuated by specialist teams was significant, and therefore staff inside the Council offices would need to remain their until contacted by these teams; in the meantime they would require reassurance and to remain calm. For the exercise, at this stage five members of staff were reported as not in the Council offices and were not otherwise accounted for, and their names were noted. Subsequently four out of the five were accounted for by contacting their next of kin. In this instance it would be necessary to decide whether it would be possible to hold a Council meeting at the DR centre or whether it should be cancelled. On the whole it was considered unrealistic at such short notice to get Council members, many of whom were probably now shut in the Council offices and currently unable to leave, to travel to the centre. 6) Determine business impact of invoking now, any changes to requirements
6 An appropriate business plan would now need to be devised for the foreseeable future, as at least a week could imply considerably longer. The meeting now determined in detail the impact on the organization and its business of invoking the Plan including a) the effect on renewals, CPD submissions etc b) if extra desks, PCs and telephones were needed at the centre, or alternatives c) if additional office space elsewhere needed d) ensure such additional items were booked. 7) Telephone redirection For the exercise, one of the HPC lines was redirected by BT to the centre. At the moment the centre can offer one redirected line, which does not cascade calls to manage the queues callers. It was agreed that ICM be asked if this could be arranged in future. The relevant staff would need to be able to change the recorded phone messages. Post to the Council s offices would also need redirecting to an appropriate designated place. The meeting received the fourth item of information: The Kennington area has potentially been subjected to low level radioactive waste contamination. The meeting then received the sixth item of information at (6 hours after the incident): The Kennington area will be subject to a clean up of localised Hot Spots by specialist teams over the next 3 months. The location of the hot spots will be confirmed over the next week and residents will be temporarily re-housed. Businesses may be offered assistance in finding temporary accommodation where possible from stock in the South London area. This assistance will only be provided after residents in the area have been relocated successfully. HR Specific scenario No casualties reported, other than one lorry driver with chemical burns. It was agreed that HPC would seek the assistance offered at the earliest appropriate moment. Having determined that the HPC would not have access to its offices for some considerable time, it was agreed that the Facilities Manager (or his line manager, the Director of Operations) would immediately be given authority to investigate alternative accommodation for use over an indefinite period.
7 Departmental sections of the Plan The meeting broke to allow each department s representative to consider their own section of the Plan; during the break the Council Chair arrived at 11:20. Each departmental representative then set out what would be their department s response. During this, the meeting received the sixth item of information: Phone message from Neil Cohen(Registrations Customer Service Manager) The office has been evacuated. The building is locked, but power is still on. An office closed message has been put on the main office number but there was not time to make changes to other lines Guy Gaskins commented that, normally, under such circumstances the power and computing system would remain on, but that IT staff could turn off the computing system remotely if necessary. The meeting discussed further the likely role of individuals at the DR centre at this very early stage of the emergency. Whilst it was acknowledged that it would not be possible to specify each role and function in detail, those present considered whether it would be useful to have some form of advisory document at the centre, which set out the likely roles required and who would likely do what and when. It was agreed that this suggestion be considered in more detail by each department and that they produce their own requirements and guidelines. It was also agreed that each department be recommended to run their own DR exercise and training in cooperation with the Business Process Improvement section. Key members of each department needed to know that they would play an important part in the recovery plan and that they could be asked, in emergency to do the unexpected, and some would need to take charge in a particular situation and circumstance. They therefore needed appropriate preparation. The meeting received the seventh and eighth item of information: Telephone message from Claire Harkin (Registrations Customer Service Manager): Two employees that were due to arrive at the office before 9am did not arrive. and Casualties have been reported at Kennington tube station. And finally,
