THREAT RISK ANALYSIS and BUSINESS IMPACT ANALYSIS REPORT Created for Default Long Organization 1 of 19 Introduction Prior to developing a business continuity plan, two essential types of analysis need to be completed: a threat risk analysis that identifies potential events and their probability of occurrence, and a business impact analysis that identifies and prioritizes critical business functions. By relating the results of the business impact analysis to the threat risk analysis, organizations can identify how likely it is that a particular threat will affect a critical function. When these steps have been completed, an effective business continuity plan can be developed that provides for the continuation of critical processes and the delivery of essential services despite disruptions. THREAT RISK ANALYSIS PURPOSE OF THREAT RISK ANALYSIS The purpose of the Threat Risk Analysis (TRA) is to identify which threats your organization should be prepared to respond. The impact of a disruption can be severe enough to threaten the very survival of an organization. Such disruptions cannot always be predicted or prevented, but effective planning can dramatically reduce the damage they cause. Threats may range from those with a high probability of occurrence and low impact to the organization, such as brief power interruptions, to those with a low probability of occurrence and high impact to the institution, such as hurricanes or terrorist attacks. The most difficult threats to address are those that have a high impact on the institution but a low probability of occurrence. Examples of the potential impact of various threats include the following: o Critical personnel are unavailable and they cannot be contacted; o Critical buildings, facilities, or geographic regions are not accessible; o Equipment (hardware) has malfunctioned or is destroyed; o Software and data are not accessible or are corrupted; o Third-party services are not available; o Utilities are not available (power, telecommunications, etc.); o Liquidity needs cannot be met; and Vital records are not available. THREAT RISK OBJECTIVES 1. Identify possible threats with the potential to cause harm to the organization and the likelihood of a threat occurring. 2. Identify vulnerabilities that exist that could be exploited by the potential threat. 3. Identify and analyze the controls that minimize threats or mitigate vulnerabilities. Controls include protection devices, safeguards, and procedures that are in place to reduce the effects of threats and vulnerabilities. 4. Determine an acceptable level of risk. Risk cannot always be avoided; therefore, organizations should determine the level of acceptable risk for each threat. THREAT RISK ANALYSIS RESULTS The Threat Risk Analysis Tool was used to gather information about potential threats to your organization, including applicability, level of impact, the likelihood of the threat occurring and the amount of forewarning. Using this information, the top threats in each category were identified. The findings from the Threat and Risk Analysis should be used to assist in determining what level of risk is acceptable to the organization. The results are the basis for selecting appropriate security measures to be put in place or to remove those that are ineffective. Over-protection can introduce unnecessary costs and overhead. The level of protection required and maintainable will be different for every organization. It is not possible to mitigate against all risks, this is why a recovery plan is required. 2 of 19 HIGHEST RANKED THREATS Based on the survey completed by your company, the top threats listed below: DETAILED THREAT RISK ANALYSIS The results for all of the threats that your company has deemed applicable to your organization are presented below: Threat Forewarning Probability Impact Threat Forewarning Probability Impact THREAT RISK MITIGATION MEASURES Once the threats to the organization are known, the organization should assess whether or not the existing policies, procedures and protection items in place are adequate. If there are no safeguards in place providing adequate protection, it can be assumed that there are vulnerabilities. A review of the existing and planned safeguards should be performed to determine if the previously known and discovered risks and threats have been mitigated. A list of threat mitigation measures is listed in alphabetical order below. Bomb Threat Effect: Bomb threats are used to disrupt your operations and create fear. They are normally used by someone with a grudge against your company or by someone wanting to disrupt your operations. Their grievance against your company may be real or imagined. The effect of a bomb threat will be nervousness in your employees. They will be concerned because they don't know if the threat is real. Mitigation Measures: o Train staff o Designate a chain of command. o Establish a command center. o Decide what primary and alternate communications will be used. o Establish clearly how and by whom a bomb threat will be evaluated. o Decide what procedures will be followed when a bomb threat is received or device discovered. o Determine to what extent the available bomb squad will assist and at what point the squad will respond. o Provide an evacuation plan with enough flexibility to avoid a suspected danger area. o Designate search teams. 