Review a scenario about a major natural disaster event that has affected your organization's cyber infrastructure and impacted its ability to perform essential functions or critical services. Determine the potential continuity planning that will be required.

The continuity elements that will be covered in this event include continuity communications, continuity facilities, and reconstitution.

Review the following natural disaster event:

Your organization has experienced a major natural disaster such as a hurricane, tornado, earthquake, flood, etc. Your primary facility has been rendered inoperable. Communication systems have been severely damaged, including no mobile phone or Internet service. Initial reports indicate that restoration of communications systems is unpredictable.

Think about how a natural disaster may impact the cyber infrastructure that is needed to support essential functions. Also, think about the impact that this type of incident may have on the organization's ability to continue essential functions or critical services.

The following is additional information pertaining to the major natural disaster event:

• The primary facility and its communication systems have received significant damage.
• The IT staff is working with local and private partners to restore communication capabilities as soon as possible.
• Leadership has decided to activate your organization's continuity plan and relocate to your alternate facility.
• Leadership has requested an employee accountability report as soon as possible.
• Leadership has asked for a plan to restore the organization to normal operations once the crisis has subsided.

Does your organization possess communications capabilities to contact appropriate personnel in the event mobile phones or the internet is not available?

Yes

Good! In the event mobile phones or the internet is down it may be critical to have additional communication methods to reach personnel. Additional options to consider maybe hardwire or satellite telephones.

No

Organizations should consider how they would communicate with employees in the event mobile phone service or the internet was not available for an extensive period. While all organizations capabilities will differ, it is important to consider additional options that are available to communicate with employees if mobile phone and internet service is not available.

Does your organization possess communications requirements, as deemed appropriate at the continuity facility to support the continuation of essential functions?

Yes

Great! Federal Executive Department and Agencies must incorporate requirements identified in FCD-1, and the National Communication Systems Manual 3-10 at their continuity facility to support the performance of essential functions. Non-Federal entities should adopt applicable industry standards as deemed appropriate to support communication capabilities at their continuity facility.

No

Organizations are encouraged to adopt applicable industry standards as deemed appropriate to support communication capabilities at their continuity facility.

Does your organization have an emergency employee notification system?

Yes

Terrific! Establishing an emergency employee notification system is an awesome way to communicate with employees during emergencies. The system can assist leadership in making decisions and possibly provide assistance to employees in need.

No

Organizations are encouraged to consider establishing an emergency notification system. This can assist leadership in determining employees that need assistance and those that are available to continue performing essential functions.

Has your organization performed a risk assessment for cyber threats at the continuity facility?

Yes

Good! Performing a risk assessment for cyber threats at your continuity facility will provide decision makers with information about the various cyber risks to your continuity facility while allowing an opportunity to consider mitigation strategies to reduce risk at the continuity facility.

No

Organizations are encouraged to perform risk assessments of potential cyber threats at your continuity facility. Risk Assessments provide valuable information which allows decision makers an opportunity to consider implementing mitigation strategies to reduce risk at the continuity facility.

Are your employees aware of information technology capabilities to include limitations at your continuity facility?

Yes

Great! Employees should be aware of the information technology capabilities at your continuity facility which may be different than the primary site.

No

Organizations are encouraged to make employees aware of any data storage limitations or procedural changes to perform essential functions at the continuity facility.

Does your organization have a reconstitution manager?

Yes

That's great! Organizations are encouraged to identify a reconstitution manager who will be responsible for overseeing the reconstitution process. It is highly recommended that the reconstitution manager is not the same as the continuity planner. The reconstitution process is intended to ensure the organization resumes operations back at the restored or new primary facility from the continuity facility.

No

Organizations are encouraged to identify a reconstitution manager who will be responsible for overseeing the reconstitution process. It is highly recommended that the reconstitution manager is not the same as the continuity planner. The reconstitution process is intended to ensure the organization resumes operations back at the restored or new primary facility from the continuity facility.

Has the organization developed a plan or procedures to verify that all systems, communications, and other required capabilities are available and operational at the new or restored facility?

Yes

Excellent! Organizations are encouraged to develop plans and procedures to verify all systems, communications and other capabilities necessary to support essential functions are in place prior to relocating to the new or restored facility.

No

Organizations are encouraged to develop plans and procedures to verify all systems, communications and other capabilities necessary to support essential functions are in place prior to relocating to the new or restored facility.

Has the organization developed a plan or procedures to report the status of the relocation to the new or restored facility as deemed appropriate?

Yes

Awesome! Organizations are encouraged to develop a plan or procedures to report the status of the relocation to the new or restored facility. In addition, as deemed appropriate, organizations may consider implementing a phased approach when relocating to a new or restored facility.

No

Organizations are encouraged to develop a plan to report the status and relocation to the new or restored facility. Establishing plans and procedures to report the status of relocating to the new or restored facility will assist the organization in communicating with employees in regard to when and where to report during a continuity event.

Who should the reconstitution manager work with to assist in resuming normal agency operations from the continuity facility to the original or new primary operating facility?

Expert feedback:

• State, Federal, and local officials
• Facilities management
• Human resources
• IT
• Finance
• Procurement and acquisition
• Legal

At this point you should be able to determine the potential continuity planning that will be required for the continuity element continuity communications during a major natural disaster.

Remember:

• Communications capabilities to account for personnel and support essential functions includes identification of requirements for both primary and alternate facilities.
• Federal D/As must incorporate requirements identified in FCD 1, National Communications Security Directive (NCSD) 3-10, and the NCS Manual 3-10 to support the continuation of essential functions.
• Non-Federal entities should adopt applicable industry standards to support essential functions.
• Organizations should establish redundant and alternate communication capabilities and frequently test, train and exercise those capabilities.

At this point you should be able to determine the potential continuity planning that will be required for the continuity element continuity facilities during a major natural disaster.

Remember:

• Risk assessment conducted for continuity facility included the identification of threats from cyber intrusions.
• Annual evaluation of the facility is conducted and includes:
• Virtual office options or telework
• Assessment of computer equipment, software, and other automated data-processing equipment
• Considerations for health, safety, and security of employees
• Reliable logistical support, services, and infrastructure systems
• Secure and interoperable communications systems
• Facilities replicate essential capabilities by providing systems and configurations that are used in daily activities.

At this point you should be able to determine the potential continuity planning that will be required for the continuity element reconstitution during a major natural disaster.

Remember:

A reconstitution plan should identify and prioritize restoration of systems that support all organizational functions. The plan should identify the reconstitution manager and members of the reconstitution team.

In addition, the plan should include procedures for keeping all personnel informed of the status of the reconstitution efforts.

Keep in mind, reconstitution of normal operations may be transitioned from the alternate facility to the primary facility in reverse order of priority. Some organizations may choose to have essential functions transferred back to the primary facility last to assure a seamless transition.

This lesson discussed the following continuity elements continuity communications, continuity facilities, and reconstitution. The scenario described a major natural disaster that has impacted cyber infrastructure resulting in severely degraded communications and your primary facility becoming unavailable. The purpose of this lesson is to help organizations identify their current capabilities to communicate during severely degraded communications while discussing options available at the continuity facility and reconstitution process.