risk mitigation plan
Post on 20-Feb-2022
10 Views
Preview:
TRANSCRIPT
KENYA NIWAJIBU WETU (NIWETU)
Project Risk Mitigation Plan
Award No: AID-OAA-I-13-00013/AID-615-TO-16-00010
Prepared for:
United States Agency for International Development/Kenya
C/O American Embassy
United Nations Avenue, Gigiri
P.O. Box 629, Village Market 00621
Nairobi, Kenya
Prepared by:
DAI Global, LLC
7600 Wisconsin Ave, Suite 200
Bethesda, MD 20814
DAI Confidential
NOTE
This is a “pre-event” plan designed to mitigate risks for
NIWETU, as opposed to the Incident Management Plan (IMP),
which is used “post-event.” The IMP provides guidance for
managing various incidents and is available in the NIWETU
project office and on the DAI Portal.
The plan is a living document that is updated regularly based on
changes in the operating environment, political realities and
ongoing project learning. Should there be a Standard Operating
Procedure change, staff will be informed via the Security Focal
Point (SFP), Ibrahim Somo, and an updated version of the plan
will be circulated.
Kenya NiWajibu Wetu (NIWETU) Risk Mitigation Plan i
DAI Confidential
Contents
Project Operations Overview 1
Introduction 2
Security Situation 2
Potential Risks and Mitigation Measures 4
Security Concept and Measures 6
Roles and Responsibilities 7
Information, Reporting and Analysis 8
Standard Operating Procedures 8
Incident Management 12
Communications 13
IT Infrastructure Security Measures 13
Medical Issues 16
Annex A: Security and Emergency Contacts (as of 17 Oct 2016) 18
Annex B: Warden System (as of 17 Oct 2016) 20
Annex C: Hibernation, Relocation and Evacuation Plan 22
Annex D: Staff Security and Safety Guidelines 24
Annex E: Risk Category Matrix 25
Annex F: Vehicle Safety Guidelines 27
Annex G: Local Health Care Providers 30
Kenya NiWajibu Wetu (NIWETU) Risk Mitigation Plan 1
DAI Confidential
Project Operations Overview Type of Staff Number Notes/Description
Cooperating Country Nationals (CCNs) 26 Includes LTTAs and local support staff
Expatriates (Expat) and Third Country
Nationals (TCNs) 3 Chief of Party (COP), Director of Grants and Operations
(DEPUTY DIRECTOR OF OPERATIONS) and
Communications Officer, Expat LTTAs
Offices Number Notes Description
Nairobi 1 House #82 UN Crescent
Gigiri, Nairobi
Garissa 1 Nomads Palace Hotel, off Kismayo Road
Mandera 1 Redsea Resort Hotel, Mandera Town
Isiolo 1 Ebada Plaza, Isiolo Town
Wajir 1 Red Cross Office, Wajir Town
Travel Notes/Description
In-city Project travel shall take place in project vehicles or
transportation services procured by the project. As needed,
vetted taxis may be used.
In-country Project travel shall take place in project vehicles, ground
transportation services procured by the project, or plane.
TAMIS requests need to be initiated for any project travel
outside of Nairobi. The Kenya-Somalia border regions
require due diligence for all staff and must be cleared by the
SFP.
Kenya NiWajibu Wetu (NIWETU) Risk Mitigation Plan 2
DAI Confidential
Introduction This Risk Mitigation Plan will ensure your familiarity with the security procedures, requirements
and security information as they relate to project staff. This is not a policy document; rather,
this plan outlines practical procedures related to DAI security policies. For security policies,
please refer to the DAI Field Operations Manual (FOM), Section 11: Project Security and Safety.
Every member of the project has a responsibility to promote security, and is required to follow
all rules and procedures contained in this Risk Mitigation Plan. Failure to do so could endanger
your life, put others at risk, and place the project in jeopardy. The Risk Mitigation Plan is
designed to help keep you and your colleagues safe, and to enable our projects to run safely.
The COP has overall responsibility for enforcing the Risk Mitigation Plan. The Risk Mitigation
Plan will be updated periodically, but all staff are encouraged to contribute to the plan through
the COP as needs arise.
All staff, whether short- or long-termers, must read this Risk Mitigation Plan. Failure to comply
with security protocols can result in the dismissal of the staff member from the project. This
Risk Mitigation Plan is a confidential document and is not to be disseminated to any other party
without the written permission of the COP.
SUPPORTING DOCUMENTS
Hard copies of this Risk Mitigation Plan and supporting references are kept in the office of the
DEPUTY DIRECTOR OF OPERATIONS.
Supporting references for this plan—available on the DAI Portal or on the Project Technical
and Administrative Management Information System (TAMIS)—include:
▪ Field Operations Manual: Section 11. Project Security and Safety of the Field Operations
Manual (FOM), where this template is housed, outlines DAI’s Security Policy and
important procedures on day-to-day project security management and incident
management.
▪ Project Security Plan Guide: Provides guidance on how to create the project security plan.
▪ DAI’s Project Resource Manual: Provides common features to many insecure situations
and events, supporting Standard Operating Procedures (SOPs) and guidance.
▪ The Incident Management Plan: Used for managing emergencies and incidents at the
project level. The Incident Management Plan contains guidance on how to manage an
incident, a communication plan, information collection tools and action checklists. It also
includes an introduction to various threats DAI projects and staff might face as well as
guidelines on mitigating these threats.
Security Situation Kenya faces a complex variety of security threats, including ethnic and religious tensions, high
crime rates and a heightened risk of terrorist attacks. Ethnic violence is a notable concern and
major political events, including elections, are known to exacerbate the threat. While civil
unrest related to the 2013 general elections was generally limited to western Kenya, including
Kakamega and Kisumu Counties and the coastal county of Tana River), violence was
Kenya NiWajibu Wetu (NIWETU) Risk Mitigation Plan 3
DAI Confidential
widespread during the 2007 elections. Ethnic disputes over natural resources, particularly in
rural counties such as Marsabit, Samburu and Tana River, frequently escalate into violent
conflict.
The high rate of crime, particularly in urban areas, constitutes a major threat. Nairobi possesses
high crime rates from a variety of criminal acts, including opportunistic petty theft (pick-
pocketing and snatch-and-grab) and armed violent crime (armed muggings, carjacking,
residential and business burglaries). Criminals regularly wield weapons during crimes and display
a willingness to shoot uncooperative or hesitant victims. Kawangware, and similar estates in
Eastlands, reportedly suffer from the highest rates of gun-related crime. However, violent
crime commonly occurs in Dandora, Eastleigh, Embakasi, Gikomba, Kariobangi North, Kibera
and Korogocho. Large crowds have the potential to incite and escalate mobs and to increase
the risk of criminal activity. Outside of Nairobi, banditry in rural areas and along roads increase
after dark. The threat of kidnapping is also present, particularly in areas near the Somali
border. Recent acts include an attempted kidnapping of an international humanitarian staff
member on a convoy near the Dabaab refugee complex in 2014 and the successful kidnapping
of a Kenyan NGO worker from the Dabaab refugee camp in 2015.
