Crisis Management (10%) Flashcards

1
Q

History of Emergency Management in the US

When was FEMA established with the consolidation of most federal emergency agencies and programs?

A

1979

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

History of Emergency Management in the US

With the created of what agency, FEMA initially became the Emergency Preparedness and Response Directorate

A

Department of Homeland Security (DHS)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

History of Emergency Management in the US

Three primary objectives of FEMA

A
  1. Minimize the probability of a threat or emergency
  2. Mitigate the impact if the event occurs
  3. Recover and resume normal operations
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

History of Emergency Management in the US

Two key elements necessary to achieve objectives

A
  1. What is to be done?
  2. Who is to do it?
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

History of Emergency Management in the US

Effective emergency management programs

A
  • Prepare an enterprise for business interruptions
  • Ensure proper flow of critical information in an emergency
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

History of Emergency Management in the US

Planning is essential to…?

A
  • Ensure recovery from business interruptions
  • Protect the profitability of the enterprise
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Crisis Management - In General

The elements of a 4-pronged approach to emergency management?

A
  1. Mitigation
  2. Preparedness
  3. Response
  4. Recovery
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Crisis Management - In General

Lasting, often the permanent reduction of exposure to, the probability of, or potential loss from hazards

A

Mitigation

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Crisis Management - In General

Actions taken before an event to plan, organize, equip, train, and exercise in order to deal with emergencies that cannot be avoided or entirely mitigated

A

Preparedness

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Crisis Management - In General

Activities that address the short-term, direct effects of an incident

A

Response

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Crisis Management - In General

Near-term and long-term actions taken to return the organization to a pre-emergency level of operation or, in some cases, to a new level of operation

A

Recovery

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Crisis Management - In General

Three major categories of emergencies…

A

Natural

Human (internal or external)

Accidental

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Crisis Management - In General

An effective tool for determining the probability of a threat or a disaster, and its impact on an organization, is to conduct a risk analysis in the development stage of the emergency plan

A

Risk Analysis

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Crisis Management - Terminology

A private-sector version of emergency management with actions, such as a BIA, not applicable to communities

Encompasses actions were taken before, during, or after an emergency to minimize the impact on operations and effect a timely response, resumption of business, and recovery

A

Business Continuity (BC)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Crisis Management - Terminology

Continuity of Operations (COOP)

A
  • A term normally applied specifically to the US government
  • Different from BC; entails move of critical functions and personnel to an alternate site
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Crisis Management - Terminology

Organizational Resilience (OR)

A

The adaptive capacity of an organization in a complex and changing environment

The ability to resist being affected by an event or to return to an acceptable level of performance in an acceptable period of time after an event

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

Crisis Management - Terminology

Business Impact Analysis (BIA)

A
  • An integral part of the business BC process
  • Identifies critical functions, assesses the impact of an emergency on those functions over time, determines other elements dependent on critical functions, helps develop and prioritize recovery strategies
  • Maybe “hazard neutral” or may incorporate specific hazards
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

Crisis Management - Standards

All Hazards

The all-hazards approach has been adopted by FEMA and can be used in business and organizational plans as well as community plans; this approach provides for a basic emergency plan, or emergency operations plan (EOP), with…

A
  • Functional annexes (such as emergency call lists) that apply to multiple emergency situations
  • Threat-specific annexes (such as procedures for bomb incidents
  • Alternative planning approaches two things…

(developing stand-alone plans for each relevant emergency or contingency

(Some combination of the preceding two approaches)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

Crisis Management - Standards

Was developed by DHS in March 2004

A

National Incident Management System (NIMS)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

Crisis Management - Standards

NIMS

Provides a systematic, proactive approach guiding government departments and agencies, the private sector, and nongovernmental organizations to work seamlessly to prepare for, prevent, respond to, recover from, and mitigate the effects of incidents, regardless of cause, size, location, or complexity, in order to reduce the loss of life, property and harm to the environment

A
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

Crisis Management - Standards

Command and control mechanism used by many public safety agencies and jurisdictions in the US

A

Incident Command System (ICS)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

Crisis Management - Standards

ICS provides an expandable structure that can be used as needed to manage emergency agencies

A
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

Crisis Management - Standards

ICS normally consists of five primary elements

A
  1. Command
  2. Operations
  3. Planning
  4. Logistics
  5. finance and administration
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
24
Q

Crisis Management - Standards

IC - Incident Commander

The IC is normally the…?