3 of 19 o Designate areas to be searched. o Establish techniques to be used during search. o Establish a procedure to report and track progress of the search and a method to lead qualified bomb technicians to a suspicious package. o Have a contingency plan available if a bomb should go off. o Establish a simple to follow procedure for the person receiving the bomb threat. o Review your physical security plan in conjunction with the development of your bomb incident plan. Break-in Effect: If an intruder gains access to the facility or data/documentation, irreparable damage can be the result. Materials could be stolen or tampered with, classified information could be obtained and used by outsiders without knowledge of its occurrence, the office could be vandalized, etc. Mitigation Measures: o Tour the office in search of areas that may be vulnerable to a physical break-in, such as windows and easily accessible doors. o Keep a written log of who has keys to the facility and/or authorized access to secured areas of the office. o Have security guards posted at secured areas of the facility to check entries. Decide whether it is necessary to have guards 24-hours a day. o Evaluate access control products, such as employee slash cards and biometric systems, and security items, such as surveillance cameras, to see if they should be implemented. o Ensure that all computer resources are password protected and safeguarded with security measures such as firewalls, security routers, etc. o Limit access to company-sensitive documents and files to a minimal amount of employees and keep a running list of who has access to what. o Perform background checks on all employees that will have access to classified company documents/computer files and secured areas of the facility. o Instruct employees as to the proper usage of computers, stressing the need to keep passwords secure and to log off of their terminals at the end of the business day. o Secure all computer disks and copies of documents daily in a protected area on-site, with backup copies of pertinent information also stored off-site. o Immediately report any missing or altered documents/computer files or suspicious activity to the proper supervisor. Central Computer Failure Effect: The effects of even a minor computer failure can be devastating to the production of the organization. The loss of computing can cause the loss of email, which is critical to communications, or, in the case of computer-controlled equipment, the loss of production. Computers are so critical to a modern organization that the effects can be huge. Mitigation Measures: o Conduct a system-wide vulnerability assessment. o Conduct background checks of all employees and periodic checks of anyone with access to sensitive information. o Develop a communal sense of computer security responsibility. Inform employees how their actions could adversely affect systems. o Bolster security measures in order to limit physical access to computers by outsiders, and to secure disks, back-ups, and related materials. 4 of 19 o Protect access to computers connected to phone lines. Be wary of Internet communications security and associated vulnerabilities. o Never leave an active terminal; always log off. Remove sensitive data from the PC when not in use, and disconnect from networks. o Report suspected intrusions and altered data, and do not use unsolicited or borrowed software. o Safeguard data from individual component failure by installing duplicate components, such as disk assemblies and power cords. o Evaluate need for uninterruptible power supplies, power conditioners, and surge suppressors. o Back up climate control systems. o Consider fastening devices that will secure computer equipment and help prevent toppling and breakage. o Institute good housekeeping policies, and invest in computer equipment covers that are water-resistant and flame-retardant. o Be aware of the life expectancy of your media as well as proper storage conditions. Clean tape drives regularly, and rotate tapes frequently to guard against wear. o Determine what constitutes critical data, an optimum back-up method, who is responsible for back-up, and how and where tapes will be transported and stored. o Back up all data on a regular basis with "compare" or "verify" options. o Service and maintain back-up hardware annually. Have a computer equipment leasing arrangement in place. o Reformat hard drives before retiring old computers, and erase diskettes before disposal. o Keep a current roster of names, phone numbers, and addresses of employees involved in re-establishing computer operations. Pre-qualify vendors if in-house expertise is lacking. o Cross-train recovery staff and assign each team member a full-access password so that recovery plan execution is not dependent upon one person. Civil Disturbance/Riot Effect: Civil dispute or riot may cause obstructions to building access or result in property damage. Mitigation Measures: o In event of preplanned civil disturbance notify Police and security and request attendance based on validity of concern. o Develop a plan to communicate with tenants and employees if access routes to the property become blocked, i.e. use of local radio stations. o Provide staff with employee identification cards. o No trespassing signs should be available for immediate posting when required. o Determine which Security Company is equipped and capable of providing contracted services during demonstrations, disputes or civil unrest. o Exterior grounds should be reviewed to ensure all loose objects are secured (patio stones, ashtrays, garbage cans etc). Communications Failure Effect: The effects of a communications failure could be significant, possibly resulting in the inability for the company to conduct business. Mitigation Measures: 5 of 19 o Phone system and public address systems should to be connected to the emergency generator o Locate nearest payphone and document location on site plan. o Make inventory of cellular phones & two-way communications equipment o Install a non powered phone line in parallel to an existing phone line. o Prioritize all communications systems. Determine which should be restored first in an emergency. o Establish procedures for restoring communications systems. o Talk to communications vendors about their emergency response capabilities. Establish procedures for restoring services. Critical Equipment Failure Effect: Depending on the piece of equipment that failed, the effect could be as minor as deferred processing to closing of the facility. Mitigation Measures: o Regularly inspect equipment. o Be aware of other equipment that can perform the same tasks. o Be aware of where to borrow, rent or buy replacement equipment for each type of equipment. o Log the failure and notify management personnel so that maintenance can be scheduled as soon as possible. Be sure to document any error messages and/or other details that might be required for repair. o For critical equipment, you may need to declare a disaster if the downtime is longer than 24 hours. The Team Leader of the Emergency Response Planning Team or the Facilities Manager (depending on the equipment that failed) should be notified of any equipment failure that could result in a declared disaster. Earthquake Effect: Earthquakes can seriously damage buildings and their contents; disrupt gas, electric and telephone services; and trigger landslides, flashfloods, fires. Aftershocks can occur for weeks following an earthquake. In many buildings, the greatest danger to people is when equipment and non-structural elements such as ceilings, partitions, windows, and lighting fixtures shake loose. There is nothing that can be done to affect severity of an earthquake, but implementing suggestion included in the pre-planning worksheet of this Risk event can reduce the extent of the damage to the property. Mitigation Measures: o Determine if your facility is located in an earthquake-prone area. o Make sure your building is structurally sound. Repair any cracks in walls and ceilings. o Secure computers to desktops with restraining materials such as elastic cords, chains, or cables. o Obtain the products/services of all necessary business continuity providers (i.e. records storage, restoration, alternate site). o Purchase first aid materials, emergency supplies, and portable radios. o Fasten bookcases and shelves to walls. o Check into earthquake insurance coverage. o Install seismic switches for automatic equipment shutdown. 6 of 19 o Teach employees earthquake safety procedures. o Structure emergency communication procedures. Alert workers of key personnel contacts. o Establish contacts at fire, police, and emergency services departments/offices. o Conduct an earthquake drill. o Research seismic information about your region in order to accurately assess your risk. o Investigate earthquake insurance coverage. o Assess potential for damage to structural and nonstructural elements. Develop mitigation and emergency response measures accordingly. o To prevent equipment and furniture toppling, move heavier items to lower storage shelves; brace racks; secure cabinets and light fixtures, tall furniture, and desktop equipment including computers. o Store hazardous chemicals according to appropriate guidelines. o Identify piping vulnerable to snapping; provide a clearance allowance around these pipes using flexible couplings or flexible piping. o Install seismic switches that will shut down major equipment automatically. o Plan for a backup power source to be in use. o Inventory critical supplies and establish vendor agreements for post-earthquake operations. o Explore mutual aid agreements. o Store vital records off-site, including copies of design drawings for use in assessing facility's safety after an earthquake. o Review building codes to ensure current compliance. Upon inspecting your facility, a structural engineer may recommend adding steel bracing or sheer walls to frames, strengthening columns and foundations, and replacing unreinforced brick filler walls. o Assemble and train emergency teams covering all shifts. o Provide company-wide employee education and training programs, including periodic drills. o Delineate primary and alternate evacuation routes, and establish a safe personnel assembly area. o Specify means of communication with employees and customers -- hot line, media advertisement, etc. o Stock survival and emergency response kits including water, food, first aid materials, radios, flashlights, heavy gloves, and sanitation supplies. o Establish a plan for handling missing persons inquiries and searches. Electrical Storm Effect: While lightning may only take seconds to occur, its impact can last much longer. Lightning can cause power outages and fires, or may damage office wiring and computers. There is also the threat of human injury if employees are working outside during an electrical storm. Structural damage can also occur if a tree or object located outside the facility hits the building after it is struck by lightning. Mitigation Measures: o Research the frequency of severe thunderstorms for your geographic area. o Find out if your community has a thunderstorm warning system in place. o Have trees located near the building trimmed regularly. 7 of 19 o Purchase power protection devices to safeguard electrical items. o Have lightning rods installed. o Buy flashlights. Keep them in an easily accessible area. o Consider the purchase of an emergency generator. o Find out from an insurance agent about coverage. o Establish a plan to have telephone calls rerouted to an alternate location. o Educate employees on lightning safety. o Buy a battery-operated radio for weather reports. o Ensure computer data is backed up off-site regularly. o Make sure employees working off-site have safe locations to go to during a storm. Explosion Effect: The effect of an explosion in your workplace may be fear amongst your staff and clients and disruption of your workplace and operations. There will likely be physical damage and associated costs. If the cause was accidental, as in the case of a gas leak, the fear will be considerably lessened but, in the few hours following the explosion, there will be fear and uncertainty. Mitigation Measures: o Train staff o Designate a chain of command. o Establish a command center. o Decide what primary and alternate communications will be used. o Establish clearly what the procedures will be when an explosion occurs. o Decide what procedures will be followed when a bomb threat is received or device discovered. o Determine to what extent the available bomb squad will assist and at what point the squad will respond. o Provide an evacuation plan with enough flexibility to avoid a suspected danger area. o Establish a simple to follow procedure for the person receiving the bomb threat. o Review your physical security plan in conjunction with the development of your bomb incident plan. Flooding Effect: Most floods occur over a span of several days. Flash floods, however, can develop within minutes and are caused by dam failures or large storms occurring over a short period of time. Both types of flood can destroy buildings and equipment, cause water damage to structure and contents, result in power failures, damage roadways, and cause human injury or death. The issuance of a flood watch means a flood is possible in the projected area. A flood warning signals that a flood is already occurring in the designated area or will strike soon. Businesses should also be cognizant of whether they are located in a flood plain - an area near a river formed from sediment deposited by past floods - as it will increase the likelihood that they will be affected. 