Kenya has a history of terrorist attacks. Such threats have elevated since 2011 when Kenya
commenced military action against al-Shabaab (AS) and Islamist rebels in Somalia. AS has
subsequently executed and attempted attacks throughout Kenya, with Dadaab, Garissa,
Mombasa and Nairobi experiencing higher threat levels. The range of targets is varied, including
churches in the border areas with Somalia, Nairobi’s Eastleigh neighborhood, religious
gatherings, population centers and police/law enforcement. Over fifty attacks occurred in 2015,
largely in the northeastern counties of Garissa, Mandera and Wajir and the coastal county of
Lamu. The most prominent AS attack was on Garissa University, which left 147 dead. Other
attacks included assaults on police forces, and bus hijackings. Small-scale attacks remain the
most prevalent, but the U.S. Embassy indicates a continued risk of attacks targeting foreign
interests, including the recent January 2019 attack on the 14 Riverside complex.
Violent civil unrest continues to threaten many parts of Kenya, including Nairobi. While
political events are known to cause unrest, ethnic tension and conflict are additional sources of
potential violence. Population displacement in the western provinces and the Rift Valley remain
unresolved. The 2017 planned general elections were a source of concern, with past elections
marked by violence. Within Nairobi, protests may result in road blockades and demonstrations.
Kenya NiWajibu Wetu (NIWETU) Risk Mitigation Plan 4
DAI Confidential
Potential Risks and Mitigation Measures NIWETU recognizes that there are potential risks based on both the country of operation and
the focus of the project that could impact implementation. Where feasible, NIWETU will take
the necessary steps to seek to mitigate these risks. If risks cannot be mitigated, NIWETU will
make recommendations for the way forward based on the details of the situation.
The following chart outlines the major risks, accompanying mitigation measures and response
plans for key issues that may impact NIWETU implementation. This list is not exhaustive.
Through the ongoing environmental scanning occurring under the project, NIWETU will update
its contextual awareness in key areas and aim to forecast trends or potential issues as they
arise. Using this ongoing information stream, risks will be assessed and mitigated as best as
possible.
As detailed in the rest of the plan, the issues listed below are not the only concerns for
NIWETU, but represent the most salient threats to ongoing implementation of the project.
Issue Mitigation Measure Response Plan
Shift by the Government of
Kenya towards implementing partners working in the CVE
space
Re-brand program with a
unique name so as to not use the phrase “CVE”. Open
communication with USAID
to remain abreast of current
thinking and attitudes.
Work with USAID to shift
language and posture of programming away from
CVE.
Project subject matter and
beneficiaries of sensitive
nature
Adopt a “low profile”
presence befitting the local
culture in all regions. Mimic
surrounding buildings, limit
visual and physical exposure
and avoid using USAID
branding on buildings and
vehicles. Use information
from ongoing environmental
screening to understand
changes in attitudes towards
the project.
Train all staff on how to
maintain a low profile and on
the importance of discretion
when discussing project
activities. Develop talking
points to be used by all staff.
LTTA Expat work permit
and/or associated dependent
passes processing time
Submit work permit packages
directly upon arrival and
carry proof of filing
paperwork when travelling.
Frequent communication
with USAID and consistent
tracking of the status of work
permit packages, TAPP cards,
etc.
LTTA Expatriate work
permit and/or associated
dependent passes denied
Consistent planning and
proactive mentoring:
NIWETU Deputy Director
of Operations consistently
Demobilization of affected
staff member/s, shift to
remote management posture
where certain functions are
Kenya NiWajibu Wetu (NIWETU) Risk Mitigation Plan 5
DAI Confidential
mentors, and Chief of Party
consistently mentors DCOP.
managed by offsite personnel
and transition certain
authorities (TBD) to local
counterparts.
Official detention of staff
while conducting project
activities
Slow, proactive and
intentional engagement in
NIWETU’s areas of
operation so that local
government and law
enforcement are aware of NIWETU’s objectives and
are familiar with staff
movement patterns.
Immediate engagement by
the senior management team
with DAI’s local lawyers;
immediate communication
with USAID COR and, under
her advisement, the EXO and RLA. Program team use
relationships with County
Commissioners, and local law
enforcement.
Major destabilizing event NIWETU will use a Risk
Category Matrix (Annex E)
to categorize the security
environment within a town
or city. NIWETU will have
dedicated staff members
charged with constantly
monitoring the political
environment and will have a
communication plan to
ensure all staff are informed
and aware.
Detailed Hibernation,
Evacuation and Relocation
Plan clearly outlines multiple
scenarios and stages as
applied to major events.
Problems moving cash at the
county level
The project will use Standard
Chartered Bank’s ‘M-Wallet’
application to provide staff
cash via M-Pesa for field use.
NIWETU will avoid cash
payments to grantees, using
checks and money wires for
payments. Standing Blanket
Purchase Agreements with
service providers.
High crime rate in Nairobi
(Office)
Security measures in the
office will include guard
services, alarm and panic
buttons, reinforced windows and doors and an access
control system. All staff will
be trained on SOPs as
outlined below in the plan.
NIWETU will avail itself of
private security and law
enforcement support.
Kenya NiWajibu Wetu (NIWETU) Risk Mitigation Plan 6
DAI Confidential
High crime rate in Nairobi
(Personal)
All staff will be trained on
SOPs as outlined below in
the plan.
NIWETU will avail itself of
private security and law
enforcement support.
Communication and
Information Security
Only staff are permitted to
use DAI-provided
computers. DAI-provided
computers are equipped with
malware and hardware
security locks. Information
will be stored on a private server procured expressly
for NIWETU. WPA2-
encrypted wireless network
protocols will be in place to
support protected internet
access. NIWETU will use
Skype and WhatsApp,
encrypted virtual platforms,
for online and telephone
communications. All
hardcopy files containing
personal information will be
secured in a locked room.
The DAI home office has the
ability to wipe and clear
computers and the server
remotely. Backups of the
server are in Bethesda,
Maryland so information
continuity remains.
Security Concept and Measures To implement projects of this nature safely, staff must project a “low-profile” presence that is
befitting to the local culture in all regions. At the county level, this requires staff behavior to be
above reproach and commensurate with the local culture. NIWETU physical security measures
must balance low-profile compatibility with the local surroundings and adequate protection
against major security risks. This requires that NIWETU mimic surrounding buildings as much
as possible, avoid using USAID branding on NIWETU buildings and vehicles and ensure that
staff clothing and attire is commensurate with norms established in the area/s in which
NIWETU personnel are travelling.
The SFP will manage day-to-day security and implement DAI’s low-profile strategy while liaising
with the COP.
The office will be guarded by security personnel 24/7 and CCTV cameras will monitor the overall
building complex. The NIWETU office is secured by an alarm system along with strategically-
placed panic buttons which, when activated, will trigger a response from the security provider.
Kenya NiWajibu Wetu (NIWETU) Risk Mitigation Plan 7
DAI Confidential
NAIROBI CONCEPT
Although the NIWETU program based in Nairobi is not deemed to be exposed to any specific
risks, staff are vulnerable (as are the rest of the population) to residual risks such as criminality.
In the current environment, this does not impact NIWETU operations.
SOMALIA-KENYA BORDER REGION AND NON-PRESENCE AREA CONCEPT
Staff not designated to work in these areas should not proceed to the border regions unless a
full risk assessment has been carried out and mitigation measures have been put in place.
Designated local staff may operate in these areas, but must have reporting structures put in place.
For the provision of security, NIWETU staff will generally rely on community acceptance.
Roles and Responsibilities The COP has overall responsibility for the safety of project staff, the project and its assets. All
major security decisions, including those related to procuring equipment, hiring security service,
and handling major security incidents, shall be approved by the Global Security Director or
designee before purchase or action.
The DCOP is the SFP for the project and is responsible for:
▪ Reporting directly to the client and Department of Global Security on security-related
issues.
▪ Updating the Risk Mitigation Plan and managing safety within the project.
