Emergency Planning for Essential Staff

Transcription

1 October 2013 Emergency Planning for Essential Staff Larry G. Wlosinski, CDP, CISSP, CISM, CAP, CRISC, CISA, ITIL v3, CBCP Prepare for Disaster: Recover Faster. 1

2 Larry G. Wlosinski CDP, CISSP, CISM, CAP, CRISC, CISA, ITIL v3, CBCP Federal Government Experience (24+ yrs) EPA, NIH, CMS, DOJ, DHS, DOE, DIA, NOAA Commercial Industry Experience (14 yrs) Insurance, International & Interstate Banking, Collections, Small Business Consulting Experience: Computer Sciences Corp. (CSC) Section Manager Lockheed Martin IT Security Manager Booz Allen Hamilton (BAH) Associate And others Sr. IT Security Engineer, Project Manager, etc. IT Security Expertise: Policy, Procedure, Guidance, Standards, Templates, Checklists IT Security Assessments (C&A/A&A, Risk, Audit) Continuity Planning (OEP, BIA, ISCP, COOP, DRP, Devolution, etc.) Cloud Security Incident Response & Planning 2

3 Belated Reminder: September was National Preparedness Month Update your Continuity Plans: Contingency, Devolution, Disaster Recovery, COOP, etc. Conduct a Fire Drill at each location Test your Backup and Recovery Devices and Media Verify Command Center readiness Test Emergency Communication capability Update Calling Trees 3

4 Objectives Provide a better understanding of federal government emergency planning Review some federal government requirements Provide an understanding of the different plans Present an idea of team responsibilities Pass along some lessons learned Show how the various plans differ 4

5 AGENDA Orientation - Threats Present Emergency Framework National Essential Functions (NEFs) Types of Plans Discuss COOP & Devolution Plan Federal Continuity Directives (FCD 1 & 2) Elements & Building Blocks Document Contents Response Teams Devolution Plan Contents & Comparison 5

6 AGENDA (2) Discuss IT/S Contingency Planning Implementation/Activation Criteria Contents Teams Exercises/Testing Reporting Lessons Learned, AAR Review Contents of Other Plans COG BCP DRP BRP IRP OEP Pandemic 6

7 Federal Mandates National Security Presidential Directive 51 / Homeland Security Presidential Directive 20 (NSPD-51/HSPD-20) 5/9/2007 National Continuity Policy Executive Order /18/1988 Assignment of Emergency Preparedness Responsibilities National Continuity Policy Implementation Plan 8/31/2007 Federal Continuity Directives (FCD) 1 and 2 Feb

8 Sample Threats Terrorist Attack Biological Bomb/Explosion Chemical Civil Disturbance Fire (direct or nearby) Water Damage or Stoppage High Winds (Hurricane/Tornado) Power Loss/Utility Failure Hostage Situation Radiological Structure Damage Building Deterioration (electrical, pipes, roof) Telecommunications Loss Community Disaster Metropolitan Commuting Failure Requests for Shelter Airborne Crash Health/Pandemic Work stopage 8

9 Hierarchy of Business Continuity Management in United States Civilian Agencies 9

10 National Essential Functions (NEFs) 1. Ensuring the continued functioning of our form of government under the Constitution, including the functioning of the three separate branches of government. 2. Providing leadership visible to the Nation and the world and maintaining the trust and confidence of the American people. 3. Defending the Constitution of the United States against all enemies, foreign and domestic, and preventing or interdicting attacks against the United States or its people, property, or interests. 4. Maintaining and fostering effective relationships with foreign nations. 5. Protecting against threats to the homeland and bringing to justice perpetrators of crimes or attacks against the United States or its people, property, or interests. 6. Providing rapid and effective response to and recovery from the domestic consequences of an attack or other incident. 7. Protecting and stabilizing the Nation s economy and ensuring public confidence in its financial systems. Providing for critical Federal Government services that address the national health, safety, and welfare needs of the United States. 10

11 PMEFs and MEFs Primary Mission Essential Functions (PMEF) are agency functions that support the performance of the NEFs Functions that need to be continuous or resumed within 12 hours after an event and maintained for up to 30 days or until normal operations can be resumed. Mission Essential Functions (MEF) are government functions that support PMEFs Functions that enable an organization to provide vital services, exercise civil authority, maintain the safety of the public, and sustain the industrial/economic base during disruption of normal operations. 11

12 Types of Emergency Plans Continuity of Government (COG) Continuity of Operations Plan (COOP) Devolution Plan Business Continuity Plan (BCP) Information Technology/System Contingency Plan (CP) Disaster Recovery Plan (DRP) Business Resumption Plan (BRP) Incident Response Plan (IRP) Occupant Emergency Plan (OEP) Pandemic Plan 12