8 of 19 Mitigation Measures: o Research your community's flooding history, and determine whether your business is located in a flood plain. o Calculate your facility's elevation in relation to surrounding rivers, streams, and dams. o Consult with insurance company about purchasing flood insurance. o Consider flood proofing your building via permanent, contingent, or emergency flood proofing methods. Permanent flood proofing measures include reinforcing walls to endure water pressure and building floodwalls outside the building. Installing watertight doors and permanent pumps are some contingent measures, while emergency flood proofing includes building walls with sandbags and participating in community flood control efforts. o Identify which records and equipment need to be moved to higher office locations or removed from the building entirely. o Ensure access to records and data stored off site. o Provide suppliers with key company contacts who can answer questions and provide updates. o Make arrangements with a professional restoration company to handle clean-up and recovery. o Create an evacuation plan, including transportation from the site, to avoid confusion among employees leaving the facility. o Structure a communication process for employees to follow so they know when to return. Contact hot site vendor if anticipating a move to make sure the location is ready. o Alert clients of your move. o Monitor television and radio broadcasts for flood watches, warnings, and updates. Hurricane Effect: Fierce rains and strong winds gravitate around the center, or eye, of the hurricane. If they travel inland, hurricanes rapidly lose strength -- but can still cause flooding and massive destruction to businesses and homes, structural and power failures, economic disruption, and injury or death. Mitigation Measures: o Create a checklist to prioritize response. Determine the approximate time frame needed to accomplish tasks and when each should begin. o Have an expert assess your building's structural integrity, including making sure the roof is secure and that walls can withstand high winds. o Be aware of what your business insurance covers and what it does not. o Develop a plan to communicate with employees and their families. o Inform clients and vendors of your plan and provide contact information for key executives. o Keep abreast of weather developments via news and radio broadcasts in order to know when to start taking appropriate action. A hurricane watch means hurricane conditions are possible in the designated area within 36 hours of its issuance. With a hurricane warning, conditions are likely in the specified area within 24 hours. o Tour the office/building thoroughly to identify and secure any items that could fall and be damaged or cause damage. o Move printers, computer terminals, etc. to safe storage areas. o Check the company grounds to ensure that all outside equipment is secure. o Determine which records, files, and other documentation are of primary importance and need to be brought to an alternate site. Check that backup files stored at off-site locations can be tapped into quickly. 9 of 19 o Review and test evacuation procedures. o Make sure emergency and medical supplies are stocked and easily accessible to all. o Ensure availability of portable pumps for floodwater as well as temporary power sources, such as generators or gasoline-powered pumps and battery-powered lighting. o Test all fire extinguishers and inspect building sprinkler systems. o Properly secure and board up windows. If an evacuation is in order, plan for alternate method by which your company can continue "business as usual," whether at a hot site, via telecommuting, etc. o Be certain that employees know what their role is in the process. Labor Dispute/Strike Effect: Businesses unprepared for the consequences of many workers walking off the job for days, weeks, or months face potential production delays, financial loss, resentment from workers, negative press, and/or a temporary or permanent closing. Employees typically give advanced notice to employers - either through a union representative or other negotiator - that a strike will take place if the two parties fail to come to an agreement. Businesses should use this time to try to reach a compromise to curb the strike, while simultaneously preparing strike contingency plans. Mitigation Measures: o Assemble a planning committee to coordinate company efforts. o Review strike history to discover past weaknesses. o Contact other branches of the company and independent staffing services to arrange for temporary staffing. o Tour the facility to pinpoint locations that could be vulnerable to unauthorized entry during a strike. o Consult with security firms regarding services they could provide during a labor dispute. o Determine who has access to secured areas and how those areas will be protected during a strike. o Instruct the public relations department in media relations during a crisis and designate spokespeople. o Determine how strike activities are to be documented/logged and by which employee(s). o Consider distributing identification badges with employee photographs and signatures to those who work during a strike. o Designate where employees, contractors, and customers will enter and exit the facility during a strike. o Make sure all mission-critical paper and computer documents are properly backed up and that other valuable equipment and materials are protected. o Warn the local police department of the potential for a strike and discuss strike notification procedures. Loss of Critical Workforce Effect: The reason for the staffing deficiency will dictate whether fill-in personnel or skeleton crews can maintain business continuity, and whether impact on the company will be short- or long-term. Mitigation Measures: 10 of 19 o Prioritize critical processes and workflow. Be aware of interpersonal and interdepartmental