8 A London Fire Brigade remote camera has located casualties, one of whom was carrying a HPC rucksack. Unable to determine gender at this stage as the body is badly burned. The meeting discussed what would be the appropriate action for HPC, as their employer, for members of staff still unaccounted for and in particular, the above scenario where an, as yet unidentified, body had been found. It would be easy and reasonable to jump to the conclusion that this individual was the member of staff still unaccounted for. It was agreed that at this stage it would be better to leave such matters, for example contacting next of kin, to the police. However, it was acknowledged that the HR Department would need to be prepared to deal with the inevitable emotional and psychological responses of staff to the potential loss of a colleague, and possible trauma and resulting stress. Jonathan Bracken arrived at 11:46. At 11:50 Marc Seale received a simulated phonecall from the Daily Telegraph which he passed to Jacqueline Ladds on behalf of the Communications Department to deal with, as would be the case in a real situation. The meeting discussed whether members of the Communications team should tell representatives of the press or broadcasters that members of staff were still unaccounted for. Jonathan Bracken confirmed the view taken above and advised that, at this stage, they should not do so, as it was a matter for the police. Although the rucksack was an HPC one, this was not incontrovertible proof that the individual was an HPC employee. It could, for example, have been stolen. During Teresa Haskins presentation of the HR section of the Plan, it was agreed that it should include an item on partners. Manj Dhaliwal reported that she had tested the Finance Department s cardreader, which had worked as it should. During Chantelle Mayoss presentation of the Registration Department s section of the Plan the following queries were discussed and responses agreed: For health & safety reasons it was agreed advisable to provide headsets for the phones for the Department s staff answering calls, particularly as they would be, in the first instance, 10 people only and taking calls the entire day. Unprocessed applications, renewals, CPD profiles: The meeting discussed the ways that Registration staff could deal with applications for registration or renewal, CPD profiles, etc for example those that were left in the HPC building and could not be retrieved, and those sent immediately after the evacuation. Discussing whether to waive fees, it was agreed that maintaining the flow of funds to HPC was vital and there were various ways of approving applications quickly in emergency. Jonathan Bracken advised that the Council could legally extend its deadlines for receipt of applications and retention periods, if reasonable. In particular, it would want to avoid inadvertently lapsing large numbers of registrants. A line and machine would be available to take payments over the phone.
9 Emergency Council meeting At 12:40 a simulated Council meeting was held. Jonathan Bracken advised that in a serious emergency such as this, the Privy Council and courts would acknowledge the validity of what was done, provided the Council could demonstrate that the action taken was reasonable. It would therefore be advisable that the reasons for every major decision made be formally set out. A record, probably by the Council Secretary, would therefore need to be kept for each decision. This would also be advisable for insurance purposes, so that the Council s insurers could not refuse payment on grounds that an action had been decided upon and taken unlawfully. In any organization, the large majority of decisions and actions taken are carried out routinely by the executive anyway and do not require additional powers. The Chief Executive as Registrar can take decisions in such circumstances, or jointly with the Council Chair. It is also legitimate to use under these circumstances to get Council s ratification of major items. The fee increase is a good example. The Privy Council and courts would take the view that this could not be a decision taken by the Chief Executive as Registrar alone, as there would be time to make alternative arrangements, such as via . It was agreed that a template for executive decisions in various emergency situations be produced. Recap of the day Following the simulated Council meeting, the meeting discussed the exercise itself and considered matters arising from it. It was agreed that the Plan itself as a document worked well, and that it is very important, both during an exercise and in a real-life incident, to work through it systematically, paragraph by paragraph. This ensures that everything that needs to be covered is covered. The Plan thereby gives format and structure to events which are inherently difficult and uncertain, and are likely to be a source anxiety, even distress. It was agreed that, to ensure continuity, the members of EMT attending the first, commencement meeting at the centre, or their delegates, would need to stay at the meeting, apart from coffee and comfort breaks, and assign others at the centre to go out of the room to carry our required tasks. As a participant in any disaster recovery plan in real life, it was agreed that a copy of the Plan be sent to Jonathan Bracken. It was also agreed that IT and Business Process Improvement would consider whether the Plan should be put onto each manager s Blackberry or laptop. It was emphasized that in any emergency where the Plan is invoked, only the appropriate individuals actually needed there should attend the centre itself and that this should be clearly communicated to all staff. Otherwise a number would be tempted to head towards the DR centre automatically, causing confusion and overcrowding; they would then need to be sent home or to the locations where
