Business-Continuity-Management-Plan

advertisement
Your organisation name here
Business Continuity & Resilience
Management Plan
Version Control
Version number
Date produced
Name of Editor
Plan Distribution List
Name of recipient
Date provided
Contents
Section
1
2
3
4
5
6
7
8
9
10
Title
Aim of the Plan
Objectives of the Plan
Critical Function Analysis and Recovery Process
Emergency Response Checklist
Emergency Pack/ Grab Bag Contents
Security/Facilities Management Policy
I.T. Policy
Contact Lists
Threats and Suspicious Packages
Actions and Expenses Log
1
Page
2
2
3
7
7
8
8
9
10
12
1. Aim of the Plan
The aim of this plan is to prepare (organisation name) for the effects of an
emergency or crisis and enable a recovery process to return to ‘business as usual’.
This plan is just a guide and may or may not fit the nature of your business. Sections
should be added to this plan or amendments should be made at your own discretion
to best meet your needs.
2. Objectives of the Plan




To understand the critical functions and activities of the organisation
Analyse and respond to potential risks to the organisation
Provide a response to a situation affecting business continuity
Identify key roles, responsibilities and contacts pertinent to business continuity
2
3. Critical Function Analysis & Recovery Process
The details listed within this section have been identified via a risk assessment of the
components necessary to run the business. This process will enable contingency
arrangements to be made and to aid in the recovery process in the event of an
incident affecting the business.
Critical Functions and Personnel
The following functions have been identified as critical to the day to day running of
the business, as have the employees who undertake them and the employees who
can cover these roles in their absence:
Function/ Task and/or specific
training (see examples below)
Employee
Responsible
(Primary)
Employee
Responsible
(Secondary)
Fire Warden
First Aid
Security
Asset Management
Facilities Management
Maintenance Contracts
Records/Accounts Management
IT Maintenance/Anti-Virus Software
Insurance
Facilities
If the primary business location is not available and secondary locations have been
identified/ contracted, they should be listed below:
Primary Site
Secondary Site
Mobile working/ working
from home
3
Utilities
The following information is useful if utilities fail or need to be switched off:
Utility
Gas
Electric
Water
Telephone/
Broadband
Supplier Details
Location of Infrastructure
Cut off Valve:
Meter:
Name:
Tel:
Website:
Emergency Number:
0800 111 999
Name:
Tel:
Website:
Emergency Number:
0800 668 877
Name:
Tel:
Website:
Emergency Number:
0845 717 1100
Name:
Tel:
Website:
Fuse Box:
Meter:
Stopcock:
Meter:
Equipment
The following equipment has been assessed as essential to the day to day running
of the business:
Equipment
Type
I.T.
Details/checks/audits in place
Telephony
Mechanical
Vehicle(s)
Furniture
Other
4
Secondary Arrangements
Files/Records
The files and records for the business are stored and backed up at:
Record Type
Employee(s)
Primary Store
Secondary Store
Customer(s)
Supplier(s)
Accounts
Other
Suppliers
The following list comprises of suppliers critical to day to day business and the
secondary arrangements in place should their business fail:
Supplier of
Primary Supplier
Name:
Tel:
Name:
Tel:
Name:
Tel:
Name:
Tel:
Name:
Tel:
Name:
Tel:
Name:
Tel:
Name:
Tel:
5
Secondary Supplier
Name:
Tel:
Name:
Tel:
Name:
Tel:
Name:
Tel:
Name:
Tel:
Name:
Tel:
Name:
Tel:
Name:
Tel:
Distribution
The following list comprises of distributers critical to the logistics of day to day
business and the secondary arrangements in place should their business fail:
Distributer of
Primary Distributer
Name:
Tel:
Name:
Tel:
Name:
Tel:
Name:
Tel:
Name:
Tel:
Name:
Tel:
Name:
Tel:
Name:
Tel:
Secondary Distributer
Name:
Tel:
Name:
Tel:
Name:
Tel:
Name:
Tel:
Name:
Tel:
Name:
Tel:
Name:
Tel:
Name:
Tel:
Insurance
The business has the following insurance Policies in place:
Insurance Policy
Covered by Policy:
Building
Insurer:
Tel:
Policy Number:
Contents/Assets
Insurer:
Tel:
Policy Number:
Other
Insurer:
Tel:
Policy Number:
6
4. Emergency Response Checklist
In the event of an emergency affecting the business, the following checklist will be
used:
Fire Alarm/ Evacuation Signal (State what your evacuation signal is – detail/
record fire drill/training in this plan)
2. Coordination of Evacuation (State what your evacuation procedure is - detail/
record fire drill/training in this plan)
3. Exits (State where exits are, how they are marked – would be useful to include
a floor plan of the premises)
4. Extinguishers (State where extinguishers are stored and the purpose of the
extinguisher – i.e. chemical fires, electrical fires, etc. and who has been trained
to use them)
5. Assembly Point (State where your primary and secondary (if applicable)
assembly points are and how to get there safely – detail/record fire drill/training
in this plan)
6. Roll Call (State how occupants of the building have been recorded (i.e. staff,
visitors, contractors, etc.) to allow an accurate roll call to be taken once
evacuated.)
7. Key Contacts (State process/arrangements to ensure all employees/ next of
kin/others can be contacted in the event of an emergency?)
8. Utilities (State process for shutting off utilities in an emergency, including
person(s) responsible)
9. Grab Bag (State location of ‘grab bag’ and responsible employee(s))
10. Insurance (State process for contacting insurance company(ies))
11. Responsibility (who is responsible for all of the above actions?)
1.
5. Emergency Pack/ Grab Bag Contents
In the event of an emergency/evacuation of the building, it is recommended that a
named individual(s) takes a ‘grab bag’ when evacuating the building. This will
contain items that will be useful and could potentially safeguard those evacuated.
The recommended contents of this bag are as follows:





A wind up torch/torch with fresh batteries
A mobile phone (only required if evacuees not in possession of own/work
phones)
A copy of this plan/key contacts list
A pen (to check individuals off the roll call list)
Clothing items (i.e. waterproof ponchos (something light/easily carried), space
blankets for warmth)
7
6. Security/Facilities Management Policy
This section should contain the details of your security policy and who is responsible
for various tasks. Examples of items to be included are listed below:





Building access
Thefts
Threats to premises
End of day inspections (i.e. lights out, equipment switched off, doors and
windows locked, etc.)
Maintenance checks (i.e. utilities, air conditioning, security system, etc.)
7. I.T. Policy
This section should contain the details of your I.T. policy and who is responsible for
various tasks. Examples of items to be included are listed below:





Induction for employees (i.e. appropriate usage of email/internet)
System(s) maintenance
Upkeep of anti-virus software
Files/information back up
Alternative arrangements
8
8. Key Contact List
The following list should be reviewed and updated annually and also as changes are
notified:
Name
Employees
Home Number
Mobile
Next of Kin
Name
Suppliers
Office/Site Number
Mobile
Name
Customers
Office/Site Number
Mobile
Utility Type
Utilities
Number
Emergency Number
Company
Insurers
Policy Number
Telephone Number
9
9. Threats and Suspicious Packages
Upon receipt of a suspect package you must take the following actions:
 DO NOT MOVE THE OBJECT
 Ring 999 immediately and notify the Police and follow their instructions
 The police will need your details – provide all information requested
 Notify management/security immediately so they are on standby to assist with
evacuation
If the package is in/near a reception/public area:
 Arrange to clear the area by directing/escorting visitors away from the vicinity
or evacuate them as directed by management/security
 Place a cordon around the package so that it is easily identified – DO NOT
MOVE IT
 consider access and exits and lock where necessary
It is important that the following is also carried out:
 Manage car park access/egress and ensure the emergency services can
easily access
 Be ready to evacuate!
Meet the emergency services as they arrive and relay all available information
(service representative who found the package and management/ security).
BOMB THREATS


STAY CALM
LISTEN CAREFULLY
If possible, ask the caller the following questions & write down the answers
 Where is the bomb?
 When is it going to explode?
 What does it look like?
 What will cause it to explode?
 Did you (the caller) place the bomb?
 Why?
 What is your name or organisation?
 What is your telephone numbers?
Record time call completed:
 Contact the police on 999. Time informed:
The following part should be completed once the caller has hung up and the
Security Co-ordinator and the police have been informed:
Time and date of call:
Length of call:
Number at which the call was received (i.e. your extension number):
10
AFTER THE CALL
Write down the following details.
 Was the caller male or female?
 What nationality was the caller?
 Approximately what age was the caller?
 Was the caller well spoken, irrational, foul or incoherent?
 What was the caller’s voice like?
 Was there any background noise?
Tick where appropriate
Language
Well spoken
Irrational
Taped message
Offensive
Incoherent
Message ready by threat-maker
Background Sounds
Street noises
House noises
Animal noises
Crockery
Motor
Clear
Voice
Static
PA system
Booth
Music
Factory machinery
Office machinery
Other (specify)
Caller’s voice
Calm
Crying
Clearing throat
Angry
Nasal
Slurred
Excited
Other Remarks
Stutter
Disguised
Slow
Lisp
Disguised
Slow
Lisp
Accent
Type of accent
Rapid
Deep
Hoarse
Laughter
Familiar
If so, whose voice did it sound like?
11
10. Actions and Expenses Log
During an emergency it might be useful to keep a record of the actions taken or
damage incurred from an early stage. This could be useful for tracking financial
impacts and also costs recoverable from insurance policies.
Action Undertaken
Cost Incurred
Damage/Issue Identified
Cost Incurred
Total
12
Download