reliances. o Develop a sense of workforce shortage thresholds -- the minimum staffing required for critical job functions to be executed. o Assess personnel strengths and weaknesses in terms of knowledge, skill, and performance in order to compensate accordingly with skeleton crews. o Have all employees compose thorough job descriptions and procedures manuals specific to their roles and responsibilities. Then, test to see if substitute personnel, guided solely by the documentation provided, can fulfill duties. o Cross-train employees in critical business processes so all personnel can perform multiple job functions when necessary. o Establish a mechanism to borrow personnel from other departments/divisions or branches/facilities within the company. Arrangements can be on a mutual exchange basis, depending on who needs what when. o Arrange for company management to fill in wherever and whenever needed. Include managers in ongoing training sessions to ensure up-todate skills. o Establish mutual aid programs with local businesses to increase resource pool. o Contact a temporary worker employment agency in advance to ensure availability of qualified support. o Job-seekers with diverse experience often find short-term assignments appealing. Compose a ready-to-run "Help Wanted" classified advertisement for local newspapers. Be aware that submission deadlines may be strict. o Allow ample time for to-be-absent employee(s) to familiarize fill-in personnel with job intricacies, and to prioritize assignments. o Arrange to consult with employees in their absence, ideally with them being accessible to answer questions at any time. Prepare a communications plan to facilitate emergency contacts. Coordinate a formal company-wide carpool program. o For certain circumstances, arrange for transportation -- either company-supplied or contracted from an outside service -- to shuttle employees to and from work. o Establish home offices for key executives, if not all employees, for telecommuting purposes. o Incorporate a phase-in program for employees returning to work following extended leave. o Adjustment period provides an opportunity for employees to integrate as well as assimilate change. o Institute employee assistance programs (EAPs) and implement succession planning for all levels of personnel. Pandemic Effect: Large numbers of your employees, suppliers, and customers can be infected by a pandemic and, as a result, be unable to work or purchase your products and services. Mitigation Measures: o Develop an infectious disease plan now. o Surveillance o Vaccination (offer annual flu shots at your firm) o Antiviral delivery o Emergency Response preparation o Communications o Command and Control management structure in place 11 of 19 o Supplement existing plans now in place for 'all hazards' o Develop a plan for what to do with a person who suddenly gets ill at work. Do you isolate and mask them until transported? Do you clean their work area? Who does it and how? o Have a supply of facemasks and gloves in your medical kits. Sick Building Syndrome Effect: Sick Building Syndrome causes staff to miss time from work. If the problem is sufficiently severe, then the organization will move to another building or even close that office. The syndrome should not be confused with humanly contagious employee-sourced illnesses, such as "a 'bug' going around the office," with symptoms consistently felt away from the building as they are in the workplace. One variable most commonly linked to the occurrence of SBS is indoor air quality (IAQ). Office pollutants fall into four major categories: outside air, building materials and furnishings, equipment, and people and their activities. Outside air that is polluted from surrounding businesses can travel into one's office through the ventilation system. Equipment such as photocopiers and printers and the construction or installation of new office materials or furnishings can generate foreign particles and/or cause them to circulate in the air. Employees also contribute to air pollution by passing germs along to coworkers. Mitigation Measures: o Companies must improve their IAQ by attempting to garner more control over how pollutants enter the building. o Office upkeep, using proper cleaning agents, is critical in keeping pollutants from settling over time. o Some pollutants only become a problem when they build up into excessive amounts. If they cannot be eliminated, such pollutants should be maintained at their minimal levels by ventilating with clean air and applying appropriate exhaust practices. o HVAC systems should comply with ventilation standards and building codes. HVAC systems should be turned on before the workday starts and shut down after all employees leave to get rid of pollutants that may have accumulated during non-working hours. Keep systems clean to reduce the probability of bacteria or mold growth. o Raise ventilation rates when there are activities being performed that will increase the amount of pollutants entering the building (e.g., carpeting installation, painting). o Perform maintenance inspections of HVAC systems on a regular basis to make sure they are working properly. Keep a written record of any problems. Smoke/Fire Effect: Impact will depend on the size of the fire, its location in the building, and the success of fire detection and prevention measures. But any fire has the potential, if not detected early enough, to destroy records and equipment, cause human injury or death, result in smoke damage, or completely burn a facility. Mitigation Measures: o Install smoke detectors in key locations. Test batteries annually. o Install a fire alarm and suppression systems that will automatically notify fire officials. o Clean out storage areas. o Purchase proper insurance coverage. o Be aware of community fire codes and regulations and comply. 