continuity of operations peer planning workshop · continuity of operations (coop): • the effort...
TRANSCRIPT
Continuity of Operations
Peer Planning Workshop
Peer Planning Workshops
• Designed to meet the challenges of
integrating planning efforts
• Each workshop is not the end-all, be-all to
the planning efforts related to the
particular planning topic
– It is more of a way to start a discussion
3
Administrative
• Safety
• Restrooms
• Cell phones
• Conference calls
• Breaks
• Lunch
• Refreshments
• Certificates
4
Agenda
9:00 – 9:30 Registration & Networking
9:30 – 9:45 Introduction
9:45 – 10:15 Overview of Continuity of Operations Planning (COOP) & COOP Resources List
10:15 – 10:45 Integrating Cyber Elements into COOP
10:45 – 11:00 Break/Lunch
11:00 – 12:00 Panel of COOP Experts (working lunch)
12:00 – 1:30 Plan Development Tabletop (TTX) Exercise
1:30 – 1:45 Break & Networking
1:45 – 2:30 2011 Joplin Tornado: Devolution and Reconstitution
2:30 Adjourn
5
Continuity of Operations (COOP):
An Overview of Key Concepts
David J. Alamia Jr.
Mitigation Planner
Harris County, OHSEM
713-881-3100
6
Objectives
• Provide an overview of key concepts
• Identify COOP laws, authorities and standards
• Identify elements of a robust COOP Program
• Review COOP Plan Development
• Key Concepts: BIA and IT DR
• Review COOP Training and Exercises
• Identify Benefits and Challenges of COOP
• Review “COOP Resource List”
7
Key Concepts
Continuity of Government (COG):
The effort to sustain a viable form of government; i.e. sustaining the political subdivision’s constitutional and legal responsibilities.
Continuity of Operations (COOP):
• The effort by individual departments/agencies to sustain and resume essential functions and basic services.
Purpose and Goals:
• Protect Life and Property
• Minimize Disruption
• Sustain Government
• Sustain Essential Functions and Services
• Resume Normal Operations
8
Laws, Codes and Standards
Federal
• National Security Presidential Directive 51 / Homeland Security Presidential Directive 20 – National Continuity Policy
• Federal Continuity Directive 1
• Continuity Guidance Circular 1
State
• Texas Constitution, Article III, Section 62, Continuity of State and Local Governmental Operations
• Texas Labor Code, Section 412.054, Business Continuity Plan
• Texas State Agency Continuity Policy Guidance Letter
Local
• Texas Government Code, Section 418.1101, Plan for Continuity of Functions
• Texas Government Code, Chapter 616, Emergency Interim Public Office Succession
Industry Standards
• NFPA 1600 - Disaster/Emergency Management and Business Continuity/Continuity of Operations Programs
• ISO 22301 Societal Security – Business Continuity Management Systems
• Business Continuity Institute – Good Practices Guidelines
• Disaster Recovery Journal – Rules and Regulations Committee
• ASIS Business Continuity Guideline
9
COOP Program Management
10
COOP Program
Essential Functions
Lines of Succession
Delegations of Authority
Communications
Alternate Facilities
IT Disaster Recovery
Reconstitution / Resumption
Training and
Exercises
Human Resources / Staffing
COOP Plan Development
Concept of OperationsPhase I: Activation and Relocation
• COOP is activated and implemented
• Emergency Relocation Group (ERG) relocates to COOP facility
• Non-essential personnel are released
Phase II: Continuity Operations
• Implementing alternative work procedures, processes and systems at coop facility
Phase III: Resumption
• Resumption Level I – Disruption Planning
• Resumption Level II – Short-Term Planning
• Resumption Level III – Long-Term Planning
Planning Elements• Hazard Vulnerability Analysis
• Business Impact Analysis
• Essential Functions
• Continuity Strategies & Tasks
• Alternate Facilities
• Lines of Succession
• Staffing Contingency
• Emergency Relocation Team
• Recovery Resources and Supplies
• Communications
• Essential Records
• Information Technology Systems
• Training and Exercise Schedule
• Planning and Maintenance
11
Key Concept:
Business Impact Analysis (BIA)
• BIA is the process to analyze activities and the effect that a disruption might have upon them and designation of essential functions.
