You are on page 1of 109

Probation

Circular

BUSINESS CONTINUITY PLAN REFERENCE NO:


PURPOSE 46/2005
To request Probation Areas to provide an update on the state of readiness in
the event of any emergency. ISSUE DATE:
23 June 2005
ACTION
Chief Officers to complete attached feedback to confirm the state of IMPLEMENTATION DATE:
readiness in the event of emergency. Completed feedback to be returned by Immediate
29 July 2005.
EXPIRY DATE:
SUMMARY June 2010
The Business Continuity and Contingency Management is an ongoing
process which must provide confidence that your organisation could continue TO:
to deliver its business objectives in all unexpected circumstances. A Chairs of Probation Boards
Business Continuity Plan (BCP) is about understanding your business and Chief Officers of Probation
establishing what is vital/critical for its survival. Your BCP must focus on your Secretaries of Probation Boards
key objectives.
CC:
A Probation Area has many dependencies, both internally and externally that
Board Treasurers
support its process and functions such as providers, customers, other
Regional Managers
stakeholders, IT systems, Estates. All these must be identified in the plan.
All these stakeholders provide services that have clearly been defined in their
contracts or through legislation. The plan should identify the contacts for all AUTHORISED BY:
parties who you will want to respond and help you deal with the situation. Roger McGarva,
Head of Regions and
The attached information is designed to: Performance Management
• Prompt you to review your existing plans by flagging up areas you need
to consider. ATTACHED:
• Allow you to assess and feedback to NPD your state of readiness in an 1. Appendix A – Guidance note
emergency. on BCP and feedback form
• Provide an example of a good BCP document which your Area might 2. Appendix B – General issues
wish to adopt if you have not written one. to consider when formulating
BCP
RELEVANT PREVIOUS PROBATION CIRCULARS 3. Appendix C – BCP advice for
businesses with over 250
N/A
employees
4. Appendix D – Example of a
CONTACT FOR ENQUIRIES BCP Document from West
Ayodele Kayode (Corporate Risk Manager) Room 333, Horseferry House Yorkshire PB
020 7217 8395
Ayodele.Kayode@homeoffice.gsi.gov.uk

National Probation Directorate


Horseferry House, Dean Ryle Street, London, SW1P 2AW
Formulating your Business Continuity Plan

1. The issue of Estate:

Many issues have been raised on this particular subject matter. It is important to point out that the responsibility
for making adequate alternative arrangements in the event of any emergency situation or on issues of Health and
Safety is that of the Probation Areas.

After ensuring the Safety of all your personnel and visitors inform the help desk of your Facilities Management
Contractor. Where a closure of a significant portion of a building is involved also inform the NOMS Property
Regional Property manager or Regional Facilities Manager.

NOMS Property are responsible for the reinstatement of any works and will provide short leasehold facilities in
the case of a protracted closure.

2. The issue of IT:

The loss of the Probation Area Data Centre even in the short term can have a significant impact on the Probation
Area’s ability to carry out critical business affairs, where as the long term loss of a small office may be a minor
inconvenience. Currently the responsibility for maintenance of the BCP in terms of Information Systems rests
with the Probation Area. To assist in defining the IT service requirements in support of the Probation Service’s
Business Continuity Plans, it is necessary to identify:

A. The events that will invoke the BCP and the potential impacts upon the Probation Area business

B. The likely duration of the event and its aftermath. Is the duration likely to be hours, days, weeks or months?

C. The priority for re-establishing critical IT services. Which are the most critical services required by the
affected offices? What automated functions can be performed manually and over what duration?

With this information to hand the Centre (NPD) will be better able to assess the provision of support requirements
during adverse events.

3. Support Arrangements:

Consider having arrangements with neighbouring Probation Areas, NPD or other Home Office Organisations in
your Area in advance on various issues, so that support can be provided in the event of any emergency.

PC46/2005 – Business Continuity Plan 2


APPENDIX A
The information below is designed to:-

1. Give the Business Continuity Planning Team (BCPT) some key information about your
Area/ Unit including good practice.

2. Prompt you to review existing plans by flagging up areas you need to consider.

3. Allow you to assess and feedback to your Boards and NPD, your state of readiness in an
emergency.

Pages 1 and 2 details the prompts for your consideration.

Only Pages 3, 4 and 5, are to be returned to the NPD by 29 July 2005

Appendix B on pages 6, 7 and 8 describe other issues of interest on drafting Business Continuity
Plan.

The completion of this short exercise should not be time consuming, although, depending on
your state of readiness, further future work may be required.

1. Prompts – areas you need to review, consider further and action as needed.
(The overall planning assumption is a non- specific disruption lasting beyond a few days/one week.
Your consideration is to plan to minimise this and keep your business going. The prompts below
need to be considered alongside your responses on Page 3 and 4, particularly the appropriate action
for each key activity within your unit).

CONSIDER THE FOLLOWING KEY ISSUES:-

1.1 The organisations, both internal and external, which depend upon your services.
(Examples: Courts, NPD, Offender Management, voluntary organisations, local authorities)

1.2 The organisations, internal and external, you depend on. (Examples: NPD, Courts, RDS, Treasury, banks)

1.3 The information and systems, you rely on to deliver the activities listed on Page 3.

1.4 The individuals or groups of staff with specialist skills that you are dependent upon and cannot be readily
replaced

1.5 Whether your plans include contingency for the loss of your normal accommodation

1.6 Whether your plan includes contingency for the loss of staff.

1.7 Whether your plan includes contingency for the loss of your normal IT.

1.8 Whether your plan has considered electronic communication, in its widest sense, where physical

BCP - 2005 – Business Continuity Arrangement 1


accommodation is not available to you.

1.9 How long you can operate with a contingency plan covering the points in 1.1- 1.7, and whether you could
indefinitely operate with this plan or at what point you would need full restoration of normal resources.

1.10 How you would continue to communicate if your normal means of communication was interrupted

1.11 How you would contact staff in the event that they are not able to work from their normal location?
(including arrangements for short term –up to one week- transport problems etc).

1.12 Where will your staff work if your accommodation is not available? (e.g. home, remote access laptop,
business partner's accommodation).

PLEASE COMPLETE BELOW INFORMATION AND RETURN BY 29 JULY 2005 TO:

Ayodele A Kayode – Corporate Risk Manager


National Probation Directorate
Room 333, Horseferry House
Dean Ryle Street
London
SW1P 2AW
Tel - 020 7217 8395
E-mail address - ayodele.kayode@homeoffice.gsi.gov.uk

BCP - 2005 – Business Continuity Arrangement 2


PLEASE RETURN BELOW INFORMATION TO NPD
Probation Area:

No of staff:

No of
locations/buildings
occupied:

Name of officer
completing business
continuity update,
contact number

2. – Status information

2.1 List the key activities of your Area/Unit (both internal and external).

Activity DESCRIPTION
Number
1.
2.
3.
4.
5.
6.

YES NO
2.2 Have you a remote location to store copies of critical documents, stationery/forms etc either
in hard print copy, floppy disk or CD-ROM?

2.3 Have you prepared a contact list forr?


• Staff
• Internal/NPD
• External
2.4 Have you identified essential equipment or supplies and made plans for procurement/access
if you are relocated or use alternative working arrangements to continue business?

2.5 Could your Areas operate if key officers have IT at home?

2.6 Does your staff know about how you will continue business after a disaster?

2.7 Do you have arrangements in place to provide an accurate and comprehensive list of staff
accounted for, and those missing, in the event of a disaster?
2.8 Do your staff have a copy of the plan

2.9 Do key members of your management team have a copy of the plan and contact details kept
at home?

BCP - 2005 – Business Continuity Arrangement 3


YES NO

2.10 Have you tested or exercised your plan?


When?

2.11 How frequently do you check the details of your plan?

2.12 When was the plan last reviewed?

State of readiness assessment and details of good practice

Having considered the prompts and the status information on above pages, please assess your current state of readiness
to respond to an emergency.

Please tick in the final column of the table below your assessment against current readiness.

Rating DESCRIPTION OF READINESS Current readiness


(please tick )
1 Well-developed plans with little or no further work required.

2 Sound overall plans but some detailed arrangements to be developed

3 Outline plans only and details to be developed.

4 Arrangements not adequate/lack of plans –work required.

Please provide below any examples of good practice, which might be of interest to others.

BCP - 2005 – Business Continuity Arrangement 4


Question to test the criticality of IT and Accommodation

Given you had to invoke your BC plan now in the following circumstances:-

• Your usual workplace in is not available for some time.

• IT infrastructure is out of action for seven days, including remotely . (This is a planning assumption to help you think
about your critical applications.

• Using what you currently have available from outside your normal workplace, including any pre-planned relocation
sites, working from home arrangements, - after seven days- , standalone laptops, home PCs etc.

How long could you deploy your alternate BC arrangements and maintain an acceptable minimum level of
business delivery?

Less than 2 days

For at least 2 days

For at least one week

For at least 2 weeks

For at least 4 weeks

For at least 2months

For at least 3 months

For at least 6 months

Longer than 6 months

If you have indicated that alternative arrangements could be deployed for a week at most, i.e. you need full
restoration of business by the second week or earlier, please list the critical IT applications needed.

BCP - 2005 – Business Continuity Arrangement 5


APPENDIX B: GENERAL ISSUES TO CONSIDER WHEN FORMULATING BC PLAN
General issues to consider
Introduction/ Provide an outline of your business and the key priorities (not more than Consider the different areas of your business and their locations
Overview one side of A4.………………………. and whether they need separate BC plans
Objectives List your objectives:- Consider/decide your objectives in the event of a major incident.
For example:
1. ……………………….. • to protect staff and prevent further casualties
2. ………..
3. ……… • to ensure key business areas are given priority for recovery,
4. ……. (consider any known ongoing priorities which require
additional consideration/attention and reflect this throughout
this plan)

• to set in train business recovery effort as soon as possible,

• to ensure statutory duties continue to be met,

• to keep others, external and internal informed about the


situation
Planning Assumptions List your planning assumptions:- Do NOT assume accommodation, IT or all your staff will be
1. .. available.
2. ..
3. ..
Invocation/ Activation Explain in what circumstances you will invoke the plan and how. For example where it seems that your normal office
accommodation/IT is not accessible/out of action for more than 24
hours. Decide who has the authority to activate the plan. Normally
Head Of Unit or deputies.

Leadership/Roles/ List those who are authorised to activate;- Consider who would lead your crisis management/business
Responsibilities recovery team, what responsibilities the team will have, and who
• would be in the immediate team.

Make sure you also have their emergency phone numbers
List positions and names of crisis management team :-
Leader, Deputies etc

Relocation options List relocation arrangements- with addresses/maps as needed Consider your range of options, alternative accommodation,
BCP - 2005 – Business Continuity Arrangement 6
twinning with others, working from home etc. Confirm outline
arrangements with those involved. DO NOT assume that
accommodation or IT will be available.

Muster Point Record Muster Point location address and any named contact at that Consider in the possible event of an incident precluding you from
address meeting at your normal place of work, a muster point, known to
all, where you can meet to discuss/decide next steps prior to any
activation of your plans.

Authorities Identify who will have authority to approve procurement, expenditure, Consider what activities will need to be covered in this way if
payments, issue licences or warrants. those currently with the formal authority or powers are not
available. This may need some work in getting prior agreement if
the authority is based in statute, and cannot be left until a disaster
occurs. Some staff so identified might well need some briefing or
training if they are going to be able to perform in this fashion.
Warrants and other specific forms might also need to be provided.
Are any stamps, seals or other items needed?

Essential IT needs List details of arrangements:- Consider what IT you need and could use from your relocation
sites. This could include use of official laptops and home
computers. Make arrangements to provide and fund any essential
IT needed. Liaise with Probation ICT as needed. Do NOT assume
that accommodation or IT will be available.

List who should have access to RAS and detail any swap over Consider whether any existing IT, RAS and standalone laptops
arrangements of RAS laptops. Arrange training for any additional users should be re-distributed within the unit to support crisis
via IMTU. management /business recovery.

Essential Data needs List what it is and where you can get it from if normal access is not Consider arrangements to back up important data, and store off -
possible: site/at home/elsewhere, including frequency of doing this. Make

BCP - 2005 – Business Continuity Arrangement 7


arrangements to put this in place. This needs to be thought out in
List details of arrangements, where stored, by whom and frequency of consultation with staff. You will need to consider whether to use
updating: hard copy, disks or both. Similarly back-up contact lists need to be
held in a safe remote location.
Essential business List arrangements, what you need and where it will be kept. Consider other non-IT equipment/stationery/stores.
needs and key Identify essential documentation that you will need access to and where Consider what is needed and whether to procure/store in advance
documentation you will keep it. or have procurement arrangements planned to allow urgent
Detail any procurement contacts and arrangements. activation as needed.

