Incident Management Framework. Part One: Overview and Policy. Final Draft. other plans. incident management framework. business as usual (BAU)

Transcription

1 Final Draft Incident Management Framework Part One: Overview and Policy business as usual (BAU) incident management framework other plans Crisis Solutions 18 Hanover Square London, W1S 1HX Tel Fax Web

2 Table of Contents Introduction 1 Overview 1 Background 1 Policy and Governance 1 Documentation 2 Content 2 Factors influencing the design of the IMF 2 Constraints 2 Drivers 2 Principles 3 Capabilities 3 Incident Management Framework 4 General Approach 4 Step 1: Detection 5 Duty Incident Management Staff 5 Step 2: Assessment 6 Step 3: Response 7 The Incident Management Organisation 7 Roles of the Incident Management Organisation Tier Levels 7 Response Levels 7 Team Membership 8 Step 4: Post-Incident Review 9 IMF Part One V12 1

3 Introduction The authority to activate the Incident Management Action Plan is vested in: Duty Gold or Silver or, in their absence, any Director General Overview Background Incidents which disrupt routine business happen all the time in any organisation. For most incidents on the Parliamentary Estate, normal problem solving will continue to provide successful resolution while, at the other end of the spectrum, a major incident may require the re-location of the Houses to allow essential Parliamentary business to be conducted. Sitting between these two extremes is a wide range of disruptive challenges for which a co-ordinated and timely response is essential. The Houses of Parliament Incident Management Framework (IMF) provides such a response capability. It consists of an organisational structure and a set of procedures. The purpose of the IMF is to minimise the impact of any disruption to service delivery on the activities of either or both Houses of Parliament through the effective and timely implementation of business continuity plans (BCP). Effectiveness of incident management means that any disruption to the business, security, general operations and safety of personnel is minimised and that confidence in the management team is enhanced. Policy and Governance It is the agreed joint policy of the House of Commons and the House of Lords to put in place and maintain effective incident management plans. The task of achieving this objective is delegated to the Business Risk and Resilience Group (BRRG). The BRRG will ensure that: the IMF plans are regularly reviewed to ensure that they are able to meet the needs of both Houses appropriate individual induction and refresher training packages are completed by all staff supporting BCPs are reviewed at least annually for content and consistency an annual IMF rehearsal exercise is conducted and action taken on lessons identified effective post-incident reviews take place and appropriate IMF enhancement action is taken IMF Part One V12 1

4 Documentation IMF documentation is in three parts: Part One: Policy and Organisation Part Two: Action Plans Part Three: Incident Management Aide Memoire Content This (Part One) policy document covers: The factors which influenced the design of the IMF What types of incidents the IMF covers and, importantly, which it does not An overview of the incident detection, assessment, response and review cycle A summary of the roles and responsibilities of the Super Gold, Gold, Silver and Bronze teams Details of IMF team tasks and common procedures can be found in IMF Part 2 Action Plans. Factors influencing the design of the IMF The Houses of Parliament provide a unique set of challenges for the design of an effective incident management framework. Constraints UN World Heritage site and icon of national identity The importance of the political dynamic The traditions and rules of procedure that provide the basis for business as usual (BAU) activities Drivers Heritage Assets (including the fabric of the buildings, pictures, artefacts and archives) Parliamentary business (including both Houses and Committees) General operations of the Houses of Parliament (for example, Members offices, visitors) The safety of Members, staff and visitors The security of Members, staff and visitors Media interest IMF Part One V12 2

5 Principles Clarity of purpose and responsibilities Adaptability to provide effective response for a range of incidents Utility by building on existing procedures and acknowledgement of the constraints Capabilities Quick to form so as to: Ensure a co-ordinated and consistent response to all levels and types of incident Ensure a robust escalation process Ensure the appropriate staff respond quickly to an incident (24 hours a day, seven days a week) Takes control at the appropriate level by: Ensuring that actions are taken and decisions made by the most appropriate people Meeting procedural, legal and regulatory requirements Triggers BCPs and permits BCP owners to access additional support by: Ensuring a structured process to trigger BCP) and other appropriate forms of pre-planned response Ensuring minimum disruption to the business of the Houses of Parliament (HoP) Minimising the compromise of security in the HoP as much as possible Ensuring minimum disruption to the general operations of the HoP Minimising the compromise of safety of Members, the public, HoP staff and other personnel on the Parliamentary estate as much as possible Communicates in a timely and consistent manner with internal and external audiences The Incident Management Framework provides the structure for all responses to incidents based upon a tiered approach of Super Gold, Gold, Silver and Bronze teams. IMF Part One V12 3

6 Incident Management Framework General Approach The IMF uses a four step approach to delivering effective incident management 1 Detect 2 Assess Is this a BAU problem? If not, report to appropriate executive or if unavailable or unsure then to Duty Silver Senior Manager or Duty Silver assesses against impact criteria and decides on response levels needed IMF teams are activated and 3 Respond r e s p o n d i n l i n e w i t h t h e i r assigned tasks (IMF Part 2 has details) 4 Review Post-incident review process takes place to identify and implement risk mitigation and incident response improvements IMF Part One V12 4