• Various BIA Methodologies – Identify business
processes/activities and owners
– Determine impacts of disruption to each activity/process
– Determine time when interruption becomes unacceptable
– Identify interdependencies
– Determine Recovery Time Objectives (RTOs)
– Determine Essential Functions
12
COOP Training and Exercises
Trainings:
• National Incident Management
System (NIMS)
• Incident Command System (ICS)
• FEMA Continuity Excellence
Series
• TEEX AWR 176-W Disaster
Recovery for Information Systems
• Workaround Procedures
Exercises:
• Assess Continuity Plan to test
gaps
• HSEEP Methodology
• Define Scope & Objectives
• Develop a Continuity Scenario –
does not need to be catastrophic
• Not response oriented – focus on
sustaining essential functions and
resumption of normal operations
13
Benefits and Challenges of COOP
Benefits
• Minimizes disruptions
• Protects life, property and assets
• Supports strategic goals
• Enhances understanding of internal and external processes
• Shortens recovery and restoration of essential services
• Potential to yield cost savings
Challenges
• Implementation Costs
• Lack of Leadership Support
• Employee Lack of Interest
• Risk Misperception
• Operations and IT Disconnect
• Lack of Consistency between various plans
• Compliance Culture vs. Continuity Culture
14
COOP Resource List
• Federal Resources
• Texas Resources
• Industry Standards
• Professional
Certifications
• Training Courses
• Helpful Websites
15
Integrating Cyber Elements
into COOP
Bob Janusaitis
President
Business911 International, Inc.
832-303-2911
16
My perspective
• Based on almost 40 years in the private and public
sector
• Maintain various certifications, completing my Masters in
Public Service Administration in December
• Background includes:
– Cybersecurity
– Homeland Security
– Critical Infrastructure Protection
– Regulatory Compliance and Audit
– Organizational Resiliency
17
Quick survey
18
?
Objectives
• Overview of key areas
• Where Cyber fits in the COOP Process
• How to integrate Cyber elements into
COOP
• Challenges
• Available resources
19
20
Courtesy Apollo 13 Movie
https://www.youtube.com/watch?v=C2YZnTL596Q
Continuity of Operations (COOP):
• The effort by individual
departments/agencies to sustain and
resume essential functions and basic
services.
21
FCD-1 Annex A
COOP and Cyber
22
“Communications and information systems provide the connectivity between and among key government leadership, internal elements, other organizations, and the public to perform essential functions.” FCD-1
Purpose and Goals
• Protect Life and Property
• Minimize Disruption
• Sustain Government
• Sustain Essential Functions and Services
• Resume Normal Operations
23
David Alamia, HCOHSEM
Protect Life and Property
• First Responders
– Law Enforcement
– Fire/Rescue
– EMS
• Office of Emergency Management
• Water supply and sanitation
• Traffic
24
Sustain Government
• Office of Emergency Management
• County and local offices
• Communication with residents
25
Sustain Essential Functions and Services
• Essential functions are subsets of those
government functions categorized as:
– Mission Essential Functions (MEFs)
– Primary Mission Essential Functions (PMEFs)
– National Essential Functions (NEFs).
26
IT Recovery Management
• How will you communicate to recover
operations?
27
Restoration priority and cost
• Does your IT System restoration priority
align with the level of priority of your
operational function?
28
Dollars
0 Time 48
Dollars
The cost
Requirements
• Communications and Information Systems
• Annex “E”
– 8 steps for essential functions
29
1. Provide relevant organization sites and
designated continuity personnel with dedicated
access to the required minimum communications
capabilities.
2. Organizations sharing an alternate location and
communications capabilities with other
organizations have a signed agreement.
30
3. Ensure risk assessments are conducted on all primary
and alternate communications and information systems
involved in the performance of essential functions
4. Coordinate and integrate Communications and
information system-specific planning efforts such as
disaster recovery plans and Information System
Contingency Plans (ISCPs) with appropriate organizational
entities.
31
5. Activate Wireless Priority Service (WPS) on cellular phones issued to all personnel that are on continuity team personnel.
6. Issue Government Emergency Telecommunications Service (GETS) cards
7. Ensure primary and alternate locations sites enrolled in the Telecommunications Service Priority Restoration Program.
8. Annually review organizational and national continuity communications plans (as appropriate) for accuracy to ensure they are fully capable of supporting essential functions and document the date of review and the names of personnel conducting the review.