A

A senior member of the responding agency.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
25
Q

Crisis Management - Standards

For a one-agency response…

A

ICS is a single-incident command

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
26
Q

Crisis Management - Standards

For a multiple-agency response,

A

ICS is a unified command

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
27
Q

Emergency Planning

The logical beginning of emergency management is the development of a plan that…

A
  • Defines “emergency” in terms relevant to the organization
  • Establishes an organization to perform specific tasks before, during, and after an emergency
  • Establishes a method for using available resources, and for obtaining additional resources at the time of an emergency
  • Provides a means for moving normal operations into and back out of the emergency mode of operations
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
28
Q

Emergency Planning

The purpose of an emergency plan is to…?

A

Highlight the types of problems that will be encountered and to require decision-makers to consider in advance how to react when an emergency develops

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
29
Q

Emergency Planning

Who must be directly involved in the identification and evaluation of assets as part of the plan development?

A

Management

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
30
Q

Emergency Planning: Principles

Evacuation & Shelter

A

Move all persons not needed in disaster operations to places of safety

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
31
Q

Emergency Planning: Principles

Personal Protection

A

Ensure persons who must remain in a threatened area are well-protected

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
32
Q

Emergency Planning: Principles

Rescue and Relief

A

Provide a ready means of support and assistance for injured persons

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
33
Q

Emergency Planning: Principles

Guiding principles for preventing or minimizing injury

A
  • Design safety: Eliminate conditions that increase the likelihood of injury given the nature of the emergency and the character of the organization or facility
  • Training: Prepare responders to avoid increased exposure through ignorance or ineptitude
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
34
Q

Emergency Planning: Contingency Planning

Tactical planning should also be part of contingency planning, in general

A
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
35
Q

Emergency Planning: Contingency Planning

Logistical decisions made in advance will impact the success or failure of a good preparedness & response plan

A
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
36
Q

Emergency Planning: Plan Management

The most important thing about planning:

A

It is a continuing process never finished as long as the plan exists

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
37
Q

Emergency Planning: Plan Management

Even with planning, it is necessary to improvise and remain flexible when a disaster or other emergency strikes

A
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
38
Q

Emergency Planning: Plan Management

Mitigation strategies related to constructing or retrofitting facilities or otherwise reducing the impact of potential emergency events should be addressed in a separate mitigation plan

A
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
39
Q

Emergency Planning: Plan Management

What should be separate from the organization’s security operations plan

A

Recovery and continuity of operations plan (Business Continuity)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
40
Q

Emergency Planning: Plan Management

How often should the plan be audited?

A

Annually

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
41
Q

Emergency Planning: Plan Management

The plan should be evaluated and modified after

A
  • Each training drill
  • Each emergency
  • Changes in personnel or their responsibilities
  • Changes in the facility’s physical design
  • Changes in policies or procedures
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
42
Q

Emergency Planning: Plan Format

Two significant considerations arise in choosing a planning format

A
  1. Dissemination of the plan - All individuals and organizational elements with designed responsibilities under the plan
  2. Maintenance of the plan - Reviewed and updated regularly
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
43
Q

Emergency Planning: Legal Review

Incident response policies should be reviewed periodically by legal counsel to ensure they…

A
  • Are legally defensible and enforceable
  • Comply with overall company policies and procedures
  • Reflect known industry best practices demonstrating the exercise of due care
  • Conform to national, state, and local laws and regulations
  • Protect staff from lawsuits
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
44
Q

