Disaster Recovery. Quality Procedure

Transcription

1 Page No. 1 of 9 TITLE: PLANNING DISASTER and EMERGENCY RECOVERY (DERPLAN) 1. INTRODUCTION and SCOPE There is in place a Disaster Recovery Plan to permit Anchor s business to continue operating as best it can in the event of the operational headquarters (including control room) being disabled by power failure, fire, bomb, staffing or other disaster. The Plan is included as a controlled document in Anchor s Quality Management System. At all times the Organisation aims to ensure compliance with all regulatory and statutory requirements. 2. RESPONSIBILITY Chief Executive, Managing Director and Management Team (see appendix). 3. REFERENCE BS EN ISO 9001:2008; section 8.3 Control of nonconforming product 4. PROCEDURE RISK MANAGEMENT POLICY STATEMENT It is the policy of Anchor Security Services Ltd (ASSL) to adopt a proactive approach to Risk Management consistent with the principles of Best Value. Whilst it is acknowledged that risk cannot be totally eliminated, the Organisation is committed to the management of risk in order to:- Ensure compliance with statutory obligations Preserve and enhance service delivery Safeguard its employees and customers or service users, and all other persons to whom ASSL has a duty of care Protect its property including buildings, equipment, vehicles and all other assets and resources Maintain effective control of its funds Promote the reputation of the Organisation Support the quality of the environment These objectives will be attained by identifying, analysing and evaluating, cost effectively controlling and monitoring risk which endangers the people, property, reputation and the financial stability of ASSL. Based on the information given in the undernoted table, the most likely disaster/emergency events have been extracted and incorporated into this procedure.

2 Page No. 2 of 9 TYPICAL DRIVERS OF BUSINESS RISK INTERNAL FACTORS EXTERNAL FACTORS FINANCIAL RISKS Liquidity & cashflow Interest rates Foreign exchange Credit STRATEGIC RISKS Mergers & acquisitions Intellectual capital Competition Customer changes Industry changes Customer demand OPERATIONAL RISKS Accounting controls IT Systems Recruitment and staffing Supply chain Regulations Culture Board composition HAZARD RISKS Employees Properties Public access Products & services Contracts Natural events Suppliers Environment Source: Institute of Directors, Directors Guide: Risk Management. The Risk Management Standard 2002 IRM, Alarm and AIRMIC (copy available) The DERPLAN is formulated to include stage-by stage planning before, during and after the event. This includes causation factors and how to prevent them. The DERPLAN includes provision for testing, training and simulation for effective response. It is not intended to replace Risk Assessments at customers sites. At the outset, the Emergency Response Team (see <4.9>) should qualify/quantify the nature of the occurrence and its likely impact on the business. Shareholders and other Directors should be informed. The appendix to the procedure lists Executive/Management personnel and telephone contact numbers. Planning operation and control of situations is as described below: 4.1 Natural disasters; earthquake, flood, lightning; *headquarters destroyed/permanently disabled Relocate to temporary headquarters to be established at Regus Herons Way Chester Business Park with sufficient office space and other essential services, telecommunications, stationery, office furniture and PCrelated systems. Customers are informed of the situation and ASSL s plans for business continuity. All head office based staff will be informed of the situation and contingency plans. If required, a mini-bus will be made available for those staff requiring transport to the temporary headquarters. Training services and uniform provision to continue to be available. Notification of emergency situations to Security Officers will be made on a need-to-know basis. Resources are made available for the foregoing to enable return to normal as soon as is practicable. 4.2 War-related disasters, civil or international, terrorism; as <4.1>* Similar response to <4.1> following quantification of the impact on the business.