▪ Informing and coordinating with staff on security, including decisions made by the client
or others affecting the security of staff or projects.
▪ Coordinating emergency contingency plans such as evacuation, medical or otherwise, of
staff.
▪ Monitoring the security environment.
▪ Scheduling periodic security training and drills, and testing systems and equipment
especially before anticipated events that might have security implications (such as
elections).
▪ Providing visitors, STTAs and new staff with a security briefing.
For non-presence areas, each traveling team will appoint a Traveling Warden (TW). The TW
will be the most senior traveling team member and will be responsible for:
▪ Ensuring that the traveling team receives a security briefing pre-departure.
▪ Establishing on the ground contacts and sharing lodging information with the traveling
team.
▪ Filling out the Warden System with the traveling team’s contacts.
▪ Ensuring that vehicle preparation is conducted per Annex F guidelines.
▪ Establishing a check-in schedule with team and reporting to the SFP as predetermined.
▪ Reporting to SFP/RSFP any security events impacting staff safety while traveling.
▪ Ensuring that satellite phones are tested and functioning pre-departure.
All project staff (LTTA, STTA, ICAs and others) are responsible for:
Kenya NiWajibu Wetu (NIWETU) Risk Mitigation Plan 8
DAI Confidential
▪ The safety and security of themselves and co-workers.
▪ Adhering to security instructions issued in the plan or others issued by the SFP.
Staff have a responsibility to report to the SFP any of the following;
▪ Any threat or incident directly affecting staff safety or project continuity.
▪ Updates on the security situation in their area of responsibility.
▪ All travel plans including contact information and estimated dates of travel.
Information, Reporting, and Analysis NIWETU will get security information from the United States Embassy via SMS and email as
well as through the USAID Kenya PLSO and UNDSS/NSP reports circulated by Global Security.
Some staff members will subscribe to SMS alerts and disseminate the information through the
Warden System. Information from iJET, ISOS and other open source or contracted sources is
also employed. The SFP will monitor the news and inform staff of any issues or security
concerns.
See Annex A: Security & Emergency Contacts for a list of contacts in the event of a
security incident.
See Annex B: Warden System for further details about the Warden System and protocol.
Standard Operating Procedures
OFFICE SAFETY AND SECURITY
• No firearms are permitted in DAI CVE offices.
• All staff are to be sensitized and trained on basic security protocols.
• All offices have security guards 24/7 with access control systems in place.
• A key registry must be kept.
• Entry to vendors is not allowed beyond the reception area.
• All LTTA expat, TCN staff and STTA DAI employees traveling to the project must register
their details on iJET Worldcue (https://traveler.worldcue.com).
• Do not use public transportation on duty except for NIWETU-designated taxis and other
taxis.
• Do not have cell phones clipped to the side (belt). Cell phones are better kept inside
pockets.
• Do not count money in public or carry large amounts.
• All security-related incidents must be immediately reported to the SFP.
• All staff must carry a phone at all times.
• Any phone number and/or address changes must be reported to the DEPUTY
DIRECTOR OF OPERATIONS in writing.
• Security vehicle and personnel searches shall be followed by all staff no matter the position
or nationality.
Kenya NiWajibu Wetu (NIWETU) Risk Mitigation Plan 9
DAI Confidential
Access Control and Security Guards
Access to the NIWETU office, located at UN Crescent House no; 82 Gigiri will be controlled by
a combination of personnel and an access control system (thumbprint). Access to the office must
be requested by HR for new employees and will be approved by the DEPUTY DIRECTOR OF
OPERATIONS. Vendors will be required to go through security screening at the main gate and
will be hosted in the reception area on the front desk, which also serves as waiting area for the
guests.
NIWETU hires security guard to protect the premises from theft. The security guards also
provide access control to the office compound. The Deputy Director of Operations is the point
of contact for issues related to compound security guards. Guard SOPs are issued by KK security
in consultation with NIWETU field security officer.
Safe Room
The safe room in the office is designated as the current Chief of Party office room located on the
first floor. In case of an emergency, staff should gather in this location.
Assembly Point In the event of an emergency, staff should gather in the safe room, and decide on next steps,
guided by the SFP. The evacuation location and assembly point will be the front garden of the
compound. In the case of fire, staff should exit the building, and convene in the assembly point.
Emergency Provisions and Equipment
There will be two Kenyan Red Cross-compliant first-aid kits available in the office. One will be
located with reception, the other in the kitchen.
The Operations Assistant is responsible for inventorying the provisions monthly, keeping track
of expiration dates and maintaining the emergency provisions at the office.
Administration
The below files are maintained by the Deputy Director of Operations and are kept with the HR
files in hardcopy and on TAMIS.
▪ An Emergency Information Form for every Expat, listing his or her name, date of birth,
next of kin/emergency contact information, insurance carrier information, blood type,
medications, allergies and medical qualifications.
▪ Copies of passports, visas, insurance cards and ISOS cards.
STAFF SAFETY AND SECURITY
Project Staff Personal Security
All staff must abide by security directions given by the SFP or DAI/W security team.
There are no restrictions on travel around Nairobi, but common sense – such as avoiding slums
and high crime areas – must be applied.
It is advised that all staff take taxis or drive at all times while in Nairobi. Walking, particularly
while carrying a bag that could potentially store a laptop or other electronics, often attracts
thieves who use force or the threat of force to extract personal belongings. Vehicle windows
should remain up at all times.
Kenya NiWajibu Wetu (NIWETU) Risk Mitigation Plan 10
DAI Confidential
There is currently no curfew in Nairobi or the counties in which NIWETU works. In the event
that a nighttime curfew is called, international and local staff must abide by the instructions
given. In the event that a complete curfew is in effect, staff should work from home.
See Annex D: Staff Security and Safety Guidelines for guidance on common responses to
the security threats and risks prevalent in the project’s area of operation.
Subcontractors and ICAs
During emergencies, DAI will coordinate with subcontractor POCs, but the ultimate
responsibility for response - or at times of extreme insecurity, evacuations - will lie with
individual subcontractors. Unless stated otherwise in writing, subcontractors are responsible
for their own security while conducting work for NIWETU.
DAI has one subcontractor, Wasafiri Consulting-Kenya, on the NIWETU project. Wasafiri will
not be co-located with the NIWETU project team nor will they rely on DAI for travel support.
TRAVEL
The home office Project Associate is responsible for coordinating all expat and STTA travel
with the home office. All international travelers must activate their iJET accounts and ensure
that their itineraries, including flight numbers and hotel locations, are loaded into iJET. Any
changes should be immediately updated in iJET.
The Project Associate shall monitor all project-related travel. In-country travel policies and
procedures are included in this manual.
While on travel, the designated TW should contact the SFP in the Nairobi office at least once a
day and make travel adjustments based on any pertinent security updates. If personnel are
travelling in an area of poor mobile phone reception, they must take appropriate measures (i.e.,
regular email contact or communication using satellite phones). Changes in itineraries should be
communicated to the Nairobi office immediately. All travel outside of Nairobi must be cleared
by the SFP in advance and approved through TAMIS.
Travel in Nairobi
While there are no restrictions on travel around Nairobi, common sense—such as avoiding
high crime areas —must be applied. TAMIS requests need to be initiated for any project travel
outside of Nairobi. The Kenya-Somalia border regions require due diligence for all staff and
travel to these areas must be cleared by the SFP.
Lodging in Nairobi
NIWETU STTA and consultants will stay at either approved hotels or personal lodging in the
city. Hotels will need to be recommended and approved by the SFP/COP.
