Abstract

Disaster simulation exercises are used to test the staffing, management, and decision making of both the computer and non-computer related aspects of an organization's business continuity and life-safety plans.  Special simulation methods must be used to exercise the Disaster Management Team and their Emergency Operations Center.  A proven approach to designing and conducting this type of simulation is presented, including a full script from an actual simulation exercise.

Keywords:

Disaster simulation, contingency planning, business resumption planning,
business continuity management, life-safety, command centers

---

During the 1980's and 1990's, contingency planning evolved from data center backup planning, to business resumption planning (BRP) and recently to business continuity management (BCM).  Business resumption planning involved arranging for emergency business and data center operations and recovery planning following a disaster.  The growth of commercial backup data centers has made available inexpensive data center contingency resources for all but the largest organizations.  The commercial hot/cold backup sites are available for testing of critical applications, so that most organizations had, by the late 1980's, fully tested data center contingency plans.  However, the vast majority of data center users had only a vague idea of how they might operate during a disaster that destroys the data center or their personnel-oriented operating locations.

Data processing management has gradually persuaded their users that they need a BCM plan that integrates with the data center plans.  Data processing management has also persuade many of their users that there is a need for simultaneously testing the data center and the user's business continuity plans through disaster simulation exercises similar to those described in this paper and by Rosenthal and Himel [2].  However, unless these BCM plans are periodically tested, they are seldom usable operationally.  Plans that were initially operationally viable become obsolete very quickly unless periodic tests force every department and work group to maintain off-site: up-to-date contact lists; files and processing resources; communications resources; and current programs, procedures, and forms.

Disaster simulation exercises are now widely used to exercise the staffing, procedures, and resources for both the computer and non-computer related aspects of an organization's business continuity management and life-safety plans.  The scenarios and simulation methods normally used for these exercises are designed to test the various functional teams charged with recovering business operations while assuring the safety of personnel and facilities.

The disaster management team (DMT) charged with coordinating the actions of the functional teams during notification, mobilization, activation, emergency operations, and recovery are normally involved in these simulations only as observers.  This lack of involvement results from the need to use highly structured scenarios that include the expected decisions of the management team.  Separate simulation exercises as described in this paper are therefore normally required to test the preparation of the DMT and the configuration of their Emergency Operations Center (EOC).

Functions of Operational and Simulation Testing

There are two primary activities involved in testing a BCM plan and the DMT:

Operational Testing

Performing critical computer and non-computer related tasks using backup resources and facilities.

Simulation Testing

Performing the notification, mobilization, activation, emergency operations, and recovery phases of a BCM plan based on a typical disaster.

The methodologies for operational testing are well known.  Organizations with available backup resources, normally adequately test their emergency operations capability.  However, the use of simulation for testing the managerial aspects of their BCM plan is rare, and the methods for planning and conducting such simulations are poorly understood.  This paper, therefore, presents a proven methodology for BCM plan simulation that has been used in several simulations conducted in the Los Angeles basin.  In addition to the methodology, a script from an exercise is included that was used by a major Los Angeles financial firm.

Business Continuity Management Planning Life Cycle

Rothberg [6] defines a disaster as "...any event that causes significant disruption to operations, thereby threatening the business' survival."  Business resumption planning (BRP), the newest term for disaster recovery planning, can be conceptually divided into three major phases: prevention, planning, and testing.  Figure 1lists the major life cycle tasks needed to protect against such disasters.  Exercising the disaster management team (DMT), the subject of this paper, is the last step in the BRP life cycle.  It is usually the least performed activity in the BRP life cycle.

An excellent example of a BCM plan for a university data center can be found in Rohde and Haskett [5].  They, as do most other authors, stop short of the testing phase.  Without both periodic operational testing (performing critical business functions using backup resources) and simulation testing (exercising the decision making portions of the plan), a plan quickly becomes unusable.

Phase I- Prevention

The first steps in a BCM plan procedure, is to determine the possible extent of exposure to a disaster, and then to minimize the probability of a disaster occurring.  The initial step in any BCM plan procedure is that of obtaining the substantial funding normally required.  This requires selling the Board of Directors on the reality of a possible disaster and the impact on the ability of the organization to survive.