13 Relationships of Emergency Plans NIST SP

14 14

15 Types of Emergency Plans USA Continuity of Government (COG) Many plans Continuity of Operations Plan (COOP) FPC 65 Viable, executable plans for leadership, succession, and key personnel to ensure that a department/agency s essential functions continue to function as needed. Information System Contingency Plan NIST SP Management policy and procedures designed to maintain or restore business operations, including computer operations, possibly at an alternate location, in the event of emergencies, system failures, or disaster. Disaster Recovery Plan (DRP) A written plan for processing critical applications in the event of a major hardware or software failure or destruction of facilities. The DRP defines management policy and procedures designed to maintain or restore computer operations, at an alternate location, in the event of emergencies, system failures, or disaster. FCD 1 = Federal Continuity Directive 1, October 2012; FCD 2: July 2013 FPC 65 = Federal Branch Continuity of Operations (COOP), June 2004 NIST SP = Contingency Planning Guide for Information Technology Systems 15

16 Types of Emergency Plans (2) Incident Response Plan (IRP) The IRP provides a roadmap for implementing its incident response program based on the organization s policy. The plan lays out the resources, management support, metrics, training, and reporting that is needed to effectively maintain and mature an incident response capability. Business Resumption Plan (BRP) Addresses the resumption of normal business after the contingency event is over. Business Continuity Plan (BCP) BCPs are written at the office/component level, and they focus on sustaining the essential Business Functions. These plans address the overall recovery strategy for the organization and the steps to be taken immediately after a contingency event is declared. The BCP includes the OEP, ITCPs, IRPs, DRP, and BRP. Pandemic Plan Pandemic Plan emphasizes that continuing operations in the face of a pandemic may not entail an official COOP declaration and that maintaining functionality may be accomplished through contact intervention (social distancing) strategies, telework and other means, and may not require the relocation of the personnel. The Pandemic Plan also recognizes that relocation may be necessary due to a separate or concurrent event. 16

17 Types of Emergency Plans (3) Crisis Communications Plan Establishes internal and external communications procedures Occupant Emergency Plan (OEP) Outlines an organization s emergency response: evacuation, calling emergency authorities, etc. Risk Management Trains planners in a risk-based approach to identify vulnerabilities or gaps to facilities, personnel, operations, and resources, and recommends mitigation actions Devolution Plan FCD 1 To ensure the continuation of an agency s essential functions in the event that the agency s leadership and staff are unavailable or incapable of performing its essential functions from either its primary or alternate facilities 17

18 Communications Emergency Notification System (ENS) Telework (e.g., Cloud ) Hoteling (e.g., FEMA, BAH) Virtualize Vital Records Resources/Tools (GotoMeeting, Skype) PDA, Cell Phone Texting SharePoint Voice Wireless 18

19 Continuity of Operations Plan (COOP) & Devolution Plan SEC_RITY is not complete without U! 19

20 Federal Continuity Directive 1 (FCD 1) Continuity Evaluation Tool (CET) Federal Executive Branch National Continuity Program and Requirements Program Plans and Procedures (21 questions) Budgeting and Acquisition of Resources (8) Essential Functions (13) Orders of Succession (10) Delegations of Authority (9) Continuity Facilities (22) Continuity Communications (10) Vital Records Management (20) Human Capital (15) Test, Training, and Exercise Program (34) Devolution of Control and Direction (10) Reconstitution Operations (16) Operational Phases and Implementation (47) 20

21 Federal Continuity Directive 2 (FCD 2) Business Process Analysis (BPA) Implements the requirements of FCD 1, ANNEX C. It provides guidance and direction to Federal executive branch departments and agencies for identification of their Mission Essential Functions (MEFs) and potential Primary Mission Essential Functions (PMEFs). It includes guidance and checklists (7 worksheets) to assist departments and agencies in assessing their essential functions through a risk management process and in identifying potential PMEFs that support the National Essential Functions (NEFs) the most critical functions necessary to lead and sustain the nation during a catastrophic emergency. The FCD provides direction on the formalized process for submission of a department s or agency s potential PMEFs that are supportive of the NEFs. Includes guidance on the processes for conducting a Business Process Analysis (BPA) and Business Impact Analysis (BIA) for each of the potential PMEFs that assist in identifying essential function relationships and interdependencies, time sensitivities, threat and vulnerability analyses, and mitigation strategies that impact and support the PMEFs. 21