Key skills Set out how you would arrange succession or augmentation. Consider key skills and/or experience that you require if staff are
unavailable and how to acquire in an emergency.
Communication/ Record details of how you will inform your team initially and maintain their Consider how you will ensure that everyone will know their role in
Review arrangements awareness, including arrangements to induct new people. the plan, including what they will do in an emergency, whom they
will contact, who will contact them. Consider how you will inform
List names of people holding copies of plan and where plans kept. new people joining your unit. Keep plans up to date and review
regularly. Consider on a need to know basis who should hold
List review arrangements, frequency and who will take responsibility to copies of the plan (these should be kept off site/at home). Ensure
instigate review/update plan if circumstances require change to plan. that everyone has a chance to read the plan and understand
where they fit in.

Testing arrangements List details of your testing programme, date held, those involved and Consider how to test your plan. Draw up a testing programme
lessons learned involving elements of the plan (for example test contact phone
numbers and check that both key staff and others know the part
they play) Consider a desk top exercise to provide you with
assurance that the plan is understood and can be successfully
invoked when needed.

Key Contacts List key contacts, to include office, home, mobile phone numbers, pagers Draw up a list of key contacts to support your plan.
and home E-mail addresses. You may wish to produce one list
incorporating the additional details from the senior management list.
(Note- That this should only be seen and information retained on a need
to know basis for key players. Information is only to be used in a major
incident and should be classified as "Restricted".)

BCP - 2005 – Business Continuity Arrangement 8


PC46/2005 – Business Continuity Plan – Appendix C
Business Continuity Planning Advice for Businesses with over 250 employees

Where to begin?

You can compose an effectual business continuity plan in a relatively short period and
for little expenditure.

This is a five-step guide to help businesses


commence business continuity planning.

The steps are:

1. Analyse your business

2. Assess the risks

3. Develop your strategy

4. Develop your plan

5. Rehearse your plan

STEP 1 - Analyse Your Business


This step, also known as business impact analysis, determines which areas of the Probation
Area’s activities are crucial to running the business.

Business impact analysis enables an organisation to focus its risk assessment on the mission
critical activities of the organisation rather than conducting a traditional all risks analysis.

The key to analysing a business is understanding its:

A. Mission critical activities

B. Internal factors

C. Singular problems to unique activities

D. External influences

A. Mission Critical Activities

To assess mission critical activities consider which operations are crucial to the running of
your business.

1
Grade the following essentials to the running of your business on a scale of I to 5:

What is essential to the running of the Probation Area’s Business? Grades on a scale 1 to 5
• Employees?
• Products?
• Services you provide
• Major Client(s)?
• Main Suppliers?
• Specialist Equipments?
• Unique Premises?
• Time Sensitive processes?
• Partners/Stakeholders?

B. Internal factors

Consider the factors which influence the impact of an incident on your business. Try to
establish where your business is at it’s most vulnerable if an incident occurs.

Consider the following:

• Staff • Customers • Suppliers


• Systems & processes • Partnerships • Buildings
• Stakeholders • Timescales

Sample list of questions for you to consider:

Some questions to consider with regards to your staff Answer


Grade departmental importance — which department is most/least vital?
When is the departmental function most essential?
Which people are most essential and when? Consider different
timescales of a few hours, 24 hours, 5 days etc.
Do you have contact details at another location for all your staff and key
employees? Are the up-to-date?
Do you have a plan of who needs to do what in case of an incident?
Do you have a crisis team?
Have you nominated deputies for the members of the crisis team in case
they are not available?

2
What if scenarios:

Grade on a What if scenarios: Define: Suggest preventive action


scale of 1 to 5
If you could not deliver a programme to
your stakeholder?
If your staff could not get to work?
If your partners or stakeholders could
not get access to your premises?
If your IT system was damaged?
If your specialist equipment was
damaged?
If your telecoms were down?
If a key partner fell ill?
If you could not get access to your
building?
If you could not operate from your
location?
If you or any key worker became ill over
a long period of time?
If you are unable to pay your suppliers?
Think of reputation, not only the short
term

Worst case scenarios

What is the worst-case scenario for Define: Suggest preventative action:


your organisation?
How long before your service would be
severely affected:
hours
days
months
Would it survive the disruption?

Do you have insurance against this


eventuality?
Do you have copies of insurance
papers off-site?

3
What is the worst-case scenario for Define: Suggest preventative action:
your organisation?
How much can you afford to lose if
unable to run your service for
days
weeks
months
What do you need to do to stay
operational?
Do all heads of departments agree that
this is the worst-case scenario?

C. Singular problems to unique activities

An activity may be unique to your business or have a unique aspect due to its complexity.
You may have to take some time to consider probable resolutions and any implications.

D. External influences

What external factors are likely to affect your business during a crisis?

Aspect affecting you The way it’s affecting you: Preventative Action
Local community Mixed opinion about your services Community project/local help
Your competitors Do they have a BCP? How did the Research
deal with things?
Government New legislation Need to comply?
Transport Cancelled public transport Have a list of employees with their
own transport. Organise shuttle bus;
organise accommodation etc.
War in a different country Reduced customer confidence Have money in reserve for special
affecting imports/exports advertising campaign etc.

4
Step 2 - Assess the Risks
Before proceeding to this stage, ensure a senior member of staff/board member agrees with
the business impact analysis. This stage should involve a senior member of staff and
co-coordinators.

Risk assessment identifies:

A. Internal and external threats, liabilities and exposure, including risk concentrations that
could cause the disruption, interruption or loss to an organisation’s mission critical
activities.

Grade 1 - 5 What if Questions: Grade 1 - 5


Most/least prepared least/most likely
Does your plan work if the power fails?
Does it work when there is a fire?
Does it work if you cannot gain access to the premises?
What if your customers/ suppliers cannot contact you?
What if your suppliers cannot get to you due to floods/ cordons?
What if your suppliers cannot get to you due to their problem —
do you have alternative suppliers as a back up?
What if your customers cannot pay you?
What if your employees cannot get to work for a few days in a
row?
Does your plan cover criminal damage? Are you insured?

B. The likelihood of an incident occurring: is there a concentration of risk for a particular


area/task?

Examples of risk concentration scenarios: Yes/No If yes, preventative action;

Do you have a lot of expensive equipment in one room? Extra Security

Do you have a lot of crucial machinery in one area of Extra safety devices/alarms/ security
the building?

C How vulnerable an organisation is to the various types of incident - Examples of


possibilities to think about in terms of how different elements of your business will be
affected in case an incident occurs:

How will your service users be affected?


If there are delays in delivering the services?
If you cannot contact them? Will they switch over to our
competitors?
If it’s an organisational-related incident, will this damage your
reputation? Do you have a planned PR response?

5
Have you reassured them that you have a business
continuity plan in place? Is your PR department aware of its
content?
How will other stakeholders be affected?
Staff - have you assured them that you have a business
continuity plan in place and that their jobs will be secure in
case of an incident?
Are your staffs aware of the role they have to Ia in case of an
incident?
Suppliers - have you assured them that you have a business
continuity plan in place and that you will be able to pay them
on time in case an incident occurs?
Shareholders?
Local community?
Business neighbours?

If you share your premises with other companies in the


building
Have you thought about working with your neighbours to
create a joint business continuity plan?
What’s the nature of their business?
What will happen if you are denied access to the building
due to another corn an ‘s accident?
Can you do anything to mitigate the risk from another’s
business?
Does our landlord have a BCP?
Is your landlord complying with their responsibilities under
law?
How will your financial systems be affected?
Do you have financial company details off-site? Back ups of
recent transactions?
Do you have an extra copy of your chequebook?
Will you be able to pay your staff!/suppliers?
Other issues to consider
Will you be able to get hold of your vital papers — do you
have copy details of your insurance cover off-site?
Do you keep staff trees/ lists off- site?

D. A basis to establish a risk appetite and risk management control programme and action
plan.

Establish how long your business can bear functioning at reduced capacity and what level
that is.

What needs to be done to make sure it can function at minimum capacity?


6
Define your risk strategy.

Remember that you can’t prepare yourself against all types of incidents, however much
you spend, but here is a selection of approaches you could take:

• Accept the risks — change nothing, e.g. close the office down for while and have a
disaster recovery plan in place to sweep up the damage and get your service fully
operational after some time has passed after an incident.

• Accept the risks, but make a mutual arrangement with another Probation Area to
ensure that you have help after an incident. It is common that for business continuity
purposes they become a ‘buddy’.

• Attempt to reduce the risks, e.g. by for instance changing or ending ‘risky’ processes or
by taking out insurance. Although do note that insurance provides financial
recompense and support in the event of loss, but does not provide protection for brand
and reputation.

• Attempt to reduce the risks and make arrangements for help after an incident

• Reduce all risks to the point where you should not need outside help, e.g. through
implementing broad continuity management principles in case of an incident.

E. Worst event scenarios - What is the worst that could happen?

What are the worst likely things for your organisation and how likely are they to happen? If
you are prepared for the worst, then you can deal with incidents of lesser scale. This will
also help you put in perspective how to insure your business, how to develop your
contingency plans and how to put preventative measures in place.

Consider: Answer:
What is the likelihood of this happening?
Does our plan cope with it?
What can you do to prevent it?
How much can you afford to lose if unable to run our
service for
Days
Weeks
Months

F. What functions and people are essential, and when.

Consider which departments, divisions and members of staff are essential to running the
service. Experienced and multi - skilled members of staff can be a vital resource, are you
aware of everyone’s skills, experience and knowledge?

What functions need to be covered during an emergency and thereafter? Are there any time
sensitive operations or specialist procedures that need to be performed? Ensure that you
consult with department heads and at ‘ground level’ to get a comprehensive analysis.
7
Step 3 - Develop Your Strategy
From the beginning of creating the business continuity plan, aim to embed a business
continuity management culture throughout the organisation to ensure that business
continuity management becomes an integral part of organisation’s strategic day-to-day
business as usual operational management. Achieve this by winning over middle
management and building awareness that BCM is a company-wide specialisation, not just an
IT function.

As a guide each business continuity plan should aim to contain the following:

a) Statement of clear purpose of the plan -

• The plan should outline the direction to take in the event of an incident.

• It should include a clear statement on how risk averse you are and you may want to
include a statement on what your definition of a disaster is, for example: “any
unwanted significant incident which threatens personnel, buildings, or the operational
structure of an organisation which requires special measures to be taken to restore
things back to normal”, definition taken from part 2, ‘How Resilient is Your Business to
Disaster ~ Home Office publication, 1997.

To instill confidence amongst employees, it is vital that the plan is viable and will have
the involvement and support of senior management.

b) The structure of the crisis team(s) -

• It must be clear when emergency plans are to be implemented and who has the
authority to implement them.

• The plan should include all persons responsible for initiating the plan’s implementation,
both junior and senior.

• It must be clear who is responsible for what in the plan’s execution and who has the
key roles.

• It must also be clear to whom everyone answers.

The team could be divided as follows: Gold, Silver and Bronze personnel, and might include
the likes of a chairperson, security, HR, media relations, transport, and finance and facilities

If you have nominated a team to create, co-ordinate and deliver the plan, it might be helpful to
divide the personnel involved in the plan into three different categories:
• Gold — the thinkers responsible for the strategy, such as the CEO.

• Silver — the planners and co-ordinators who will deal with the tactical aspects of the plan.
These will include a senior management team of experts within your business. They are
involved in your BCM approach and specific planning and responsible for co-ordinating
and directing the resources of the business to ensure that the plans are properly
implemented. Silver people will link with Gold and keep them updated on the developing
situation.

• Bronze — the doers who will be responsible for recovering/restarting crucial business
functions. They are responsible for ensuring that their specific business continuity plans
8
are implemented. They take direction from the Silver people and keep them updated.

• You may decide that you will need a set of plans for each of the Gold, Silver and
Bronze teams, or a set of different plans for different Bronze teams, such as a separate
IT department plan, which will, for instance, include more technical jargon and specific
data.

In your contingency planning, make sure that all levels of staff involved in business recovery
understand the nature of threats and the importance of planning. Allocate a list of suitable
locations where your Business Continuity team should meet, if an incident occurs. This should
consist of a room on-site, a place in a public building, e.g. a local pub, someone’s house or a
meeting room at your alternative fall-back site.

If an incident occurs, meet with everyone from the Business Continuity team as soon as you
can, probably after the first planned emergency procedures have been implemented, and
then continue meeting every 24 or 48 hours.

c) Business Recovery

Develop practices and procedures needed to mitigate risk and reputation if service operations
have been affected. It includes the priority tasks that must be addressed if the service has to
relocate and needs to communicate with clients and other service providers during the period
of disruption.