According to Yetter [8], an inadequate understanding of the potential threats and their possible impact is often the weak link in many disaster security and recovery programs.  His paper is an excellent presentation of the quantitative approach to threat evaluation.  The results of such a quantitative study is used to rate the potential severity of each hazard as a guide for prevention and recovery spending.

The detailed quantitative approach to risk analysis is popular with government and large industrial firms with major consulting budgets.  The board of directors of most firms however, responds better to a fiduciary responsibility analysis.  A list of risks to which the firm's facilities and personnel is exposed is presented and a case study approach is used to demonstrate realistic risk exposure.  Estimates are made of the financial impact on various business functions, computer related and non-computer related, of a loss in resource capability.  When the impacts include financial or service level losses that can effect the firms' survival, then the board members fiduciary responsibility requires a prudent level of protection and recovery capability.  Funding for an adequate BRP is then made available, often as a priority project.

Physical security planning primarily involves access controls, fire and water protection, earthquake and storm hardening, and critical records security.  Most firms have a physical security program in place covering these areas prior to the implementation of a BRP program.  The second step in the BRP is therefore simply an assessment of the program, and improvement if necessary.  The authors experience indicates that the critical records area, particularly for non-computerized files, is frequently the major weak point.

Data security and protection programs are not as wide spread as physical security programs.  Few firms have high quality data oriented security programs, particularly in the personal computer area and for non-financial & personnel manual records involving off-site backup of critical records.  This area frequently requires a major effort.

Phase II- Planning

The disaster planning process outlined in Figure 1 is often initiated by the data center, as it implements applications critical to the day-to-day operations of the organization.  The data processing oriented disaster planning selling job to the board often alerts them to the risk presented by the non-computerized portions of the firms operations, and as discussed in Orr [4] a total recovery planning effort is initiated.  A good overview of the BRP process can be found in Janulaitis [3].

Phase III- Testing

Desk top walk through  - Prior to any detailed testing, key stakeholders in the BRP are convened in a conference room, and a detailed review is performed of the plan.  Many small events are described and the participants are asked to state how the plan would guide their reactions.  The events should require utilization of: major backup resources, emergency operations approaches, and all emergency response teams.  Following this step, operations and simulation tests are scheduled.

Operational testing  - Few organizations operationally test the complete disaster reaction cycle of: activation, life-safety, damage assessment, mobilization, emergency operations using off-site files and backup resources, and recovery planning.  Only the data processing emergency operations area can be tested without involving a substantial number of persons during business hours.  The scope of most operational tests therefore, includes: a semi-annual off-hour call to the manager of data center operations, assembly of the backup site operations team, acquisition of backup materials from an off-site location, travel to a backup hot/cold site, installation of systems and applications software, loading production data, and systems test of several critical applications.

Simulation testing  - Simulation is the most feasible approach for testing the decision making aspects of disaster reaction activities.  The use of simulation exercises for BRP has been spreading slowly over the last decade.  Unlike their counterpart military war games that use computer driven scenarios to perform very realistic exercises, BRP exercises are paper and pencil simulations.  Teams are placed at tables representing their backup locations, and the description of an evolving disaster is presented.  The teams communicate using backup communication resources or forms, make decisions, and everyone pretends that what is ordered actually happens.  Debriefings and evaluation studies follow to correct any flaws in the BRP.

Most simulation exercises are very successful in that they force personnel to learn the BRP while working together, and find flaws and inconsistencies in policies and plans.  The remainder of this paper presents a detailed methodology and the disaster scenario used recently by a major Los Angeles firm for performing such a simulation exercise for their Disaster Management Team.  Details of a similar approach for the simulation testing of Emergency Response Teams representing business functions or operational activities, can be found in Himel and Rosenthal [2].