10 they should actually be. Each department needs to be clear as to where its staff would need to go, including those who could easily and more appropriately work from home. All departments need to have prepared ways of communicating with their now disparate staff regularly and effectively. Tom Berrie commented that the advantage of this centre was that there are several possible routes to it, including Tube to Uxbridge via the Metropolitan or Piccadilly Lines from several main locations in London overground train to Denham railway station from Marylebone, then bus or taxi road via M25, M40/A40, M4 and A4, with parking at the centre. Each department was asked to ensure that its lists of names and addresses included in all the Disaster Recovery Plan folders are up-to-date. Tom Berrie reminded the meeting that he travels to the centre each month and will make appropriate changes to the two folders there if asked, and would be pleased to take any member of staff with him to show them the centre. Marc Seale stated that he believed all staff should be encouraged to visit the centre at some point, particularly those who would be important in any emergency situation. The meeting discussed ways of recapping and reflecting upon this particular exercise and it was agreed that EMT use one of its extended monthly meetings in the near future for this purpose, inviting the other members of staff who participated to take part for this item. The current ICM centre at New Denham is the one designated for use by HPC. For the next HPC-wide exercise, in 2011, it was agreed that another ICM location be considered, probably the one in Sevenoaks, which would thereby use a centre south of rather than north of the Council s offices. The exercise would look at various possible scenarios.
11 Recommendations to update plan following the test The following is based on an analysis of the test, from either EMT s actions, requests, or from the Test authors. These changes will be implemented in the next version of the plan to be circulated. 1.) Requirement for two Business Continuity Co-ordinators, if the organisation is effectively split by an incident. This was illustrated in this test as a large number of employees and stakeholders were said to be located in the HPC office buildings during the test scenario. The primary Business Continuity Co-ordinator is likely to be located at the DR Recovery site. The secondary location Business Continuity Co-ordinator role should ideally be filled by an experienced member of the HPC team with some form of managerial responsibility and gravitas, able to locally direct the employees at the location. Suggested personnel includes any EMT member or CDT member. 2.) Insert a Call Chain / Call Tree into the DR Plan to assist passing information around the organisation as soon as possible. This can also be used for delegating, where the primary process owner is not available (eg Director of Communications managing could be overseeing IT processes). Specific departmental responsibilities can be attached to named roles where appropriate, eg a back up person to maintain the HPC public website content indicating which Communications Department member is most appropriate. 3.) The plan is a guide to be used in any situation and it is necessarily detailed on many points, but a wide range of activities may not be applicable in all situations. Adhering to the plan in too great a detail could cause delay in essential decision making. As much as possible should be delegated to the Incident Management functions (see 4 below) as soon as possible. 4.) Consider arranging for additional members of each team to attend the DR site upon request, splitting into a traditional military or emergency services tiered set up. (See diagram below Incident Management Structure). EMT would occupy the meeting room, making strategic decisions and ensuring the plan was adhered to, or determining when not to adhere to the plan. An Incident Management Team (CDT and others) would get things running concentrating on tactical / operational issues in the suite with PC s, phones, printers etc. This would include setting up all IT services, redirecting phone lines, answering inbound press queries, post etc. 5.) Instructions on how to shut down the air circulation system where possible should be recorded in the DR Plan Facilities section.
12 6.) All process owners should check their parts of the DR plan for level of detail provided and accuracy and feed back any change requests to Business Process Improvement department as soon as possible. Other items falling under Business Process Improvement Overview - Incident management structure Executive Management Team IT Dir OPS Dir HR Directo r Finance Director BC Specialist Comms Dir Incident Management Team Heads of: Registrations Management HR Communications F acilities IS Departments with business-critical processes BC Specialist Strategic Tactical Operational Incident Response Groups (Ad-hoc) from those available Business Management Finance Payroll Purchasing Legal and Insurance Human Resources Health & Safety Recruitment Compensation and benefits Employee relations Resources Benefits Communications Crisis communications Internal and external Helpline & web site uploads IS Web Services Registration Services Networking Services Telecommunication Services Reporting Services IS Programme Services Facilities/Office Services Health & Safety Premises Security Maintenance Cleaning Catering Post and print GOLD Equivalent SILVER Equivalent BRONZE Equivalent Manage the crisis FTP & Departments with business-critical processes Manage recovery of business processes 7.) Those involved in the test requested that an even more rigorous test should be carried out next year, perhaps with the EMT section in one location and those actually operationally managing the set up of services in another location. This will be investigated. 8.) Consider arranging for other members of the organisation to receive i-modus messages, so that HPC is notified of events should we have to run the DR plan in a real life emergency. 9.) Any other items for discussion are requested.