32
Challenges
• Funding
• Personnel
• Other priorities
• Obsolescence
33
Resources
• Federal Continuity Directive 1 - https://www.fema.gov/media-library-
data/1486472423990-f640b42b9073d78693795bb7da4a7af2/January2017FCD1.pdf
• NIST – 800-34 Contingency Planning Guide http://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-34r1.pdf
• NIST Framework for Improving Critical Infrastructure
Cybersecurity –https://www.nist.gov/sites/default/files/documents/cyberframework/cybersecurity-framework-
021214.pdf
• Apollo 13 clip
34
Questions?
Bob Janusaitis, CISA, CISM, CRISC, CBCP, CHLS
President
Business911 International, Inc.
281-772-6123
35
Lunch Break
Be back in 15 minutes for a working lunch with our
panel of experts
36
Panel of Experts
Moderator: Caroline Egan, FBCOEM
David Alamia, Harris County OHSEMGinger Walker, University of HoustonBob Janusaitis, Business911 International, Inc. Karen Wazbinski, ACP, South Texas Chapter
37
Plan Development Table Top
Exercise (TTX)
Tina Rose
Regional Planner
Regional Catastrophic Preparedness Initiative
832-393-1059
38
Exercise Schedule
39
Topic Time
Exercise Overview 12:00 - 12:10
Module 1: COOP Plan Activation 12:10 - 12:40
Module 2: Cyber-Security 12:40 - 1:00
Module 3: Extended COOP & Reconstitution 1:00 - 1:20
Hot Wash 1:20 - 1:30
Purpose and Scope
• Purpose: This exercise utilizes a cascading scenario with elements from the Continuity Assistance Tool (CAT) to help you consider your continuity of operations (COOP) plan and procedures.
• Scope: This exercise is focused entirely on continuity guidance for non-federal government agencies and partners.
40
Core Capabilities & Objectives
Planning
• Discuss COOP guidance elements to identify
implementation procedures, stakeholders, and
facility needs for continuity of essential functions.
Operational Communication
• Discuss the activation and relocation of
stakeholders and services needed for continuity of
essential functions.
41
Core Capabilities & Objectives
Cybersecurity
• Discuss cybersecurity and the maintenance of
access to essential systems and records.
Infrastructure Systems
• Discuss planning considerations for the continuity
of operations while transitioning essential
functions back to a primary operating facility
during reconstitution.
42
Exercise Reminders
• There are no right or wrong answers.
• Discuss, debate, and share enthusiastically.
• The scenario is plausible, consider how it or something similar could affect your building, personnel, or business functions.
43
Instructions
• Consider your Continuity of Operations
Plan with the exercise scenario.
• Use the worksheet to record discussions
and reactions to the questions.
• Identify gaps in plans and procedures.
44
Module 1 - Scenario
45
Module 1 - Scenario
Over the weekend several pipes, including a
sewage pipe, burst in your building which
caused electrical malfunctions, small fires,
and significant water and excremental
damage in the offices.
The cause is unknown.
46
Module 1 - Scenario
47
https://www.youtube.com/watch?v=bAjIT6tDpqw
Module 1 - Scenario
Building access is
restricted for the next
month during clean-up
and repairs.
48
No office equipment or documents are
recoverable at this time.
COOP Activation
How does your agency determine the activation of its COOP plan?
What is your communication plan to inform staff and external partners (including the public) that a COOP plan is activated?
49
Essential Functions
How do you analyze the impact of your agencies services and activities to identify and prioritize essential functions?
How would you maintain essential business functions for your agency?
50
Personnel Requirements
How does your plan help you determine
which personnel are needed for high
priority agency essential functions?
What is your policy for personnel with
low-priority business functions?
51
Resource Requirements
How does your plan address sufficient
quantity of resources (e.g., personnel,
equipment, etc.) to perform your pre-
identified and prioritized essential
functions?
52
Scenario Update
Personnel in your relocation group are
preparing the continuity site at an alternate
location for 30 days (or longer).
Staff not required for immediate (priority)
essential functions have been told to remain
home and await further instructions.
53
Relocation
Who coordinates and approves cold, warm, or hot continuity sites for your agency? Are they pre-identified?