Functions of BRP Teams

Most organizations with mature business resumption plans have a three tier BRP organization structure (for an example see Coleman [1]), including:

Top tier          Policy Group

Second tier    Disaster Management Team (DMT)

Third tier      Emergency Response Teams (ERT)

The top tier Policy Group consists of upper-level executives that are available for approving major DMT decisions involving customer service impact, major expenditures or major potential liabilities.  For example, after the Bay Area earthquake a major bank opened their branches the next day without power and full cleanup and repairs.  The ability to provide much needed cash to customers was deemed more important than the potential for accidents or robberies.

The middle tier DMT includes representatives of key departments and functions involved in life-safety and business contingency planning.  Figure 2 lists the functional organizations often represented on a DMT.  Selecting the chairperson of the DMT is often a difficult and politically sensitive decision.  The pressure to appoint a senior executive should be resisted.  Senior executives belong in the Policy Group among their peers.  The chair of the DMT, and therefore the coordinator of the EOC, should be an extremely knowledgeable peer of the other members of the DMT. The chair should not however, be associated with any ERT.  The chair is frequently the supervisor of the Project Head, Business Continuity Planning.

 

The third tier is made up of a large number of Emergency Response Teams (ERT).  For example, the data processing area might have specialized logistics, backup data center operations, network operations, and user support ERTs.  The safety area might include a dozen or more ERTs with first aid and evacuation responsibilities, each headed by a floor warden.

Periodic Testing of your BRP

Every six months your plans should be operationally tested using your backup facilities and offsite storage resources.  Every year the management aspects of your plan should be simulation tested.  These two activities assure the currency of your plan and the readiness of your staff.

---

The remainder of this paper discusses the planning of simulation tests for 2nd-tier disaster management teams.

---

Functions of a Disaster Management Team (DMT)

During a disaster the DMT has two primary functions:

Life-Safety Management

Coordinating the efforts of emergency response teams to assure the safety of personnel and to minimize the damage to their facilities following a disaster.  A life-safety DMT is normally organized for every major facility or campus.

Business Continuity Planning

Planning and coordinating emergency operations and restoration of normal operations following a disaster.  A business continuity DMT is normally responsible for a total business unit, frequently involving multiple and wide-spread facilities.

A combined life-safety and business continuity simulation test is feasible for organizations with a single facility or campus.  However, for organizations with multiple facilities, separate life-safety tests for each locations plus a separate integrated business resumption test are normally performed.

The Emergency Operations Center (EOC)

The EOC of the firm that used the scenario presented in this paper illustrates the most common and least expensive approach, using a converted conference room.  Large conference rooms at two or more widely separated locations are permanently converted to EOCs.  Furnishing and equipment required include:

• Telephone consoles for each participant; including an EOC rotary line, a dedicated incoming line for each function, and a line for outgoing calls.

• TVs and radios to monitor news and public announcements.

• White boards, tack boards, and flip charts.

• Facility maps and area maps with medical and emergency service facilities identified.

• Multiple radios with multiple channels for use in communicating with emergency response teams and the outside world.  At least one of the EOCs will often house a portable satellite communication unit.

• Room power connected to the building's emergency power system.

• Food, water, and rest facilities for primary and alternate DMT members.

California firms often have Los Angeles and San Francisco EOCs because of the possibility of an area wide disaster due to a major earthquake.  Other areas of the world may not need this much separation between locations.

A dual room EOC approach is also used; normally by organizations with frequent operational emergencies, such as utilities exposed to power outages or pipeline breaks.  It involves two rooms, one for management and one for operations personnel with a glass wall between them.  The EOC is used for both operational emergencies and for disasters affecting non-operational facilities and personnel.  A second conference room type EOC is also normally available at a site remote from the primary EOC.

EOC testing involves two functions: a periodic walk-through of all equipment by the Project Head- Business Continuity Management Planning, and periodically performing BCM plan simulations in the EOC.

Designing a DMT Simulation Scenario

Proper planning of a scenario requires a detailed knowledge of the risk exposures and business continuity plans for all impacted facilities and organizations.  As discussed in Rosenthal and Himel [2], a scenario should:

• be solvable for most of the life safety and business functions participating, using existing plans and backup resources

• represent the occurrence of realistic risk exposure

• be capable of being partitioned into four to six time steps, each representing a unique but solvable set of problems.