Emergency Planning: Plan Format

In addition, legal counsel should consider the following factors

A
  • When to prosecute and what should be done to prosecute a person caught violating facility access rules
  • What procedures will ensure the admissibility of evidence
  • When to report an incident to local, state, or national law enforcement agencies
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
45
Q

Emergency Management: Structure

One operating official should be designated as the emergency coordinator to assume responsibility for the plan and to…

A

ensure physical department boundaries do not impede a smooth emergency response

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
46
Q

Emergency Management: Structure

A totally new organization should not be developed to handle emergencies

A

Such problems should be handled by the existing organization, temporarily reconfigured, and executives responsible for the day-to-day operation of the enterprise

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
47
Q

Emergency Management

The organization should have a Crisis Management Team to lead incident/event response

A
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
48
Q

Emergency Management

Some boards can function even if a disaster incapacitates so many members that a quorum is not possible

A
  • The bylaws of such companies provide a means of returning the board to full strength
  • One method is for board vacancies to be filled by the remaining board members
  • Some states have passed special statutes to facilitate emergency planning by corporations
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
49
Q

Emergency Coordination

A facility may create written support agreements with local or state LE agencies or MAAs with other local sites

A
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
50
Q

Emergency Coordination

Organizations agree to assist each other with materials, equipment, personnel for emergency response

A
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
51
Q

Emergency Coordination: Mutual Aid Association

Purpose:

A

Establish an emergency management org to minimize damage, ensure continued ops, restore ops.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
52
Q

Emergency Coordination

Government agencies often use interagency support agreements or memoranda of understand (MOUs)

A
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
53
Q

Emergency Response: Categories

Immediate, on-site response (timely response)

A

Requires better detection and delay

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
54
Q

Emergency Response: Categories

After-the-fact recovery

A

Requires use of investigative tools, including video surveillance footage

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
55
Q

Emergency Response: Response Strategies

Containment

Denial

Assault

A
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
56
Q

Emergency Response: Shut Down

The actual shutdown should be assigned to people familiar with the process

A
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
57
Q

Emergency Response: Training

All businesses need to plan initial and refresher emergency training

A
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
58
Q

Emergency Response: Training

Training and orientation must be reinforced and tested with periodic drills and exercises, which may include

A
  • Tabletop exercises conducted in a conference room for members of the organization’s crisis management team (CMT) or other management personnel
  • Evacuation and shelter-in-place drills for all employees
  • Walkthrough of an emergency plan or particular emergency response functions by selected organizational personnel
  • A full exercise involving outside response agencies
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
59
Q

Emergency Response: Training

Emergency tests and exercises are conducted for many reasons

A
  1. Checking the workability of a plan or a part thereof
  2. Determining the level of staff awareness and training
  3. Evaluating the adequacy of emergency communications
  4. Identifying shortcomings in evacuation procedures
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
60
Q

Emergency Response: Training

To validate an organization’s emergency plan, an unannounced test should be conducted with appropriate controls and safeguards in place

A
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
61
Q

Emergency Response: Training

Focus

A
  • Most likely situations of each site
  • Location, construction, and size of each site
  • Function of each site
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
62
Q

Emergency Response: Release of Information

The emergency plan should provide for the orderly release of information, preferably through a single source in the organization

A
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
63
Q

Emergency Response: Release of Information

It is best to avoid answering questions with the phrase “no comment”

A
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
64
Q

Incident Response: Biological & Chemical Threats

Goal #1

A

Limit the distribution of the material

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
65
Q

Incident Response: Biological & Chemical Threats

Goal #2

A

Look after any staff who have been exposed

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
66
Q

Incident Response: Fire

Primary influences on smoke movement in low buildings:

A

Heat, convective movement, and fire pressures

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
67
Q

Incident Response: Fire

Primary influences on smoke movement in high rises:

A

“Stack effect”

Influence of external wind forces

Forced air movement within the building

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
68
Q

Incident Response: Fire

The vertical, natural air movement through the building caused by the differences in temperature and densities between the inside and outside air

A

Stack Effect

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
69
Q

Incident Response: Fire

Two basic approaches to smoke control

A
  1. The HVAC system can be shut down and the fire area isolated or compartmented
  2. Fans can continue running, using the air duct system for emergency smoke control
    - Automatic pressurization of stairwells is often utilized to keep smoke out of these spaces
70
Q

Bomb Incident Response

Bombings continue to be the preferred weapon of terrorists and a common tool for criminals

A
71
Q

Bomb Incident Response

Bomb Advantages

A
  • A large amount of damage; more than from an armed assault
  • Anonymity from a remote location at the time of the explosion
  • Ability to cause damage with a device placed outside the site
  • Ability to cause considerable disruption with little expense
  • High media value for publicizing a cause
72
Q

Bomb Incident Response

Bombing Disadvantages

A
  • Bomb maker may be accidentally killed by the bomb
  • The bomb may not function as intended
  • Risk of detection when placing the bomb
  • Risk of device being detected before it detonates, resulting in evacuation and possible disarming
  • Forensic evidence from the bomb components
73
Q

Bomb Incident Response

Explosions may be..

A

Mechanical

Chemical

Nuclear

74
Q

Bomb Incident Response

Low explosives, which are suitable for propelling and pushing

A
  • Propellants (gun powders)
  • Pyrotechnic compositions
  • Expelling charges for line throwers
  • Special effects system
75
Q

Bomb Incident Response

High explosives detonate; low explosives ignite

A
76
Q

Bomb Incident Response

Three primary products of an explosion

A

Blast

Fragmentation

Heat

77
Q

Bomb Incident Response

Protection from a bomb is achieved through distance and cover

A
78
Q

Bomb Incident Response

The use of films and anti-shatter technology should be assessed against

A
  • Possible and probable location of bombs
  • The expected size of a bomb on the site
  • The assets near the glass
79
Q

Bomb Incident Response

Elements required for a bombing

A
  • Motive (criminal, political, or personal)
  • Material (main charge, initiator/detonator, trigger, safety switch)
  • Knowledge
  • Opportunity
80
Q

Bomb Incident Response

Bomb response is a management-level responsibility, requiring quick decisions with limited information

A
81
Q

Bomb Incident Response

Management must respond to bomb threats based on…

A
  • Limited information
  • Limited time
82
Q

Bomb Incident Response

An effective bomb incident management capability requires procedures relevant to the organization and based on sound security analysis

A
83
Q

Bomb Incident Response: Risk Assessment

In assessing whether a particular facility is at risk to a bombing, the following questions should be considered

A
  • Is the building a likely target?
  • Are any tenants in the building a likely target?
  • Is the building an obvious easy or soft target?
  • Are any nearby buildings a likely target?
84
Q

Bomb Incident Response: Risk Assessment

Bomb Incident Plans

A
  • Should provide information, policies, procedures, and training to limit bomb potential
  • Should help the organization respond appropriately bomb threats and incidents
  • Should provide specific guidance, policies, and procedures for fire wardens, security supervisors, and relevant managers
  • Must be site-specific but also part of an integrated security management process
85
Q

Bomb Incident Response: Risk Assessment

Bomb Incident Plans (ctd…)

A
  • Should address unattended items, bomb threats, bombs, hazardous mail, and post-blast conditions
  • Should describe how training will be developed and delivered, in particular, training on the evaluation of bomb threats and unattended items and on search techniques
86
Q

Bomb Incident Plans

Should be based on…

A
  • An understanding of the elements of a bombing: motive, material knowledge and opportunity
  • Exposure of the organization to bomb incidents due to its business environment, location, relationships, and staff
  • The effectiveness of emergency, health and safety, human resources, and other guns
  • Current security measures
  • Senior management recognition of the risk of a bomb incident and the need for a plan
87
Q

