Response strategies
Identifying response strategies
Response strategies for significant business disruptions are:
• developed on the ‘worst case scenario’ using the All Hazards approach*
• options that best suit the circumstances for re-establishing and
maintaining essential business activities
• action-oriented and flexible to respond to varying disruptive events
• operational within the Maximum Acceptable Outage** (MAO) period
• scaled as required to continue minimum service delivery.
All Hazards*
effect
No access to
buildings or
infrastructure
Response strategies
Relocate to an
alternate site
outside the
emergency location
Work from
externally stored
files
No access
to ICT
Reduced
access
to staff
Work from systems
available elsewhere
Use alternative
communication
vehicles
• State schools
• Central or regional offices
• Virtual office set-up
• Hot site
NO connection to
• Other government premises
DETE network
• Work remotely from home
• ‘Off-line’ from back-up copies or tapes
• USB or portable external hard drives
• Manual processing based on hardcopy documents
• Home computer or tablet
Connection to
DETE network
•
•
State schools
Central or regional offices
•
Record message for incoming calls advising outage
and contact details or redirect telephones to
active phone lines
Use private email account or telephone
Provide shopfront or emergency call centre
•
•
• Outsource ICT services
•
Cross training staff
•
Import staff from
area outside the
emergency location
•
•
•
Back-up staff and succession planning
Skills sharing within activity
Within central or regional offices
Other government premises
Outsourced from private suppliers
* See All Hazards approach factsheet for more information
** See Maximum Acceptable Outage factsheet to calculate MAO
Page 1
Uncontrolled copy – Refer to the Department of Education, Training and Employment
Policy and Procedure Register at http://ppr.det.qld.gov.au for the most current version.
Response strategies
Continuity response example actions
• Relocate to alternative (backup) site or alternative ICT infrastructure
• Salvage/transfer critical equipment or materials
• Access back-up tapes and establish temporary server for data integrity and safety
• Implement staff SMS messaging and phone tree communication strategies
• Divert phones to active telephone lines
• Workarounds, alternative work methods (e.g., work from home, Virtual Desktop)
• Redeploy available staff to priority work or access extra human resources
• Manage recovery staff fatigue issues
• Contact details for staff and key stakeholders on iPhone or memory stick
• Temporary delegations of authorities
• Temporarily reduce or suspend non-critical activities or transfer the activity
• Hard copy processing and temporary manual systems
• Additional Corporate Cards and creditor accounts or cash to assist in purchasing
• Contingent agreements with current suppliers or customers
Recovery response example actions
• Replace damaged facilities or resources (e.g., office furniture, computers)
• Return to normal sites or relocate staff to alternative accommodation
• Record assets
• Reorganise staff, responsibilities and reporting lines
• Ensure continued staff support
• Restore damaged systems and prioritise restoration of damaged documents or
electronic media
• Implement strategies to manage backlog of data entry
• Liaise with HR to employ extra staff to clear backlogs
• Process insurance claims
• Reconcile hard copy processing
• Reconcile and recover payments
• Reimburse expenditure incurred for responses
• Respond to outstanding queries
Page 2
Uncontrolled copy – Refer to the Department of Education, Training and Employment
Policy and Procedure Register at http://ppr.det.qld.gov.au for the most current version.
Response strategies
Selecting appropriate response options
Actions to resume or maintain critical business activities should guide what
needs to be done and the resources required. Evaluating and selecting the
most appropriate response option to continue the critical business activity is
based on the following seven considerations:
1. Time to
implement
Can the option meet the Maximum Acceptable Outage**
(MAO) timeframe?
2. Resource
Are there sufficient resources available for this option?
requirements
 Resources are provided from the business area budget
3. Cost to
implement
Is the option cost effective?
4. Operational
viability
Is the option practical to implement?
 Economical to implement
 Easy to action
 Allows for privacy or confidentiality considerations
What needs to be done prior to putting the option into place?
5. Preparation
needs
 Reduce or cease non-critical activities
 Salvage or transfer critical equipment or materials
 Organise alternate ICT and data
 Prepare workarounds or alternative work practices
 Redeploy staff or organise extra human resources
 Activate temporary supplier or customer agreements
 Update delegations of authority.
What needs to be done to transition back to business as usual?
6. Recovery
demands
7. Customer
impact
Page 3
 Select recovery team and assign responsibilities
 Organise long-term alternate accommodation and equipment
 Relocate staff, reorganise teams and reporting lines, employ extra
staff to clear backlogs
 Restore damaged systems, documents or electronic media
 Reconcile manual transactions and process claims.
How are customers affected by the continuity responses?
 Inconvenient workaround
 Loss of service or customer confidence
Uncontrolled copy – Refer to the Department of Education, Training and Employment
Policy and Procedure Register at http://ppr.det.qld.gov.au for the most current version.