12 of 19 o Ask your local fire department to inspect your facility on a regular basis. o Assess whether automatic sprinkler systems, fire hoses, and fire-resistant walls and doors are necessary. o Station fire extinguishers prominently throughout the building. Make sure employees are familiar with locations and usage. Also ensure that fire extinguishers are of the appropriate type and capacity in each location. o Assign an employee to check all appliances at the end of the workday to make sure they are turned off. o Establish safe personnel evacuation routes. o Training and periodic exercises are essential. Conduct fire drills at least twice a year to ensure that all employees know the proper exit procedure. o Select several key individuals within the company to coordinate communication procedures with employees, clients, and suppliers. o Enforce no smoking policies. If smoking is allowed, permit it only in designated areas where large, non-tip ashtrays are located. o Establish a tight security system to help prevent arsons. o Replace damaged electrical cords. Avoid plugging several cords into one outlet. o Leave room for air to circulate around heaters, copy machines, etc. Keep flammable liquids and contaminants in proper storage containers and designated locations. o Investigate or contract with a recovery service provider to reduce clean-up costs. Tornado Effect: The high winds that classify tornadoes can spin at incredible speeds, with winds around the funnel sometimes reaching more than 200 miles per hour. Contradictory in nature is the tornado's forward motion, which can be 70 miles per hour or less. These twisters usually pass through areas quickly, but can cause immense damage. Structural damage from high winds and airborne debris as well as death can result from tornadoes. These acts of Mother Nature cannot be contained or controlled. The best approach your business can take is to implement tornado preparedness efforts and be aware of when twisters are anticipated. Knowledge of weather terminology can assist in preparations. A "tornado watch" means that a twister may occur in your area. If a "tornado warning" is issued, it means a tornado has already been sighted. Aside from these precautionary measures, riding out the storm and hoping for the best - is the only option. Mitigation Measures: o Purchase portable radios to listen to weather updates. o Establish alternate communication methods via cellular telephones, two-way radios, etc. o Ensure facility is structurally sound. o If advanced notice is received, board all windows, secure large movable objects (i.e. computers, shelves), and remove unstable outside items. o Work with local emergency management officials to learn about your community's tornado preparedness and warning procedures. o Create an emergency contact list. o Educate employees on the safest building locations and evacuation routes. o Conduct a tornado simulation exercise. o Assess which areas will be covered under business insurance. o Keep a sufficient amount of water, food, and emergency supplies on hand. o Consider obtaining the contractual services of alternate site providers, restoration service providers, and others. 13 of 19 Toxic Spill Effect: Impact will depend on the location of the toxic spill in relation to the building. A toxic gas or chemical spill inside of the building may necessitate evacuation, however a spill external to the building may necessitate keeping personnel inside prevent occupants from coming in contact. Mitigation Measures: o Ask your local fire department to inspect your facility on a regular basis. o Establish safe personnel evacuation routes. o Training and periodic exercises are essential. Conduct drills at least twice a year to ensure that all employees know the proper exit procedure. o Select several key individuals within the company to coordinate communication procedures with employees, clients, and suppliers. o Keep toxic liquids and contaminants in proper storage containers and designated locations. o Investigate or contract with a recovery service provider to reduce clean-up costs. Transportation Disruption Effect: Transportation is also part of the lifeblood of companies that provide or require shipping, mailing, and trucking services. If transport vehicles suffer a disruption, it could cause a catastrophic lull in the supply chain and a loss of revenue for businesses dependent on just-in-time inventory. Transportation disruptions such as traffic accidents, flight delays, and lack/loss of drivers occurring at any business could cause employee stress, loss of work hours, reputation damage, and delay of receipt of packages and/or mail, as well as present the potential for human injury or death. Mitigation Measures: o Call in advance to confirm flight reservations. o Allow extra time when driving to an unfamiliar area. o Get precise directions for office visits. Bring your contact's telephone number in case you get lost. o Listen to radio traffic reports or purchase a device to map out the best route. o Carry a cellular phone. o Encourage key personnel to travel separately. o Obey traffic regulations and speed limits. o Conduct background checks on all company drivers. o Look into providing driver safety training courses for employees. o Have all corporate vehicles inspected regularly. o Plan for alternate workers to be used if drivers go on strike. o Purchase tracking devices for all vehicles. o Ensure all packages being shipped can be tracked by the service provider. o Obtain the services of alternate shipping providers for emergency purposes. 14 of 19 Utility Failure - Electrical Effect: Computer data could be permanently lost if not properly saved before an outage. Lighting, telephones, and equipment will also be down, which could threaten employee safety and halt communication and production processes. Electric power is critically important to the continued operation of any organization. Power fluctuations may cause equipment to power off. Equipment that is attached to the UPS will prevent this situation. Power outages will eventually result in the power down of all equipment even if it is attached to the UPS. The UPS is not designed for extended alternate power support. The UPS is designed to keep power up long enough to allow for a normal power down. Power outages of 1 hour or longer may require different operations. As soon as a power outage of 1 hour or longer duration occurs, the Facilities Manager should contact the power company to try to determine the length of the outage. If the outage is less than 24 hours, operations may be suspended until the power returns. Power outages, which will