13 Appendix NOT TO BE CIRCULATED TO EMT / DR TEAM BEFORE TEST All EMT & DR list employees potentially invited. Non-employees to be invited: Anna van der Gaag (HPC Chair) Jonathan Bracken (BDB) David Aboagye (PKF Internal Audit) Background HPC Activity over period of test A Council meeting with a couple of high importance, time sensitive items including signing off the Fee change and Rules change; and decision on signing a major IT contract are in the meeting agenda. The DR team will need to decide what to do. Detail on incident. Incident reported at or around Kennington tube station 8.45 am Call local Police contact for further information. No information will be released by this route. However mock imodus messages will be supplied. These messages currently only go to Roy Dunn via . High level scenario A hospital clinical waste truck has been in collision with a fuel tanker. Low to medium level radioactive waste from a local hospital has been spilt by one truck, (this is essentially rubber gloves from the x-ray dept, old components). A resulting fire in the lift shafts has released asbestos and low level radioactive waste to the surrounding area. Prevailing wind at time of fire was to the SSW. The area will remain evacuated for the next month during a clean up of the asbestos and any radioactive hot spots. A decision will therefore be required to find office space for all essential staff for a period of at least one month. (Steve Hall is on vacation during the test so someone else will be required to take on this role). However, the amount of time the office is inaccessible will not be immediately apparent. Up to two employees may be casualties. One known, one not arrived in office, not at home. Information Elapsed time Scenario True time 1 +1 ½ hrs 10:15 RTA reported, Kennington tube closed 2 +2 ½ hrs 11:15 Local fire near or at Kennington tube 3 +3 ½ hrs 12:15 Kennington area being evacuated
14 4 +3 ½ hrs 12:15 Phone message from Neil Cohen 5 +4 hrs 12:45 Kennington potentially subjected to low level radioactive waste 6 +4 ½ hrs 13:15 Phone message from Claire Harkin 7 +4 ½ hrs 13:15 Casualties reported at tube station 8 +5 hrs 14:45 Report on remote camera 9 +6 hrs 15:45 Hot spot report and relocation imodus Message Situation Info #1 Elapsed time 1 ½ hours since incident. A multiple vehicle RTA has closed Kennington Tube Station. It is expected to be reopened within an hour and a half imodus Message Situation Info #2 Elapsed time 2 ½ hours since incident A localised fire in the vicinity of the Road Traffic Accident has delayed reopening of Kennington tube station. Local residents are asked to stay in doors with windows closed imodus Message Situation Info #3 Elapsed time 3 ½ hours since incident The Kennington area SW of the tube station is being evacuated by specialist teams. The area will be closed for at least a week imodus Message Situation Info #4 Elapsed time 4 hours since incident The Kennington area has potentially been subjected to low level radioactive waste contamination imodus Message Situation Info #5 Elapsed time 6 hours since incident The Kennington area will be subject to a clean up of localised Hot Spots by specialist teams over the next 3 months. The location of the hot spots will be confirmed over the next week and residents will be temporarily re-housed. Businesses may be offered assistance in finding temporary accommodation where possible from stock in the South London area. This assistance will only be provided after residents in the area have been relocated successfully. HR Specific scenario No casualties reported, other than one lorry driver with chemical burns.