Bomb Incident Response

All staff who deal with the public should be taught how to receive and record threats, and to whom they should report the information

A
88
Q

Bomb Incident Response

threat evaluation consists of five R’s

A
  • Receive
  • Record
  • Report
  • Review
  • Respond
89
Q

Bomb Incident Response

The bomb threat review phase

A
  1. Most important and difficult phase
  2. threat evaluation is a managerial decision-making process
  3. Unlike a fire, a bomb threat is not a self-evident risk; it requires a review of facts to determine credibility
90
Q

Bomb Incident Response

Primary evidence is the actual threat

A

Accuracy in capturing the wording of the threat is essential; the actual words used must be recorded, including omissions, changes in thought, slang, technical terms, inaccuracies in terminology, or knowledge of the site

91
Q

Bomb Incident Response

The amount of time available for evaluating the threat can be calculated by subtracting the time required to evacuate the site plus a safety margin form the bomb deadline, if one is given

A
92
Q

Bomb Incident Response

If there is not enough time to evacuate the site and conduct a threat evaluation, the threat coordinator should make an immediate decision on evacuation

A
93
Q

Bomb Incident Response

If the perpetrator does not provide a deadline, the threat coordinator should evaluate the threat as quickly as possible

A
94
Q

Bomb Incident Response

One might think it is preferable to evacuate for all bomb threats, but organizations must be able to continue operating until it is determined a hazard probably exists and there is a legitimate need for full or part evacuation

A
95
Q

Bomb Incident Response

Evacuation plans should include the closure of processes as well as the emergency transfer of data

A
96
Q

Bomb Incident Response: Evaluation

Evacuation is not always best; constant evacuation undermines confidence in management’s ability to provide a safe, secure, and productive work environment

A
97
Q

Bomb Incident Response

Constant evacuation may also lead to copycat incidents as staff seek time off from work or outsiders enjoy the prospect of disrupting activities

A
98
Q

Bomb Incident Response

To respond effectively to a threat, the organization must…

A
  • Recognize it has been threatened
  • Capture information about the threat and report it to the relevant authority within the organization
  • Evaluate the threat
  • Respond appropriately
99
Q

Bomb Incident Response

The evaluation is a complex management decision that requires procedures, planning, training, and rehearsal

A
100
Q

Bomb Incident Response

It is important all employees know how to record the wording of any threatening call, and how to forward a threatening email or other messages

A
101
Q

Bomb Incident Response

A threat can be evaluated for specificity, which suggests the offender’s level of knowledge and commitment

A
102
Q

Bomb Incident Response

A detailed threat demonstrating knowledge of the site is more credible than a vague threat

A
103
Q

Bomb Incident Response

Where possible, the evacuation assembly areas should be

A
  • At least 300 meters from the building
  • Not in a direct line of sight of the bomb
  • Not facing or under windows
  • Behind solid cover, such as another building
104
Q

Bomb Incident Response: Searches

Unless the site has a particular political value or is hosting VIPs, it is unlikely the police will search

A
105
Q

Bomb Incident Response: Searches

Those who work in an area can best identify what is out of place there

A
106
Q

Bomb Incident Response: Searches

Search teams of two people work well, as each team member can search an area while assisting the other and ensuring all items in the allocated space have been searched

A
107
Q

Bomb Incident Response: Searches

Search teams should leave at least one vacant room or area between them as they search, to provide a degree of safety for teams

A
108
Q

Bomb Incident Response: Searches

Types of bomb searches

A
  • Occupant search
  • Warden search
  • Team search
  • High-risk search (trained government personnel w/ specialized equipment)
109
Q

Bomb Incident Response: Searches

If an item is found, decisions must be made on whether to

A
  • Continue the search
  • Further, investigate the item
  • Evacuate the searchers and others
110
Q

