ACTlVATlON: The implementation of business continuity capabilities, procedures, activities, and plans in response to an emergency or disaster declaration; the execution of the recovery plan.
ALTERNATE WORKSITE: An alternate operating location to be used by business functions when the primary facilities are inaccessible. 1) Another location, computer center or work area designated for recovery. 2) Location, other than the main facility, that can be used to conduct business functions. 3) A location, other than the normal facility, used to process data and/or conduct critical business functions in the event of a disaster.
BUSINESS CONTINUITY PLANNING (BCP): Process of developing advance arrangements and procedures that enable an organization to respond to an event in such a manner that critical business functions continue with planned levels of interruption or essential change. SIMILAR TERMS: Continuity of Operations Planning
BUSINESS IMPACT ANALYSIS (BIA): The process of analyzing all business functions and the effect that a specific disaster may have upon them. Determining the type or scope of difficulty caused to an organization should a potential event identified by the risk analysis actually occur. The BIA should quantify, where possible, the loss impact from both a business interruption (number of days) and a financial standpoint. SIMILAR TERMS: Risk Analysis/Assessment
BUSINESS RESUMPTION PLANNING (BRP): The operations piece of business continuity planning/continuity of operations planning. It is a specific segment of the overall recovery process focusing on those items between the recovered environment and the actual processing of business in recovery mode. SIMILAR TERMS: Business Continuity Planning, Disaster Recovery Planning, Continuity of Operations Planning
CALL TREE: A document that graphically depicts the calling responsibilities and the calling order used to contact management, employees, customers, vendors, and other key contacts in the event of an emergency, disaster, or severe outage situation.
COLD SITE: An alternate facility that already has in place the environmental infrastructure required to recover critical business functions or information systems, but does not have any pre-installed computer hardware, telecommunications equipment, communication lines, etc. These must be provisioned at time of disaster. SIMILAR TERMS: Shell site; Backup site; Recovery site; Alternate worksite
COOP – CONTINUITY OF OPERATIONS PLAN: A COOP provides guidance on the system restoration for emergencies, disasters, mobilization, and for maintaining a state of readiness to provide the necessary level of information processing support commensurate with the mission requirements/priorities identified by respective functional proponent.
CRITICAL FUNCTIONS: Business activities or information that could not be interrupted or unavailable for several business days without significantly jeopardizing operation of the organization.
CRITICAL INCIDENT DEBRIEFING: Lessens the impact of major events on emergency service personnel. This accelerates normal recovery in normal people who are experiencing normal stress after experiencing highly abnormal events or incidents.
CRITICAL INFRASTRUCTURE: Systems whose incapacity or destruction would have a debilitating impact on the economic security of an organization, community, nation, etc. These include physical structures, networks and services.
CRITICAL RECORDS: Records or documents that, if damaged or destroyed, would cause considerable inconvenience and/or require replacement or recreation at considerable expense.
DAMAGE ASSESSMENT: The process of assessing damage, following a disaster, including computer hardware, vital records, office facilities, etc. and determining what can be salvaged or restored and what must be replaced.
DISASTER: A sudden, unplanned calamitous event causing great damage or loss.1) Any event that creates an inability on an organization’s part to provide critical business functions for some predetermined period of time.2) In the business environment, any event that creates an inability on an organization’s part to provide the critical business functions for some predetermined period of time. 3) The period when company management decides to divert from normal production responses and exercises its disaster recovery plan.
DISASTER CONTROL: Activities and programs designed to contain a disaster/incident and respond quickly to mitigate immediate consequences of the disaster.
DISASTER RECOVERY: Activities and programs designed to return the entity to an acceptable condition. It is the ability to respond to an interruption in services by implementing a disaster recovery plan to restore an organization’s critical business functions.
EMERGENCY: A sudden, unexpected event requiring immediate action due to potential threat to health and safety, the environment, or property.
EMERGENCY DECLARATION: A declaration based on a situation or impeding situation that threatens safety, health, the environment, critical infrastructure, property and/or economic stability.
EMERGENCY MANAGEMENT PROGRAM: A comprehensive program that is based on a hazard identification and risk assessment process (H IRA) and includes the five core components of mitigation, prevention, preparedness, response and recovery.
EMERGENCY RESPONSE PLAN: A risk-based plan developed and maintained to respond to an emergency.
EMERGENCY MANAGEMENT COORDINATOR -EMC: An individual or group selected to coordinate or control designated recovery processes or testing.
