cp for essential staff - · pdf fileemergency planning for essential staff larry g. wlosinski,...
TRANSCRIPT
1
Emergency Planning for
Essential Staff
Larry G. Wlosinski,
CDP, CISSP, CISM, CAP, CRISC, CISA, ITIL v3, CBCP
Prepare for Disaster: Recover Faster.
October 2013
2
Larry G. Wlosinski CDP, CISSP, CISM, CAP, CRISC, CISA, ITIL v3, CBCP
Federal Government Experience (24+ yrs) EPA, NIH, CMS, DOJ, DHS, DOE, DIA, NOAA
Commercial Industry Experience (14 yrs) Insurance, International & Interstate Banking, Collections, Small Business
Consulting Experience: Computer Sciences Corp. (CSC) – Section Manager
Lockheed Martin – IT Security Manager
Booz Allen Hamilton (BAH) – Associate
And others – Sr. IT Security Engineer, Project Manager, etc.
IT Security Expertise: Policy, Procedure, Guidance, Standards, Templates, Checklists
IT Security Assessments (C&A/A&A, Risk, Audit)
Continuity Planning (OEP, BIA, ISCP, COOP, DRP, Devolution, etc.)
Cloud Security
Incident Response & Planning
3
Belated Reminder: September was
National Preparedness Month Update your Continuity Plans: Contingency,
Devolution, Disaster Recovery, COOP, etc.
Conduct a Fire Drill at each location
Test your Backup and Recovery Devices and
Media
Verify Command Center readiness
Test Emergency Communication capability
Update Calling Trees
4
Objectives
Provide a better understanding of federal
government emergency planning
Review some federal government
requirements
Provide an understanding of the different
plans
Present an idea of team responsibilities
Pass along some lessons learned
Show how the various plans differ
5
AGENDA
Orientation - Threats
Present Emergency Framework
National Essential Functions (NEFs)
Types of Plans
Discuss COOP & Devolution Plan
Federal Continuity Directives (FCD 1 & 2)
Elements & Building Blocks
Document Contents
Response Teams
Devolution Plan Contents & Comparison
6
AGENDA (2)
Discuss IT/S Contingency Planning Implementation/Activation Criteria
Contents
Teams
Exercises/Testing
Reporting – Lessons Learned, AAR
Review Contents of Other Plans COG
BCP
DRP
BRP
IRP
OEP
Pandemic
7
Federal Mandates
National Security Presidential Directive 51 /
Homeland Security Presidential Directive 20
(NSPD-51/HSPD-20) – 5/9/2007
National Continuity Policy
Executive Order 12656 - 11/18/1988
Assignment of Emergency Preparedness
Responsibilities
National Continuity Policy Implementation Plan –
8/31/2007
Federal Continuity Directives (FCD) 1 and 2 –
Feb. 2008
8
Sample Threats
Terrorist Attack
Biological
Bomb/Explosion
Chemical
Civil Disturbance
Fire (direct or nearby)
Water Damage or
Stoppage
High Winds
(Hurricane/Tornado)
Power Loss/Utility Failure
Hostage Situation
Radiological
Structure Damage
Building Deterioration
(electrical, pipes, roof)
Telecommunications Loss
Community Disaster
Metropolitan Commuting
Failure
Requests for Shelter
Airborne Crash
Health/Pandemic
Work stopage
9
Hierarchy of Business Continuity Management in
United States Civilian Agencies
10
National Essential Functions (NEFs)
1. Ensuring the continued functioning of our form of government under the Constitution, including the functioning of the three separate branches of government.
2. Providing leadership visible to the Nation and the world and maintaining the trust and confidence of the American people.
3. Defending the Constitution of the United States against all enemies, foreign and domestic, and preventing or interdicting attacks against the United States or its people, property, or interests.
4. Maintaining and fostering effective relationships with foreign nations.
5. Protecting against threats to the homeland and bringing to justice perpetrators of crimes or attacks against the United States or its people, property, or interests.