The simulation scenario which follows was derived from a State of California earthquake planning scenario [7].  It is based on a major earthquake occurring at the southern edge of the Los Angeles basin.

Scenario Period One

Period One simulated time of 3:00 p.m., as described in Exhibit 1, was immediately after a major earthquake in the Los Angeles basin approximately 15 miles from the firms' location.  Exhibit 1 was read to the participants at the start of the time step, and a copy was given to them as reference material.  This same process was repeated for each time-step.

The EOC was considered to have been activated and the DMT had to assess the status of their facilities, handle life-safety activities, and plan for their employees' safety and comfort.

Scenario Period Two

Period Two simulated time of 8:00 p.m., as described in Exhibit 2, was five hours after the earthquake.  Travel throughout the Los Angeles Basin is extremely difficult, and a curfew is starting.  The DMT must implement a sleep-over program and protect their facilities.

Scenario Period Three

Period Three simulated time of 11:00 p.m., as described in Exhibit 3, was immediately after a strong aftershock.  Significant additional damage and employee hysteria require the DMT to revise their sleep-over and next-day life-safety and business resumption plans.

Scenario Period Four

Period Four simulated time, as described in exhibit 4, was 8:00 a.m. the next day.  The curfew is over, and the DMT must plan to send as many employees as possible home, while implementing short term business resumption plans.

Scenario Period Five

Period Five simulated time, as described in Exhibit 5, was 6:00 p.m. the next day.  The DMT must create a business recovery and facility repair plan.

The scenario work-sheets have been edited to delete material relating to the firms specific facilities and business operations.  The scenario and solutions therefore do not represent the full set of responses that were expected from the organization.

Administering a DMT Simulation Exercise

As discussed in Rosenthal and Himel [2], operational simulation tests of emergency response teams are evaluated following the simulation.  DMT simulations are of most value however, when an evaluation and redirection period occurs at the close of each scenario time period.  This improves the learning experience and assures consistency between the following time periods scenarios and DMT planning.  Simulation exercises of single emergency response teams can also be handled in the same manner.

External communications to the Policy Group and to the emergency response teams can be handled in two ways:

• The chairperson of all emergency response teams can be briefed prior to the simulation exercise and are available to produced planned responses through the emergency radio or telephone network.  The Policy Group responses are however handled by a member of the test administration team.
  

• The test administration team can simulate all external responses and provide all input information.

Most DMT members prefer the second alternative since it does not expose their mistakes to persons that work for them.

The time allocated to the DMT to generate a solution to each scenario stage and then review the solution with the administration team normally takes 45 - 60 minutes for the first time step, reducing to 20 - 30 minutes for the final time step.

Evaluating the Simulation

Following the simulation exercise, the Test Administration Team with the Project Head- Business Continuity Planning, should plan to spend at least a half day evaluating the impacted BRP policies and procedures as well as each DMT members' knowledge.  Brief individual briefings should then be held with each DMT member and their alternates, and action plans to correct any deficiencies prepared.  The Project Head- Business Continuity Planning must then monitor the implementation of the action plans in preparation for the following years DMT simulation exercise.

---

Conclusions

At the disaster management team exercises that I have observed, the participants indicated that the review of policies and procedures, and the lessons learned were extremely valuable.  They were also surprised at the number of omissions and inconsistencies found in their life safety and business resumption plans.

The primary value of a DMT simulation exercise is the realization by management, that the extensive testing conducted for the emergency response teams had little impact on the Disaster Policy and Disaster Management Teams preparation.  They realize how important it is that simulation exercises similar to the one described in this paper for the Disaster Management Team be conducted every few years. Additionally a Desk Top Walk Through for the Disaster Policy Team should also be conducted periodically.

---

References

1. Coleman, Paul.  "The First Interstate Fire: Plan, Preparation and Activation."  Contingency Journal.  (1:2) April-June 1990, pp. 16.
   