extend beyond 24 hours, may require a Disaster Declaration. Mitigation Measures: o Purchase generators to serve as backup power sources. o Purchase uninterruptible power supplies, which provide interim power to safely shut down computers and other machinery. o Stock flashlights and batteries. Position these strategically throughout the facility. o Supply key personnel with cellular phones and/or beepers to continue communication. o Save computer data regularly and store backup copies off-site. o Install illuminated exit signs. o Buy battery-operated radios. o Determine what equipment must be shut down and restarted in the event of a power failure, poor power quality, and single phase brown out. o Develop shut-off and restart procedures for base building equipment identified above. o Assure building operations are aware of equipment at risk and procedures to safe guard equipment. o Review equipment connected to emergency generator or UPS power supplies and where needed and practical add equipment critical to operations. Where reasonable, ensure the following items are connected to the generator; lighting in areas of egress, public washrooms, Emergency operations centre, ICC and supporting areas, building automation system and controls, fire alarm system, intrusion system, supply air and exhaust systems critical to smoke control, any equipment needed to maintain operations and business continuity. o Test battery packs for emergency lighting and power monthly. o Perform generator tests monthly, load bank testing Bi-annually, maintain as per manufacturer recommendations. o Ensure adequate diesel fuel available and deliver system (pumps) maintained annually. o Establish that the fuel supplier will be able to deliver fuel without disruption. o Make arrangements for portable generator and fuel if appropriate. (Regional) o Install and maintain battery pack in generator room o Maintain automatic transfer switches annually as per manufacturer recommendations. o If public address system is not connected to emergency generator, a back up power source or megaphone should be made available and be part of Emergency Cabinet on site. o Ensure all security and operation staff carries flashlights at all times. 15 of 19 o Call utility, find out your property's place on the restoration priority list. o Complete monthly inventory for chemical light sticks, flashlights and batteries. Check the operating condition and shelf life for these items annually. o Have annual preventative maintenance completed on UPS system. o If property does not have a public address system purchase and assign responsibility to operation staff for making announcements to provide information to occupants. o Determine the length of time back up power or UPS will supply power to telecommunications systems. Utility Failure - Natural Gas Effect: During winter months, natural gas shortage/failure could result in closure due to inadequate heating. Mitigation Measures: o Complete inventory of gas fire equipment or systems base building and tenant equipment. o Prepare site-specific plans and priority sequences to shut down and restart gas fired equipment. o Have gas shut off wrenches in Emergency Cabinet. o Document gas utility and gas service contact information. o Prepare site plan that shows gas equipment and valves throughout the building including tenant equipment. o Review Gas leak procedures. o Loss of Heating Systems Plan - for winter season property protection measures to shut down building to protect from freezing temperature. (Seal building and drain water and sprinkler systems if outage is long term that will drop core temperatures (keeping water systems moving will delay freeze conditions) o Stock space electric space heaters for use at entrances Utility Failure - Water Effect: Water failure may cause HVAC equipment to power off. Water for drinking, sewer and fire suppression may not be available. Mitigation Measures: o Identify and test all back flow prevention devices annually. o Plan a method of storing and distributing water as needed. o If loss of water does occur, valve off hot water or other water storage tanks to preserve a clean, ready water supply for rationing until service can be restored. o Be prepared to have a means of boiling water for purification. o Without a reliable clean water supply occupancy time is limited. Be familiar with requirements for potable water supply and be prepared to close building as needed. o Create a site plan that shows locations of all water isolation valves and legend of valves. o Create shut off and start up procedures for domestic water; sewage, and fire protection water systems. 16 of 19 o Source a portable toilet service to rent units if sewage is unavailable for a period of time. Winter Weather Effect: Excessive amounts of winter weather conditions can prove devastating. Primary concerns include the potential loss of heat, power, telephone service and a shortage of supplies if storm conditions continue for more than one day. Your business may also have to deal with the inability of employees to get to work due to icy conditions or unplowed roadways. A winter storm consists of heavy snow accumulations as well as a mixture of ice, snow, and wind. A winter storm watch is issued 12 to 48 hours before the onset of a winter storm. This "watch" means that there is the potential for dangerous winter weather. In more severe cases, a winter storm warning is issued up to 24 hours prior to a storm that is expected to bring dangerous weather conditions. The issuance of a winter storm "warning" means that conditions are presently occurring or there is an extremely high probability that they will occur within the estimated time frame. Mitigation Measures: o Keep flashlights, first-aid kits, an emergency heating source and appropriate fuel, and a battery-operated radio on hand. o Stock water and non-perishable food items. o Buy uninterruptible power supplies and a generator. o Create emergency communication plans. If considering rerouting calls, determine how it would be done and where the calls would be received. o Have computer data backed up offsite. o Decide which weather conditions will warrant early dismissals or closings and develop employee notification procedures for these