6. Providing rapid and effective response to and recovery from the domestic consequences of an attack or other incident.
7. Protecting and stabilizing the Nation’s economy and ensuring public confidence in its financial systems. Providing for critical Federal Government services that address the national health, safety, and welfare needs of the United States.
11
PMEFs and MEFs
Primary Mission Essential Functions (PMEF) are
agency functions that support the performance of the
NEFs
Functions that need to be continuous or resumed within 12 hours
after an event and maintained for up to 30 days or until normal
operations can be resumed.
Mission Essential Functions (MEF) are government
functions that support PMEFs
Functions that enable an organization to provide vital services,
exercise civil authority, maintain the safety of the public, and
sustain the industrial/economic base during disruption of normal
operations.
12
Types of Emergency Plans
Continuity of Government (COG)
Continuity of Operations Plan (COOP)
Devolution Plan
Business Continuity Plan (BCP)
Information Technology/System Contingency Plan (CP)
Disaster Recovery Plan (DRP)
Business Resumption Plan (BRP)
Incident Response Plan (IRP)
Occupant Emergency Plan (OEP)
Pandemic Plan
13
NIST SP 800-34
Relationships of Emergency Plans
14
15
Types of Emergency Plans
USA Continuity of Government (COG) Many plans
Continuity of Operations Plan (COOP) – FPC 65 Viable, executable plans for leadership, succession, and key personnel to ensure that
a department/agency’s essential functions continue to function as needed.
Information System Contingency Plan – NIST SP 800-34
Management policy and procedures designed to maintain or restore business operations, including computer operations, possibly at an alternate location, in the event of emergencies, system failures, or disaster.
Disaster Recovery Plan (DRP) A written plan for processing critical applications in the event of a major hardware or
software failure or destruction of facilities. The DRP defines management policy and procedures designed to maintain or restore computer operations, at an alternate location, in the event of emergencies, system failures, or disaster.
FCD 1 = Federal Continuity Directive 1, October 2012; FCD 2: July 2013
FPC 65 = Federal Branch Continuity of Operations (COOP), June 2004
NIST SP 800-34 = Contingency Planning Guide for Information Technology Systems
16
Types of Emergency Plans (2)
Incident Response Plan (IRP)
The IRP provides a roadmap for implementing its incident response program based on the organization’s policy. The plan lays out the resources, management support, metrics, training, and reporting that is needed to effectively maintain and mature an incident response capability.
Business Resumption Plan (BRP)
Addresses the resumption of normal business after the contingency event is over.
Business Continuity Plan (BCP)
BCPs are written at the office/component level, and they focus on sustaining the essential Business Functions. These plans address the overall recovery strategy for the organization and the steps to be taken immediately after a contingency event is declared. The BCP includes the OEP, ITCPs, IRPs, DRP, and BRP.
Pandemic Plan
Pandemic Plan emphasizes that continuing operations in the face of a pandemic may not entail an official COOP declaration and that maintaining functionality may be accomplished through contact intervention (social distancing) strategies, telework and other means, and may not require the relocation of the personnel. The Pandemic Plan also recognizes that relocation may be necessary due to a separate or concurrent event.
17
Types of Emergency Plans (3)
Crisis Communications Plan
Establishes internal and external communications procedures
Occupant Emergency Plan (OEP)
Outlines an organization’s emergency response: evacuation, calling emergency authorities, etc.
Risk Management
Trains planners in a risk-based approach to identify vulnerabilities or gaps to facilities,
personnel, operations, and resources, and recommends mitigation actions
Devolution Plan – FCD 1
To ensure the continuation of an agency’s essential functions in the event that the
agency’s leadership and staff are unavailable or incapable of performing its essential
functions from either its primary or alternate facilities
18
Communications
Emergency Notification System (ENS)
Telework (e.g., Cloud e-mail)
Hoteling (e.g., FEMA, BAH)
Virtualize Vital Records
Resources/Tools (GotoMeeting, Skype)
PDA, Cell Phone – Texting
SharePoint
Voice
Wireless
19
Continuity of Operations Plan
(COOP) & Devolution Plan
SEC_RITY is not complete without U!