2. Rosenthal, Paul and Himel, Barry.  "Business Resumption Planning: Exercising Your Emergency Response Teams.
   

3.  Computers & Security. (10:6) October 1991, pp. 497-514.
   

4. Janulaitis, M. Victor.  "Creating a Disaster Recovery Plan."  Info Systems. (32:2) February 1985, pp. 42-43.
   

5. Orr, Daniel.  "Toronto Dominion Bank: Management Support and Expert Systems Tools Speed Contingency Planning.
   

6.  Contingency Journal. (1:2) April-June 1990, pp. 24.
   

7. Rohde, Renete and Haskett, Jim.  "Disaster Recovery Planning For Academic Computing Centers."  Communications of the ACM.  (33:6) June 1990, pp. 652-657.
   

8. Rothberg, M. L. "Disaster Plans: Added Complexity."  Computer Decisions.  (21:2) February 1989, pp. 16.
   

9. Toppozada, T. R., Bennett, J. H., Borchardt, G., Saul, R. and Davis, J. F. Planning Scenario For A Major Earthquake On The Newport-Inglewood Fault Zone.  (Special Publication 99)  Sacramento, California: California Department of Conservation, Division of Mines and Geology, 1988.
   

10. Yetter, David L. "Hazard Analysis Techniques for Business and Industry."  Contingency Journal.  (1:2) April-June 1990, pp. 6. * Andrew Hiles (2003).  Business Continuity: Best Practices: World-Class Business Continuity Management, Second Edition.  Rothstein Associates Inc. (ISBN: 1931332223)
    

11. Commonwealth of Australia (2000).  Business Continuity Management: Better Practice Guide.  The Publications Manager, Australian National Audit Office, GPO Box 707 Canberra ACT 2601.
     http://www.anao.gov.au/WebSite.nsf/Publications/4A256AE90015F69B4A2568EE0010062B
    

12. Philip Jan Rothstein, Julia Graham and David Kaye (2006).  A Risk Management Approach to Business Continuity: Aligning Business Continuity with Corporate Governance.  Rothstein Associates Inc. (ISBN: 1931332363)

---

Exhibit 1A: Scenario 1 Announcement

Simulated Time: 3:00 pm, Wednesday

Earthquake Magnitude 7.0 - 7.4, Major Quake- major destruction within 5-10 miles, significant destruction within 10-15 miles, major damage within 15-20 miles.

• Epicenter Near Long Beach
  

• Southbay Roads and Freeways Impassable and badly damaged.  A mile of I-405 east of Long Beach Freeway destroyed.
  

• Significant Damage to Roads and Freeways throughout the LA Basin- Traffic at a Standstill.  Concrete ruble surrounding interchanges and many bridges.
  

• Streets and Walkways close to High-rise and Masonry Buildings impassable and unsafe due to Falling Glass and Debris.  Vehicles can not move through streets adjacent to high-rise buildings.
  

• Utilities Unavailable, Telephone System Reserved for Emergency Agencies Uses Only.  No dial-tone for outgoing calls.
  

• Downtown Buildings have suffered Significant Damage to Contents, Walls, Ceiling, and Windows, Plus Extensive Water Damage from Leaking Pipes & Sprinklers.  Furniture and computer components have traveled across rooms severing wires and cables.
  

• High-Rise Buildings have Suffered Extensive Loss of Glass on Upper Floors.  Widespread Cracking of Glass on Lower Floors.  Floors above tenth are not occupiable.
  

• The Emergency Operations Center (EOC) has been activated and occupied.

 What would you do?       What are your plans?

---

Exhibit 1B: Report from Project Head, BRP

 

Simulated Time: 3:30 pm Wednesday

The following information is based on initial radio reports,

A 7.0 - 7.4 Intensity earthquake has occurred on the Newport-Inglewood fault centered in the Long Beach area.

• Damage from the quake in the Long Beach area is equivalent to Level XI Intensity Shaking:

• Damage from the quake in the area surrounding Long Beach (within approximately 10-15 miles) would be equivalent to Level X Intensity Shaking:

Ground badly cracked, shifted sand & mud, landslides from steep slopes.  Some well-built wooden structures destroyed, most masonry and frame structures destroyed, severe damage in specially designed (high rise) buildings.