Travel Outside Nairobi
All travel outside of Nairobi must be approved through TAMIS. Given consistent fluctuations in
security in the counties, travel, and any restrictions that apply, will be evaluated at the time of
the request.
Lodging Outside Nairobi
All staff will be required to stay in NIWETU approved lodging.
Kenya NiWajibu Wetu (NIWETU) Risk Mitigation Plan 11
DAI Confidential
VEHICLES AND VEHICLE TRAVEL
Vehicles are managed by the Deputy Director of Operations or their designee. Vehicle and
driver SOPs and checklists are located in the Deputy Director of Operations’s office. Basic
SOPs are included below. Full SOPs and other information can be found in Annex F: Vehicle
Safety Guidelines.
General
• Only employees are allowed to travel in project vehicles.
• Local speed limits and road laws must be obeyed.
• Do not leave valuable items in sight in an unmanned vehicle.
Drivers
• Drivers should be used at all times unless dispensation is received from the COP.
• Drivers must carry out vehicle checks per the “Vehicle Checklist” weekly and prior to
field visits.
• No driver under the influence of alcohol or drugs will be allowed to drive.
• Drivers will be held accountable for equipment in vehicles.
• Drivers must apply central locking when traveling.
• No driving after nightfall is permitted unless deemed as an emergency or due to a
breakdown.
• If caught out at night, drivers must locate the nearest Hotel or ‘safe haven’.
Kenya NiWajibu Wetu (NIWETU) Risk Mitigation Plan 12
DAI Confidential
Incident Management In the event of a security-related incident, project management will use DAI’s Incident
Management Plan. They can also use DAI’s Department of Global Security, which will lead Crisis
Management within the home office. Contact details can be found in Annex A: Security &
Emergency Contacts.
INCIDENT MANAGEMENT TEAM
The COP, DCOP and DEPUTY DIRECTOR OF OPERATIONS will comprise the project
Incident Management Team (IMT).
SFPs from additional DAI projects will comprise the Country Incident Management Team for
events that may affect multiple projects (such as staff abduction, natural disasters, wide-scale
unrest and evacuation).
Responding to Extreme Insecurity
In an extreme insecurity event, the COP will work with DAI/W and the SFP to determine the
appropriate course of action. This is typically hibernation, relocation or evacuation. See Annex C: Hibernation, Evacuation, Relocation Plan. Evacuation of all staff may not always be
appropriate and is not the immediate response in most cases.
In order to be able to measure risk and apply appropriate security measures, it is necessary to
have a matrix in which tripwires trigger a set of precautions for the project to abide by. While
these are not elaborate, they heighten staff awareness and assist them in understanding at which
security level they are and what procedures to follow.
A Risk Category Matrix is used to categorize the security environment within a town or city.
This will inform the SOPs to be followed and is useful especially for travel management and
hibernation, relocation and evacuation situations. This matrix will be primarily utilized by the
security office, but all staff should be familiar with it. See Annex E: Risk Category Matrix.
USAID may send out a ‘Mandatory Evacuation’ or an ‘Ordered Evacuation’ notice, which tend to
be more formal and political in nature. The NIWETU Nairobi office will assist in the coordination
of any option and ensure that communication protocols are kept open. The evacuation will
normally consist of all Expat and TCN personnel and dependents. In most cases, DAI will not be
able to assist local staff. The COP and SFP need to be cognizant of possible evacuation ‘indicators,’
such as regional disturbances, terrorism activity, political/electoral violence, increased direct
threats to NIWETU, recent civil disturbances and violence.
Roles and Responsibilities
The IMT and Crisis Management Team, in consultation with the client and the DAI/W Executive
Team, shall clear any decision to evacuate host countries. While the probability of a security
evacuation for Nairobi-based staff is low, the IMT will need to plan for project continuity in the
counties. The project continuity plan should, at a minimum, include: Schedule of Authorities, local
Acting COP appointment, schedule of payments, and contracts and important documentation
archiving.
Kenya NiWajibu Wetu (NIWETU) Risk Mitigation Plan 13
DAI Confidential
Items to be Carried with All Evacuees:
▪ Passport
▪ Other forms of personal identification
▪ USD200 or equivalent in cash, minimum ▪ Mobile phones with credit
▪ Copy of passport and visa (this will expedite the reissuing process, if lost)
Communications Security communications should be reported up to the SFP who in turn reports to the COP
and, if applicable, to DAI/W. If an incident happens on the ground that requires “incident
management,” then this flow is the same and it is reciprocal from the SFP and COP. The SFP’s
primary role is to account for their staff, manage the immediate incident and ensure compliance
with the Risk Mitigation Plan.
The project will use a Warden System for emergency communication. See Annex B: Warden
System for contacts and instructions.
The primary means of communication during a crisis in an urban area is a cell phone. The back-
up communication method is SMS. In the counties, satellite phones will be issued and utilized.
Email will also be utilized in all locations. Phones stationed at the offices will be tested for credit
as well as functionality by the TW before the team departs for travel.
See Annex A: Security and Emergency Contacts for radio/television station information
that can be used during a crisis.
Additionally, NIWETU will start a project WhatsApp group which will include DAI/W staff,
such as the Project Manager and Project Associate, and can be used to communicate during
security situations or emergencies.
IT Infrastructure Security Measures
PHYSICAL SECURITY
Physical security is an important aspect of information systems security. To ensure physical
security for project offices, DAI is based in a secured office compound with security guards and
intrusion detection. Physical security measures for the server room and computer equipment
include:
▪ AC to control temperature and humidity;
▪ Server UPS devices with environmental monitoring (temperature and humidity);
▪ Stabilizers and power conditioners for the server and communication equipment as needed;
▪ Grounding for the rack and electrical outlets;
▪ Locked server room with limited access by authorized personnel only; and
▪ Surge suppressors and locks for client equipment.
Kenya NiWajibu Wetu (NIWETU) Risk Mitigation Plan 14
DAI Confidential
Additional measures to improve physical data security include storing backup tapes/drives in a
fireproof safe on-site and off-site in a secure location.
NIWETU currently has a locked file room and shredder to destroy paperwork, if necessary.
Staff will be advised that day-to-day documentation should not be left unattended on desks.
Any documentation with personal information of the team needs to be filed and locked or
destroyed. The DEPUTY DIRECTOR OF OPERATIONS will provide the protocol to the team
for how to destroy hard files, including HR, grant, and finance files, during routine security
training.
NETWORK SECURITY Network security involves deploying a DAI-owned hardware firewall for each project office.
This firewall is positioned between the DAI LAN and ISP owned router or modem. Firewalls
are configured for Network Address Translation (NAT), Port Address Translation (PAT), Port
Filtering and Access Control Lists and VPN with 160bit 3DES or 128bit AES encryption to
provide reliable internet connectivity, network security and secure exchanges of voice and data
between headquarters’ and program office servers. Firewall software also keeps networks safe
from viruses, intrusions, botnets, spyware, Trojans, worms and other malicious attacks.
Wireless access points are used in offices to provide internet access for guest users and are
separated from local LAN through the implementation of DMZ and restrictive access lists. They
use the WPA2 pre-shared key protocol.
Antivirus Endpoint Security is used for centralized antivirus management on both servers and
client equipment (desktops and laptops). This protects against viruses, network attacks, spam,
spyware and other malicious programs.
Access to corporate applications housed in Bethesda and other secure sites is protected by
VPN and HTTPS/SSL.