EMERGENCY PREPAREDNESS: The discipline that ensures an organization, or community’s readiness to respond to an emergency in a coordinated, timely, and effective manner.
EMERGENCY MANAGEMENT PROCEDURES: A plan of action to commence immediately to prevent the loss of life and minimize injury and property damage.
EMERGENCY MANAGERS: Responsible or accountable for government, community or private business preparedness.
EMERGENCY NOTIFICATION PROCEDURES: A process designed to contact individuals in the event of an emergency.
EMERGENCY OPERATIONS CENTRE (EOC): A site from which response teams/officials exercise direction and control in an emergency or disaster.
EMERGENCY RESPONSE CYCLE: Begins at the individual/family level. This means that the individual is the first to respond to the emergency by taking actions to ensure their safety and those around them.
EXERCISE: An activity that is performed for the purpose of training and conditioning team members, and improving their performance. Types of exercises include: Table Top Exercise, Simulation Exercise, Operational Exercise, and Mock Disaster.
FINANCIAL IMPACT: An operating expense that continues following an interruption or disaster, which as a result of the event cannot be offset by income and directly affects the financial position of the organization.
HAZARD: An event or physical condition that has the potential to cause Ioss or damage.
HAZARD OR THREAT IDENTIFICATION: The process of identifying situations or conditions that have the potential of causing injury to people, damage to property, or damage to the environment. These fall under three categories, natural, manmade and technological.
HAZARD-SPECIFIC PREPAREDNESS PLANS (HSPP): Provide the details on responding to a specific type of emergency. Such a plan should exist for each hazard identified in the risk assessment portion of the mitigation phase.
HOTSITE: An alternate facility that already has in place the computer, telecommunications, and environmental infrastructure required to recover critical business functions or information systems.
INClDENT: A disaster or other significant event that may significantly impact the organization, its people, or its ability to function productively.
INCIDENT COMMAND SYSTEM (ICS): Combination of facilities, equipment, personnel, procedures, and communications operating within a common organizational structure with responsibility for management of assigned resources to effectively direct and control the response to an incident.
MITIGATION: A sustained action that reduces or eliminates long-term risk to people and property from natural hazards and their effects. It consists of ongoing efforts to lessen the impact that disasters may have on people and property.
MOCK DISASTER: One method of exercising teams in which participants are challenged to determine the actions they would take in the event of a specific disaster scenario. Mock disasters usually involve all, or most, of the applicable teams. Under the guidance of exercise coordinators, the teams walk through the actions they would take per their plans, or simulate performance of these actions.
MUTUAL AID AGREEMENTS: Should be developed in consultation with the parties involved. The agreements are reviewed by legal counsel and include:definition of liability, detail funding and cost arrangements, definitions of key terms used in the agreement, roles and responsibilities of individual parties, procedures for requesting and providing assistance, procedures, authorities, and rules for payment, reimbursement, and allocation of costs, notification procedures and relationships with other agreements among entities.
NATURAL THREATS: Events caused by nature that have the potential to impact an organization.
NETWORK OUTAGE: An interruption in system availability resulting from a communication failure affecting a network of computer terminals, processors, and/or workstations.
OFF-SITE STORAGE: Alternate facility, other than the primary production site, where duplicated vital records and documentation may be stored for use during disaster recovery.
OPERATIONAL EXERCISE: One method of exercising teams in which participants perform some or all of the actions they would take in the event of plan activation. Operational exercises, which may involve one or more teams, are typically performed under actual operating conditions at the designated alternate location, using the specific recovery configuration that would be available in a disaster.
PREPAREDNESS: Planning and preparing for an emergency before it occurs. Sample actions include training, exercises and logistics.
RECOVERY: Process of planning for and/or implementing expanded operations to address less time-sensitive business operations immediately following an interruption or disaster.
RECOVERY PERIOD: The time period between a disaster and a return to normal functions, during which the disaster recovery plan is employed.
RECOVERY STRATEGY: An approach by an organization that will ensure its recovery and continuity in the face of a disaster or other major outage. Plans and methodologies are determined by the organizations strategy. There may be more than one methodology or solution for an organizations strategy. Examples of methodologies and solutions include, contracting for Hotsite or Coldsite, building an internal Hotsite or Coldsite, identifying an Alternate Work Area, a Consortium or Reciprocal Agreement, contracting for Mobile Recovery or Crate and Ship, and many others.