22 COOP Elements Essential Functions Delegation of Authority Orders of Succession Vital Records, Databases & Systems Interoperable Communications Contingency Staff and Responsibilities Calling Tree Devolution Reconstitution Tests, Training, and Exercises 22

23 Continuity of Operations Plan (COOP) I. Introduction II. Purpose III. Application and Scope IV. Mission Essential Functions (MEFs) V. Authorities and References VI. Concept of Operations (next slide) VII. COOP Planning Responsibilities VIII. Logistics I. Alternate Location II. Interoperable Communications IX. Test, Training, and Exercises X. Multi-Year Strategy & Program Management Plan (MYSPMP) I. Budget II. Maintenance XI. COOP Maintenance 23

24 COOP - Concept of Operations PHASE I ACTIVATION AND RELOCATION Decision Process Alert, Notification, and Implementation Process Leadership Orders of Succession Delegations of Authority Devolution Personnel Accountability Acquisition of Resources Human Capital PHASE II ALTERNATE FACILITY OPERATIONS Mission Critical Systems Vital Files, Records, and Databases PHASE III - RECONSTITUTION 24

25 COOP - Sample Appendices A. Authorities and References B. Business Impact Analysis (BIA) C. Emergency Personnel Rosters D. Go-Kit Recommendations E. Emergency Operational Checklists (Code Orange & Red) F. Human Capital (OPM Guidance) G. Family Support & Preparedness H. Emergency Telephone Numbers I. Alternate Location/Facility Information J. Maps and Evacuation Routes K. Facility and Risk Assessments L. Emergency Communications Procedures M. Multi-Year Strategy and Program Management Plan (MYSPMP) N. Test, Training, and Exercises 25

26 Emergency Teams Management: Confirms and communicates site relocation decision; Receives the Initial Disaster Alert; Verifies Status of Personnel; Verifies and Assesses the Damage in Coordination with the Damage Assessment Team; Decides Course of Action (Short vs. Long Term; Alternate Site/Location Assessment); Coordinates Communication (Across Teams; Intra-Team); Activates the ITCP; Plans expenditures (funding requirements & allocation) Damage Assessment: Determines amount and type of damage; Prepares initial estimate of time to restoration (this estimate will be used by management to determine whether to invoke COOP and/or relocate personnel to alternate facility); Performs continuous communication with management and others responsible regarding status. Network Restoration: Performs restoration of Services; Responsible for ensuring that all backbone architecture is restored and stable (Voice, Video, Data); Vendor Coordination Application Restoration: Responsible for restoration of all organization s essential applications once notified by network restoration team that network is stable and ready for application restoration process to begin. Applications include: , Web services, Customer applications, etc. Physical Security: Responsible for physical and logical security; Ensures that only authorized personnel have access to either the main site or the alternate recovery site as required System/Network Security: Enforcement of all security plans, policies and procedures during and after the return to normal operations; Monitors environment and may advise on recovery efforts (e.g., malicious software or activity, network security controls/safeguards, reporting) Help/Service Desk: Invokes the crisis management procedure; Maintains list of points of contact; Receives problem/event information; Determines scope of problem; Prepares service desk standard response; Informs the team of situation and provide response verbiage; Answers problem/service calls; Completes Remedy tickets; Tracks problem and resolution activity; Adjusts call response according to events 26

27 Exercise & Lessons Learned Exercise Eagle Horizon annual Require involvement of Essential Staff Lessons Learned Plan, plan, plan Prepare scenarios Test Calling Tree Write an After Action Report (AAR) Implement enhancements 27

28 COOP to Devolution Plan Comparison Phase COOP Devolution Concept Planning Implementation (including tests, training, and exercises) Relocate selected personnel to alternate facility COOP personnel will perform essential functions at alternate facility COOP personnel deploy to alternate facility and perform essential functions Transfer COOP mission to devolution site Devolution site personnel will perform essential functions Devolution site personnel perform essential functions 28

29 COOP -vs- Devolution Normal Operations MISSION PERSONNEL FACILITY COOP Activation MISSION PERSONNEL FACILITY Loss of Facility COOP Execution MISSION PERSONNEL ERS FACILITY Devolution of Operations MISSION PERSONNEL FACILITY Loss of Facility & Personnel Devolution Execution MISSION New PERSONNEL New FACILITY Reconstitution Potomac Forum, Ltd. Takes Organization back to a state of Normalcy 29