Bomb Incident Response: Searches

Decisions about found devices depend on

A
  • Where the item is found
  • Why it is considered suspicious
  • Whether it matches the item described in the threat
111
Q

Bomb Incident Response: Searches

If a suspected body bomb is identified, usually the best way to minimize consequences is to immediately begin to move people away and limit the bomber’s ability to get closer to the organization’s assets

A
112
Q

Bomb Incident Response: Searches

Suicide bombers are a very small percentage of bombing offenders

A
113
Q

Bomb Incident Response: Searches

The Five R’s of dealing with unattended items

A

Receive

Record

Report

Review

Respond

114
Q

Bomb Incident Response: Searches

A bomb can only be classified as a hoax by emergency services personnel or subsequent forensic examination

A
115
Q

Bomb Incident Response: Searches

Egress routes and assembly areas should be searched for unidentified items before or during the evacuation

A
116
Q

Bomb Incident Response: Mail

Hazardous mail includes not only bombs but also

A
  • Noxious and poisonous materials
  • Acids
  • Chemical or biological agents
  • Needles and blades (sharps)
117
Q

Bomb Incident Response: Mail

The aim of the security manager should be to provide a safer and more secure work environment by increasing the ability to detect and respond to hazardous mail

A
118
Q

Bomb Incident Response: Mail

The primary protection from hazardous mail items is…

A

distance

119
Q

Bomb Incident Response: Mail

“EXPLOSIVE PARCEL” method for identifying mail bombs

A

Excessive securing material

Xcessive weight

Protruding wires or time foil

Lopsided or unevenly weighted

Oily stains and discoloration

Stiff or rigid envelope

Is the package expected?

Visual distractions

Excessive postage

120
Q

Bomb Incident Response

Explosive Parcel (ctd..)

A

P roper names and titles incorrect

A ddress handwritten or poorly typed

Restrictive markings

Common words misspelled

Either unusual or foreign origin

L acks address of sender

121
Q

Bomb Incident Response: Mail

Bombs have a number of basic components

A
  • A power source, often a battery, which can give the item an uneven balance
  • A firing switch, which may contain wires or foil
  • An explosive or incendiary filling, which adds to the weight and may exude oil
122
Q

Terrorism: Genesis

Precipitants: Those who start an outbreak of violence

A
123
Q

Terrorism: Genesis

Preconditions

A

The environment that allows precipitants to instigate an action

124
Q

Terrorism: Genesis

Permissive factors of preconditions

A

Engender a terrorist strategy and make it attractive to political dissidents

125
Q

Terrorism: Genesis

Factors of Preconditions

A

Urbanization

Transportation System

Communications Media

Weapons availability

Absence of security measure

126
Q

Terrorism: Genesis

Direct situational factors of preconditions

A

Factors that motivate terrorists

127
Q

Business Continuity Management System (BCMS)

The need to resume normal operations rapidly is as great as the need to control potential damage

A
128
Q

Business Continuity Management System (BCMS)

The BCMS enables an organization to identify, develop, and implement policies, objectives, capabilities, processes, and programs to address disruptive events that might impact the organization and its stakeholders

A
129
Q

Business Continuity Management System (BCMS)

Components

A

Definition of roles, responsibilities, resources

130
Q

Business Continuity Management System (BCMS)

Policy

Top management defines the BCM policy in terms of the characteristics of the organization, locations and operating environment, stakeholders, obligations, and assets

A
131
Q

Business Continuity Management System (BCMS)

The Policy Is…

A
  • Approved by top management
  • Communicated to all persons working for or on behalf of the organization deemed within the scope of the BCMS
  • Available to stakeholders as approved by management
  • Reviewed at defined intervals and when significant changes occur
132
Q

Business Continuity (BC)

BC is a comprehensive managed effort to prioritize key business processes, identify significant threats to the normal operation and plan mitigation strategies to ensure effective and efficient organizational response to the challenges that surface during and after a crisis