Windows firewall as well as the locking of screens after a certain period of inactivity (defined in
the AD policies) is activated on all client computers.
APPLICATION SECURITY Application security is ensured through regular maintenance and appropriate access control.
Server, firewall and client operating system and software updates are done weekly, monthly and
quarterly as part of regular maintenance or as needed if security threats are detected. IT
support will conduct weekly back-up of the servers in each office. Firewalls and server updates
are conducted on a monthly basis. All updates on individual laptops and desktops are
completed through server authentication. This ensures all updates on individual laptops and
desktops are properly done.
All laptops and data have Kaspersky encryption software. All servers have a high degree of
encryption to protect grant, finance and procurement files. Only those with appropriate IT
administrative rights are able to access servers. On a daily basis, project data is replicated on
home office servers, thus creating a daily back-up of project data. As a practice, external hard
drives have encryption software. NIWETU does not encourage staff to use thumb drives for
official project data. All staff are highly encouraged to save their project/program work on the
public drive which is backed-up by the server.
Kenya NiWajibu Wetu (NIWETU) Risk Mitigation Plan 15
DAI Confidential
All emails on smartphones are also encrypted using Microsoft Outlook.
Encryption includes dual security with 128bit key level. All data between offices is shared using
VPN Tunneling with a high level of encryption and security.
System performance is monitored on-site by a trained local System Administrator and remotely
by the DAI Headquarters IT team in regular intervals or when the issue is escalated.
Access control is managed through active directory user accounts with restricted privileges on
logged computers where local administrative privileges are reserved for those who have
received appropriate training and authorization (system administrators).
DAI System Administrators also monitor network devices and server logs.
In addition, application level access control (based on user position and privileges) is used on all
corporate applications (portal, project management and financial applications).
Passwords consist of at least 8 characters (64-bit) alphanumeric and expire after 90 days.
DATA SECURITY AND DISASTER RECOVERY DAI uses disk level encryption software with DOD approved algorithm to encrypt client
equipment (desktops, laptops) in all office locations. In addition, DAI uses encrypted folders for
remote users and encrypted traffic over the internet as well as WPA2 encryption on wireless
networks (as recommended by the NSA).
Data back-up is taken daily, weekly, monthly and yearly to ensure data can be recovered in the
event of equipment issues or disasters. Back-up media will be kept in secure locations.
Mobile devices which contain any business information, such as email, will have remote wipe
capabilities enabled.
Access to email over the web is protected by HTTPS/SSL.
DAI has a standing disaster recovery policy and procedures that support continuity of operations of DAI Headquarters and project/program sites. DAI’s Disaster Recovery Plan and
accompanying procedures describe the data center disaster recovery plan for both the DAI
main computing facility and supporting systems. It details how the various organizational units
intend to discharge their responsibilities in the event of a disaster. It also describes the
provisions and safeguards, which are undertaken in preparation for such a contingency. The
Disaster Recovery Plan provides for the continuation of essential technology services and
corporate administrative information processing activities during the period, which may be
required for recovering from a disaster. DAI’s data and communication services are distributed
between servers in Bethesda and remote secure locations in the U.S. Project/program sites are
part of the overall disaster recovery planning, however, the specific procedures for a particular
site may also be governed by the country/location and may be in line with the project- and
location-specific security plan in the event of crisis.
At the project site level, critical program/project management data are contained in the
Microsoft Outlook and TAMIS which are replicated with DAI Headquarters servers at regular
intervals. Application level security is applied to the project management database based on
user position and privileges. Financial system data are uploaded twice a month to the corporate
financial system and all back-up documentation is uploaded to secure cloud storage.
Kenya NiWajibu Wetu (NIWETU) Risk Mitigation Plan 16
DAI Confidential
DAI Headquarters IT Support staff monitor network and server activity and can revoke
privileges to any staff within minutes (if required).
TRAINING AND STANDARD OPERATING PROCEDURES Due to the nature of NIWETU, the project will train staff on day-to-day information security good practices, such as locking up laptops, locking computer screens when leaving workstations
and not leaving printed documents with sensitive information on the printer. Special care will be
taken to safeguard financial, grant and procurement related files. The finance, grant and
procurement offices will have separate MFP printers and locked offices. The training for end
users will be adjusted to include additional training and increasing the awareness of phishing and
other “softer” information security attacks that, for example, might target staff using familiar
names/emails or websites. Chrome browser has built-in sandboxing capability and will be
recommended for use for all needs that involve internet browsing.
Mobile devices like smartphones will have remote-wipe capabilities enabled and anti-virus
installed, and staff will be instructed how to act and report issues or theft. Staff will also be
trained on how to manage GPS capabilities in mobile devices and on how to minimize risks
when on field assignments.
In addition, DAI operating procedures and policies contain instructions on the use of network
resources and systems and also contain guidelines about social media use. Staff will be trained
on these policies and will be required to review them and sign acknowledgement forms.
Medical Issues Basic modern medical care is available in Nairobi and some counties, but falls below western
standards. While private clinics in Nairobi provide better care, the remaining areas of Kenya
have poor medical services due to substandard equipment, facilities and medical supplies. The
U.S. Embassy advises that the blood supply is considered unsafe and that blood should come from
trusted sources, including friends and family.
See Annex A: Security and Emergency Contacts for a list approved hospitals.
See Annex G: Local Health Care Providers for a list of medical care providers issued by the
U.S. Embassy.
MEDICAL AND EMERGENCY KITS
Office medical kits are kept at reception and in the kitchen. Each vehicle has a medical kit.
The Administrative Assistant is responsible for checking kits at least monthly and maintaining
the kit inventory.
MEDICAL EMERGENCY AND EVACUATION
Medical evacuation of staff while traveling will be coordinated by the SFP from Nairobi or his/her
designee.
Medical evacuation of NIWETU expat and TCN employees and their dependents, and
Independent Consultants hired through Bethesda will be coordinated by International SOS.
Incidents should be reported to the SFP immediately and personnel can dial International SOS
Kenya NiWajibu Wetu (NIWETU) Risk Mitigation Plan 17
DAI Confidential
directly or via the DAI Crisis Line. Staff must carry the International SOS account number
(11BCMA085117) and phone number (+44- 208-762-8008) at all times. The decision to
evacuate an employee to a local or regional center, or out of the country, will be made in
consultation with International SOS, the COP or his/her designee, DAI home office and local
medical personnel.
International SOS (ISOS)
All DAI Expat and TCN employees are issued an ISOS card before deployment. The card is to
be kept on the person at all times. ISOS is to be used in any life threatening medical emergency.
The COP is responsible for enacting the ISOS procedures and must be contacted as a priority.
DAI’s ISOS account number is 11BCMA085117.
See Annex A: Security and Emergency Contacts for a list of medical/emergency numbers
and locations.