20
Federal Continuity Directive 1 (FCD 1) –
Continuity Evaluation Tool (CET)
Federal Executive Branch National Continuity Program and Requirements Program Plans and Procedures (21 questions)
Budgeting and Acquisition of Resources (8)
Essential Functions (13)
Orders of Succession (10)
Delegations of Authority (9)
Continuity Facilities (22)
Continuity Communications (10)
Vital Records Management (20)
Human Capital (15)
Test, Training, and Exercise Program (34)
Devolution of Control and Direction (10)
Reconstitution Operations (16)
Operational Phases and Implementation (47)
21
Federal Continuity Directive 2 (FCD 2) –
Business Process Analysis (BPA)
Implements the requirements of FCD 1, ANNEX C.
It provides guidance and direction to Federal executive branch departments and agencies for identification of their Mission Essential Functions (MEFs) and potential Primary Mission Essential Functions (PMEFs).
It includes guidance and checklists (7 worksheets) to assist departments and agencies in assessing their essential functions through a risk management process and in identifying potential PMEFs that support the National Essential Functions (NEFs) – the most critical functions necessary to lead and sustain the nation during a catastrophic emergency.
The FCD provides direction on the formalized process for submission of a department’s or agency’s potential PMEFs that are supportive of the NEFs.
Includes guidance on the processes for conducting a Business Process Analysis (BPA) and Business Impact Analysis (BIA) for each of the potential PMEFs that assist in identifying essential function relationships and interdependencies, time sensitivities, threat and vulnerability analyses, and mitigation strategies that impact and support the PMEFs.
22
COOP Elements
Essential Functions
Delegation of Authority
Orders of Succession
Vital Records,
Databases & Systems
Interoperable
Communications
Contingency Staff and
Responsibilities
Calling Tree
Devolution
Reconstitution
Tests, Training, and
Exercises
23
Continuity of Operations Plan (COOP)
I. Introduction
II. Purpose
III. Application and Scope
IV. Mission Essential Functions (MEFs)
V. Authorities and References
VI. Concept of Operations (next slide)
VII. COOP Planning Responsibilities
VIII. Logistics I. Alternate Location
II. Interoperable Communications
IX. Test, Training, and Exercises
X. Multi-Year Strategy & Program Management Plan (MYSPMP) I. Budget
II. Maintenance
XI. COOP Maintenance
24
COOP - Concept of Operations
PHASE I – ACTIVATION AND RELOCATION Decision Process
Alert, Notification, and Implementation Process
Leadership Orders of Succession
Delegations of Authority
Devolution
Personnel Accountability
Acquisition of Resources
Human Capital
PHASE II – ALTERNATE FACILITY OPERATIONS Mission Critical Systems
Vital Files, Records, and Databases
PHASE III - RECONSTITUTION
25
COOP - Sample Appendices
A. Authorities and References
B. Business Impact Analysis (BIA)
C. Emergency Personnel Rosters
D. Go-Kit Recommendations
E. Emergency Operational Checklists (Code Orange & Red)
F. Human Capital (OPM Guidance)
G. Family Support & Preparedness
H. Emergency Telephone Numbers
I. Alternate Location/Facility Information
J. Maps and Evacuation Routes
K. Facility and Risk Assessments
L. Emergency Communications Procedures
M. Multi-Year Strategy and Program Management Plan (MYSPMP)
N. Test, Training, and Exercises
26
Emergency Teams Management: Confirms and communicates site relocation decision; Receives the Initial Disaster Alert;
Verifies Status of Personnel; Verifies and Assesses the Damage in Coordination with the Damage Assessment Team; Decides Course of Action (Short vs. Long Term; Alternate Site/Location Assessment); Coordinates Communication (Across Teams; Intra-Team); Activates the ITCP; Plans expenditures (funding requirements & allocation)
Damage Assessment: Determines amount and type of damage; Prepares initial estimate of time to restoration (this estimate will be used by management to determine whether to invoke COOP and/or relocate personnel to alternate facility); Performs continuous communication with management and others responsible regarding status.