A
133
Q

Business Continuity (BC): Essential resources

Resources essential for the implementation and maintenance of the BCMS and the BC strategies

A
  • Facilities and equipment
  • Human resources
  • infrastructure
  • Other services, technology, information, intelligence, and funds
134
Q

Business Continuity (BCP)

An ongoing process supported by senior management and funded to ensure necessary steps are taken to identify the impact of potential losses, maintain viable recovery strategies and plans, and ensure continuity of operations through personnel training, plan testing, and maintenance

A
135
Q

Business Continuity Plan (BCP)

People are the most important aspect of any BCP

A
136
Q

Business Continuity Plan

Business continuity planning is…

A

Cyclical

137
Q

Business Continuity Planning

BCPs should be scaled around a worst case scenario

A
138
Q

Business Continuity Planning

The following factors can trigger a review of the BCP

A
  • Risk assessment
  • Sector/industry trends
  • Regulatory requirement
  • Event experience
  • Text/exercise results
139
Q

Business Continuity Planning

Vital records may include

A
  • General ledgers, and accounts payable and receivable
  • Constitutions and bylaws
  • Contracts and customer data
  • Engineering and manufacturing process data
  • Incorporation certificates, minutes of BoD meetings
  • Insurance policies
  • Legal documents, leases, licenses
140
Q

Business Continuity Planning

Crisis Management and Response Teams should be trained at least…

A

Annually

141
Q

Business Continuity Planning: Stages

Readiness is the first step of a business continuity plan, and addresses…

A
  • Assigning accountability for the plan
  • Conducting a risk assessment and a business impact analysis
  • Agreeing on strategies to meet the needs identified in the risk assessment and business impact analysis
  • Forming Crisis Management and other appropriate response teams
142
Q

Business Continuity Planning: Stages

Identification of danger signals, coupled with the likelihood of an event, is often indicative of an imminent crisis, and warning signs may include, but are not limited to

A
  • Unusual or unexplained changes in sales volume
  • Legislative changes
  • Corporate policy changes
  • Changes to the competitive environment
  • Changes to supply based environment
  • Warnings of natural disasters
  • Imminent or actual changes in HSAS threat level
  • Cash flow changes
  • The potential for civil or political instability
  • impending strike or likely protests
  • Hostile labor negotiations
143
Q

Business Continuity Planning: Stages

The responsibility to report a potential crisis (including the notification mechanism) should be communicated to

A

All Employees

144
Q

Business Continuity Planning: Stages

What is one of the most important ingredients in crisis management, and preplanning for communications is critical?

A

Effective Communications

145
Q

Business Continuity Planning: Stages

Personnel used for crisis management should be assigned to perform these roles as part of their normal duties, not voluntary

A
146
Q

Business Continuity Planning: Prevention

Prevention is the second step of a BCP that addresses…

A
  • Compliance with corporate policy
  • Mitigation strategies
  • Avoidance, deterrence and detection
147
Q

Business Continuity Planning: Stages

Response is the third step of a BCP that addresses…

A
  • Potential crisis recognition
  • Notification of the team
  • Assessment of the situation
  • Declaration of a crisis
  • Execution of the plan
  • Communications
  • Resource management
148
Q

Business Continuity Planning: Stages

The first element in a response program is…

A

to determine if a potential crisis exists

149
Q

Business Continuity Planning: Stages

Determining the initial level of the crisis, and the progression from one level to the next, will normally be the responsibility of the Crisis Management Team

A
150
Q

Business Continuity Planning: Stages

Individuals should be recruited for membership on Response Teams based on their skills, level of commitment, and vested interest

A
151
Q

Business Continuity Planning: Stages

When initiating a response, it is important to ensure the goals protect the following interests, in order of their priority