It is essential that such lists are updated regularly, at least quarterly, and preferably monthly,
and they must recognise the likely availability of staff ‘out of hours’ and weekends and during
holiday periods.

The members of the ‘crisis team’ should be supplied with a simple check list of the actions
they must take during and after an incident. Using brightly coloured cards or paper is a cheap
and way of ensuring that people know they are using the most up-to-date version. The lists
should be accessible and available at all times and in several locations, electronically and in
hard copy.

d) Work area recovery

This could be the key aspect of your plan. If you intend to work from another site, there are
several options to consider:
• You might decide some staff can work from home temporarily

• You might have made arrangements with another Probation Area to use their facilities.

• Choose a ‘cold site’ agreement, usually provided by a business continuity supplier.


This involves erecting a temporary building. You will usually be able to move in after
about 12 days.

• Or a ‘hot site’, also usually provided by a specialist continuity company, makes desks
available within about 4 hours. This option is easy to rehearse, but relatively
expensive.

9
e) Technology recovery

Most businesses nowadays have complex IT, telecommunications and utilities’ structures in
place.

Information Technology: It is imperative to keep inventory lists of software and hardware


materials, as well as your suppliers so that you can replace equipment immediately if
needed. Customise inventory lists according to your needs. It is worth checking in advance if
your insurance covers the replacement of damaged items immediately, or whether you need
the insurance company’s consent.

Telecommunications: You may have the capability to access your telephone system
remotely, from another site. Make sure all relevant programming is undertaken as soon as
possible. Make a list of all the access numbers and keep them safely with all your important
documents on and off-site.

Utilities: In case of a utilities failure, make sure you have a list of all of your utilities’
providers, their contact details and your account numbers. Make sure you have an ‘old style’
telephone handset which you can plug directly into a telephone socket. This has its own
power source via the line and will not be affected by a power cut.

f) Public Relations

The PR process can make or break your reputation. PR will influence how the public, existing
and potential customers, partners, suppliers and all other stakeholders will react to the
incident.

• Nominate a PA spokesperson, and ensure that all staff knows who it is. For resilience,
make sure more than one staff member is nominated and that they have some training
in media handling.

• Make certain the story is the same from all sources: if the emergency services are
involved, co-ordinate your information with them.

• Possibly hire a PR consultant.

• Consider the production of an emergency newsletter to staff. If it is a seriously


disruptive incident and you cannot keep all your staff on site during recovery, it is
essential to keep them well informed about progress.

• Have a pre-prepared list of facts on the organisation’s functions, safety record, etc.

• Place advertisements in local or national papers as needed.

10
g) Staff Focus

Consult your staff when drawing up the plan. This will ensure that they feel part of the plan
and will therefore be more willing to participate fully when something does happen.

Be sensitive how you communicate your plan: the phrasing ‘essential staff or ‘vital
departments’ suggests that some of your staff aren’t as important as others. Obviously, they
all are, but some priority needs must be met.

Make sure that you have plans in place to take care of your employees once an incident does
occur. Make the following contingencies:

• Petty cash for travel home in case of evacuation


• Counseling

h) A description of the premises

This is important for evacuation purposes. Clearly mark where the emergency exits are. Also,
include lists of the contents of your premises for insurance purposes.

Damage Minimisation

Remember that there is a common law duty to minimise loss and this requirement is often
invoked under a contract of insurance. It therefore follows that expense controls should not be
abandoned in the anxiety to make the business operational again.

11
Step 4 - Develop and keep developing your plan
In the process of developing your plan, make sure you have consulted all the decision makers
in the business and involved your staff. Also, make sure you use non-technical language
when writing up the plan, making it accessible to all your employees.

Has your business continuity plan incorporated all the necessary components?

Check our business continuity plan against the following : Tick off
Does your organisation have a clearly defined, up-to-date business continuity plan for its weak links,
mission critical activities and their dependencies?
Does your plan reflect the most up-to-date business impact analysis and risk analysis?
Does your plan clearly define the role of the accountable business owner of the plan? (This could be
the MD, CEO or business owner...)
Has your plan been approved and signed off?

Is it clear who is responsible for the pIan’s maintenance?

Is the plan regularly reviewed in terms of its mission critical activities b the agreed person, such as
the legal rep?
Does the plan establish a clearly predefined response if an incident occurs until the point of full
operation?
Does the plan clearly define how to recover critical activities within the specified time frame?

Does your plan clearly define personnel roles, their accountability, responsibility and authority?

Have you established an appropriate time frame for review of the plan?
Does the plan provide and define clear aims and objectives?

Are there clear instructions on how to use our plan?


Does the plan contain a diagram of the business continuity management structure?

Does the plan clearly state the appropriate responses according to the emergency?

Do you have clear details regarding purchasing, expenditure, and authority?

Do you have a list of contents?

Distribution list?

Glossary of terms?

12
Developing your plan:

You may wish to divide your plan into tasks to do immediately following an incident and those
thereafter to avoid confusion.

To develop the plan you should have input from a cross section of your organisation ensuring
that you include all grades within the hierarchy. This is vital to ensure a practical and workable
plan.

Large organisation’s often consult with outside organisation’s that may be able to provide
assistance when drawing up the plan:
• Find out from your local authority emergency planning officer what they would do in
response to a major incident or terrorist attack.

• Keep in touch with neighbouring businesses. How can you help each other?

• Find out what information will utility companies need in case of an incident.

• What information will your insurer need from you? Please make sure that you create
inventory lists according to your needs. It is worth checking in advance if your
insurance cover will allow replacing damaged items immediately, or whether you need
the insurance company’s consent.

• Think of who else will be affected by your decisions: your customers, partners,
stakeholders and suppliers? Involve them if you can in the planning process. How will
they want the information communicated if an incident occurs?

Liaison with the emergency services and other organisation’s

• Talk to the local liaison officer of the respective emergency services to find out what
their procedures are and what they will need from you if an incident occurs. Emergency
services are often willing to visit companies and perform seminars on such subjects as
evacuation procedures or safety to your employees.

• The Fire Protection Association has published a useful guide: “Safety at Scenes of Fire
and Related Incidents” which also covers problems of chemicals, biological hazards
and building safety.

Additional Analysis Tools

• For those seeking more analysis tools, the following are examples of methods, tools
and techniques that you can use to help you develop your business continuity plan (as
listed in “Business Continuity Management -. Good Practice Guide “, p54, © The
Business Continuity Institute 2002)

• A Strategy Planning Process Model


• SWOT Analysis (Strengths/Weaknesses/Opportunities/Threats)
• Porter’s Value Chain Analysis
• PEST Analysis (Political! Environmental! Social! Technical)
• Scenario planning
• Cost Benefit Analysis
• Business Impact and Risk Assessment Quartile Matrix
• Financial Management
• Benchmarking (metrics and process)
13
• Current State Assessment ‘Gap’ Analysis
o Questionnaires
o Scorecards
o Interviews (structured and unstructured)

External Advice

For the more complex business, it is worthwhile consulting an expert for advice. There are
companies who specialise in providing this type of service, ranging from providing advice to
devising the whole plan from start to finish.

Technology Resources

There are companies providing information back-up services. You can arrange them to collect
data! Copies of information every day, week or month. Alternatively, you can store back ups
at another site, at your buddy’s site or at home.

Some organisation’s will want to give instructions over a central audio system to all
employees, it is useful to have recorded messages for all types of incidents, including testing
of fire alarm, but also instructions of what to do in case of an external incident.

It is also worthwhile having pre-prepared messages for relatives and next of kin, what to say
to them over the phone, in person or in writing. This will be useful if some staff could not be
found or taken to hospital for treatment etc.

14
Step 5 - Test your Business Continuity Plan and Train your Staff
Once the plan has been developed, it has to be subjected to rigorous testing. Testing should
be carried out in an environment to reproduce authentic conditions. Although it might not be
practicable to change premises for a few days, it might be a good idea to test operating at
other premises with the key staff for a few hours. You may believe this is costly or
unproductive but it is a practical investment for your company’s survival: should an incident
happen for real you will be better able to cope with it.

It is important to instill a culture of business continuity management awareness from the very
beginning throughout the company. A truly effective BCP must reflect ‘business as usual’
management process and be driven from the top of the organisation. It should be clearly set
out in the organisation vision statement that is fully endorsed and actively promoted by the
Board or the Executive Committee.

It is vital to test the plan with all the appointed business continuity team persons to make sure
each is fully aware of their own responsibilities. They should be given a copy to read through
and to understand their own particular responsibilities. By training your team in the details of
the plan they will be much more efficient at implementing it should the need arise, and they
may well have useful feedback to give about their own area of company expertise.

It is also important to revise your plan regularly, to reflect staff turnover and updates in
technology, for example. Assign the duty of updating the plan to a member of staff and make
sure it is regarded as an important regular activity.

There are numerous ways in which you could test your plan. Here are a few simple examples:

• Paper-based exercises:

9 Read through the plan, questioning each action


9 Test the plan using what if scenarios. (New pieces of information can be
added as the scenario unfolds, in the same way that more details would
become clear in a real incident.

• Telephone Cascading:
9 This involves testing your Staff Communication Tree: initiate the process
of phoning or texting people at the top of the tree. Measure the time it
takes for the last people to receive the message. This also allows you to
test the whole communication structure (are there any people on the list
who have left your organisation?).

• Full rehearsal:

9 If it’s carried out in similar conditions to a real incident, it will show you
how the different elements of the plan fit together. This may be expensive,
especially if it involves changing sites, but planning will reduce costs and
the efforts might pay off in the future.

How often should the plan be tested?


Your plan will need a full rehearsal at least once a year and will also need to be maintained
and updated regularly by an appointed person(s).
15
West Yorkshire Probation Board
Business Continuity Plan

Head Office
Version 1.0
Head Office Business Continuity Plan

Summary

A major incident that affects the running of WYPB Head Office (HO) may
hinder the services provided to field offices, thereby undermining the
effectiveness of probation services throughout the area. This will in turn, affect
WYPB ability to meet the NPS aims detailed in the WYPB Area Plan.

This Business Continuity Plan identifies the essential services provided by


Head Office; and in the event of a serious incident it details plans on how to
maintain these services. The plan is broken-down into two parts:

x Part 1 – HO Business Impact Analysis.

x Part 2 – HO Disaster Recovery Plan.

Part 1 determines the key services WYPB provide to its customers, and the
Head Office facilities these key services are dependent upon. These in turn
determine the essential business assets at the Head Office and the likely
incidents that threaten these assets. From this analysis a Business Continuity
Strategy is developed.

Part 2 is a plan that directs and assists staff to restoring the essential support
facilities, identified in Part 1, following a serious incident at the HO. It also
initiates the process for returning to normal business.

In the event of a serious incident at Head Office, follow the directions at


Part 2 – HO Disaster Recovery Plan.

Note – This document contains Personal Sensitive


Information and must be treated as Private and
Confidential. Keep in a locked office or filing cabinet
or on your person at all time. Do not leave in public
place or in a vehicle.
Contents Page No

Part 1 – HO Business Impact Analysis.


Introduction 1

Categorisation of Key Business Services and


HO Support Facilities 1

HO Key Business Assets 3

Threats to Key Business Assets 3

Business Continuity Strategy 5

Appendix A – Category Tables 7


Appendix B – Risk Assessment Tables 11

Part 2 – HO Disaster Recovery Plan


Introduction 13

Responsibilities 13

Initial Response to a Serious Incident 13

Business Continuity Management Team (BCMT) 14

BCMT Objectives 15

Appendix C – BCMT Contact Details 17


Appendix D – BCMT Role and Responsibilities 20
Appendix E – Re-Location 22
Appendix F – NPD and Prime Contractor Contact Details 23
Appendix G – Restoring the STEPS LAN 24
Appendix H – Restoring Tele-Communications 25
Appendix I – Restoring Mail Service 26
Appendix J – Staffing and Office Facilities 27
Appendix K – Restoring Payroll and Finance Systems 28
Appendix L – Mitie Disaster Recovery Model 30
Appendix M – Public Relations Guidelines 31
Appendix N – HO General Information 33
Appendix O – HO Floor Plans 37

Annex A – Telephone Number and Address Directory 38


WYPB Head Office Continuity Plan – Part 1

Head Office Business Impact Analysis

1.0 Introduction

This document considers the impact on WYPB business in the event of a


major incident at the Head Office (HO). It determines the key services WYPB
provide to its customers, and the Head Office facilities that the key services
are dependent upon. This in turn determines the essential business assets at
the Head Office and the likely incidents that threaten these assets.