Kenya NiWajibu Wetu (NIWETU) Risk Mitigation Plan 18
DAI Confidential
Annex A: Security and Emergency Contacts (as of 7 July
2017) Contact (Title
and Name) Phone number Email
Project Contacts
Chief of Party, John
Sampson +254 (0) 796 112 710 John_Sampson@dai.com
SFP/Deputy Chief of
Party, Ibrahim Somo +254 (0) 721 889 965 Somo_Ibrahim@dai.com
Director of Grants
and Operations, Joyce
Mwayi
+254 (0) 715 760 486 Joyce_Mwayi@dai.com
Other DAI Project Contacts
Regional Director,
Africa Lead, James
Collins
+254 (0)726 709 840 James_collins@dai.com
Chief of Party,
KIWASH, Joseph
Sanders
+254 (0) 718 454 218 joe_sanders@kiwash.org
DAI Department of Global Security Contacts
DAI Department of
Global Security
See below for specific numbers daisecurity@dai.com
DAI Crisis Line +1 443 716 2300 VP Global Security,
Barry Shapiro +301 272 7888 barry_shapiro@dai.com
Global Security
Director, John Reid +1 202 258 3111 john_reid@dai.com
Global Security
Specialist, Paraylla
Blakaj
+1 240 274 0173 paraylla_blakaj@dai.com
Global Security
Associate, Zac
Monreal
+1 301 503 0451 zac_monreal@dai.com
Other DAI Contacts
Director of
Administration (including insurance),
Daphne McCloskey
+1.301.718.8254 (office)
+1.202.368.2208 (mobile)
daphne_mccloskey@dai.com
Human Resources,
Kevin Duffy +1.301.771.7729 (office)
+1.301.503.0971 (mobile)
kevin_duffy@dai.com
Kenyan Local Emergency Contacts
Local Police 999, 112, 020 272 4154 N/A
Nairobi Fire Service Tel: 020-2234559/0771637161 Nairobi County Fire Station, Tom Mboya Street,
Breweries (Ruaraka) and Industrial Area
Disaster Management 4425461 (all emergencies operator) Airport
USAID +254 (0) 208 622 000
U.S. Embassy (and
others) 0203 636 451 (business hours)
0203 636 170 (after hours)
Kenya NiWajibu Wetu (NIWETU) Risk Mitigation Plan 19
DAI Confidential
Contact (Title
and Name) Phone number Email
Security Company -
Alarm KK Security CustomerServiceKenya@KKsecurity.com;
kknairobi@kksecurity.com
Other Security Contacts and Resources
In-Country
Chief Sec Advisor
UNDP, Mark
Richmond
+254 710281014
+2522 4006935
n/a
UNODC, Geraint
Roberts +2522 4237974 Geraint.roberts@unodc.org
Warrior INSIGHT
Head of Delivery,
Jerry Bland
M: +254 790 205 726
T: +254 709 851 000
jerrybland@warrior-insight.com
www.warrior-insight.com
Warrior INSIGHT
PLSO Operations
Manager, Steve Boyle
M: +254 795 749 349
T: +254 709 851 000
E: PLSOKenya@warrior-insight.com
W: www.warrior-insight.com
Skype: PLSO.stevenboyle
Local radio and TV phone number email address
Nation TV +254 20 3288000 digitalnews@nation.co.ke
tvnews@nation.co.ke
Citizen TV +254 719 060 000
+254 732 169 000
Info@royalmedia.co.ke
Radio Citizen +254 719 060 000 Info@royalmedia.co.ke
KBC English Service
Radio
+254 (0) 0723892654
+254 (0) 734780124
news@kbc.co.ke
Overseas Security
Advisory Council TBD www.osac.gov
Other Information Resources
iJET N/A https://traveler.worldcue.com/
Medical Contacts
ISOS: Medical
Evacuations and
Emergencies
Account Number:
11BCMA085117
001-215-942-8226
(may be called collect) www.internationalsos.com
The Aga Khan
Hospital (this hospital
has been given the
ISO: 9001:2000
certificate)
+ 254 020 525016
+ 254 020 528793
3rd Parklands Avenue and Limuru Road, Nairobi
Kenyatta National
Hospital
+254 729 406939 Hospital Road, Upper Hill, Nairobi
Dr. Peter Grifiths
(The Dental Practice)
+254 734 437 513;
+254 020 444 3392
Flat No. A1, Haven Court, Waiyaki Way,
Westlands
Kenyan Red Cross +254 0700 395 395 South C, off Popo road.
Garissa: P.O. Box 1100 - 70100
Garissa
Email: krcsgarisa@yahoo.com
Tel:0714-433511
Kismayu Road, Garissa
Kenya NiWajibu Wetu (NIWETU) Risk Mitigation Plan 20
DAI Confidential
Contact (Title
and Name) Phone number Email
Isiolo: P.O. Box 223-60300
Isiolo
Email: muraguri.george@kenyaredcross.org
Tel:0722-210652
Hospital Road, Isiolo
Mandera: P.O. Box 132 - 70300
Mandera
Email: abdisalan.ahmed@kenyaredcross.org
Tel:0722-662039
Wajir: P.O. Box 70
Wajir
Email: wajirbranch@yahoo.com
Tel:0724-694666/0735-694666
Annex B: Warden System (as of 31 July 2019) ▪ The Warden System contact information is distributed to all staff.
▪ Information flows two ways, with initiation depending on original source.
▪ The DCOP is the SFP. The Wardens are the Deputy Director of Operations, Deputy
Director of Grants and the Program Learning Director.
When appropriate, the Warden System will be activated. All staff should be contacted and
given the relevant information pertaining to the crisis, consisting of: Who? What? Where?
When? How?
The system will be activated by mobile phone call. SMS text will be the back-up contact
message.
▪ When a message is received, the recipient MUST reply to acknowledge receipt.
▪ If no reply is received within 10 minutes, a telephone call should be placed to the staff
person’s mobile phone.
▪ If the person is thought to be at home, his or her designated land line number should be
called.
Caller Person To Be Called
Title and name Phone Number Title and Name Phone Number
COP,
John Sampson
+254 (0) 796 112 710 SFP,
Ibrahim Somo
+254 (0) 721 889 965
DAI Crisis Line +1 443 716 2300
USAID,
John Langlois
+254 (0) 724 253 491
Africa Lead,
James Collins
+254 (0) 702 391 464
KIWASH,
Joe Sanders
+254 (0) 718 454 218
Kenya NiWajibu Wetu (NIWETU) Risk Mitigation Plan 21
DAI Confidential
Caller Person To Be Called
Title and name Phone Number Title and Name Phone Number
SFP,
Ibrahim Somo
+254 (0) 721 889 965 Warden 1,
Joyce Mwayi
+254 (0) 715 670 486
Warden 2,
Lilian Lamai
+254 (0) 722 941 768
Warden 3,
Catherin Mbinyo
Program Learning Director
+254 (0) 796 088 914
Warden 1,
Joyce Mwayi
+254 (0) 715 670 486
PO- Strategic Communications and
Civil Society, Ronald Ojwang
+ 254 (0)722 495 049
PO- Research and Government
Support, Irene Ndungu
+254 (0)748 103 755
PO- Curricula and Training, Erick
Achola
+254 (0)722 844 279
Communications Officer, Hank Nelson +254 (0)715 672 313
Grants Officer, Helidah Korir +254 (0)724 653 624
Grants Specialist , Yasmin Mohamed +254 (0)710 845 174
Warden 2,
Lilian Lama
+254 (0) 715 670 486 Hussein Ahmed (MnE Specialist) +254 (0) 725 033 863
Procurement and Logistics Officer,
Barbara Wasilwa
+254 (0) 720 777 739
Finance and Accounting Officer,
Michael Muithya
+254 (0) 720 482 514
Driver, Lawrence Mwaura +254 (0) 712 090 628
Operations Assistant, Wako Buro
+254 (0) 704 467 735
PDO-Mandera, Mohamed Edin +254 (0)717 699 601
PDO-Nairobi, Suli Guhad +254 (0)705 663 467
Office Aide, Anhtony Okello +254 (0)701 480 114
Warden 3,
Catherine Mbinyo
+254 (0) 796 088 914 PDO- Wajir Abdinoor Ali +254 (0)700 273 001
CMO-Wajir, Hanan Abdisamed +254 (0)713 880 867
PDO-Garissa, Amina Abdi +254 (0)721 717 890
CMO-Garissa – Ismail Ali +254 (0)727626405
CMO-Mandera, Shukri Adan +254 (0)721 829 800
PDO-Isiolo, TBD
CMO-Isiolo, Hassan Guyo +254 (0)721 464 929
CMO-Nairobi, Nelly Kiarie +254 (0)717 894 468
Kenya NiWajibu Wetu (NIWETU) Risk Mitigation Plan 22
DAI Confidential
Annex C: Hibernation, Relocation and Evacuation Plan
If there is more than one DAI project in country, the projects shall align their hibernation,
relocation and evacuation plans (for example, assembly and relocation areas and safe havens as
well as routes to these).