A
  1. Save lives and reduce chances of further injuries/deaths
  2. Protect assets
  3. Restore critical business processes and systems
  4. Reduce the length of the interruption of business
  5. Protect reputation damage
  6. Control media coverage (e.g. local, regional, national or global)
  7. Maintain customer relations
152
Q

Business Continuity Planning: Stages

Problem assessment and severity assessment should be made at the outset of a crisis. Factors to be considered are

A
  • Size of the problem
  • Potential for escalation
  • Possible impact of the situation
153
Q

Business Continuity Planning: Stages

Immediate intervention is taken to minimize further losses and to begin recovery, including activities and programs to restore critical business functions and return to an acceptable condition

A

Recovery

154
Q

Business Continuity Planning: Stages

What may be performed by the CMT itself or a designated Damage Assessment Team

A

Damage Assessment

155
Q

Business Continuity Planning: Stages

Maximum acceptable outage time and recovery time objectives should be based on…

A
  • How long processes can be nonfunctional before impacts become unacceptable
  • How soon processes should be restored (shortest allowable outage restored first)
  • Different recovery time objectives according to time of year
  • Identifying and documenting alternate procedures for strategic alliance, mutual aid, manual workaround
  • Evaluation of costs of alternate procedures vs. waiting for system to be restored
156
Q

Business Continuity Planning

A management level financial analysis that identifies the impacts of losing an organization’s resources. The analysis measures the effect of resource loss and escalating losses over time in order to provide reliable data upon which to base decisions on mitigation, recovery, and business continuity strategies

A
157
Q

Business Continuity Planning

ASIS BC Guideline

Largely intended for the private sector organizations that own and operate the national critical infrastructure

A
158
Q

Business Continuity Planning

ASIS BC Guideline

Has applicability in both the private and public sector environments

A
159
Q

Business Continuity Planning

ASIS BC Guideline

Appropriate for mid- to large-sized organizations, but can be adapted to smaller ones

A
160
Q

Organizational Resilience (OR)

The adaptive capacity of an organization in a complex and changing environment

A

Organizational Resilience

161
Q

Organizational Resilience (OR)

Strategic programs supportive of an OR Management System

A
  • Prevention and deterrence (of disruptive incidents)
  • Mitigation
  • Emergency response
  • Continuity
  • Recovery
162
Q

Organizational Resilience (OR)

Three generic and interrelated management response steps that require preemptive planning and implementation in case of a disruptive incident

A
  • Emergency response
  • Continuity
  • Recovery
163
Q

Organizational Resilience (OR)

An OR management policy should reflect the commitment of top management to…

A
  • Comply with applicable legal requirements and other requirements
  • Prevention, preparedness, and mitigation of disruptive incidents
  • Continual improvement
164
Q

Organizational Resilience (OR)

The OR management policy should be communicated to all persons who work for (or on behalf of) the organization, including contractors working at an organization’s facility

A
165
Q

Organizational Resilience (OR)

When assessing impacts, consider…

A
  • Human cost
  • Financial cost
  • Corporate image cost
  • Economic losses to community
  • Environmental impacts
166
Q

Event Security

The event security environment is particularly sensitive to the need to meet an acceptable standard of care

A
167
Q

Event Security

Primary Duties include…

A
  • Provide safety and security for everyone present
  • Safeguarding of property is secondary
  • Overall, the security team’s responsibility is to reduce risk
168
Q

Event Security

Four options for securing an event with little experience in event protection

A
  • Do the best one can with current security capabilities
  • Provide personnel with detailed training in special event security issues
  • Hire a special event security provider
  • Accept the risk and provide no security for the event
169
Q

Event Security

Special events require security professionals to develop security plans featuring

A
  • Preventive and reactive measures
  • Good implementation of the plans
  • Effective management of security staff
170
Q

Event Security

Factors directly affecting the design and implementation of the security plan

A
  • Time sensitivity
  • Organizational structure
  • Volunteers
  • Location
  • Crowds, participants and attendees
  • Type of event
  • Communication
  • Weather
  • Budget