This analysis is required to develop the Business Continuity Strategy and a


Disaster Recovery Plan.

2.0 Categorisation of Key Business Services and HO Support Facilities

A survey of senior operational and administrative staff identified eighteen Key


Business Services (KBS) and their related HO Support Facilities. The survey
also determined the effect the loss of HO facilities would have on each KBS
over three set time periods; 48 hours, five working days and ten working days.
For example the running of Accredited Programmes would not be adversely
affected if HO support was lost for 48 hours, but it would be if the support was
lost for five working days. This formed the basis for categorising each KBS.

The categorisation was also influenced by the contribution the KBS makes to
WYPB achieving the NPS aim of Protecting the Public. For example ensuring
accommodation of High Risk Offenders is a more immediate concern than the
collation of Accredited Programmes data.

The categories are:

a. Category A – Key Business Services that require HO Support


Facilities to be reinstated in 48 hours.
b. Category B – Key Business Services that require HO Support
Facilities to be reinstated in five working days.
c. Category C – Key Business Services that require HO Support
Facilities to be reinstated in ten working days.

The category tables populated with related KBS and HO Support Facilities are
at Appendix A.

2.1 Essential Head Office Support Facilities

The tables at Appendix A clearly show the HO Support Facilities are essential
to ensure that Districts can effectively deliver the Key Business Services.
Should a serious incident result in the closure of HO, the following Support
Facilities must be re-established in 48 hours:

1
a. IT Network Applications

i. Windows 2000 – Local Area Network


ii. Lotus Notes (e-mail)
iii. CRAMS
iv. Word (Contact Logs, Case Folders Templates)
v. Excel (MAPPA database)
vi. e-OASys
vii. IAPS

b. Telephone, fax, mail/post.


c. Elements of Policy and Practice Unit to assist in the management of
High Risk Offenders.
d. Accommodation Services.
e. Elements of the Secretary’s Section to provide legal support.

Should a serious incident result in the closure of HO, the following Support
Facilities must be reinstated in five working days:

a. Hardware and software to run Resource Link back-up tapes and pay
staff via BACS. (Process payroll and expenses)
b. Hardware, software and stationary to print pay slips.
c. Elements of Policy and Practice Unit to provide assistance in the
running of Accredited Programmes and DTTO Programmes.

Should a serious incident result in the closure of HO, the following Support
Facilities must be reinstated in ten working days:

a. IT Network Applications

i. Series X (APM Database, PSR Monitoring Database).


ii. Excel (Basic Skills Database, NSMART Database).
iii. Hardware and software to run MIS (finance) back-up tapes.

b. Elements of Information Services to carry out collation and


processing of the following:

i. Accredited programmes.
ii. DTTO programmes.
iii. Basic Skills commencement and award data.
iv. PSR recommendations on minority ethnic offenders.
v. NSMART.

e. Elements of Policy and Practice Support to assist in the running of


Basic Skills.
f. Elements of the SOS Unit to run Contracts and Partnerships.

2
3.0 Head Office Key Business Assets

The identification of essential HO Support Facilities enables the key HO


Business Assets to be determined. These are:

3.1 Primary Assets:

a. The STEPS Network.


b. The HO Building.
c. Land line telephone communications and related equipment.
d. Mail.
e. Primary Staff – Elements of Chief Offices Section, IT, Policy and
Practice Unit, Accommodation Services and the Secretary’s Section.

3.2 Secondary Assets:

a. Payroll IT hardware and software.


b. Finance IT hardware and software.
c. Secondary Staff – Elements of the Finance Section, Information
Services, Human Resources and the Chief Officers section.

4.0 Threats to Key Business Assets

The following discusses the potential threats to each HO Key Business Asset
and the likelihood of an incident.

4.1 The STEPS Network

A comprehensive study of the potential threats and risks to WYPB’s Local


Area Network (STEPS) has been carried out as part of the National Probation
Service network accreditation program (Accreditation Document Set Parts 2 –
Risk Management Document (Ref.: Generic Probation Service ADS Part 2
v0.4) dated 16 January 2004.

The following is an extract from the document’s summary:

The threat and vulnerability assessment considered many potential problem


areas, each of which may affect different parts of the system. Threat
categories can be grouped into the following areas:

i Logical infiltration (data compromised when stored or processed


on the system);
i Communications infiltration (data compromised when in transit
on the network);
i Failures of equipment;
i Errors by people;
i Physical threats.

3
“The greatest risks to the West Yorkshire Probation Area and its information
systems identified in the review are listed below:

Embedding of malicious software;


Introduction of damaging and disruptive software;
System and Network Software failure;

Operations Error; (Operator errors? Or define)


Hardware and software maintenance errors;
Theft.

The first two threats led to high measures of risk because experience has
shown that incidents of malicious software being sent by e-mails or introduced
by floppy disks are amongst the most common security incidents, and so the
level of these threats has been judged to be high.

The threat of theft has led to a high risk particular with respect to portable
computers being stolen. Such devices are judged to be ‘attractive’ items and
there have been several cases where this type of equipment has been stolen
in the past.

As stated above, overall the measures of risk determined in the risk


assessment are range from a medium to a high level. These types of levels
indicate the need for strong and well-enforced protective measures, which
have been regularly tested and can be demonstrated to withstand determined
attacks.”

4.2 Risk Assessment Table

The risk to the remaining HO Key Business Assets is assessed in the Risk
Assessment Table at Appendix B. In assessing the risk business from a
specific incident, three elements are measured; impact on business, likelihood
of occurrence, and business vulnerability. An impact analysis has already
being carried out to identify WYPB key services. The table in Appendix B
measures the Likelihood of a specific threat and the Vulnerability of WYPB
business assets.

Likelihood is assessed on the following scale:

a. Very Low (considered to be unlikely to ever occur) – score 1;


b. Low (considered to be likely to occur only in unusual circumstances) – score 2;
c. Medium (considered to be likely to occur occasionally) – score 3;
d. High (considered to be likely to occur regularly) – score 4;
e. Very High (considered to be likely to occur very frequently) – score 5.

4
Impact is assessed on the following scale:
f. Very Low (considered to be unlikely to ever occur) – score 1;
g. Low (if the threat did occur, it is felt unlikely that it damage / disrupt the system) –
score 2;
h. Medium (if the threat did occur, it is felt could damage / disrupt the system) – score
3;
i. High (if the threat did occur, it is felt would definitely damage / disrupt the system) –
score 4;
j. Very High (considered to be likely to occur very frequently) – score 5.

The measure of risk is determined by adding the two scores of likelihood and
impact. A very low risk score is 2 and a very high risk score is 10.

The table in Appendix B shows the greatest risks to all assets, with the
exception of Mail, comes from the loss of electrical power and the threat of
fire. Additionally, Payroll and Finance data are at a medium to high risk from
malicious or accidental corruption by internal or external staff.

5.0 Business Continuity Strategy

In the event of a major incident seriously affecting WYPB’s ability to operate,


the Boards overruling mission is to continue to meet the aims of the National
Probation Service, as detailed in WYPB Area Plan.

The strategy to meet these aims is as follows.

5.1 Objectives

In the event of an incident at the Head Office, WYPB objectives will be:

a. To re-establish the Primary HO Key Business Assets, listed at


paragraph 3.1, within 48 hours.
b. To re-establish the Secondary HO Key Business Assets, listed at
paragraph 3.2, within five to ten working days.
c. Within ten working days to have initiated the planning process to re-
establish normal business.

5.2 Business Continuity Management Team

The objectives will be achieved through establishing a Business Continuity


Management Team (BCMT) consisting of senior managers. The BCMT’s role
is to manage the Disaster Recovery Plan; it must assess the situation and
determine the best course of action to meet the objectives. It must also
initiate the process to return to normal business.

5
5.3 Disaster Recovery Plan

The Disaster Recovery Plan will provide:

a. Instructions on when the Plan should be initiated.


b. Roles and responsibilities of the BCMT members.
c. Detailed objectives and the time in which they have to be achieved.
d. Guidance and relevant information on how to achieve the objectives.
e. Personnel contact details (including next of kin).
f. Contact details of prime contractors, statutory organisations, and
partners.

Whilst the Recovery Plan will provide guidance on how to respond to


incidents, it can not predict all eventualities. It is the responsibility of the
BCMT to assess the situation and determine the best course of action to meet
the objectives and, there by, allowing WYPB to fulfil its mission.

5.4 Review Date

The HO Business Impact Analysis and assessment of threats to key business


assets should be reviewed on a 6 monthly basis – next review Sept 05.
Should the review show a change in the analysis or assessments then
alterations to the Disaster Recovery Plan should be considered.

6
Appendix A

Category A Key Business Services


Key Business Services HO Support Facilities to be re-established in 48 hours
Management (assessment and supervision) of High Risk IT Network Applications – Word (Contact Logs, Case Folders,
offenders. Templates), CRAMS, Lotus Notes (e-mail), Excel (MAPPA
database), e-OASys.
Telephone, fax, mail.
Department – Policy and Practice Support (Public Protection)
Accommodation of High Risk offenders. IT Network Applications – Word (Contact Logs, Case Folders,
and Templates), CRAMS, Lotus Notes (e-mail).
Telephone, fax, mail.
Departments – Policy and Practice Support & SOS
(Accommodation).
Enforcement of Orders and Post Release licenses. IT Network Applications – Word (Contact Logs, Case Folders,
and Templates), CRAMS, Lotus Notes (e-mail).
Telephone, fax, mail.
Department – Secretary’s Section (Legal assistance).
Supervision of Orders. IT Network Applications – Word (Contact Logs, Case Folders,
Templates), CRAMS, Lotus Notes (e-mail), e-OASys.
Telephone, fax, mail.

Preparation of reports for courts. IT Network Applications – Word (Contact Logs, Case Folders,
and Templates), CRAMS, Lotus Notes (e-mail).
Telephone, fax, mail.

7
Category B Key Business Services

Key Business Services HO Support Facilities to be re-established in 5 working days


Pay roll and HR services. IT Network Applications – Word, Lotus Notes (e-mail).
Specific IT Applications – Resource Link, BACS link plus server.
Payroll pay slips plus printer.
Telephone, fax, mail.
Department – Finance Section (Payroll/Expenses)
The running of Accredited Programmes. IT Network Applications – Word (Contact Logs, Case Folders,
Templates), CRAMS, Lotus Notes (IAPS,e-mail).
Telephone, fax, mail.
Department – Policy and Practice Support (Accredited
Programmes).
The running of DTTO Programmes. IT Network Applications – Word (Contact Logs, Case Folders,
Templates), CRAMS, Lotus Notes (e-mail).
Telephone, fax, mail.
Department – Policy & Practice (DTTO).
Maintaining contact with victims. IT Network Applications – Word (Contact Logs, Case Folders,
Templates), CRAMS, Lotus Notes (e-mail).
Telephone, fax, mail.

8
Category C Key Business Services
Key Business Services HO Support Facilities to be re-established in 10 working
days
Collation of Accredited Programmes. IT Network Applications – Word, CRAMS, Lotus Notes (IAPS,e-
mail), Series X (APM Database).
Telephone, fax, mail.
Department – Information Services (Database Admin and
Information Management).
Collation of DTTO Programmes. IT Network Applications – Word, CRAMS, Lotus Notes (e-mail),
Series X (APM Database).
Telephone, fax, mail.
Department – Information Services (Research).
Running of Basic Skills. IT Network Applications – Word (Contact Logs, Case Folders,
Templates), CRAMS, Lotus Notes (e-mail).
Telephone, fax, mail.
Department – Policy and Practice Support (Basic Skills).
Collation of Basic Skills commencement and award data. IT Network Applications – Word, Lotus Notes (e-mail), Excel (BS
Database).
Telephone, fax, mail.
Department – Information Services (Information Management).

Collation of recommendations in PSRs written on minority ethnic IT Network Applications – Word, Lotus Notes (e-mail), Series X
offenders. (PSR Monitoring Database).
Telephone, fax, mail.
Department – Information Services (Information Management).

9
Collation of contact with victim’s data. IT Network Applications – Word, Lotus Notes (e-mail).
Telephone, fax, mail.

Finance Ledger. IT Network Applications – Word, Lotus Notes (e-mail).


Specific IT Applications – MIS plus server.
Telephone, fax, mail.
Department – Finance Section.
NSMART IT Network Applications – Word, Lotus Notes (e-mail), Excel
(NSMART Database).
Telephone, fax, mail.
Department – Information Services (Information Management).

Contract Management IT Network Applications – Word, Lotus Notes (e-mail).


Telephone, fax, mail.
Department – SOS Unit (Contracts and Partnerships).

