If the recent pandemic has taught government organizations anything, it’s that resiliency and crisis management always need to be top of mind.
In many ways, the pandemic shows how not having a holistic agency approach to crisis response is like searching for a light switch in a suddenly darkened room. Without a well-defined and effective continuity of operations, or COOP, plan, agencies are left fumbling in the dark for every unexpected emergency.
Government agencies face a series of challenges when establishing or revamping their COOP preparations, such as compliance models and internal pushback. For example, a lack of time and resources is a commonly cited reason for agencies not properly completing essential tasks such as testing existing COOP plans. Government organizations are also struggling with the ability to keep COOP plans relevant in a dynamic world, while balancing compliance requirements and resource constraints.
An effective COOP plan should address a complex threat environment. In addition to digital assets, COOP planning should focus on the following six best practices:
1. First, agencies should protect the physical security of workers and property that could be threatened by a pandemic, natural or manmade event, such as flooding or power outages.
2. Second, government organizations need to consider the policy and compliance risks that can result from employees inadvertently or deliberately failing to follow directives. They should especially pay attention to the Federal Acquisition Regulation and Federal Information Systems Management Act at the federal level, as well as their counterparts in state and local governments.
3. Third, agencies can’t forget to include automation as an effective tool to help smooth over COOP planning and perform the rote tasks team members don’t need to perform.
4. Fourth, COOP plans’ policy statements, procedures, testing and analyses of potential disruptions should coincide with agency priorities, and be easily updated as those priorities change.
The plans should also adhere to security guidance such as the National Institute of Standards and Technology’s SP 800-34 and the Homeland Security Department’s National Incident Management System framework
5. Fifth, coordination across agencies and departments is also essential to a swift response in any emergency. Centralizing oversight of both crisis management and disaster recovery in COOP plans ensures consistency throughout an agency while allowing for greater collaboration.
Agencies should coordinate with third parties such as vendors, or other federal or state agencies. And don’t forget fire departments, first responders and medical providers.
6. Finally, emergency communications systems are an important factor here as well. Integrated, IP-enabled messaging and alert systems with automated, web and remote activation capabilities can ensure communications stay up, giving responders quick access to recovery strategies and operational procedures.
In a dynamic threat environment, plans need to be tested and updated regularly. The process for improving a plan must also be built into the plan itself, which requires commitment from the agency. Taking these steps ensures an effective, resilient COOP plan that’s supported throughout an enterprise and ready for what’s next.
This article is an excerpt from GovLoop Academy’s recent course, “6 Tips for Responding to Crisis,” created in partnership with Four Points Technology, BlackBerry and RSA. Access the full course here.