?

Log in

No account? Create an account

Previous Entry | Next Entry

Minding the COOP

Continuing in Operations Plans
1/3 of the room is occupied.

Maintaining and Improving Library Security Through Continuity of Operations

Federal Requirement for a COOP plan for federal agencies -could be embraced on a national level for all types of libraries

Steve Jones -Executive Dir. First Response Coalition. NAFFighters EMT/Firefighter (skiing accident)
Proposing Sept. 25th National First Responder Appreciation Day

Steve Hersh
Security Specialist at the LIbrary of Congress -AF Sec Policeman

Steve Jones, First Response Coalition:
Emergency Response Interoperability

First Response Coalition 501(c)3 non profit
Educate the public about first responder needs
Lobbying for public safety issues
Communication and access to data

Interoperability -Ability of first responders to be able to communicate as authorized, real time, across the board (Background)
Not able to communicate in previous incidents showed the problem. Incompatible equipment, frequencies etc...


5 challenges
1. Incompatible aging equipment (for that matter terminology police "10-code") --Just think about how hard it is to change cell providers and keep your phone.
2. Limited +/or fragmented funding and budget (Statewide systems may still buy in at different levels and affect interoperability)
3. Limited +/or or Fragmented planning and coordinator (Governance developed independently so you have patchwork systems.) --How like the SUNY systems many libraries, we're al doing different things but haven't had guidance to further interoperate. (
4. Limited +/or fragmented radio spectrum (frequencies -the schmutz in the sky that enables wireless comm. *smirk* Public Safety doesn't have a dedicated band of the spectrum. They started out in lower bands, have moved to higher frequencies as tech. has advanced. Public safety uses over 10 different bands. On top of increased demand and decreased supply. Interference with cell phones etc. can happen)
5. Limited standards
(Tech is advancing faster than standards and standards aren't moving fast enough to keep up.)


5 elements necessary for interoperability
Common Technology
Governance (Policy, People, Procedures)
SOPs (Formal written guidelines that dictate how ERS are going to communicate when they get together)
Training and Exercises (for the Ps about the SOPs and builds personal connections)
Using interoperable communications

GAO comments
Funding: No strategic plans to guide I/O investments. ($3-Billion since 2002 ineffectively spent)
Planning: No national plan to coordinate the responses across the states.

Standards -until recently, little progress. 15 years of work has resulted in incomplete and ambiguous standards. So more incompatibilities exist (p25 standard) costs more, so fewer radios are bought and interoperation problems persist.
FirstResponse Coalition.org
sjones@firstresponsecoalition.org

---------
Steve Hersh

LOC used some of this last night -chemical spill in photo lab

Business Continuity plan (COOP)
Prepares to maintain the business of the organization during a disaster
Also includes disaster recovery in the form of preservation curators cooperation and planning, they have good information to add to the process.
-what are the odds of disaster?
-to what extent do you want to continue functioning?

Disaster Recovery
Preservation Experts should be consulted for their unique perspective on this part of planning (Recover, contract negotiations etc.)
Traditional Disaster recovery dealt with IT continuity -moving forward

Understand and determine what your essential functions are
-Prioritize, Implement them in disaster from the top down following the list. Know that there will be diminished service

They have plans to continue to support congress from home, West Va. etc. (no. 1 function for LOC)

Do you have an alternate facility that can be occupied? (Not too close to the first one)
Determine order of succession at least three levels deep in your org. to include upper and mid-level management. (Pandemic (social problem) could wipe out 50% of your folks)
Can staff work from home, do they have the access (server?) that they need?
IT may have to relax security requirements to temporarily implement some of these functions. (Vulnerability exchange for operability)

Determine what resources and processes are necessary to implement essential functions
People, what percentage of staff would be available
Cross-training
Facilities -will relocation be needed
Equipment, available for common or unique jobs?
Food, brought in or local dining?
Lodging do staff go home or stay with local accommodations
Money for unknown circumstances and contracts

Consider resources outside the institution
-contractors could be spread thin too
Federal state and local offices may have plans that limit who can come in to work
Public utilities power, water, gas etc
Neighbor cultural institutions tend to partner for these sorts of plans depending on situation
Insurance carriers needs to know what you are doing get them a copy of the plan when you are done

Coordination of the plan
Need upper management support
Midlevel managers Contractors will determine if functions can be implemented
Contractors must sign on to support the institution in case of disaster
Local contacts for emergency responders, fire, police, etc.

Write the plan
Templates are available from FEMA and OPM.
Fluid plan that constantly changes and refreshes
Have al stakeholder review for consistency and inter-functionality
Good communications plan for Upper management, Middle management, Staff & Contract workers

Test the plan
draws out problems inconsistencies
Brings out personnel issues
Identifies resource shortages
Helps stake-holders to understand the process when enacted
Builds confidence in mangers and staff
-start slow talk about it at first, table top exercise, let key players respond to alternative work sites and conduct communications check. Have the entire staff go through a communications notification test

Maintain the plan,
make changes based on testing data
stay up to date with new technical info and apply to the plan as needed
review the plan annually, what if your "business model" has changed?
distribute to all the key players so they have the changes