events. o Determine if it is necessary to contract private services for snow plowing. Workplace Violence Effect: Workers who feel threatened are less focused and more prone to injury and illness. Violence in the workplace also diverts company resources with demands for increased security measures, workers' compensation, training, crisis response, and/or litigation. Companies at especially high risk for violent incidents are those that have recently experienced a significant reorganization or restructuring, enacted a notable change in senior management, demanded a higher level of performance from employees, increased the gap between the highest and lowest levels of pay, or experienced a worsening of morale or relations with organized labor. Other factors associated with a high incidence of workplace violence include inadequate training programs and unclear policies and procedures regarding stress, substance abuse, and violence; insufficient background screening; poor communication to employees regarding company strategies and initiatives; general organizational instability; poor performance review procedures; lax or arbitrary enforcement of rules and procedures; and ineffective physical security. Mitigation Measures: o Investigate workplace violence histories and identify current conditions or changes that might spark violent reactions. o Carefully screen prospective employees. Beware of employment history gaps. Consider police record and felony conviction checks as well as drug testing. o Create a pleasant working environment. Treat people with respect. Give employees the opportunity to vent frustrations and to discuss ideas and solutions. o Assess current workplace violence and associated policies involving such matters as drug abuse and harassment. Make changes based on past record, security assessment, and current working conditions. No matter what the particulars, be sure to establish a zero-tolerance policy. o Educate employees on acceptable workplace behavior and on precautions they can take, including walking in pairs to parking areas after dark, wearing ID badges, and cooperating with security personnel. 17 of 19 o Assess security policies, procedures, and needs. Improve accordingly. Limit/control access to the facility with security guard service, card access system, closed circuit TV monitoring, etc. o Address office layout, especially for human resources personnel responsible for dismissing or disciplining problem workers. Ensure that exit/escape routes are accessible and clearly marked. Institute a formal process for employees and management to follow for reporting co-workers suspected of potentially violent behavior. Include a mechanism for tracking threats and incidents of violence. o Provide counseling and early intervention services via an employee assistance program (EAP). o Train employees and supervisors on how to handle violent situations should they arise. o Establish an emergency response and crisis management team that can be called in quickly to provide counseling and tend to such priorities as clean-up and media interaction. BUSINESS IMPACT ANALYSIS PURPOSE OF BUSINESS IMPACT ANALYSIS The purpose of the Business Impact Analysis (BIA) is to identify which business units, functions, and processes are essential to the continuation of your business. The BIA identifies the time frames in which indispensable business operations have to be reinstated to full functionality following a disruptive event and the resources necessary to resume to a functioning level. It also identifies the business impact of not performing critical business functions. The results of the business impact analysis will assist in determining the appropriate recovery strategies. BUSINESS IMPACT ANALYSIS OBJECTIVES 1. Identify the critical business unit functions and processes 2. Estimate the Maximum Tolerable Outage (MTO) each business function. 3. Estimate the impacts for each business unit function 4. Determine the requirements needed for the recovery of each function 5. Provide a foundation for implementing Business Continuity and Disaster Recovery Plans. BUSINESS IMPACT ANALYSIS RESULTS The Business Impact Analysis Tool was used to gather the information provided in this report from each Business Unit leader. The outcome of the business impact analysis is an identification of the critical business processes and their associated recovery time objectives, software, hardware, essential records, equipment and vendor dependencies. The Maximum Tolerable Outage identifies the allowable time a process can be inoperative following an outage / disruptive event. These timeframes may have to be re-evaluated to meet the capabilities of the technology group. If the capabilities of technology do not meet the requirements of the business unit, a gap exists. These gaps must be lessened to prevent extended outages and impact to your organization. All mission critical systems and functions should be identified and clearly recorded as a result of this exercise. BUSINESS UNITS INCLUDED IN THIS BIA SURVEY The following Business Units completed the BIA Survey: 18 of 19 FUNCTIONS REQUIRING QUICK RECOVERY The functions that require immediate or very quick recovery are as follows: Functions Requiring Recovery in Hours Functions Requiring Recovery in Days FUNCTIONS WITH HIGH BUSINESS IMPACT The following functions would have a significant impact to business if they cannot be performed within the recovery timeframe specified: FUNCTIONS WITH HIGH LOSS EXPOSURE The inability to perform the following functions would result in significant losses for the business: DETAILED BIA RESULTS BY BUSINESS UNIT The complete results of the BIA are presented below by Business Unit: BUSINESS IMPACT ANALYSIS CONCLUSION This BIA report is designed to provide management with a report of the potential overall effects for each business unit. Since the cost of providing redundancy and fault tolerance in the infrastructure can be quite high, it is important that management have a very clear vision and commitment of resources to accomplish the job. The final results of the Business Impact Analysis and the Threat Risk Analysis should have written approval from senior management before the actual plan development phase begins. 19 of 19