• Damage from the earthquake in the areas between 15-20 miles (includes downtown Los Angeles) would be equivalent to Level IX Intensity Shaking:

Damage considerable in specially designed buildings (high rise), damage great in substantial buildings with partial collapse, and many buildings shifted off foundations.  High rise Buildings will lose substantial glass above 10 stories and almost total loss of glass above 20 stories, with violent shifting of contents in upper floors.

---

 

Exhibit 1C: Report from the Damage Assessment Team

 

Simulated Time: 4:00 pm Wednesday

• Epicenter of Quake Reported Just West of Long Beach Airport.
  

• Severe Destruction in Long Beach and Surrounding Areas.
  

• Extensive Damage Throughout LA Basin, No Utilities, Traffic at a Standstill, Most Freeway Interchanges Closed.  Utilities will require several days to restore outside the LB area; SFV and eastern areas may have services on Thursday.
  

• Telephone Systems locked-out From Other Than Emergency Locations.
  

• Dusk to Dawn Curfew Announced for LA County for all persons without Emergency Services Passes.  Violators will be detained and heavily fined.
  

• LAX and LB Airports Closed, Others Open for Incoming Emergency Personnel Only.
  

• Mayor's Announcement- Don't Travel, Take Cover, Be Ready for Major After-Shocks
  

• No Structural Damage to our Downtown Buildings.
  

• Upper floors of all buildings reporting extensive damage, broken and missing windows, furniture has moved across rooms.
  

• Computer Center is badly shaken.  Many pieces of equipment have moved and broken their cables.  All systems are being shut down as gracefully as possible, luckily our UPS worked.
  

• Many minor injuries in all buildings.  First Aid Teams are handling.
  

• Many people are hysterical, everyone is upset.
  

---

Exhibit 2: Scenario 2 Announcement

 

Simulated Time: 8:00 pm., Wednesday

• Curfew Going Into Effect.  Streets almost empty of people.
  

• First Aid Facilities overloaded with injured.
  

• Traffic Within 10 Miles of Long Beach at a Standstill, cars being abandoned.
  

• LA Basin Freeways & Interchanges Closed Until Inspected, Due To Possible Bridge Damage.  Caltrans hopes to open most northern LA Basin Freeways by late Thursday.
  

• Many Surface Streets Blocked By Debris and Abandoned Cars.  Major streets in area show light traffic.
  

• Public & Private Contractor/Construction Personnel Are Being Mobilized to Clear Major Streets & Freeways.
  

• Telephone System Operational But Overloaded.  Everyone requested to use phones for medical emergency use only.  Dial-tone after half-hour waits.  Local calls getting fast busy.  Long distance calls going through.
  

• Military Personnel Deploying Throughout the LA Basin, Particularly in Business & Shopping Areas.  National Guard being deployed, army expected during night.
  

• Many Displaced and Homeless Persons Trying To Enter Our Buildings Seeking Shelter.
  

• What are your plans for this evening and night?
  

---

Exhibit 3: Scenario 3 Announcement

 

Simulated Time: 11:00 pm., Wednesday

• Major 6.0-6.4 After-Shock near Culver City.
  

• Major Damage in Areas South-West of Downtown.
  

• Additional Significant Damage to All Our Buildings, including Structural Damage to Headquarters Building. Cracks and wall-to-support beam separation. Extensive glass cracking and some loss on lower floors, including ground floors.
  

• Widespread Hysteria and Some Minor Injuries- Primarily in Headquarters Building.
  

• Fires Visible In Night Sky West & South of Downtown.
  

• What should you do and announce?
  

---

Exhibit 4: Scenario 4 Announcement

 

Simulated Time: 8:00 am, Thursday (Next Day)

• Curfew Over, Military Everywhere.
  

• Limited Open Travel Routes to be announced at 10:00 am, Curfew to Continue for Several Nights.
  