OUTLINE OF PLAN AND RESPONSIBILITIES
Step 1: Evacuation Call Out
The Crisis Management Team, in consultation with the client and the DAI home office
Executive Leadership Team, shall clear any decision to evacuate the host country.
Responsibilities
The COP will:
▪ Account for all staff through the Warden list.
▪ Decide on whether staff should be picked up, self-drive or remain until safe to travel.
▪ Notify the DAI Crisis Line.
Step 2: Office/Residence
The designated meeting location for staff is the safe room located on the first floor.
If it is too dangerous to travel, staff will take shelter at home or at the office.
Responsibilities
▪ The COP will check if all staff and vehicles are present and accounted for.
▪ The COP or designee will brief staff and initiate the Evacuation Plan.
▪ STTA staff will ensure that they report on their whereabouts.
▪ The SFP will ensure that all staff are accounted for, collected (if required), and report
this to the COP.
▪ Drivers will be responsible for preparing vehicles as per the driver’s checklist and fitting
the satellite vehicle docking stations.
▪ All staff will collect their “grab bags” and other belongings and be prepared to assemble
at the office or their residence depending on the instructions issued or situation.
Step 3: Assembly Areas
The assembly area for loading staff, vehicles and equipment is the parking lot near DAI-
designated parking spaces.
Responsibilities
Drivers will move the vehicles to prepare for the packing of essential equipment.
Step 4: Relocation Area
The designated relocation area(s) is/are to be determined depending on situation and staff
whereabouts at the time.
Step 5: Safe Haven
In the event of an evacuation, the designated safe haven for the project is to be determined.
NIWETU Expat staff will follow directions provided by the U.S. Embassy and home office.
Kenya NiWajibu Wetu (NIWETU) Risk Mitigation Plan 23
DAI Confidential
Responsibilities
The COP will be responsible for the administrative and operational withdrawal to the final
destination.
Items to be carried with all evacuees:
▪ Passport (or a photocopy if acceptable).
▪ Other forms of personal identification.
▪ US $200 in cash, minimum or in equivalent currency.
▪ Telephones with credit and satellite telephones.
▪ Scanned copy of passport and visa (this will expedite the reissuing process, if lost).
Kenya NiWajibu Wetu (NIWETU) Risk Mitigation Plan 24
DAI Confidential
Annex D: Staff Security and Safety Guidelines
In event of an emergency, there are basic guidelines that should be followed, although actions
by staff will depend on many other factors at the time. These will not be set as SOPs, but are
used to show the best course of action in most situations.
General Security
• Take time to plan activities. Try to know the exact route before traveling. Dress and behave appropriately
according to Kenyan culture.
• At a new assignment, find out about local customs and behavior and potential threats or areas to avoid.
• Maintain a calm, mature approach to all situations.
• Be non-provocative when confronted with hostility or potentially hostile situations. Criminals are known to fire
upon uncooperative or hesitant victims.
• Be alert to the possibility of confrontation with individuals or groups. Be aware of times when crowds can be
expected, such as after religious services or sporting events.
Commuting in Nairobi
• Never walk at night. Always use vetted taxis.
• Be aware of surroundings. Avoid groups of people loitering on the streets.
• If possible, walk with companions.
• Avoid walking too close to bushes, dark doorways and other places of concealment.
• Use well-traveled and lighted routes.
• Maintain a low profile and avoid disputes or commotion in the streets.
• If a driver pulls alongside to ask for directions, do not approach the vehicle. A common criminal technique is to
ask a potential victim to come closer to look at a map.
• Carry all belongings in a secure manner to prevent snatch-and-run theft.
• If someone suspicious is noted, cross the street or change directions away from them. If necessary, cross back
and forth several times. If the person is following or becomes a threat, use whatever means necessary to attract
attention of others. Remember, it is better to suffer embarrassment from being overcautious than to be a victim
of crime.
In the Event of a Traffic or Car Accident
• Quickly discern the attitudes and actions of people around the accident site to ensure that the staff member is
not at risk by staying.
• Do not leave the site unless staff safety is jeopardized and then only to drive to the nearest police station.
• Provide care and assistance as appropriate. As appropriate, contact local authorities immediately and cooperate
as required. Contact the COP and DEPUTY DIRECTOR OF OPERATIONS as soon as practical.
• When approaching an accident involving other vehicles consider safety and security, take care not to become
involved in a second accident while responding.
Traveling by Taxi
• Taxi providers must be vetted by the project and their reliability ascertained.
• Any use of taxi service providers outside the approved list should obtain prior approval from the DEPUTY
DIRECTOR OF OPERATIONS.
• Ensure taxi doors and windows are locked while traveling.
• The best way to avoid being a victim of a carjacking is to be aware of surroundings, particularly at night or early
morning hours. Ensure taxi drivers allow sufficient distance between you and the vehicle ahead of you while
stopped in traffic.
• If you believe you are being followed, instruct the driver not to drive directly to your intended destination but
rather detour to a public or guarded area and seek help. Call the SPF immediately.
Kenya NiWajibu Wetu (NIWETU) Risk Mitigation Plan 25
DAI Confidential
Annex E: Risk Category Matrix
RISK MATRIX
VERY LOW TO
LOW RISK
▪ Project not significantly impacted by security events. ▪ Complete freedom of movement for international organizations.
▪ No demonstrations, community violence, political upheaval. ▪ Acceptance of western activities, no threats issued. ▪ Local population activity within the town normal. ▪ Criminality negligible.
MEDIUM RISK
▪ Project may be indirectly impacted by security events. ▪ Minor security events occurring or imminent.
▪ General freedom of movement for international organizations. ▪ No demonstrations, community violence, political upheaval. ▪ Acceptance of western activities by locals.
▪ Local population activity within the town normal. ▪ Criminality prevalent but contained.
HIGH RISK
▪ Project directly impacted by security events. ▪ Significant events occurring or imminent. ▪ Limited freedom of movement for international organizations.
▪ Monthly demonstrations, community violence, political upheaval. ▪ Threats issued to western agencies, activities not necessarily accepted by locals. ▪ Local population activity within the town limited due to curfews, imposed or self-imposed. ▪ Criminality prevalent.
EXTREME HIGH RISK
▪ Project directly impacted by security events. ▪ Catastrophic or potentially catastrophic events occurring or imminent. ▪ No freedom of movement for international organizations.
▪ Daily demonstrations, community violence, political upheaval. ▪ Western agencies targeted, activities not accepted by locals or unsafe to carry out. ▪ Curfews imposed. ▪ Criminality, looting ongoing.
Tripwires for Project status
Project Implementation – LOW RISK
• Projects can be implemented, restarted or continued.
• Normal SOPs apply.
Project Implementation – MEDIUM RISK
• Projects can be implemented, restarted or continued.