30 Devolution Plan 2. CONCEPT OF OPERATIONS 2.1 Disruption of Operations 2.2 Operational Sites 2.3 Operations Activation Conditions 2.4 Devolution Scenarios 2.5 Relationship between Continuity & Devolution of Operations 2.6 Threat Conditions & Potential Responses 2.7 Assumption of Essential Functions and Mission 2.8 Orders of Succession 2.9 Delegations of Authority 2.10 Personnel Recall Roster 3. ORGANIZATION AND RESPONSIBILITIES 3.1 Responsibilities of Devolution Working Group 3.2 Responsibilities of Devolution Emergency Response Group (DERG) 3.3 Organization 30

31 Devolution Plan 4. DEVOLUTION OF OPERATIONS IMPLEMENTATION 4.1 Readiness & Preparedness 4.2 Activation & Transfer of Authority 4.3 Devolution Operations 4.4 Reconstitution 5. SUPPORT REQUIREMENTS 5.1 Personnel Coverage Procedures During DERG Activations 5.2 Vital Records Management 5.3 Pre-Positioned Information 5.4 Continuity Communications 5.5 Tests, Training, & Exercise Program 5.6 Security 5.7 Budgeting and Acquisition 5.8 Human Capital Appendices: MEFS Resource Requirements Devolution of Operations Sites Devolution Counterparts Acronyms Threat Scenarios 31

32 Information System Contingency Plan (ISCP) Prepare for Disaster: Recover Faster. 32

33 Criteria Needed to Implement ISCP Safety of personnel Service disruption that adversely affects the mission Extended power disruption Catastrophic network event Normal troubleshooting / restoration procedures are not sufficient to repair the outage in a timely period Unable to support the mission essential functions 33

34 Contingency Plan Outline 1. Introduction 2. Concept of Operations 3. Notification and Activation (next 3 slides) 4. Recovery Operations 5. Reconstitution (Return to Normal) 6. Testing Plans 7. Training Scenarios and Exercises 8. Lessons Learned 9. Plan Maintenance 10. Appendices 34

35 ISCP Concept of Operations PHASE I ACTIVATION AND RELOCATION Decision Process Alert, Notification, and Implementation Process Declaring a Disaster Determine Impact & Severity Activating the Recovery Data Center Leadership Orders of Succession Delegations of Authority Devolution 35

36 ISCP Concept of Operations PHASE II: ALTERNATE FACILITY OPERATIONS Systems Recovery Priority Vital Files, Records, and Databases Recovery Teams 36

37 ISCP Concept of Operations PHASE III: RECONSTITUTION Planning Responsibilities Logistics Alternate Location Backup Media Storage Interoperable Communications Test, Training, & Exercises Plan Maintenance 37

38 ISCP Appendices (Suggested) A. Personnel Contact List B. Vendor Contact List C. Detailed Recovery Procedures D. Alternate Location/Facility Information E. System Validation Test Plan F. Alternate Storage Site and Telecommunications G. Diagrams (System and Input / Output) H. System Inventory I. Interconnections Table J. Test and Maintenance Schedule K. Associated Plans and Procedures L. Business Impact Analysis (BIA) M. Document Change Page 38

39 ISCP Exercise Phases Damage Assessment Recovery Reconstitution 39

40 Recovery Teams Essential Recovery Personnel Primary, Secondary, Tertiary Teams Functions Leadership Team Leads Subject Matter Experts (SMEs) Actual teams are assigned as required to restore essential functions/systems for example: Management Team Damage Assessment Team Server Restoration Team Application Restoration Team Network/Architecture Restoration Team Database (DB) Restoration Team (when applicable) Security Team Help/Service Desk Team 40

41 ISCP Testing Objectives Keep personnel assignments and notification/call lists current Acquaint new employees with responsibilities Verify backup storage procedures Verify primary and backup site have same configurations Train staff Test recovery procedures and checklists Identify and correct vulnerabilities Identify and mitigate new threats 41

42 Sample ISCP Scenario Variables Power outage Loss of equipment or data Loss of connectivity Unavailability/loss of staff; staff turnover Level of testing (one sample, partial, full) Stale documentation Contractual support issues Conflicting priorities Problems with on/offsite work environment Issues with alternate location 42

43 Lessons Learned Report 1. Component 2. System(s) Covered 3. Exercise/Test Date 4. Personnel Present/Participants 5. Scenario/Exercise Description 6. Results a. Description b. Impact c. Team Issues 7. Lessons Learned a. What Went Right? b. What Went Wrong? c. What should have been done differently? d. Preventative measures and recommendations e. Follow-up actions needed f. Items for revised ISCP 43