15 hours since incident: Phone message from Neil Cohen The office has been evacuated. The building is locked, but power is still on. An office closed message has been put on the main office number but there was not time to make changes to other lines ½ hours since incident: Phone message from Clare Harkin Two employees that were due to arrive at the office before 9am did not arrive ½ hours since incident Casualties have been reported at Kennington tube station hours since incident: Phone message from London Ambulance Service (to HPC Human Resources Dept) A London Fire Brigade remote camera has located casualties, one of whom was carrying a HPC rucksack. Unable to determine gender at this stage as the body is badly burned.
Audit Committee, 20 March 2014 Annual Business Continuity test Executive summary and recommendations Introduction The HCPC Business Continuity Plan is exercised annually and this took place on 29 th November
Business Process Improvement Roy Dunn Human Resources No changes. Quality Management System (QMS) review meetings and internal audits The internal audit schedule for 2010-11 is running. Customer Service,
Major Incident Procedures What businesses and the voluntary sector need to know Introduction This guide is designed to increase the understanding of the roles and responsibilities of the emergency services
Preparing a Disaster Recovery Plan (Church) In the event of a serious fire, a church may be required to close during the rebuilding period. The rebuilding process can take up to two years or more. Heritage
EVENT SAFETY MANAGEMENT PLAN For A Small/ Medium Scale Event To be held at Location: Date: CONTENTS Section Page INTRODUCTION 1 1.0 Event Details 2 1.1 Event Overview & Location 1.2 Event Schedule & Timings
Business Continuity Plan IMMEDIATE ACTIONS Manager/Supervisor 1. Ensure emergency services contacted 2. Ensure safety of personnel 3. Co-ordinate with the emergency services 4. Contact Senior members of
Expecting the unexpected Business continuity in an uncertain world National Counter Terrorism Security Office (NaCTSO) The National Counter Terrorism Security Office is a police unit working to the Association
IN CONFIDENCE THE BRITISH LIBRARY BOARD BLB 12/35 OLYMPICS BUSINESS CONTINUITY PLANNING: PROGRESS UPDATE 1. PURPOSE OF PAPER The purpose of the paper is to report to the Board on the progress of the Library
University of Hong Kong Emergency Management Plan (HKU emergency hotline: 3917 2882) Version 1.0 Oct 2014 (Issued by Safety Office) (Appendix 3 not included) UNIVERSITY OF HONG KONG EMERGENCY MANAGEMENT
Audit Committee 29 September 2011 Internal audit report Information Security / Data Protection review Executive summary and recommendations Introduction Mazars have undertaken a review of Information Security
Policy documents Aims of the Policy apetito is committed to meeting its obligations under data protection law. As a business, apetito handles a range of Personal Data relating to its customers, staff and
Business Logo Here BUSINESS CONTINUITY PLAN FOR SMALL TO MEDIUM SIZED BUSINESSES DATE :??? VERSION:?? PRODUCED BY DURHAM CIVIL CONTINGENCIES UNIT BUSINESS CONTINUITY PLAN LIST OF CONTENTS 1. DISCLAIMER...4
SAFETY GUIDANCE MATERIAL SAFETY MANAGEMENT MONDAY MARCH 23,GUIDANCE 2015 This safety resource was written for the scrap industry by the scrap industry and was developed to assist you in making your scrap
University Emergency Management Plan This plan has been designed to be consistent with the format of the Emergency Action Plans held by the departments and buildings of the University. This will enable
Sample Emergency and Critical Incident Policy and Procedure 1. Purpose and Scope Emergencies and critical incidents in the workplace can affect people physically and psychologically, and affect program
business continuity plan for: Insert your company name here Our statement of Business Continuity is: > To ensure all employees are competent to do their tasks, and to provide adequate training > To review
Audit Committee, 24 June 2014 BSI ISO 9001:2008 Audit Report Executive summary and recommendations Introduction BSI audited HCPC on the 6 May 2014, as the second audit of the new three year audit cycle
Agenda Item 8.3a SNCCG Governing Body 11.03.2014 Business Continuity Policy & Plans Ref Number: Version: 1 Status: Pending Approval Author: A Brown Approval body Governing Body Date Approved Date Issued