10
Appendix B
Risk Assessment Table
Threats to Key Office Likelihood Impact Measure of
Assets Risk (2-low,
8-high)

The Head Office Building

Electrical Power failure High High 8

Fire Medium High 7

Water damage Low Low 4

Terrorist Very Low High 5

Server Room

Electrical Power failure High High 8

Fire Low High 6

Water Damage Medium High 7

Malicious or accidental Low High 6


corruption by internal staff

Malicious or accidental Medium High 7


corruption by external
staff

Land Line Telephone Communications and Related Equipment

Area wide failure Low High 6

Local failure Medium Medium 6

Electrical Power failure High High 8

Terrorist Low High 6

Mail

Mail staff strike Medium Medium 6

Incident at local sorting Low Medium 5


office

Incident with delivery van Low Medium 5

Payroll and Finance IT Hardware and Software

Hardware failure Low Medium 5

Software failure Low Low 4

Malicious or accidental Medium High 7


corruption by internal staff

Malicious or accidental Medium High 7


corruption by external
staff

Introduction of virus or Low Low 4


other malicious software

11
Threats to Key Office Likelihood Vulnerability Measure of
Assets Risk (2-low,
8-high)

Staff

Large section of the staff Low Medium 5


from one section leaving

Large section of the staff Low Medium 5


being affected by illness
eg SARS

Strike by staff Medium Medium 6

Severe weather stopping Medium Medium 6


staff getting to work.

Fuel shortage stopping Low Medium 5


staff getting to work.

12
WYPB Head Office Continuity Plan – Part 2

Disaster Recovery Plan

1.0 Introduction

WYPB Head Office (HO) provides support facilities to the District Offices that ensure
services are effectively delivered to probation customers. In the event of a serious
incident that affects the physical location, assets, data and staff at the HO it will be
necessary to restore the essential support facilities, as soon, as is practicably
possible.

The purpose of this plan is to direct and assist staff in restoring the essential support
facilities and to start the process of returning to normal business.

2.0 Responsibilities

It is the responsibility of Chief Officer to ensure that:

a. The HO Continuity Plan (Part 1 - Impact Analysis and Part 2 - Disaster


Recovery Plan) is reviewed and tested annually.
b. Each member of the Business Continuity Management Team (BCMT) has
a copy of the Plan.
c. Every Duty Chief Officer has a copy of the plan.
d. Any 24 hour site (i.e. Hostel) has a copy of the plan.

Human Resources are responsible for updating the file containing staff names,
contact details and next of kin details on a weekly basis and password protecting it.
IT to put it onto a USB dongle and take to the Wakefield branch of Lloyds bank and
stored with the STEPs back-up tapes in a safe deposit box. The USB dongle brought
back from the bank will be formatted and stored in the IT safe.

3.0 Initial Response to a Serious Incident

Should a serious incident occur at the HO out of normal working hours, the
contact address for the Police is ……………... If the incident results in any the
outcomes listed below, the Hostel Duty Manager must contact the Duty Assistant
Chief Officer and inform them of the situation, and who in turn must contact one of
the following senior managers: Chief Officer, Deputy Chief Officer, Secretary to the
Board, Director of human Resources or Director of Finance. The responsibility for
activating the Disaster Recovery Plan (Part 2) is then passed to him/her.

Should an incident occur during working hours which results in any of the
following, it is the responsibility of the Chief Officer or Deputy Chief Officer to activate
the Disaster Recovery Plan (Part 2). If neither are available, any Senior Manager at
HO can activate the plan.

Activating the Disaster Recovery Plan (Part 2) should be considered if a serious


incident results in any of the following:

13
a. WYPB Head Office is damaged. This could be the result of a fire,
severe weather or terrorist attack.
b. WYPB Head Office is inaccessible. This could be the result of a bomb
scare, chemical spillage or crime scene.
c. Electricity supply has failed and is unlikely to be restored in the next
24 hours.
d. Telecommunications have failed and are unlikely to be restored in the
next 24 hours.
e. A large element of the staff will not be able to attend work. This could
be result of illness e.g. SARS, severe weather or terrorist attack.
f. The STEPS Local Area Network fails and is unlikely to be restored in
the next 24 hours.

On activating the Disaster Recovery Plan the first task is to inform members of
the Business Continuity Management Team (BCMT). This is the responsibility of
the officer who activates the plan, (contact telephone numbers can be found at
Appendix C).

4.0 Business Continuity Management Team (BCMT)

The BCMT is made up of staff with the knowledge and authority to implement the
Recovery Plan, but is small enough to be conducive to quick and timely decisions.
The BCMT should be established immediately after the incident. Should the
incident happen outside normal working hours, team members should meet at the
earliest opportunity, if necessary before the start of normal work hours.

The BCMT’s role is to manage the Disaster Recovery Plan; it must assess the
situation and determine the best course of action to meet the objectives. It must also
initiate the process to return to normal business. The roles and responsibilities of
each member of BCMT are at Appendix D.

4.1 BCMT Members

a. CO – Chairperson
b. Director of Offender Management – BCMT Co-Coordinator
c. Director of Human Resources
d. Director of Finance
e. Public Relations Officer
f. Policy and Practice Unit ACO
g. Secretary to WYPB
h. Senior Information Services Manager

To assist the BCMT on specific issues, the following should be available to attend
meetings:
a. IT Project Mangers
b. Health and Safety Officer
c. Personnel Manager
d. Administration Manager
e. Deputy Director of Finance
f. Senior Admin Officer (Payments)
g. Accommodation Services ACO
h. Contracts and Partnerships Manager

14
5.0 BCMT Objectives

Not all the objectives will be relevant to every incident. The BCMT must determine
the objectives that need to be achieved.

5.1 Immediate Objectives

The Immediate Objectives must be achieved within 24 hours of the incident


occurring.

a. The BCMT’s location, see Appendix E.


b. Informing District Officers, Hostels, NPD, Steria, Mitie, Prisons and
Partners about the incident, see Appendix F and Annex A
c. Safe Working Conditions – The Health and Safety Officer should conduct
a survey of work areas affected by the incident to assess staff working
conditions. A verbal report, with recommendations, should be given to the
BCMT, followed by a written report. Appendix D.
d. Secure Information and Valued Assets – The Senior Information
Services manager should conduct a survey of areas affected by the
incident to assess any security threats to information and valued assets. A
verbal report, with recommendations, should be given to the BCMT,
followed by a written report. Appendix D.
e. The Public Relations Officer to prepare a Press Release if necessary.
f. Director of HR and Personnel Manager to inform the families of staff
affected by the incident, and arrange counselling for staff that may
require it. Appendix D.

5.2 Primary Objectives

The Primary Objective is to re-establish the Primary Assets (see paragraph 3.1 HO
Business Impact Analysis) within 48 hours. The Primary Assets (minus the HO
Building, see paragraph 5.1a) are:

a. The STEPS LAN Network, see Appendix G.


b. Land line telephone communications and related equipment, see
Appendix H.
c. Mail, see Appendix I.
d. Establishing Primary Staff with office facilities, see Appendix J.

5.3 Secondary Objectives

The Secondary Objective is to re-establish Secondary Assets (see paragraph 3.1


HO Business Impact Analysis) within five to ten working days. The Secondary
Assets and target times are:

a. Payroll IT hardware and software in five working days, see Appendix K

b. Finance IT hardware and software in ten working days, see Appendix


K.

c. Establishing Secondary Staff with office facilities, Appendix J.

15
5.4 Return to Normal Business

The final objective for the BCMT is to establish a management team with the role to
plan for the return to normal business. Some of the issues that may be addressed in
the plan are:

a. Permanent building and office facilities.


b. Permanent IT facilities.
c. Restoration of non-operational support services e.g. monitoring, training.

16
Appendix C
………….
Contact Details for Chief Officers/Senior Managers
CHIEF OFFICERS TEAM

17
18
SENIOR MANAGERS

FOR INFORMATION

19
Appendix D

Business Continuity Management Team (BCMT) Role and Responsibilities

Chairperson – CO (Deputise – Director of Interventions)

x Activate Disaster Recovery Plan and assemble the BCMT.


x Chair the BCMT.
x To control, direct and manage the Disaster Recovery Plan.
x Assessment of the impact on the business.
x Implementation of part or the entire plan immediately following an incident.
x Key decision-maker at site level.
x Liase with the NPD.

BCMT Co-Coordinator – Director of Offender Management (Deputise - at the Chair’s


discretion) or Deputy Chief Officer

x Deputise for the Chairperson as necessary.


x Co-ordinate movement to BCMT location.
x Ensuring BCMT minutes are accurate and up to date
x Central contact point for BCMT for all calls and enquiries.
x Liase with emergency services.
x Provide updates to probation, CS and court offices.
x Report to and advise the BCMT Chair.
x Delegate the following:
x Health and Safety Report of incident site – H&S Officer, see paragraph 5.1c
x Informing probation offices, hostels, prisons, and partners of the incident and
keep updated – HO Administration Manager, see Appendix F.
x Incident site liaison with emergency services – ACO
x Restore tele-communication – HO Administration Manager, see Appendix H.
x Restore mail service – HO Administration Manager, see Appendix I.

Senior Information Services Manager

x Re-establishing and maintaining the STEPS LAN, see Appendix G.


x Co-ordination of IT, research and security staff, and delegate as necessary, see
Appendix J
x Inform IT Prime Contractor, Steria of incident and liase.
x Report to and advise the BCMT Chair.
x Delegate the following:
o Security Report on incident site – see paragraph 5.1 d
x To review the HO Business Impact Analysis and assessment of threats to key
business assets annually, and make any necessary changes resulting from the
review.
x Annually test the BCP to ensure its effectiveness and to make any necessary
changes resulting from the tests.

20
Director of Human Resources (Deputise – Personnel Manager)

x Safety and well-being of staff.


x Responsibility to update on a weekly basis all staff details, including next of kin
and to liase with IT to make sure the information exists on a USB Dongle held in
the bank for security reasons.
x Employment of temporary staff.
x Enforcement of disciplinary procedures.
x Contact with staff and the family of staff, see paragraph 5.1f.
x Co-ordination of HR staff and delegate as necessary, see Appendix J. Resolve
local staff issues.
x Counselling of staff, see paragraph 5.1f.
x Report to and advise the BCMT Chair.

Director of Finance (Deputise – Deputy Director of Finance)

x Re-establishing and maintaining staff pay and financial processors, see Appendix
K.
x Co-ordination of Finance staff and delegate as necessary.
x Assessment of damage to the building and services.
x Inform NPD FM/BM Contract Managers and Mitie of the incident and liase.
x Report to and advise the BCMT Chair.
x Emergency purchasing facilities.

Public Relations Officer (Deputise – Assistant PR Officer)

x To prepare and release an initial press report, see Appendix M.


x To liase with the press, see Appendix M.
x Report to and advise the BCMT Chair.

Secretary to WYPB (Deputise – Area Manager, Contacts and Enforcement)

x Co-ordination of Secretary’s Section staff and delegate as necessary, see


Appendix J.
x Report to and advise the BCMT Chair.

21
Appendix E

Re-Location

Responsibility of the Director of Offender Management or Deputy Chief Officer

1. The BCMT should be located in an office with internal and external


telecommunication facilities, secretarial facilities and an area where staff can
congregate whilst awaiting instructions. Several meeting and conference rooms
at Head Office meet these requirements. However, if no facilities at Head Office
can be used due to the incident, the BCMT should be established at the Other
Site or Other Site Three rooms are available for use at Other Site.

x Conference room. Used by the BCMT.


x Anti-room. Used by staff waiting for instructions from the BCMT.
x Quiet room. Used by IT staff and administration staff.

2. If Other Site can not be used because it is also affected by the incident, e.g.
electrical power failure throughout Area, then Other Site should be used.

3. In a sealed enveloped and stored in the Lloyds safe deposit box is a USB
dongle containing a list of all staff with home addresses, telephone numbers and
next of kin details. A copy of the file is held in the HR Department at HO.

4. Any additional equipment required by the IT staff, e.g. desktops, monitors, and
by administration staff can be supplied by HO or Other Site.

22
Appendix F

NPD and Prime Contractors Contact Details

When contacting the organisations for the first time after the incident, report the
following:

o What has happened


o What facilities are affected
o What is being done
o New WYPB contact details i.e. address, telephone numbers, fax, etc
o Regular updates will follow.

NPD, Mitie and Steria

NPD

………… Contract Manager


…………
Tel: …………

……. FM/BM Contract Manager


…….
Tel: …………

Mitie (See Mitie Disaster Recovery Model at Appendix L)

HelpDesk
Tel: 01257 236576 (24 hours)

Contracts Manager
………..
Tel: 07979 702162

Steria

Steria Help Desk


Tel: 01142 885300 (0800 – 1800)

District Manager
………..
Tel: ………
Mobile: ……….

