Incident Management Plan

This plan details how the incident will be managed from occurrence to back-to-normal operation and provides information about the structure of the Incident Management Team, the criteria for invoking Business Continuity, the management of the incident, resource requirements, any necessary staff movements and critical processes.

PAS 77 suggests that a tiered incident management structure be established that is in line with that used by both public and private sector companies. 352HFigure 11 shows how this three-tiered structure is implemented in the UK.

In outline the IMP should contain:

• Background
• Scope and purpose of document
• Relationship to other plans
• Definition of the Incident Response structure
• Handover from the Emergency Response Team
• Procedure for assessing the situation
• Roles and responsibilities of the Incident Management Team. Only incident roles should be used throughout the document – not names
• Incident Room location and details for accessing it
• Location of an alternate Incident Room
• Invocation criteria
• Invocation procedure including rendezvous points and responsible persons
• Procedure for setting up and managing the Incident Room (this should include a list of the required equipment, procedures and responsibilities for setting up PCs, telephones, teleconferencing or video-conferencing facilities, the layout of the room, location of a quiet room, details about catering arrangements, shift lengths, telephone numbers and so on.) If the room is normally a meeting room it is sometimes beneficial to prepare a notice for the door, stating that in the case of an incident the room must be vacated immediately
• Action plans for implementing the Business Continuity response – it is helpful if these are included as a checklist and have a box for ticking that the action has been completed. Sometimes it is useful if action checklists are written for each member of the team separately so they can be printed and handed to each individual
• Recovery Profiles – these detail the critical activities to be recovered, the number of staff involved and their alternate location. The critical resource requirements for each critical activity will also be detailed and the timescale in which they are required
• Resumption Process – this details how the organisation can resume normal operations following recovery of the critical processes. This may be a separate document or the organisation can decide how to manage this at the time once the critical processes are operational and the organisation has stabilised
• Details of equipment storage
• Maps and directions to all locations mentioned in the Plan
• Site access plans
• Claims management procedure
• Charts, plans (e.g. floor plans), photographs and other information which might be useful
• Contact information. This section can include the names of the staff in each role and should also include at least one deputy.
  • Senior Management Team (gold)
  • Incident Management Team (silver)
  • Bronze Team Leaders (all departments within the organisation)
  • External suppliers
  • Internal contacts
  • Regulatory bodies
  • Useful local information (e.g. hospital, doctors, plumbers, electrician, local council)
  • Neighbours
  • Stakeholders
• Communications Matrix
• Incident Log
• Incident Management stand-down procedures
  • Decision to stand down
  • Who to communicate with
  • Filing of paperwork
  • Post incident report