RESPONSE: The reaction to an incident or emergency to assess the damage or impact and to ascertain the level of containment and control activity required. In addition to addressing matters of life safety and evacuation, Response also addresses the policies, procedures and actions to be followed in the event of an emergency. 1) The step or stage that immediately follows a disaster event where actions begin as a result of the event having occurred. Similar Terms: Emergency Response, Disaster Response, Immediate Response, and Damage Assessment.
RESTORATION: Process of planning for and/or implementing procedures for the repair or relocation of the primary site and its contents, and for the restoration of normal operations at the primary site.
RESUMPTION: The process of planning for and/or implementing the restarting of defined business operations following a disaster, usually beginning with the most critical or time-sensitive functions and continuing along a planned sequence to address all identified areas required by the business. 1) The step or stage after the impacted infrastructure, data, communications and environment has been successfully re-established at an alternate location.
RISK: Potential for exposure to loss. Risks, either man-made or natural, are constant. The potential is usually measured by its probability in years.
RlSK ASSESSMENT / ANALYSIS: Process of identifying the risks to an organization, assessing the critical functions necessary for an organization to continue business operations, defining the controls in place to reduce organization exposure and evaluating the cost for such controls. Risk analysis often involves an evaluation of the probabilities of a particular event.
RISK MANAGEMENT: What happens as a result of the risk assessment. It is the balance of continuing to do business “as is” versus taking potentially costly and inconvenient steps to mitigate a hazard.
RISK MITIGATION: Implementation of measures to deter specific threats to the continuity of business operations, and/or respond to any occurrence of such threats in a timely and appropriate manner.
SIMULATION EXERCISE: One method of exercising teams in which participants perform some or all of the actions they would take in the event of plan activation. Simulation exercises, which may involve one or more teams, are performed under conditions that at least partially simulate ‘disaster mode’. They may or may not be performed at the designated alternate location, and typically use only a partial recovery configuration.
STANDALONE TEST: A test conducted on a specific component of a plan, in isolation from other components, typically under simulated operating conditions.
STRUCTURED WALKTH ROUGH: One method of testing a specific component of a plan. Typically, a team member makes a detailed presentation of the component to other team members (and possibly non-members) for their critique and evaluation.
TABLE TOP EXERCISE: One method of exercising teams in which participants review and discuss the actions they would take per their plans, but do not perform any of these actions. The exercise can be conducted with a single team, or multiple teams, typically under the guidance of exercise facilitators.
TEST: An activity that is performed to evaluate the effectiveness or capabilities of a plan relative to specified objectives or measurement criteria. Types of test include: Desk Check, Peer Review, Structured Walkthrough, Standalone Test, Integrated Test, and Operational Test.
TEST PLAN: A document designed to periodically exercise specific action tasks and procedures to ensure viability in a real disaster or severe outage situation.
UNINTERTUPTIBLE POWER SUPPLY (UPS): A backup supply which provides continuous power to critical equipment in the event that commercial power is lost.
VITAL RECORD: A record that must be preserved and available for retrieval if needed.
WARM SITE: An alternate processing site which is equipped with some hardware, and communications interfaces, electrical and environmental conditioning which is only capable of providing backup after additional provisioning, software or customization is performed.
DEFINITION OF EMERGENCIES
Emergencies are defined as situations or impending situations caused by the forces of nature, an accidental or intentional act or otherwise that constitute a danger of major proportions to life or property. These situations could threaten public safety, public health, the environment, property, critical infrastructure and economic stability. There are three categories of emergencies: human-caused, natural and technological.
Emergencies are dealt with through emergency management, defined as organized and comprehensive programs and activities taken to deal with actual or potential emergencies or disasters (widespread or severe emergencies). The key elements of the OPS emergency management framework parallel and complement the requirements of EMO. These elements are: prevention, mitigation, preparedness, response, and recovery.
Prevention refers to actions taken to prevent an emergency
Mitigation refers to sustained measures taken prior to the emergency to reduce its impacts. These include measures such as regulations, building codes and capital improvements.
Preparedness refers to measures taken prior to the emergency to ensure an effective response. These include measures such as plans, training, exercises, public education and procedures.
Response refers to measures taken to respond to an emergency, which are designed to ensure that a controlled, coordinated and effective response is quickly undertaken at the start of an emergency. These include measures such as emergency plan activation, emergency instructions to clients, staffing an emergency operations centre and the acquisition of additional resources.
Recovery refers to measures taken to recover from an emergency and to assist in the return to a state of normalcy. These include measures such as damage assessment, crisis counseling, debris clearance and decontamination.