44 CP After Action Report (AAR) Executive Summary Exercise Overview Goals and Objectives Synopsis Exercise Analysis Lessons Learned Exercise Concerns Exercise Response Analysis Action Items & Recommendations Appendices Exercise Scenarios 44

45 Sec-UR-rity - You are at the center. Other Plans: Continuity of Government (COG) Business Continuity Plan (BCP) Disaster Recovery Plan (DRP) Business Resumption Plan (BRP) Incident Response Plan (IRP) Occupant Emergency Plan (OEP) Pandemic Plan 45

46 Continuity of Government (COG) - Many plans by sector Agriculture & Food Banking & Finance Chemical Commercial Facilities Communications Critical Manufacturing Dams Defense Industrial Base Emergency Services Energy Government Facilities Healthcare & Public Health Information Technology National Monuments & Icons Nuclear Reactors, Materials & Waste Postal & Shipping Transportation Systems Water 46

47 Business Continuity Plan (BCP) Business continuity planning reestablishment of critical business operations so that operations can continue If a disaster has rendered the business unusable for continued operations, there must be a plan to allow the business to continue to function 47

48 Disaster Recovery Plan (DRP) 1. Purpose and Scope 2. Objectives [e.g., Scale up and manage alternate site] 3. Assumptions 4. Criteria for Invoking DRP 5. Team Responsibilities 6. Emergency Procedures (Recovery Team) 7. Recovery Scenarios (Minor, Major) 8. Recovery Tasks/Activities by Team (Immediate, 3 Hours, 24 hours, Ongoing) 9. Command Center (Primary & alternate locations; Requirements) 10. Standby Facility (Location; Activation POC & Procedures) 11. Data Storage (Location, POC Information) 48

49 DRP (2) 12. Critical Applications (Classification, Prioritized, Time Est., Requirements) 13. Supplies for Standby Facility (Immediate needs; Where to obtain) 14. POC Information (Management, Teams, Vendors & Suppliers, Users) 15. Inventories Hardware: mainframe, server, workstations/pcs, disk & tape drives, printers, network equipment, non-computer Software: operating systems, utilities, application, data/backup 16. Supporting Documentation (Production schedules, policies, site plans, network diagrams, backup and restore procedures, first aid, OEP) 17. Testing and Training 18. Plan Maintenance (Cycle, records, distribution) 49

50 Business Resumption Plan (BRP) Government: Largely used by the government for focusing on specific essential functions within the organization. Industry: The business resumption plan addresses restoration of your business after an emergency. Different from the disaster recovery plan and business contingency plan, the BRP does not contain continuity procedures used during an emergency; instead it focuses on preventative measures and after the dust settles. The BRP helps you get your business back into full running order. 50

51 Sample Incident Response Plan (IRP) Purpose Scope Applicability Definitions Requirements for Incident Response Objectives and Measures of Effectiveness Organization and Structure Roles and Responsibilities Policies and Procedures: Pre-Incident Actions, Incident Recognition, Incident Reporting, Investigating and Reporting Data Loss Incidents, Incident Response Procedures Vulnerability Management Information Dissemination Control Compliance Requirements Appendices: POCs, Reporting Form(s) 51

52 Occupant Emergency Plan (OEP) Emergency Alarms Emergency Instructions for All Employees Evacuation Procedures Personnel Assignments Duties of Emergency Response Participants Cellular Phone and Pager Usage Shelter-In-Plan Appendices: Emergency Services & Utility Services Homeland Security Advisory System Evacuation Plan 52

53 Pandemic Plan 1. OPM Human Capital Planning for Pandemic Influenza 2. COOP Annex Pandemic Influenza 3. Response Stages 0-6 & Checklists 4. Government Purchase Card 5. Support of the Federal Response to a Pandemic Emergency 6. External Stockholder Communications 7. Response Stage Sample Messages 8. Contractor Management: Contractor Guidance During a Pandemic; Notice to Contractors; Emergency Acquisitions 9. Main Office Phone Numbers 10. Interoperable Communications; POC Lists 11. Accountability: Accountability Policy; Authority to Grant Administrative Leave Letter; Staff Accountability Worksheet 12. Non-Traditional Roles 13. Awareness Tools: Posters, Brochures, Web Sites, etc. 14. Vaccination Prioritization 15. Telework Program & Policy (Request Form & Agreement) 53

54 Appendices to Pandemic Plan PMEFs and MEFs Emergency Procurement Procedures Pandemic Response Procedures Pandemic Evaluation Tool Communications Preventative Measures Human Capital Guidance References Glossary and Acronyms 54

55 55

56 Boy Scout Motto: Be Prepared! 56