3 Page No. 3 of Accidental/Deliberate acts of sabotage; eg fire, malicious damage, fraud; as <4.1> The exception to <4.1, 4.2> would be fraud, where the impact on the ability of ASSL to continue trading would require to be assessed by the Directors. Anchor Security Services has an annual audit from our accountants, is audited twice yearly by RBSCS and is subject to PAYE and VAT inspections. During the production of management accounts, obscure or unusual amounts are investigated, I feel we are actually very well protected against fraud and if it were to occur it would be discovered straight away, so the liability would be small. 4.4 Accidents, illness, disease or infection of persons, however caused; as <4.1>* Anchor has a responsibility to minimise/reduce the number of workplace accidents and industrial illnesses. The Organisation s Health & Safety Manual outlines this in more detail. With disease, at the outset the Health & Safety Executive (RIDDOR) would require to be notified ( ). Quarantine of individuals could result, with families and other contacts requiring assessment. 4.5 Total electrical power failure, communications systems failure; see below <4.6> The main hub of the operation is the control room we have emergency lighting and UPS emergency power to our servers that will allow our control room to function normally for at least three hours. In the event of a total power failure the back up system will connect immediately. Functionality is checked quarterly and the results recorded. For longer period we have a source to hire a stand-by electrical generator to power-up PCs and ancillary office equipment, telephones and other electrical equipment: this would be considered essential and require to be sized on Anchor s anticipated power requirements (to be assessed). IT is of critical importance. 4.6 Total failure of computer related systems; corruption or theft of data, malware Deprivation of Client Pcs Our computer system is made up of server computers and client computers, if we were deprived for whatever reason (theft, malfunction, malicious damage) it would be a simple case of reinstalling the applications that were installed on the computer, the data would not be affected as it is held on the server Deprivation of Server Our server already is fault tolerant to a certain degree (i.e. On board RAID provides some resistance against mechanical failure of drives), however in the event of complete system failure on one of the following servers we would rely upon the identical machines stored offsite: Main File and Server Timegate SQL Server We have identical hardware to the live servers stored offsite, and these would need to be swapped in and have the data recovered from Clunk Click s online backup solution. There is no guarantee that this would be a simple swap in and 3 rd party assistance (particularly for Timegate and Timelink) may be required.

4 Page No. 4 of Deprivation of all computers within our company A site disaster would take a great deal of time to recover from. All data could be recovered to alternative hardware that is stored offsite, but Timelink would be dependent upon specific phone lines and therefore would take the most time and reorganisation to recover. An alternative site would be required, and used as a temporary location for the recovered servers. A handful of client machines could then be configured to connect to these and allow us to provide basic and essential operations. 4.7 Failure of banking and financial services/facilities; mail services, loss or tampering This scenario would be addressed as in <4.3> where an assessment by Directors would be required Fraud If our computer links to the Banks are lost, all relevant requests and transactions can be processed on the phone with passwords. In the event of our Bank going Bankrupt a new financial backer would have to be found as soon as possible Mail service loss or tampering A courier service can be used for out going mail if necessary and collection of cheque payments from customers. Long-term invoices can be faxed and wage slips can be hand delivered to site. 4.8 Death or serious injury to Chief Executive, Managing Director; other loss of key staff This includes withdrawal of labour for any reason, e.g. walk-outs, strikes and similar. The next Director or Manager in the line of command would assume responsibility for implementation of the Action Plan for business continuity/recovery. See ERT (Emergency Response Team). Replacement of key staff would be supported by an appropriate employment agency, as required. This has already been verified in real time.

5 Page No. 5 of Business continuity process This would be the responsibility of the Managing Director except in his incapacity when the Chief Executive would initiate action, supported by the Regional Operations Manager and the Management Team. The business continuity management process typically encompasses three stages: Emergency response (0-3 hours): The first few hours after an incident are critical to the long-term impact that the incident will have upon the business. Issues to be dealt with will include management of the damaged site, liaison with emergency services and ensuring employee safety. Crisis management (1-24 hours): The incident will have to be controlled by members of the Emergency Response Team (ERT) see below, to make immediate and longer term strategic decisions. These can concern resources, communication, financing human resources and media handling. Business recovery (24 hours onwards): This stage focuses on the recovery of operational services, involving detailed, specific action for each department or function to assist them in recovering their operations 4.10 Risk of Flu Pandemic Being prepared for pandemic flu could be vital to the survival of our business in the event of an outbreak, Whilst dealing with a pandemic is considered to be primarily a public health matter and a government responsibility, the Institute of Occupational Safety and Health (IOSH) says employers have an important part to play. The big problem with a pandemic is how rapidly it can spread it is important that we take a positive approach and have a contingency plan at the ready. The plan will be reviewed regularly to ensure it continues to cover the impending threat. The Anchor Emergency Response Team will meet when it is clear the threat of pandemic flue is imminent. They will discus the impact on resources, availability of medical advice and the availability of vaccine that becomes available. A member of the team will be made responsible for sourcing and providing the latest information on the emergency. A schedule will be prepared for regular meetings until the situation is resolved. Employees with existing chronic medical conditions like asthma, who are more likely to be severely affected will be identified All employees will be issued with a daily health check card containing a number of questions that will provide an early warning of any problems the checklist is to be used for both employees and other members of their household. If they answer yes to any of the questions the employee will be asked to contact a member of the Emergency Response Team (ERT) by telephone for a discussion. The outcome will be:

6 Page No. 6 of 9 1. OK to continue work. 2. Stood down as a precaution 3. Stood down seek medical advice 4. Stood down seek urgent medical treatment The ERT team will monitor all staff that call and maintain a record of circumstances. Staff will be given information on best practices to avoid infection. This will include staying at home where possible, avoid contact with other people, try not to use public transport and avoid events where others may gather. Follow all emergency restrictions advised by government, local authority, public health, and Anchor. Select foods and snacks that are more likely to be safe e.g. canned or frozen foods ensure that food is prepared properly in a hygienic environment and cooked properly. Avoid fresh foods that are likely to have been multi handled. The use of phone Fax or E mail should be considered as an alternative to face to face contact The ERT will consider cancelling conferences or meetings and try to hold video conferences or online meetings instead. Staff will be issued with anti bacterial wipes to be used to disinfect phones and other areas before use. Try to allocate one phone per person. Encourage employees to take personal responsibility to protect themselves encourage hand washing, wearing gloves on public transport, disposing of tissues so that cleaners don t come into contact with them and covering nose and mouth when coughing or sneezing. The company will consider the issue of any personal protective equipment that offers additional protection (face masks, protective overalls, hair covers, shoe covers anti bacterial wipes) Identify what tasks are essential to your core business and key staff think about how you can cover these jobs safely during the pandemic. Training for some staff may be necessary. Encourage flexible working practices this might mean encouraging people to work from home or flexible hours to enable employees to look after ill dependents, look after children if schools are closed and to reduce the time spent on public transport, where there is more chance of infection from the virus. Identify the core business and the site that will not be down manned consider down manning or the temporary closure of non-essential sites. Some sites may be closed by the authorities communicate with all staff to ensure they are advised of any changes. Try to avoid moving officers from site to site during the emergency. It may also be worth considering extending working hours as this can allow more days off and a reduction in travel to and from work. Operations managers are to maintain regular telephone contact with our clients and keep them fully informed but avoid face-to-face meetings. They could be based at home and used for emergency situations. If they are used for lift and shift all vehicles must be kept clean and disinfected after each journey. The cleaning contract will be reviewed to maintain a high level of hygiene in the workplace. Consider disinfecting door handles and telephones and providing anti-bacterial hand gel for staff and visitors to use. The plan will be flexible and continuously reviewed during the emergency as more information and advice is received this will be communicated to all members of staff.

7 Page No. 7 of 9 Emergency Response Team (ERT); the next in command would follow the sequence below (See Organisation Chart): Chief Executive Managing Director Financial Director Business Director IT Manager Quality Health & Safe Manager All the above are familiar with the content of this procedure. 5. ASSOCIATED DOCUMENTS See flow chart ref. QP3.1FC 6. RECORDS Server back-up access. Documentation hard copy.

8 Page No. 8 of 9 QP 3.1FLOW CHART DISASTER OR EMERGENCY OCCURS EMERGENCY RESPONSE TEAM MEET INCIDENT QUANTIFIED DISASTERS: EARTHQUAKE, BOMB, FLOOD, FIRE, SABOTAGE. New temporary premises to be sourced, appropriate to business needs. FINANCIAL LOSS: BANK CLOSES, BANKRUPTCY, FRAUD. New capital sourced to enable trading to continue. POWER/COMMUNICATIONS Stand-by generator and back-up server/pcs to be available. OTHER: DEATH, INJURY OR DISEASE OF DIRECTORS. Survivors to manage business to maintain customer service

9 Page No. 9 of 9 APPENDICES 1. List of Directors/Management Team contact names and telephone numbers. NAME POSITION LAND-LINE MOBILE AW HARPER CHIEF EXECUTIVE R H EVANS FINANCE DIRECTOR LT HILES BUSINESS DIRECTOR D BASFORD IT MANAGER P MCELROY QUALITY MANAGER