• Utility Services to be restored by Neighborhood during Next Several Days (except for Long Beach Area). Utilities will be restored to downtown over weekend; residential areas are being given priority.
  

• Access to Long Beach Area Open to Residents Only
  

• Smoke from Fires Visible in Areas West & South of Downtown
  

• What are your plans for today and Friday?
  

---

Exhibit 5: Scenario 5 Announcement

 

Simulated Time 6:00 pm, Thursday (Next Day)

• Except for some single personnel living in the Long Beach area and selected key security personnel, all of our employees have returned home.
  

• Numerous members of our Emergency Response Teams, including approximately half of the team leaders, have called from home for instructions.
  

• Utilities will start to be restored in much of the LA Basin tonight and tomorrow.  Most main roads and some freeways outside the Long Beach and west side area are open and running reasonably well.
  

• Damage assessment team estimates that approximately half our total LA Basin floor space will be available Monday.  Headquarters Building space will probable not be available for several weeks.
  

• What are your plans for the rest of this week?
  

---

Exhibit 6: Scenario 1 Solutions Checklist

DMT Chair & BRP Head             _______     -Announce BRP  Activation  -Open EOC Log  -Establish Policy  Group Contact

Security                   -Assess Move to  Shelter Areas vs.  Evacuation of  Building  -Activate EOC  -Make Initial  Buildings  Announcements  -Activate  EOC & ERT's  Communications

Logistics                   -Verify Supplies  Available to Area ERTs  -Assess Potential  For Personnel  Returning Home  -Initiate Collection  of Injured as Feasible

Human & Public Relations                    -Assess EOC/ External  Communications  -Assess EOC/Employee  Communications  -Monitor Public  Information  -Initiate Building   Announcements

Customer Service

Manufacturing/Operations                   -Determine Status  of Potential Repair & Supply Vendors

Facilities                   -Activate  Emergency  Building Operations  -Initiate Damage  Assessment  -Initiate Security  Program for  Building &  Surrounding Area

Data Processing                    -Activate Backup  Data Center  -Activate EOC/  Data Center  Communications  -Assess Data  Center Status  -Assess Voice &  Data Network  Status

Coordinate Notification &  Shelter Planning

-Asses Status & Initial Response  -Develop Policy  for Admission of  External People  -Review Plans with Legal  -Brief Policy Team on  Status and Plans

-Monitor Egress and Dispatch of Personnel  -Initiate Sleepover Plan

-Assign Groups to  Shelters  -Assign First- Aid Personnel to Injured  Collection Areas -Assign Volunteers  to Replace  Telephone Handsets

-Initiate Employee Status Reporting -Initiate Public  Announcements  as Feasible  -Announce Shelter Plan & Initiate  Movement of  Personnel  -Assign HR Support  Staff to Shelter Areas  -Produce Periodic  Announcements

-Inform Other Company Locations of  Status & Plans as Possible

-Attempt Contact  with Out of Area  Repair & Supply  Vendors

-Activate Building  Login & Logout  Procedures  -Initiate  Periodic Building &  Area Status  Reporting

-Activate  Contingency  Plans Using  Out of Area  Personnel,  Tapes and  Supplies  -Arrange for Dispatch, when Feasible,of Tapes and Teams to  Backup Data  Center

 

---

Exhibit 7: Scenario 2 Solutions Checklist

 

DMT Chair & BRP Head                   -Arrange for EOC  Rotation   -Monitor Status  Reports from  ERT Teams

Security                   -Activate Overnight  Area and Building  Security Program  -Report Onsite,  Logout & Login  Statistics

Logistics                   -Analyze Staff  Egress Potential  -Initiate Route  Maps Preparation  -Distribute  Backup Food  and Supplies

Human & Public Relations                   -Plan Public &  Family  Information Plan  -Draft Overnight  Shelter Plan  Announcements  -Draft Emotional  Support Plan  Announcement  -Staff Family  Response System

Customer Service

Manufacturing/ Operations                   -Determine Status  of Out of Area  Support

Facilities                   -Adjust Shelter  Occupancy  Patterns as Needed  -Activate Fire  watch Program  -Activate Shelter  Registration Program