• Normal SOPs apply, but initiate graduated risk & security response.
Project Implementation – HIGH RISK
• Projects can be implemented, restarted or continued after consultation with the COP, DEPUTY DIRECTOR OF OPERATIONS and USAID.
• Security-related/contingency SOPs apply. Initiate incident and crisis management protocols.
• COP approval for movement, social activities outside confines curtailed.
Project Implementation – EXTREME HIGH RISK
• Projects should not be implemented, restarted or continue in this environment.
• Initiate full scale security and crisis response.
• Projects can be suspended.
Kenya NiWajibu Wetu (NIWETU) Risk Mitigation Plan 26
DAI Confidential
• Movement only in emergency.
• Evacuation, hibernation or relocation possible.
Kenya NiWajibu Wetu (NIWETU) Risk Mitigation Plan 27
DAI Confidential
Annex F: Vehicle Safety Guidelines
GENERAL VEHICLE SAFETY REQUIREMENTS
▪ All drivers and passengers are required to wear seat belts. Seat belts can significantly reduce
the risk of death or injury in the event of an accident.
▪ When travelling and parked, vehicles should be kept locked at all times.
▪ No firearms are permitted in NIWETU vehicles.
▪ When valuable items such as cash have to be moved through areas where there is a risk of
banditry, divide the valuables among passengers and place them in hiding places in the
vehicle.
▪ Use discretion when planning a trip transporting valuables. This should be considered
confidential (do not discuss over the radio, send trip details over non-DAI email accounts or
discuss in public places).
▪ Any trips to high-risk areas should be considered confidential (do not send trip details over
non-DAI email accounts or discuss in public places). ▪ The use of public transportation for program activities during times of tension should be
kept to a minimum.
VEHICLE ACCIDENT In the event of an accident involving a NIWETU vehicle and driver:
▪ Assess the situation carefully to determine next steps.
▪ If there is an angry crowd, continue driving and report to the police immediately. Often, if
you stop, the crowd may react and try to harm you.
▪ If you have broken down in an area where there have been recent violence or bandit
attacks, it is safest to stay with the car and refrain from traveling until daylight the following
day.
▪ If it is safe to stop, take injured persons to the nearest health facility following emergency
first aid procedures. Children should be accompanied by a relative.
▪ If another car is involved, details of the car and driver should be taken. Report the incident
to the DEPUTY DIRECTOR OF OPERATIONS as soon as possible.
▪ Depending on local practice, the police should be informed of the incident as soon as
possible and should provide a written accident report to DAI.
▪ If there is any possibility of injury to NIWETU staff, all staff involved in the accident need to
undergo a medical check-up as soon as possible.
▪ SFP fills out incident report and submits it to DAISecurity@dai.com. For more guidance, see
Incident Management Plan.
If needed and possible, NIWETU will attempt to send support to the location. If there are
problems with the police, seek support from the SFP. Under no circumstances should the
vehicle operator offer any comment regarding liability for the accident. DAI/W should be
notified as soon as possible.
All acts of careless driving, especially when resulting in an accident, will result in a suspension of
driving privileges and may result in the termination of employment with the project. Accidents
Kenya NiWajibu Wetu (NIWETU) Risk Mitigation Plan 28
DAI Confidential
not the fault of the driver (i.e. being backed into, rear-ended, etc.) will be reviewed on a case-
by-case basis by the COP.
ROAD BLOCKS
Checkpoints manned by armed personnel should be treated with caution. Unexpected, unofficial or informal roadblocks present particular risks. Travelers may choose to turn around
prior to approaching the roadblock until they can confirm its legitimacy.
▪ If stopped by police or other local authority personnel, be firm but courteous.
▪ Always slow down when approaching checkpoints. Roll the driver’s side window down, turn
the radio off and watch and listen for the order to stop.
▪ Always obey an order to stop. If the people at the checkpoint are pointing their guns at your
vehicle and the atmosphere is obviously tense, everyone in the vehicle should remain
absolutely still. Do not jump out without warning or make any sudden movements as this
may provoke swift retaliation. Answer all questions as concisely, accurately and courteously
as possible.
▪ When at a check point, do not raise any objection to identity checks or the control of
vehicles or cargo. If you feel that this is not appropriate, have the most senior staff member
attempt to discuss the matter with the local authority in charge of the check point.
▪ Report any check point abuses to the relevant authorities. If you can take down their names
and record the date and time of the incident, that will help in the reporting process.
▪ Drivers of NIWETU vehicles should resist pressure from those manning the check points to
give lifts to unauthorized passengers.
▪ In the event that, due to circumstances beyond your control, you have to approach a
checkpoint at night, the following actions are to be observed when approaching the check
point:
− Reduce speed to a minimum when approaching.
− Make sure headlights are on low beam (not bright or full beam).
− Turn on the inside light.
− Stop the moment you are ordered to stop or at the barrier if no order has been given.
− Do not make any movement unless instructed to do so.
− Do not drive on unless clearly instructed to do so.
CARJACKING
Authorized drivers must be conscious of the possibility of carjacking and take appropriate
precautions. The project vehicle is a valuable investment, but not as valuable as a human life. In
the event of carjacking, the safety of NIWETU employees and other passengers is the priority;
the driver must take whatever steps he/she feels necessary in order to protect his/her life and
the lives of passengers. This may include damaging or losing the vehicle.
The following are common indicators that a carjacking may be imminent:
▪ A vehicle with two or more occupants following closely or alongside, maintaining the same
speed as you.
▪ Animated conversation or gestures between occupants of vehicles traveling behind or
alongside project vehicle, especially those in the front seat.
Kenya NiWajibu Wetu (NIWETU) Risk Mitigation Plan 29
DAI Confidential
▪ A vehicle trailing behind your vehicle at a constant distance.
▪ A vehicle trailing closely behind your vehicle that does not take opportunities to overtake
you.
▪ A vehicle trying to pass your vehicle on a deserted stretch of road or suspicious persons
loitering along the roadside (sometimes on both sides of the road) in high-risk areas,
especially at stop signs, traffic lights and road blocks.
If stopped by carjackers:
▪ Do not resist.
▪ Keep your hands in view.
▪ Do not make any sudden moves. Be especially careful reaching to release your seat belt.
Explain what you are holding.
▪ Do not try to fight back or repel the carjackers.
▪ Comply with hijackers’ instructions quickly. Hijackers are probably nervous and want to
leave the area as rapidly as possible. ▪ Surrender personal items, such as jewelry, purses, wallets and baggage, on demand.
▪ Try to discretely note hijackers’ physical and clothing descriptions.
▪ Do not provoke hijackers with a display of anger or rude remarks.
▪ Report the incident quickly and accurately.
Vehicle Check List
All project vehicles are required to be equipped with the following items before departure for
any destination:
Equipment: Miscellaneous:
1. One spare tire (inflated) 1. Vehicle documentation
2. Complete tool set 2. Personal documents
3. Shovel 3. Vehicle log
4. Spare water for vehicle 4. Flashlight with extra batteries
5. Fueling hose 5. Satellite phone
6. Motor oil 6. Drinking water
7. Vehicle jack 7.Complete first aid kit
8. Electrical tape
9. Tire wrench and repair kit
10. Jumper cables
11. Tow rope or cable
12. Hose clamps
13. Spare fan belt
Before going on any long journey check the following:
• Vehicle engine oil is adequate.
• Fuel tanks have been filled.
• Tire air pressure is correct.
• Water level in the radiator is adequate.
top related