7 Step 1: Detection Incidents are generally reported through one of six existing portals Security Control Fire Control Engineers Control PICT Help Desk House of Commons Duty Resident House of Lords Staff Superintendent Collectively these are known as the detectors. In all these cases, the detector needs to ask one simple question; Can this be fixed by business-as-usual problem solving? If the answer is yes then the incident can be categorised as minimal impact and the IMO will not be invoked If the answer is no or not sure then the detector will alert the Duty Silver who will assess the impact/potential impact of the incident and invoke the IMO as appropriate Further details on the mechanics of this process are in Part Two Action Plan. Duty Incident Management Staff In addition to the Duty Staff in the detectors identified above, for each House there will be a Duty Gold, a Duty Silver and a Duty Communications Adviser on call. The role of the Duty Silver is to assess the impact of the incident, to activate the appropriate elements of the IMO and to take charge of the incident response until an incident specific Silver Chair is appointed The role of the Duty Gold is to take charge of the response to High Impact incidents unless/until an incident specific Gold Chair is appointed The role of the Duty Communications Adviser is to ensure that the communications response is appropriate to the needs of the situation Further details are contained in the relevant Action Plans. IMF Part One V12 5

8 Step 2: Assessment The identified Director or, in their absence, the relevant Duty Silver will consider the facts as known and will make their assessment based on the criteria set out below and amplified in the Action Plan. Of course, it is quite possible that the impact may not be immediately obvious, hence the need for constant re-evaluation and timely escalation of the response resources. The criteria are: Low Impact An incident that is disrupting, or has the potential to disrupt, some general operations of the Palace of Westminster but is not causing immediate disruption to Parliamentary business. This will generally mean that one or more of the following conditions applies: incident cannot be managed as business as usual BCPs are invoked or need to be invoked the relevant House Communications Team needs to be aware of the incident but that there is a low level of media interest there is potential for damage to heritage items Medium Impact An incident that is disrupting, or has the potential to disrupt, either general operations or Parliamentary business of one of the Houses. This will generally mean that one or more of the following conditions applies: individual departmental BCPs unable to contain and manage incident multiple Bronze teams engaged which require oversight direction and management coordinated internal communications messages are needed actual or serious threat of damage to important heritage items heightened media interest High Impact An incident that is disrupting, or has the potential to disrupt, Parliamentary business of both Houses. This will generally mean that one or more of the following conditions applies: a significant short-term risk that Houses may not be able to sit or that important Committee activity is disrupted the general operations of both Houses disrupted there is a clear need for a unified communications message for internal and external audiences there is actual or serious threat of damage to major parts of the fabric of the Houses of Parliament and to its contents negative international/national media coverage IMF Part One V12 6

9 Step 3: Response The Incident Management Organisation The Incident Management Organisation for the Houses of Parliament comprises four tiers; Super Gold, Gold, Silver and Bronze in its fullest capacity depending on the impact of the incident. The tier system identifies different management levels, strategic, tactical and operational, through which an operation is controlled and accountability is maintained. It is a role-orientated, rather than rank-based system, which standardises the approach to managing incidents and aligns the IMF with the current practices of the Emergency Services. Roles of the Incident Management Organisation Tier Levels Team Role Comment Super Gold Super Gold briefs the Speakers, manages the political interface and provides overall direction Gold Team Gold sets strategic intent, provides leadership, The Gold team is only likely to be approves communications and prioritises the use of resources convened for a high impact incident. It will be a bicameral team with co-chairs. Silver Teams Silver teams have delegated authority for the direct management and control of the immediate response Bronze Teams Bronze teams deliver specific response solutions (BCP) to an incident within their designated environment Response Levels Impact Minimal Low Medium High Major Team Super Gold Direct Gold Advisory Command Other Plans Silver Advisory Command Coordinate Bronze BAU Implement Implement Implement IMF Part One V12 7

10 REDACTED IMF Part One V12 8

11 Step 4: Post-Incident Review The result of the review by those who took part in managing the incident, should illustrate what caused the incident (if this is possible) and what remedial actions have been taken to avoid a repetition in the future. This is also accomplished by examining the audit trail via the actions and decisions taken during the management of the incident. Steps to ensure a successful review of an incident include: Forming a Review Body Reviewing the actions taken by those involved in managing the incident via interviews and by examining the audit trail Examining the impact of the incident and the lasting effects Examining all actions taken and decisions made and making an assessment of the overall management of the incident Establishing what caused the incident (if this is possible) Establishing what improvements would prevent the incident from happening again Ensuring staff take ownership of those improvements If it is not possible to find out what improvements are to be made or implement them for some reason then to understand the risks for the future Agreeing on lessons identified for the future Collating all information in a Incident Review Report (Annex M Incident Review Report Example) for appropriate distribution IMF Part One V12 9