Contact details for District Offices, Hostels, Prisons, Partnerships and


Emergency Services can be found in the Directory at Annex A.

23
Appendix G
Restoring the STEPS LAN.

Responsibility of Senior Information Services Manager.

1. Three sets of back-up tapes are maintained:

a. Daily back-up tapes are made each evening and stored in a fire proof safe
located in the server room.
b. The weekly and monthly back-up tapes are stored off site at the Wakefield
Westgate branch of Lloyds Bank.

2. If the incident resulted in loss of software applications and data, the last known
good back-up tape should be used to restore the network.

3. Should the server farm, located at Head Office, be rendered inoperable due to
the incident, the LAN should be restored through the installation of the back-up
tapes into the Model Office / TRTF Rig located at Steria, Hemel Hempstead. An
IT staff member should take the previous day’s back-up tapes (if available) and
the previous week’s tapes to the Hemel Hempstead offices and install on the
back-up hardware with the aid of Steria staff. Steria should be informed
immediately allowing them to prepare the ‘Test Rig’.
Work is in progress by NPD to make sure this is a viable option, which would
require the WAN link into Steria’s offices upgrading from the current 2Mb link.
Also the test rig would need upgrading to be able to cater for all areas including
the extra large ones such as West Yorkshire.
The Escala CRAMS server is backed-up as per the other servers. However, due
to the re-introduction of using CRAMS instead of the WORD contact sheet there
is a need to make sure the server can be replaced / relocated within 48 hours.
Steria are currently contracted to replace / repair the server on a high priority
call. There is a project ongoing to see if we could co-locate with South Yorkshire
as they also have a primary link of 34Mb. This would allow both areas to have a
means of cover.

24
Appendix H

Restoring Tele-Communications

Responsibility of the Director of Offender Management or Deputy Chief Officer


and Head Office Administration Manager

The service provider for landline telephone telecommunications at Head Office and
Other Site is ………..

Contact details are:

Help Desk telephone number: ……………………

If it is necessary to have telephone calls redirected, new lines established or to


initiate the repair to existing lines, contact the HelpDesk at the above number. It
should be possible to have redirected from ……… to Other Site within a few hours.

WYPB contract number with Telephone Provider is: ………………………..

25
Appendix I

Restoring Mail Service

Responsibility of the Director of Offender Management or Deputy Chief Officer


and Head Office Administration Manager

The service provider for mail delivery is the Royal Mail.

If it is necessary to have mail addressed to the Head Office redirected or held at the
Wakefield Delivery Office, this can be arranged through the Royal Mail Customer
Service, but will take two or more days to establish.

Royal Mail Customer Service telephone number: 08457 740740

Until then the mail will continue to be delivered to the Head Office address. If it is not
possible for the mail to be delivered it will automatically be held at the Wakefield
Delivery Office for up to two days. During this period, and before the arrangements
made through Customer Service take effect, arrangements can be made to collect
the mail from the delivery office by contacting the Delivery Office direct.

Telephone: ………………………

26
Appendix J.

Staffing and Office Facilities

1.0 Minimum HO Facilities required 48 hours after the Incident.

1.1 Primary Staff consisting of elements from:

o Chief Officers Section. Members of JSU can be re-established at work


as needs arise and facilities become available.
o IT
o Secretary’s Section (to provide legal support)
o Policy and Practice Unit (to provide support in the management of High
Risk Offenders)
o Accommodation Services

1.2 Equipment will be requisitioned as needed

1.3 Staffing of the limited facilities is at the discretion of the BCMT members
responsible for above departments.

2.0 Minimum HO Facilities and Staffing Five Days after the Incident.

2.1 Secondary Staff consisting of elements from:

o Finance Section (Payroll)


o Policy and Practice Support (Accredited Programmes and DTTO
Programmes)
o Human Resources.

2.2 Staffing of the limited facilities is at the discretion of the BCMT members
responsible for above departments.

3.0 Minimum HO Facilities and Staffing Ten Days after the Incident.

3.1 Secondary Staff consisting of elements from:

o Information Services
o Policy and Practice Support (Basic Skills)
o Secretary’s Section (Contracts & Partnership)
o Finance Section

3.2 Information Services to assist in the collation and processing of:

o Accredited programmes.
o DTTO programmes.
o Basic Skills commencement and award data.
o PSR recommendations on minority ethnic offenders.
o NSMART.

27
Appendix K
Restoring Payroll Systems

To be achieved in five working days

Responsibility of Director of Finance and Senior Information Services Manager

The BCMT have five options for replacing the payroll with a temporary system:

1. Have the bank repeat the previous month’s payroll via the BACS system.
2. Issue hand written cheques to each employee using bank records from
previous payments.
3. Northgate re-build the Resource Link server. This will take approximately
seven days.
4. IT staff re-build the Resource Link computer.
5. Delay paying the staff.

Which option is the best solution will be determined by a number of factors, such as
how close to ‘pay day’ the incident occurs, what IT staff are available and what funds
are available.

The specification of the Resource Link server is:

WIN 2000 Compaq Proliant Server ( 2 x processors )


3 x Hard drive
c: - 8.5Gb
d: - 8.5Gb
e: - 35Gb
1.5 Gb RAM
4mm DAT Tape Drive
Modem BACS link

A dot-matrix printer, Printronix P5205, would also be required to print off the staff pay
slips. The printer can be bought locally.

All the drives are backed up daily and weekly. The weekly backup tapes are stored
off site at the Wakefield Westgate branch of Lloyds Bank. The system could be re-
loaded to a new server directly from the backups with minimal intervention from
(service provider), although there would be some re-configuration needed by (service
provider). The only software we would need to load directly from CD would be
Oracle. We have a copy of Oracle supplied by (service provider).

Blank pay slips can be acquired from the suppliers at short notice. They hold
sufficient stocks to meet our needs. The supplier’s details are:

Econo-Mail LTD
Tel: 01902 396600
Fax: 01902 396601

28
Restoring Finance Systems

To be achieved in ten working days

Responsibility of Director of Finance and Senior Information Services Manager

Data is backed-up and held offsite as per Payroll backups.

The options for restoring the finance ledger with a temporary system are:

1. A manual system which pays creditors by cheque.


2. Northgate builds a server to run the MIS software and back-up tapes on.
3. The IT department build a server.

The MIS finance package needs a similar server to Resource Link payroll system.
Unfortunately, MIS back-up tapes cannot be run on the same server as Resource
Link because the MIS settings will over-write the previous settings making Resource
Link inoperable. Therefore, a second Windows 2000 Server may be required.

The hardware for the finance server is currently under review as the current
operating system, Windows NT 4.0, is obsolete and not supported anymore. The
options are:
1. buy the server outright
2. rent the server.

MIS have also given some documentation for the disaster recovery aspect of this
server:

Option 1 – Full Server Replacement and Restart Service


In the event of a disaster MIS would deliver a replacement server to any location
within the UK and take responsibility for reloading all backup tapes and configuring
users/printers. The Systems Engineer would remain onsite until the system is fully
functional and working releasing the Customers IT Staff to concentrate on other
critical issues in what would be an undoubtedly stressful time.
MIS have a unique policy of maintaining a set of operating system disks configured
specifically for each customer which allows us to have the replacement server
operational within a few hours of arriving onsite.
Option 2 – Restart Service on Customers Hardware
This is similar to Option 1 with the exception that the Customer is responsible for
providing all the hardware and operating system disks/media etc. MIS Systems
Engineers would rebuild the Universe RDBMS, reload our Applications and
configure any users/printers remaining onsite until the server was fully functional.
With both options we provide a test day in which we attend a mutually agreed
location to undertake a ‘dummy’ reload of the system (MIS provide hardware with
option 1). This is recommended to prove confidence for both organisations in the
recovery procedures and practices.

29
Appendix L

Business Continuity Planning

Disaster Recovery Model

Area
Business
Continuity
Plan

Area to
Contact MITIE
Helpdesk
01257236576

MITIE MITIE NPD


Senior Management Helpdesk to DFM
Team Informed. Initiate Disaster informed
Co-ordinator Recovery plan
appointed

MITIE Colliers CRE


Mobilize Mobilize
Service Provision Service Provision
a. Mechanical & a. Temporary
Electrical Accommodation
b. Cleaning b. Accommodation
c. Security c. Landlords
d. Fire Alarms Responsibility
e. Sub-
contractors

30
Appendix M

Public Relations Guidelines


The following is an extract from WYPB’s ‘A Rough Guide to Public Relations’.

CRISIS PR:

1 Anticipate

x Notify your line manager and the PR Section of any anticipated crisis.
x The ostrich position does not work.
x You cannot manage a crisis on your own.

2 Manage

x Ensure press enquiries are channelled to PR Section.


x Agree one principal spokesperson, media trained, ideally the CO or most
senior Chief Officer available.

3 Assess

x Deploy responsible member of staff to take press messages and promise to


call back.
x Take time out to assess situation and plan approach.
x Meet with designated Chief Officer (see above).
x Establish what has happened.
x Identify who can fill in the background to crisis.
x Consider what press might say/ask.
x Inform others: Committee/Board, staff, Home Office, NPD .
x Deploy member of staff to supply beverages/sandwiches/phone
messages/typing and faxing assistance.
x Agree press statement, to include: Reassurance/sympathy
Action being taken
Context

4 Respond

x Return all press calls.

x "No comment" will not do.

x Use agreed spokesperson/statement only.

x If interest justifies it, consider press conference to provide all interviews etc, at once.

31
5 Keep In Touch

x Log all press calls/responses.

x Monitor press/crisis developments.

x Issue further statements if necessary.

x Cross check other planned PR.

6 Review and Evaluate

x Debrief and feedback session with all staff involved.

x Consider issuing closing, positive press statement.

x Monitor media coverage.

32
Appendix N

WYPB Head Office, Wakefield

General Information

Address: Cliff Hill House


Sandy Walk
Wakefield

Postcode:

Telephone Number:

Fax Number:

Grid Reference:

Directions to Site:

Type of Accommodation:

Number of Staff based on site:

Location of Site Plans: Appendix O

Office Manager:

Official Key Holders:

Utility Contact Numbers:

Mitie HelpDesk (24 hours): 01257 236576

Electricity Gas (Transco) 0800 111 999

Water: Mitie HelpDesk (24 hours)


Tel: 01257 236576

Tel:

33
…. Head Office ……
Disaster Recovery Plan – Access to Probation Properties Information Sheet

Property Address: Properties Common Name


E.g. HQ etc
Office Manager
Responsible for Building
Door location for initial entry & final exit:
1.1.1

Key Holders

Light Switch location(s)


[To access alarm panel only]: 1.1.2

34
Burglar Alarm Key / control panel location:
1.1.3

Burglar Alarm Disable code and procedure:


1.1.4

Burglar Alarm Set code and procedure:


1.1.5

Entry and Exit walk times for Burglar Alarm


1.1.6

Alarm Monitor Station Tel No. & security code:


1.1.7

Fire Alarm Disable/Silence procedure:

File server room location:


1.1.8

35
Utilities main switch locations

GAS cut off Valve:

ELECTRICITY Main isolator:

ELECTRICITY Secondary isolator:

WATER stop valve:

36
APPENDIX O
Head Office Floor Plans

37
Annex A

Telephone Number and Address Directory

Part 1 Emergency Services


Only in an emergency use 999 where there is danger to life or a crime in
progress.

West Yorkshire Police

For non-emergency calls or to report a crime dial 0845 6060606.

If you do not require Police attendance, but you need Police help and advice, call the
local HelpDesk (available 24 hours). For …….. dial
For ……..

Casualty

Fire Brigade

Wakefield Metropolitan District Council

Floodline

Advice and information dial 0845 9881188

Yorkshire Water

Gas

If you smell gas telephone Transco on 0800 111999

Electricity

38
Part 2 WYPB

Offices

Hostels

39
Part 3 Partnership Addresses

40
West Yorkshire Probation Board
Business Continuity Plan

(OFFICE NAME)
Version 1.0
Name of Office Continuity Plan – Part 1

Name of Office Business Impact Analysis

1.0 Introduction

This document considers the impact on probation services provided by Name of Office in
the event of a major incident. It prioritises the key functions and services the Name of
Office provides to its customers and the facilities these services are dependant on.

This analysis is required to develop the Business Continuity Strategy and a Disaster
Recovery Plan.

2.0 Key Business Functions and Assets

The Key Business Functions of Name of Office are:

Full range of Offender Management Intervention Services for Name of District;

Receptionist, admin officer, Office Manager, one duty officer for each team, CP Team,
Court Team, CRO Team, Resettlement Team

2.1 Key Business Assets

Name of Office ability to provide these functions would be seriously affected if a major
incident damaged some or all of the following assets:

a. The Probation Centre Name of Office building.


b. Land line telephone communications and related equipment.
c. Staff – Operational and Administration.