Business continuity strategy 2009 2012 Table of contents 1 Why this strategy is needed 3 2 Aim of the strategy 4 3 Our approach to business continuity 4 PROCESS 4 STRUCTURE 5 DOCUMENTATION 6 DISRUPTION
! " # $% "%&$& Lesley Fayers Exercising the BCP workbook.doc Page 1 of 12 Objectives...3 1. Why run an exercise?...3 2. What sort of exercises are there?...3 Call Tree:...4 Walk Through:...4 Table Top:...4
Council, 25 March 2015 Human Resources Department Work Plan 2015-2016 Executive summary and recommendations Introduction The Human Resources Department Work Plan for the period 1 April 2015 to 31 March
Business Continuity Planning Assistance for Young Enterprise Business Continuity Planning for small to medium-sized businesses This information will guide you through some steps that could help your business
EMERGENCY PREPAREDNESS PLAN Promontory Charter School ----------------Emergency 911--------------------- INTRODUCTION The purpose of this Emergency Preparedness Plan for Promontory Charter School is to
SOMERSET COUNTY COUNCIL [NAME OF SETTING] BUSINESS CONTINUITY PLAN TEMPLATE 2013 Setting Name Author Date Completed Date to be Reviewed Version Page 1 of 18 Update Log VERSION NO. DATE BY WHOM ACTION Any
Compensation Policy Including statutory compensation, service failure and loss of amenities Version Final By: Watkin Morgan Senior Manager Maria McCarron BOM approved: 22 March 2010 CONTENTS Section Page
BRYN MAWR COLLEGE EMERGENCY RESPONSE PLAN Revised 3/17/08 (abridged) This document is a synopsis of the planning and preparation the College has undertaken to handle emergencies in a professional, efficient,
23 June 2014 Performance and Resources Board 19 To note Update from the Business Continuity Working Group Issue 1 The Business Continuity Working Group oversees the development, maintenance and improvement
THE ROLE OF LEAD GOVERNMENT DEPARTMENTS IN PLANNING FOR AND MANAGING CRISES THE FRAMEWORK FOR ACTION 1. Most incidents are handled at a local level by the emergency services and by the appropriate local
BUSINESS CONTINUITY POLICY Last Review Date Approving Body n/a Audit Committee Date of Approval 9 th January 2014 Date of Implementation 1 st February 2014 Next Review Date February 2017 Review Responsibility
Audit Committee, 16 March 2016 Internal Audit - progress report 2015-16 and 2016-17 plan Executive summary and recommendations Introduction Grant Thornton have prepared the attached report which sets out
Data Protection Act a more detailed guide What does the Act do? The Data Protection Act 1998 places considerable duties on organisations which process personal data; increases the rights of access by data
BUSINESS CONTINUITY MANAGEMENT PLAN For Thistley Hough Academy Detailing arrangements for Recovery and Resumption of Normal Academy Activity Table of Contents Section Content 1.0 About this Plan 1.1 Document
Safer recruitment scheme for the issue of alert notices for healthcare professionals in England November 2006 The issue of alert notices for healthcare professionals Summary 1. NHS Employers and the Department
Business Continuity Planning advice for Businesses with over 250 employees Where to begin? You can compose an effectual business continuity plan in a relatively short period and for little expenditure.
EMERGENCY PLANS FACT SHEET Overview This fact sheet provides general guidance for persons conducting a business or undertaking (PCBUs) and workers on preparing and maintaining general emergency plans for
Estates Division Imperial College London Room 503 Sherfield Building South Kensington Campus London SW7 2AZ, UK Tel: +44 (0)20 7594 9832 Fax: +44 (0)20 7594 9050 firstname.lastname@example.org www.imperial.ac.uk
NETWORK SERVICES WITH SOME CREDIT UNIONS PROCESSING 800,000 TRANSACTIONS ANNUALLY AND MOVING OVER 500 MILLION, SYSTEM UPTIME IS CRITICAL. Your Credit Union information is irreplaceable. Data loss can result
ESSEX FIRE AUTHORITY Essex County Fire & Rescue Service MEETING Essex Fire Authority AGENDA ITEM 14 MEETING DATE 5 September 2012 REPORT NUMBER SUBJECT REPORT BY Risk and Business Continuity Department
Corporate Health and Safety Policy November 2013 Ref: HSP/V01/13 EALING COUNCIL Table of Contents PART 1: POLICY STATEMENT... 3 PART 2: ORGANISATION... 4 2.1 THE COUNCIL:... 4 2.2 ALLOCATION OF RESPONSIBILITY...