Network Restoration: Performs restoration of Services; Responsible for ensuring that all backbone architecture is restored and stable (Voice, Video, Data); Vendor Coordination
Application Restoration: Responsible for restoration of all organization’s essential applications once notified by network restoration team that network is stable and ready for application restoration process to begin. Applications include: E-mail, Web services, Customer applications, etc.
Physical Security: Responsible for physical and logical security; Ensures that only authorized personnel have access to either the main site or the alternate recovery site as required
System/Network Security: Enforcement of all security plans, policies and procedures during and after the return to normal operations; Monitors environment and may advise on recovery efforts (e.g., malicious software or activity, network security controls/safeguards, reporting)
Help/Service Desk: Invokes the crisis management procedure; Maintains list of points of contact; Receives problem/event information; Determines scope of problem; Prepares service desk standard response; Informs the team of situation and provide response verbiage; Answers problem/service calls; Completes Remedy tickets; Tracks problem and resolution activity; Adjusts call response according to events
27
Exercise & Lessons Learned
Exercise
Eagle Horizon – annual
Require involvement of Essential Staff
Lessons Learned
Plan, plan, plan
Prepare scenarios
Test Calling Tree
Write an After Action Report (AAR)
Implement enhancements
28
COOP to Devolution Plan Comparison
Phase COOP Devolution
Concept
Relocate selected
personnel to alternate
facility
Transfer COOP
mission to
devolution site
Planning
COOP personnel will
perform essential
functions at alternate
facility
Devolution site
personnel will
perform essential
functions
Implementation
(including tests,
training, and
exercises)
COOP personnel
deploy to alternate
facility and perform
essential functions
Devolution site
personnel perform
essential functions
29
FACILITY
PERSONNEL Normal
Operations
MISSION
COOP -vs- Devolution
COOP
Activation FACILITY
PERSONNEL
MISSION Loss of Facility
PERSONNEL
MISSION
ERS FACILITY
COOP Execution
MISSION MISSION
FACILITY
Devolution Execution
New FACILITY
New PERSONNEL
Devolution
of
Operations
Loss of Facility
& Personnel
PERSONNEL
Reconstitution
Takes Organization back to a state of Normalcy Potomac Forum, Ltd.
30
Devolution Plan
2. CONCEPT OF OPERATIONS 2.1 Disruption of Operations
2.2 Operational Sites
2.3 Operations Activation Conditions
2.4 Devolution Scenarios
2.5 Relationship between Continuity & Devolution of Operations
2.6 Threat Conditions & Potential Responses
2.7 Assumption of Essential Functions and Mission
2.8 Orders of Succession
2.9 Delegations of Authority
2.10 Personnel Recall Roster
3. ORGANIZATION AND RESPONSIBILITIES 3.1 Responsibilities of Devolution Working Group
3.2 Responsibilities of Devolution Emergency Response Group (DERG)
3.3 Organization
31
Devolution Plan 4. DEVOLUTION OF OPERATIONS IMPLEMENTATION
4.1 Readiness & Preparedness
4.2 Activation & Transfer of Authority
4.3 Devolution Operations
4.4 Reconstitution
5. SUPPORT REQUIREMENTS 5.1 Personnel Coverage Procedures During DERG Activations
5.2 Vital Records Management
5.3 Pre-Positioned Information
5.4 Continuity Communications
5.5 Tests, Training, & Exercise Program
5.6 Security
5.7 Budgeting and Acquisition
5.8 Human Capital
Appendices: MEFS
Resource Requirements
Devolution of Operations Sites
Devolution Counterparts
Acronyms
Threat Scenarios
32
Information System
Contingency Plan (ISCP)
Prepare for Disaster: Recover Faster.