Name of Office ability to operate would also be effected, but to a less degree, if an incident
damaged some or all of the following assets:

a. The STEPS Network.


b. Mail.

3.0 Threats to Key Business Assets

3.1 Risk Assessment Table

The risk to the Key Business Assets is assessed in the Risk Assessment Table at Annex
A. In assessing the risk to business from a specific incident, three elements are
measured; impact on business, likelihood of occurrence, and business vulnerability. An
impact analysis has already being carried out to identify the Key Business Functions. The
table at Annex A measures the Likelihood of an incident and each asset’s Vulnerability.

Likelihood is assessed on the following scale:

a. Very Low (considered to be unlikely to ever occur) – score 1;


b. Low (considered to be likely to occur only in unusual circumstances) – score 2;
c. Medium (considered to be likely to occur occasionally) – score 3;
d. High (considered to be likely to occur regularly) – score 4;
e. Very High (considered to be likely to occur very frequently) – score 5.

Vulnerability is assessed on the following scale:

a. Low (if the threat did occur, it is felt unlikely that it damage / disrupt the system) –
score 1.
b. Medium (if the threat did occur, it is felt could it damage / disrupt the system) –
score 2;
c. High (if the threat did occur, it is felt would definitely damage / disrupt the system)
– score 3.

The measure of risk is determined by adding the two scores of likelihood and vulnerability.
A very low risk score is 2 and a very high risk score is 8.

3.2 The STEPS Network

A comprehensive study of the potential threats and risks to Name of Office Local Area
Network (STEPS) has been carried out as part of the National Probation Service network
accreditation program (Accreditation Document Set Parts 2 – Risk Management Document
(Ref.: Generic Probation Service ADS Part 2 v0.4) dated 16 January 2004.

4.0 Business Continuity Strategy

The primary objective in the Probation Service, and other Criminal Justice Organisations,
is the protection of the public. In the event of a major incident seriously affecting the ability
of Name of Office to operate, Name of Office can best achieve this objective by the
immediate relocation of its residence which replicates the Name of Office enhanced level
of residential supervision.

4.1 Objectives

In the event of an incident at Name of Office the objectives will be:

A Enforcement
B Public Protection
C Protect Staff and Visitors

4.2 Senior Management Implementation Team (SMIT)

The objectives will be achieved through establishing a Senior Management


Implementation Team (SMIT) consisting of senior managers from Name of Office. The
SMIT role is to manage the Disaster Recovery Plan; it must assess the situation and
determine the best course of action to meet the objectives. It must also initiate the
process to return to normal business.

4.3 Disaster Recovery Plan

The Disaster Recovery Plan will provide:


a. Instructions on when the Plan should be initiated.
b. Roles and responsibilities of the SMIT members.
c. Detailed objectives and the time in which they have to be achieved.
d. Guidance and relevant information on how to achieve the objectives.

Whilst the Recovery Plan will provide guidance on how to respond to incidents, it can not
predict all eventualities. It is the responsibility of the SMIT to assess the situation and
determine the best course of action to meet the aims.

4.4 Review Date

It is the responsibility of the ACO to review the Business Impact Analysis and assessment
of threats to key business assets no later than September 2005. Should the review show
a change in the analysis or assessments then alterations to the Disaster Recovery Plan
should be considered.
Name of Office Continuity Plan – Part 2

Disaster Recovery Plan

1.0 Introduction

In the event of a serious incident affecting the physical location, assets, data and staff at
Name of Office, the capability to deliver key services must be maintained. The purpose of
this plan is to direct and assist staff in achieving this and to start the process of returning to
normal business.

2.0 Responsibilities

It is the responsibility of the Office Manager to ensure that:

a. Name of Office Continuity Plan (Part 1 - Impact Analysis and Part 2 - Disaster
Recovery Plan) is reviewed and tested annually in conjunction with Business
Continuity Group @ Head Office.
b. Each member of the Senior Management Implementation Team (SMIT) has a
copy of the Plan.
c. CP Weekend Duty Officer Folder/Instructions

3.0 Initial Response to a Serious Incident

Activating the Disaster Recovery Plan (Part 2) should be considered if a serious incident
results in any of the following:

a. Name of Office is damaged. This could be the result of a fire, severe


weather or terrorist attack.
b. Name of Office is inaccessible. This could be the result of a bomb scare,
chemical spillage or crime scene.

The person responsible for activating the plan is the Name of Office SMIT member at the
time of the incident.

If the incident occurs out of normal working hours, the person aware must inform Duty
ACO
If the incident occurs during working hours, the person aware must inform their ACO, if
they are not available, another ACO at Head Office.

On activating the Disaster Recovery Plan the immediate concern is the delivery of Key
Services: OM, DAM, ACO
Public Protection
Programmes
ECP
4.0 Senior Management Implementation Team (SMIT)

The SMIT is made up of staff with the knowledge and authority to implement the Recovery
Plan, but is small enough to be conducive to quick and timely decisions. The SMIT
should be established immediately after the incident. Should the incident happen
outside normal working hours, team members should meet at the earliest opportunity, if
necessary before the start of normal work hours.

The SMIT role is to manage the Disaster Recovery Plan; it must assess the situation and
determine the best course of action to meet the objectives. It must also initiate the
process to return to normal business. The roles and responsibilities of each member of
BCMT are at Appendix D.

4.1 SMIT Members –


Suggestions for the team if not large disaster eg power cut.
a. Office Manager – Chairperson
b. DAM - SMIT Co- ordinator
c. ACO or Head Office staff as required

To assist the SMIT on specific issues, the following Head Office staff should be available
to attend meetings:

a. Deputy Chief Officer


b. Public Relations Officer (see Appendix H).
c. Health and Safety Officer
d. Senior Information Services Manager
e. Personnel Manager
f. Deputy Director of Finance
g. Accommodation Services ACO
h. Contracts and Partnerships Manager

5.0 SMIT Objectives

Within 24 hours of the incident occurring the SMIT must inform:

a. All relevant HO Departments, Prime Contractors, Hostels, Prisons, Police,


Courts and Partners in the district about the incident, see Appendix F and
Annex A.
b. Director of HR and Personnel Manager to inform the families of staff affected
by the incident, and arrange counselling for staff that may require it.
c. Deputy Chief Officer to inform the families of residents affected by the
incident.

5.1 Return to Normal Business

The final objective for the SMIT is to establish a management team with the role to plan for
the return to normal business.
Appendix A

Temporary Relocation Site

A relocation site must be chosen which, for 24 hours, can provide:

x Telephones plus basic office services

In this appendix include the sites address, telephone numbers and directions if necessary.
Also liase with staff at the site to ensure they agree with the selection.

Suggestions are:

x Need to contact local council


x Check if possible to rent short term
Appendix B

Transport Arrangements

Local Taxi firms ……………..


Appendix C

SMITContact Details

Determine who will be members of the SMIT and list their names, home address, and
home and mobile telephone numbers.

Office Manager

DAM

ACO
Appendix D

Senior Management Implementation Team (SMIT) Roles and Responsibilities

Chairperson - Name of Office Manager

x Chair the SMIT.


x To control, direct and manage the Disaster Recovery Plan.
x Assessment of the impact on the business.
x Implementation of part or the entire plan immediately following an incident.
x Key decision-maker at site level.
x Safety and well-being of staff and residence.
x Annually test the BCP to ensure its effectiveness and to make any necessary changes
resulting from the tests.
x To review the Business Impact Analysis and assessment of threats to key business
assets annually, and make any necessary changes resulting from the review.

SMIT Co-Coordinator – Name of Office Deputy Manager


x Deputise for the Chairperson as necessary.
x Co-ordinate movement to SMIT location.
x Ensuring SMIT minutes are accurate and up to date
x Central contact point for SMIT for all calls and enquiries.
x Liase with emergency services.
x Report to and advise the SMIT Chair.
x Delegate the following:
o Health and Safety Report of incident site – H&S Officer.
o Security Report of incident site – Senior Information Services Manager.
x Restore mail service – HO Administration Manager, see Appendix G.
Appendix E

Residence Semi-Permanent Relocation Accommodation

Responsibility of ACO

1. Keystaff should be located in an office with internal and external telecommunication


facilities, an area where staff can congregate whilst awaiting instructions. Meeting
and conference rooms at Other Offices meet these requirements.

2. In a sealed enveloped and stored in the Lloyds safe deposit box is a USB dongle
containing a list of all staff with home addresses, telephone numbers and next of kin
details. A copy of the file is held in the HR Department at HO.
Appendix F

Prime Contractors and HO Contact Details

When contacting the organisations for the first time after the incident, report the following:

o What has happened


o What facilities are affected
o What is being done
o New WYPB contact details i.e. address, telephone numbers, fax, etc
o Regular updates will follow.

HO Treasurer’s Section

NPD

Mitie (See Mitie Disaster Recovery Model at Appendix J)

Help Desk
Tel: 01257 236576 (24 hours)

Contact details for District Offices, Hostels, Prisons, Partnerships and Emergency
Services can be found in the Directory at Annex A.
Appendix G

Restoring Mail Service

All problems with telephone communication should be put through the Finance Section at
HO on 01924 885316.

The service provider for mail delivery is the Royal Mail.

If it is necessary to have mail addressed to Name of Office redirected or held at the local
Delivery Office, this can be arranged through the Royal Mail Customer Service, but will
take two or more days to establish.

Royal Mail Customer Service telephone number: 08457 740740

Until then the mail will continue to be delivered to the Name of Office address. If it is not
possible for the mail to be delivered it will automatically be held at the local Delivery Office
for up to two days. During this period, and before the arrangements made through
Customer Service take effect, arrangements can be made to collect the mail from the
delivery office by contacting the Delivery Office direct.
Appendix H

Public Relations Guidelines

Creating awareness among offenders and victims of changes in reporting arrangements


and addresses will be essential. The following is an extract the WYPB Rough Guide to
Public Relations’.

CRISIS PR:

1 Anticipate

x Notify your line manager and the PR Section of any anticipated crisis.

x The ostrich position does not work.

x You cannot manage a crisis on your own.

2 Manage

x Ensure press enquiries are channelled to PR Section.

x Agree one principal spokesperson, media trained, ideally the CO or most senior Chief
Officer available.

3 Assess

x Deploy responsible member of staff to take press messages and promise to call back.

x Take time out to assess situation and plan approach.

x Meet with designated Chief Officer (see above).

x Establish what has happened.

x Identify who can fill in the background to crisis.

x Consider what press might say/ask.

x Inform others: Committee/Board, staff, Home Office, NPD .

x Deploy member of staff to supply coffee/sandwiches/phone messages/typing and faxing


assistance.

x Agree press statement, to include: Reassurance/sympathy


Action being taken
Context

4 Respond

x Return all press calls.

x "No comment" will not do.

x Use agreed spokesperson/statement only.

x If interest justifies it, consider press conference to provide all interviews etc, at once.
5 Keep In Touch

x Log all press calls/responses.

x Monitor press/crisis developments.

x Issue further statements if necessary.

x Cross check other planned PR.

6 Review and Evaluate

x Debrief and feedback session with all staff involved.

x Consider issuing closing, positive press statement.

x Monitor media coverage.


Appendix I
Site plans
To be added later.
Appendix J

Building Information

Address:

Postcode:

Telephone Number:

Fax Number:

Type of Accommodation:

Number of Staff based on site:

Location of Site Plans:

Office Manager:

Official Key Holders:

Utility Contact Numbers:

Mitie HelpDesk (24 hours): 01257 236576

Electricity Gas (Transco) 0800 111 999

Water: Mitie HelpDesk


Tel: 01257 236576 (24 hours)
District Office Name
Disaster Recovery Plan – Access to Probation Properties Information Sheet

Property Address: Properties Common Name


E.g. HQ etc
Office Manager
Responsible for Building
Door location for initial entry & final exit:

Key Holders
Light Switch location(s)
[To access alarm panel only]:
Burglar Alarm Key / control panel location:

Burglar Alarm Disable code and procedure:

Burglar Alarm Set code and procedure:

Entry and Exit walk times for Burglar Alarm

Alarm Monitor Station Tel No. & security code:

Fire Alarm Disable/Silence procedure:

18
Utilities main switch locations

GAS cut off Valve:

ELECTRICITY Main isolator:

ELECTRICITY Secondary isolator:

WATER stop valve:

19
Annex A

Threats to Key Office Likelihood Vulnerability Measure of


Assets Risk (2-low,
8-high)

The Office Building

Electrical Power failure 2 3 5

Fire 2 2 4

Water damage 4 2 6

Terrorist 1 3 4

Land Line Telephone Communications and Related Equipment

Area wide failure 2 2 4

Local failure 3 2 5

Electrical Power failure 2 3 5

Terrorist 1 3 4

Mail

Mail staff strike 3 1 4

Incident at local sorting 3 1 4


office

Incident with delivery van 2 1 3

Staff

Large section of the staff 1 1 3


from one section leaving

Large section of the staff 2 1 3


being affected by illness
eg SARS

Strike by staff 2 1 3

Severe weather stopping 4 1 5


staff getting to work.