Recommended by Emergency Preparedness Committee: April 21, 2009 Recommended by President s Council: May 1, 2009 Approved by Executive Committee: May 5, 2009 NAIT Procedures CS1.2.6 Flood Implementation
APPENDIX 2 GENERIC OPERATIONAL S TABLES ADDITIONAL ACTION PLANS MONITORING REPORT MARCH 2006 GENERIC S AFFECTING MOST OR ALL SERVICES OPERATIONAL S OF HYNDBURN BOROUGH COUNCIL PROFESSIONAL LIKELI- HOOD
Data Protection and Information Data - Guidelines for the use of Personal Data Page 1 of 10 Created on: 21/06/2013 Contents 1. Introduction... 3 2. Definitions... 3 4. Physical... 4 5 Electronic... 6 6
ST JOSEPH S SCHOOL S O U T H E R N C R O S S CRISIS MANAGEMENT PLANNING IN CATHOLIC SCHOOLS RATIONALE Catholic schools have a responsibility to provide a safe and supportive environment for staff, students
CRISIS PREPAREDNESS: Parents and School Emergencies The safety of our students and staff are top priorities for Holy Rosary School. www.holyrosaryschool.us Crisis Preparedness: Parents and School Emergencies
SCHOOLS BUSINESS CONTINUITY PLANNING GUIDANCE This guidance is to be used as a tool to support you in your business continuity planning and aligns to the schools business continuity plan template provided.
Business Continuity Plan Guidance and Template to support Small Businesses Disclaimer This template and guidance is provided as general information about Business Continuity Planning. It is not intended
Improving Workers Lives Worldwide FLA S FIRE SAFETY INITIATIVE Preventing fires and saving lives by empowering workers and factory managers SCENARIO 1 OCCURS AT FACTORY ABC, WHICH HAS NOT IMPLEMENTED NECESSARY
Business Continuity Plan Policy Author: Principal Person with overall responsibility for : Principal Review Cycle: Annual Date Reviewed: Date Approved: 19.08.14 Approved by: CET Board CET-TSA Policies/Business
A guide for employers and registrants Managing fitness to practise Contents Introduction 1 About us (the HPC) 1 Who do we regulate? 1 Protected titles 2 Fitness to practise 2 This document 3 Managing fitness
Assisted Living Facilities & Adult Care Comprehensive Emergency Management Plans STATUTORY REFERENCE GUIDANCE CRITERIA The Henrico County Division of Fire s Office of Emergency Management provides this
SANDYMOOR SCHOOL CRISIS MANAGEMENT POLICY Crisis Management Policy Contents Version History... 2 1. Introduction... 3 2. Aims and Objectives of this Policy... 4 3. Roles and Responsibilities... 4 4. Emergency
This document was generated in part from the excellent work done by EPICC (Emergency Preparedness for Industry and Commerce Council). Please refer to EPICC s website http://www.epicc.org/ to learn more
Version Number Issue 2 Business Continuity Policy Date Revision Complete Policy Owner Author Reason for Revision Proof Read April 2016 Business Improvement Manager Emma Earle, Business Services Officer
NHS North Somerset Clinical Commissioning Group HR Policies Managing Sickness Absence Approved by: Quality and Assurance Group Ratification date: September 2013 Review date: September 2016 Elaine Edwards
Council, 14 May 2015 Information Governance Report Introduction 1.1 The Information Governance function within the Secretariat Department is responsible for the HCPC s ongoing compliance with the Freedom
Your guide to choosing an IT support provider T: 08452 41 41 55 Contents Introduction 3 IT and business continuity 4 About managed services 5 Modular vs packaged support 6 Checklist of supplier questions
ASBESTOS POLICY Version 2 / Jun 2015 Page 1 of 11 Asbestos Policy This is a controlled document. It should not be altered in any way without the express permission of the author or their representative.