33
Criteria Needed to Implement ISCP
Safety of personnel
Service disruption that adversely affects the mission
Extended power disruption
Catastrophic network event
Normal troubleshooting / restoration procedures are not sufficient to repair the outage in a timely period
Unable to support the mission essential functions
34
Contingency Plan Outline
1. Introduction
2. Concept of Operations
3. Notification and Activation (next 3 slides)
4. Recovery Operations
5. Reconstitution (Return to Normal)
6. Testing Plans
7. Training Scenarios and Exercises
8. Lessons Learned
9. Plan Maintenance
10. Appendices
35
ISCP Concept of Operations PHASE I – ACTIVATION AND RELOCATION
Decision Process
Alert, Notification, and Implementation Process
Declaring a Disaster
Determine Impact & Severity
Activating the Recovery Data Center
Leadership
Orders of Succession
Delegations of Authority
Devolution
36
ISCP Concept of Operations
PHASE II: ALTERNATE FACILITY OPERATIONS
Systems Recovery Priority
Vital Files, Records, and Databases
Recovery Teams
37
ISCP Concept of Operations PHASE III: RECONSTITUTION
Planning Responsibilities
Logistics
Alternate Location
Backup
Media Storage
Interoperable Communications
Test, Training, & Exercises
Plan Maintenance
38
ISCP Appendices (Suggested)
A. Personnel Contact List
B. Vendor Contact List
C. Detailed Recovery Procedures
D. Alternate Location/Facility Information
E. System Validation Test Plan
F. Alternate Storage Site and Telecommunications
G. Diagrams (System and Input / Output)
H. System Inventory
I. Interconnections Table
J. Test and Maintenance Schedule
K. Associated Plans and Procedures
L. Business Impact Analysis (BIA)
M. Document Change Page
39
ISCP Exercise Phases
Damage Assessment
Recovery
Reconstitution
40
Recovery Teams
Essential Recovery Personnel Primary, Secondary, Tertiary
Teams Functions
Leadership
Team Leads
Subject Matter Experts (SMEs)
Actual teams are assigned as required to restore essential functions/systems
for example: Management Team
Damage Assessment Team
Server Restoration Team
Application Restoration Team
Network/Architecture Restoration Team
Database (DB) Restoration Team (when applicable)
Security Team
Help/Service Desk Team
41
ISCP Testing Objectives
Keep personnel assignments and notification/call lists current
Acquaint new employees with responsibilities
Verify backup storage procedures
Verify primary and backup site have same configurations
Train staff
Test recovery procedures and checklists
Identify and correct vulnerabilities
Identify and mitigate new threats
42
Sample ISCP Scenario Variables
Power outage
Loss of equipment or
data
Loss of connectivity
Unavailability/loss of
staff; staff turnover
Level of testing (one
sample, partial, full)
Stale documentation
Contractual support
issues
Conflicting priorities
Problems with on/off-
site work environment
Issues with alternate
location
43
Lessons Learned Report
1. Component
2. System(s) Covered
3. Exercise/Test Date
4. Personnel
Present/Participants
5. Scenario/Exercise
Description
6. Results
a. Description
b. Impact
c. Team Issues
7. Lessons Learned
a. What Went Right?
b. What Went Wrong?
c. What should have
been done differently?
d. Preventative measures
and recommendations
e. Follow-up actions
needed
f. Items for revised ISCP
44
CP After Action Report (AAR)
Executive Summary
Exercise Overview
Goals and Objectives
Synopsis
Exercise Analysis
Lessons Learned
Exercise Concerns
Exercise Response Analysis
Action Items & Recommendations
Appendices – Exercise Scenarios
45
Other Plans:
Continuity of Government (COG)
Business Continuity Plan (BCP)
Disaster Recovery Plan (DRP)
Business Resumption Plan (BRP)
Incident Response Plan (IRP)
Occupant Emergency Plan (OEP)
Pandemic Plan
Sec-UR-rity - You are at the center.