Data Processing                   -Monitor Activation of  Backup Data Center  by Out of Area  Personnel

�Coordinate Finalization of Overnight Plans

-Brief Policy Team -Establish Rules  for Confidential  Information  With Policy Team

-Verify Security & Fire Watch Programs  -Close Off Area  Perimeters

-Monitor Traffic  Reports for Use  in Route Maps

-Announce the  Shelter, Support, and  Family Information Plan -Activate Family Call and Information Plan

-Inform Out of  Area Management  of Status and Plans

-Activate Out of  Area Support  for Next Day

-Reserve Hotel  Space for EOC  & Other Watch  Personnel -Plan Cleanup and Repair Projects

-Initiate Data  Center Close Down

 

---

Exhibit 8: Scenario 3 Solutions Checklist

DMT Chair & BRP Head                   -Assess Total Situation  -Maintain EOC Rotation

Security                   -Verify EOC/ Shelters Communications  -Arrange Evacuation of any Newly   Damaged Areas

Logistics                   -Activate Plan for Collection of Injured

Human & Public Relations                   -Draft Revised  Announcements

Customer Service

Manufacturing/ Operations

Facilities                   -Initiate Facility  Inspections  -Check All  Communications

Data  Processing

�Coordinate Employee Announcements

-Brief Policy Team

-Verify Evacuations  -Inspect Area, Building, and Shelter Security

-Continue Route  Map Preparation

-Assign Volunteers to  Replace Phone Handsets  -Announce Status and  Plans to Personnel

 

---

Exhibit 9: Scenario 4 Solutions Checklist

DMT Chair & BRP Head                   -Develop Plan  for Long Term  EOC Staffing  -Coordinate  Evaluation of  Business  Resumption  Options

Security                    -Develop Plan  for Long Term  Building and  Area Security

Logistics                    -Determine Status  of Streets and  Freeways   -Create Phased  Evacuation Plan -Produce Route Maps

Human & Public Relations                   -Evaluate Long  Term Shelter  Requirements  (Inhouse and   Hotels)

Customer Service

Manufacturing/ Operations                   -Finalize  Emergency Support  and Procurement  Requirements

Facilities                   -Mobilize Crews  for Repair and  Cleanup

Data Processing                    -Arrange Dispatch  of Tapes and Teams to Backup Data Center  -Plan Recovery  of Data Center

Coordinate Finalization of Evacuation Plan

-Report to  Policy Team -Initiate Long  Term Staffing  of EOC -Initiate Repair  Plan

-Initiate Long  Term Staffing

-Distribute  Route Maps   -Initiate Long  Term Plan for  Use of Company  Vehicles

-Announce Phased  Evacuation Plan

-Inform Other  Locations of  Business  Resumption Plans

-Initiate  Emergency  Procurement  and Support

-Activate Long  Term Housing  for: EOC,Watch,  Security, and  Repair Staff

-Dispatch Tapes  and Teams to  Backup Site

 

---

Exhibit 10: Scenario 5 Solutions Checklist

 

DMT Chair & BRP Head                   -Coordinate  Documentation  of  EOC Staffing Plan  -Coordinate  Documentation of Business Resumption  and Emergency  Operations Plans

Security                    -Activate Housing Plans for Homeless, Repair and Emergency  Operations Staff

Logistics

Human & Public Relations                   -Draft Public  Announcements  of Emergency  Operations and  Business  Resumption  Plans

Customer Service

Manufacturing/ Operations                   -Document Recovery and  Emergency Operations Plans

Facilities                   -Finalize Repair  Schedule

Data  Processing                     -Monitor Backup  Data Center Operations  -Document Data  Center Recovery Plan

Brief Policy Team

-Coordinate Distribution  of Plans and Schedules

-Initiate Long Term Watch Schedule

-Coordinate Use of Company Vehicles

-Brief Media on Company Plans

-Brief Customers on Company Plans

-Inform Employees of  Company Plans

-Coordinate Housing  Activities

-Coordinate Data  Center Recovery Plan