18 June 2015 Performance and Resources Board 14 To note Update from the Business Continuity Working Group Issue 1 The Business Continuity Working Group oversees the development, maintenance and improvement
Measuring your capabilities in Fleet Safety Management ACC Fleet Saver Audit Standard 29 May 2014 Table of Contents Page 2 1. Getting Started...3 2. Critical element 1: Registered Owner Commitment to Safety
BE MINI. MINI ROADSIDE ASSISTANCE & ACCIDENT MANAGEMENT. Driving a MINI is fun. Running into unexpected trouble is not. But with MINI Roadside Assistance & Accident Management, we ll do everything we can
Plan Ref No: [INSERT NAME OF SCHOOL] BUSINESS CONTINUITY PLAN PLAN DETAILS Date Written Plan Owner Plan Writer Version Number Review Schedule 6 monthly Annually Date of Plan Review Date of Plan Exercise
ACTIVE THREAT TEMPLATE Background Information for departments developing this template for their Building Emergency Plan - Each individual is ultimately responsible for their own safety. In any response
Information for registrants Continuing professional development and your registration Contents Introduction 2 About this document 2 CPD and HCPC registration: A summary of CPD and the audit process 2 CPD
HYDE PARK SCHOOL, Marble Arch CRISIS MANAGEMENT PLAN Statement In the event of an emergency at Hyde Park School, the safety of everyone in the school community and preservation of life will override all
Information for registrants Continuing professional development and your registration Contents Introduction 2 About this document 2 CPD and HCPC registration: A summary of CPD and the audit process 2 CPD
HOPONE INTERNET CORP IT Disaster Recovery Plan Template Compliments of: Tim Sexton 1/1/2015 An information technology (IT) disaster recovery (DR) plan provides a structured approach for responding to unplanned
Conditions of Hire (Rooms 188.8.131.52 and Halls) Grou Page 1 of 6 Conditions of Hire 1. Hirer: The Hirer is you the person who completes the agreement and signs the conditions of hire. 2. Availability The
BRENTWOOD BOROUGH COUNCIL BUSINESS CONTINUITY SERVICE RECOVERY PLAN FOR... PHOTO Responsibility for this Plan Designation Name Business Continuity Plan Holder... Managers with responsibilities under this
Aylesford School and Sixth Form College wonder aspiration respect discipline RISK MANAGEMENT POLICY Written: January 2015 Review Date: January 2017 Lead: Site Manager Via: Finance and Premises Committee
Major Incident COMMUNICATIONS STRATEGY AND PLAN ELFT staff must use the version published on the Trust Intranet for managing an incident response or training purposes. Version 2.2 8 th September 2014 Revision
Information Governance in Dental Practices Summary of findings from ICO reviews September 2015 Executive summary The Information Commissioner s Office (ICO) is the regulator responsible for ensuring that
Health and safety guidance for research undertaken in the community Document control information Published document name: research-comm-gn.pdf Date issued: September 2012 Version: 3.0 Previous review dates:
Auditing Business Continuity Planning Tips and techniques a typical audit programme Karen Wills, Senior Internal Auditor St James s Place Wealth Management February 2014 Contents Background Roles and Responsibilities
Aide-Mémoire Suspicious Objects and Bombs Terrorists, criminals and dissatisfied individuals continue to make use of improvised explosive device (homemade bombs). These incidents involving shocking acts
BMW Group Roadside Assistance & Accident Management 1800 808 111 Unique peace of mind. Roadside Assistance & Accident Management for you and your BMW. BMW Group Roadside Assistance & Accident Management.
SAMPLE This plan is meant to provide information for staff to respond quickly to hazards and situations that could disrupt business or cause an evacuation or temporary relocation. The information in this