Are the continuity sites local or do you have agreements to use facilities in another jurisdiction or agency?
54
Site Requirements
How does your plan help you identify
the actions that are needed to make
your continuity site operational (e.g.,
site access, security, ADA compliance,
communication requirements, power
sources, etc.)?
55
Scenario Update
Your IT specialists have confirmed that the
primary IT systems have been damaged
and personnel must rely on back-up
systems off-site for information.
Currently, only some hard copies offsite are
retrievable at this time.
56
Essential Records
How does your agency maintain an inventory of essential records, including format (e.g., paper, electronic), location (e.g., file cabinet, network drive), and instructions for accessing those records?
How does your plan identify and prioritize essential records associated with priority essential functions?
57
Module 2: Cyber Security
58
https://www.youtu
be.com/watch?v=
jIkePSwvFgc
Module 2: Cyber Security
WannaCry Ransomware has crippled
companies across the globe. The alternate site
firewalls failed and someone clicked on an
attachment that compromised internal data.
Your agency has blocked external email and
internet browsing to ensure computer operating
systems are protected.
59
Internet Access
How does your plan address the effect
of a loss of internet access on priority
essential functions?
How long can your agency sustain a
loss of internet service before essential
functions are severely affected?
60
Telework
What telecommunication and telework
capabilities are outlined in your plan?
Are personnel able to remotely access
essential records via Citrix, VPN or a
similar application?
61
Telecommunications
Are WiFi connections, server access, and computers readily available for use in the alternate continuity location?
If your local network or agency intranet is affected, what back-up system is available?
62
Scenario Update
The firewalls have been secured. Both
intranet and internet access is available.
IT has limited staff available for the various
different access, software, and equipment
issues that need immediate attention.
63
Information Technology
According to your plan, who determines which IT programs, systems, and/or software are brought on-line first for your agency?
Do critical IT operation levels align with priority essential functions in your plan?
64
Objective Prioritization
Does your plan include Recovery Time Objectives (RTOs) regarding the priority of essential functions with IT applications?
Does your plan outline a prioritization strategy for restoration and reinstallation of critical software applications across server and desktop infrastructures?
65
Module 3 - Scenario
It has been over 3 weeks and the structural
building issues are fixed; however, because
of the damage, the building will be completely
renovated over the next 4-6 months before
your operations can resume at the facility.
66
Reconstitution Process
What is your communications plan to inform
staff and external partners (including the
public) of reconstitution expectations so they
all now when normal operations will resume?
How does your plan identify a team for
reconstitution to ensure an orderly process?
67
Reconstitution Plan
What information is needed to conduct
reconstitution planning (e.g. equipment &
utility requirements, office layout, etc.)?
How does your plan ensure this information
is an essential record and available remotely
(since the building is inaccessible)?
68
Considerations
Is a relocation or continuity manager and a
reconstitution manager identified to lead
the 2 different processes?
What external partners will be required to
help you conduct effective reconstitution
planning?
69
Hot Wash
COOP Plan Review
• Areas to maintain/sustain?
• Quick fixes to address now?
• Areas for improvement to work on
over the next year or longer?
70
Response and Recovery in
Disaster conditions
Mitch Randles
Fire Chief/EMC
Temple, TX Fire and Rescue, Joplin, MO (retired)
254-298-5682
71
Introduction
JOPLIN, MISSOURI
MAY 22, 2011: EF-5 TORNADO
72
73
76
77
78
80
81
82
83
84
85
86
87
88
89
90
91
92
Replacement Stations
Replacement Temporary Apparatus
95
• Size of damage area
• Number of people affected
• Amount of debris
• Influx of people and resources
• Need for special resources
• Damaged infrastructure
• Communications
• Severe weather continued for 3 days
• Special visitors
• Media
• Medical Services
• Animal Control
Why did we succeed?
• Teamwork
– Provided clear goals, objectives and assignments
– Uniform focus and direction
• Pre-established relationships locally, regionally, Statewide
• Success of local, regional and state mutual aid systems
• Can do type of attitude, Failure/lack of action was not acceptable
• Accountability
Are you Prepared?
Questions?
99
Thank you.
Adjournment
Please take a moment and fill out a feedback form
Thank you for attending!
101