46
Continuity of Government (COG) - Many plans by sector
Agriculture & Food
Banking & Finance
Chemical
Commercial Facilities
Communications
Critical Manufacturing
Dams
Defense Industrial Base
Emergency Services
Energy
Government Facilities
Healthcare & Public
Health
Information Technology
National Monuments &
Icons
Nuclear Reactors,
Materials & Waste
Postal & Shipping
Transportation Systems
Water
47
Business Continuity Plan (BCP)
Business continuity planning
reestablishment of critical business operations
so that operations can continue
If a disaster has rendered the business
unusable for continued operations, there
must be a plan to allow the business to
continue to function
48
Disaster Recovery Plan (DRP)
1. Purpose and Scope
2. Objectives [e.g., Scale up and manage alternate site]
3. Assumptions
4. Criteria for Invoking DRP
5. Team Responsibilities
6. Emergency Procedures (Recovery Team)
7. Recovery Scenarios (Minor, Major)
8. Recovery Tasks/Activities by Team (Immediate, 3 Hours, 24 hours, Ongoing)
9. Command Center (Primary & alternate locations; Requirements)
10. Standby Facility (Location; Activation POC & Procedures)
11. Data Storage (Location, POC Information)
49
DRP (2)
12. Critical Applications (Classification, Prioritized, Time Est., Requirements)
13. Supplies for Standby Facility (Immediate needs; Where to obtain)
14. POC Information (Management, Teams, Vendors & Suppliers, Users)
15. Inventories
Hardware: mainframe, server, workstations/PCs, disk & tape drives, printers, network equipment, non-computer
Software: operating systems, utilities, application, data/backup
16. Supporting Documentation (Production schedules, policies, site plans, network diagrams, backup and restore procedures, first aid, OEP)
17. Testing and Training
18. Plan Maintenance (Cycle, records, distribution)
50
Business Resumption Plan (BRP)
Government: Largely used by the government for
focusing on specific essential functions within the
organization.
Industry: The business resumption plan addresses
restoration of your business after an emergency.
Different from the disaster recovery plan and business
contingency plan, the BRP does not contain continuity
procedures used during an emergency; instead it
focuses on preventative measures and after the dust
settles. The BRP helps you get your business back into
full running order.
51
Sample Incident Response Plan (IRP)
Purpose
Scope
Applicability
Definitions
Requirements for Incident Response
Objectives and Measures of Effectiveness
Organization and Structure
Roles and Responsibilities
Policies and Procedures: Pre-Incident Actions, Incident Recognition, Incident Reporting, Investigating and Reporting Data Loss Incidents, Incident Response Procedures
Vulnerability Management
Information Dissemination Control
Compliance Requirements
Appendices: POCs, Reporting Form(s)
52
Occupant Emergency Plan (OEP)
Emergency Alarms
Emergency Instructions for All Employees
Evacuation Procedures
Personnel Assignments
Duties of Emergency Response Participants
Cellular Phone and Pager Usage
Shelter-In-Plan
Appendices: Emergency Services & Utility Services
Homeland Security Advisory System
Evacuation Plan
53
Pandemic Plan
1. OPM Human Capital Planning for Pandemic Influenza
2. COOP Annex – Pandemic Influenza
3. Response Stages 0-6 & Checklists
4. Government Purchase Card
5. Support of the Federal Response to a Pandemic Emergency
6. External Stockholder Communications
7. Response Stage Sample Messages
8. Contractor Management: Contractor Guidance During a Pandemic; Notice to Contractors; Emergency Acquisitions
9. Main Office Phone Numbers
10. Interoperable Communications; POC Lists
11. Accountability: Accountability Policy; Authority to Grant Administrative Leave Letter; Staff Accountability Worksheet
12. Non-Traditional Roles
13. Awareness Tools: Posters, Brochures, Web Sites, etc.
14. Vaccination Prioritization
15. Telework Program & Policy (Request Form & Agreement)
54
Appendices to Pandemic Plan
PMEFs and MEFs
Emergency Procurement Procedures
Pandemic Response Procedures
Pandemic Evaluation Tool
Communications
Preventative Measures
Human Capital Guidance
References
Glossary and Acronyms
55
56
Boy Scout Motto:
Be Prepared!