Fuel shortage stopping 2 1 3


staff getting to work.

20
Annex B
Telephone Number and Address Directory

Part 1 Emergency Services


Only in an emergency use 999 where there is danger to life or a crime in
progress.

…………….. Police

For non-emergency calls or to report a crime dial 0845 6060606.

If you do not require Police attendance, but you need Police help and advice,
call the local HelpDesk (available 24 hours). For (office name) dial: This will
put you through to ………… local police station.

Casualty

Fire Brigade

Council Offices

Floodline

Advice and information dial 0845 9881188

Yorkshire Water

Gas

If you smell gas telephone Transco on 0800 111999

Electricity

21
Part 2 WYPB

Offices

Hostels

Part 3 Partnership Addresses

22
West Yorkshire Probation Board
Business Continuity Plan

(OFFICE NAME)
Version 1.0
Hostel Name Continuity Plan

Disaster Recovery Plan

1.0 Introduction

In the event of a serious incident affecting the physical location, assets, data and staff at Hostel
Name, the capability to manage residents must be maintained. The purpose of this plan is to direct
and assist staff in achieving this and to start the process of returning to normal business.

2.0 Responsibilities

It is the responsibility of Hostel Name SPO/Manager to ensure that:

a. The Hostel Name Continuity Plan (Part 1 Impact Analysis and Part 2- Disaster Recovery
Plan) is reviewed and tested annually.
b. Each member of the Senior Management Implementation Team (SMIT) has a copy of
the Plan.
c. The Hostel Name Deputy Manager has a copy of the Plan

3.0 Initial Response to a Serious Incident

Activating the Disaster Recovery Plan (Part 2) should be considered if a serious incident results in
any of the following:

a. Hostel Name is damaged. This could be the result of a fire, severe weather, public
protest or terrorist attack.
b. Hostel Name is inaccessible. This could be the result of a bomb scare, chemical
spillage, crime scene, public protest.

The person responsible for activating the plan is the Hostel Name Duty Manager at the time of the
incident.

If the incident occurs out of normal working hours, the Duty Manager must inform Other Hostel.
It is the responsibility of the Other Hostel Duty Manager to inform the Duty ACO, the Hostel
Manager and the Prisons and Hostels ACO. If the incident is at Other Hostel, the Duty Manager
should contact duty ACO for similar assistance.

If the incident occurs during working hours, the Duty Manager must inform the Prisons and
Hostel ACO or, if they are not available, another ACO at Head Office.

On activating the Disaster Recovery Plan the immediate concern is the relocation of residence.
Duty Manager must:

x Ensure all the residents are present or their location is known eg. Hospital, police cells.
x Inform the Resident Relocation Site of the Incident and the imminent arrival of the
residents. See Appendix A.
x Arrange transport for the resident to the Relocation Site. See Appendix B.
x On arrival at the Relocation Site ensure all the residents are present or their location is
known.
Once the above has been achieved and all the residents are accounted for, the Duty Manager must
contact any members of the Senior Management Implementation Team (SMIT) who are not already
aware of the incident. See Appendix C.

4.0 Senior Management Implementation Team (SMIT)

The SMIT is made up of staff with the knowledge and authority to implement the Recovery Plan,
but is small enough to be conducive to quick and timely decisions. The SMIT should be
established immediately after the incident. Should the incident happen outside normal working
hours, team members should meet at the earliest opportunity, if necessary before the start of normal
work hours.

The SMIT role is to manage the Disaster Recovery Plan; it must assess the situation and determine
the best course of action to meet the objectives. It must also initiate the process to return to normal
business. The roles and responsibilities of each member of SMIT are at Appendix D.

4.1 SMIT Members –

a. Hostel Name Manager- Chairperson


b. Deputy Manager – SMIT Co-ordinator
c. Prisons and Hostels ACO
d. Other Hostel Name or Head Office staff as required

To assist the SMIT on specific issues, the following members of the Business Continuity Managers
Team (BCMT) should be available to attend meetings:

a. Deputy Chief Officer


b. Public Relations Officer (see Appendix H).
c. Health and Safety Officer
d. Senior Information Services Manager
e. Personnel Manager
f. Deputy Director of Finance
g. Accommodation Services ACO
h. Contracts and Partnerships Manager

5.0 SMIT Objectives

Within 24 hours of the incident occurring the SMIT must:

a. Be located at Residents Temporary Relocation Site.


b. Arrange relocating the residents to semi-permanent accommodation, which provide
supervision and a supportive environment relative to the threat each resident presents to
the public. Priority must be given to residence considered a High Risk to the public,
probation staff and /or themselves. Options for semi-permanent accommodation are at
Appendix E.
c. Informing all relevant HO Departments, Prime Contractors, Hostels, Prisons, Police,
Courts and Partners in the district about the incident, see Appendix F and Annex A.
d. Director of HR and Personnel Manager to inform the families of staff affected by the
incident, and arrange counselling for staff that may require it.
e. Deputy Chief Officer to inform the families of residents affected by the incident.
5.1 Return to Normal Business

The final objective for the SMIT is to establish a management team with the role to plan for the
return to normal business.
Appendix A

Residents Temporary Relocation Site

A relocation site must be chosen which, for 24 hours, can provide:

x enhanced supervision
x moderate comfort (sleeping facilities are not required)
x food and refreshment
x 24 hour staff

In this appendix include the sites address, telephone numbers and directions if necessary. Also
liase with staff at the site to ensure they agree with the selection.

Name, Address and Telephone number of re-location site


Appendix B

Transport Arrangements

Local Taxi firms


Appendix C

SMIT Contact Details

Determine who will be members of the BCMT and list their names, home address, and home and
mobile telephone numbers.
Appendix D

Senior Management Implementation Team (SMIT) Roles and Responsibilities

Chairperson – Hostel Name Manager

x Chair the BCMT.


x To control, direct and manage the Disaster Recovery Plan.
x Assessment of the impact on the business.
x Implementation of part or the entire plan immediately following an incident.
x Key decision-maker at site level.
x Safety and well-being of staff and residence.
x Annually test the BCP to ensure its effectiveness and to make any necessary changes resulting
from the tests.
x To review the Business Impact Analysis and assessment of threats to key business assets
annually, and make any necessary changes resulting from the review.

SMIT Co-Coordinator – Hostel Name Deputy Manager

x Deputise for the Chairperson as necessary.


x Co-ordinate movement to SMIT location.
x Ensuring SMIT minutes are accurate and up to date
x Central contact point for SMIT for all calls and enquiries.
x Liase with emergency services.
x Report to and advise the SMIT Chair.
x Delegate the following:
o Health and Safety Report of incident site – H&S Officer.
o Security Report of incident site – Senior Information Services Manager.
x Restore mail service – HO Administration Manager, see Appendix G.

Prisons and Hostels ACO


x Co-ordination with IT, HR and other HO Departments.
x Inform estates Prime Contractor, Mitie, of incident and liase.
x Inform district offices, Hostels, Prisons, Police and partners of the incident and keep updated, see
Appendix F and Annex A.
x Employment of temporary staff.
x Report to and advise the BCMT Chair.
Appendix E

Residence Semi-Permanent Relocation Accommodation

Within 24 hours of the incident occurring, the BCMT must have relocated the …….. residents to
appropriate semi-permanent accommodation.

This accommodation must be suitable for the Risk the resident represents to the public, staff and/or
themselves. Priority on relocation must be given to those considered High Risk.

Options for relocation include:

x Other Hostels in (Area)


x Hostels outside (Area)
x Prison
x Bail addresses
Appendix F

Prime Contractors and HO Contact Details

When contacting the organisations for the first time after the incident, report the following:

o What has happened


o What facilities are affected
o What is being done
o New (Area) contact details i.e. address, telephone numbers, fax, etc
o Regular updates will follow.

HO Treasurer’s Section

NPD

Board hostels –
Mitie (See Mitie Disaster Recovery Model at Appendix J)

Help Desk
Tel: 01257 236576 (24 hours)

Contracts Manager

Contact details for District Offices, Hostels, Prisons, Partnerships and Emergency Services
can be found in the Directory at Annex A.
Appendix G

Restoring Mail Service

All problems with telephone communication should be put through to the Finance Section at HO

The service provider for mail delivery is the Royal Mail.

If it is necessary to have mail addressed to the Hostel Name address redirected or held at the local
Delivery Office, this can be arranged through the Royal MAIL Customer Service, but will take two
days or more to establish.

Royal Mail Customer Service telephone number: 08457 740740

Until then the mail will continue to be delivered to the Hostel Name address. If it is not possible for
the mail to be delivered it will automatically be held at the local Delivery Office for up to two days.
During this period, and before the arrangements made through the Customer Service take effect,
arrangements can be made to collect the mail from the delivery office by contacting the Delivery
Office direct.
Appendix H

Public Relations Guidelines


1. Creating awareness among offenders and victims of changes in reporting
arrangements and addresses will be essential. The following is an extract from
WYPB Rough Guide to Public Relations’.

2. CRISIS PR:

2.1 1 Anticipate

x Notify your line manager and the PR Section of any anticipated crisis.

x The ostrich position does not work.

x You cannot manage a crisis on your own.

2.2 2 Manage

x Ensure press enquiries are channelled to PR Section.

x Agree one principal spokesperson, media trained, ideally the CO or most senior Chief Officer
available.

2.3 3 Assess

x Deploy responsible member of staff to take press messages and promise to call back.

x Take time out to assess situation and plan approach.

x Meet with designated Chief Officer (see above).

x Establish what has happened.

x Identify who can fill in the background to crisis.

x Consider what press might say/ask.

x Inform others: Committee/Board, staff, Home Office, NPD .

x Deploy member of staff to supply coffee/sandwiches/phone messages/typing and faxing assistance.

x Agree press statement, to include: Reassurance/sympathy


Action being taken
Context

2.4 4 Respond

x Return all press calls.

x "No comment" will not do.

x Use agreed spokesperson/statement only.

x If interest justifies it, consider press conference to provide all interviews etc, at once.
2.5 5 Keep In Touch

x Log all press calls/responses.

x Monitor press/crisis developments.

x Issue further statements if necessary.

x Cross check other planned PR.

2.6 6 Review and Evaluate

x Debrief and feedback session with all staff involved.

x Consider issuing closing, positive press statement.

x Monitor media coverage.


Appendix I
Site plans
Appendix J

Building Information

Address:

Postcode:

Telephone Number:

Fax Number:

Type of Accommodation:

Number of Staff based on site:

Location of Site Plans:

Office Manager:

Official Key Holders

Utility Contact Numbers:

Electricity Gas (Transco) 0800 111 999

Water:
2.7 Approved Premises Name:
Disaster Recovery Plan – Access to Probation Properties Information Sheet

Property Address: Properties Common Name


Elm Bank Hostel E.g. HQ etc
Bradford Rd Office Manager
Cleckheaton Responsible for Building
BD19 3LW
Door location for initial entry & final exit:

Key Holders
Light Switch location(s)access alarm panel only]:

Burglar Alarm Key / control panel location:

Burglar Alarm Disable code and procedure:

Burglar Alarm Set code and procedure:

Entry and Exit walk times for Burglar Alarm

Alarm Monitor Station Tel No. &


security code:
Fire Alarm Disable/Silence procedure:

2.7.1 Utilities main switch locations

2.7.2 GAS cut off Valve:

2.7.3 ELECTRICITY Main isolator:

2.7.4 ELECTRICITY Secondary isolator:

2.7.5 WATER stop valve:


Annex A

Telephone Number and Address Directory

Part 1 Emergency Services


Only in an emergency use 999 where there is danger to life or a crime in
progress.

…………….. Police

For non-emergency calls or to report a crime dial 0845 6060606.

If you do not require Police attendance, but you need Police help and advice, call the
local HelpDesk (available 24 hours). For (Hostel name) dial:

Casualty

Fire Brigade

Local council office

Floodline

Advice and information dial 0845 9881188

Water

Gas

If you smell gas telephone Transco on 0800 111999

Electricity
Part 2 ………

Offices

Hostels

Part 3 Partnership Addresses