WIXLIB

Campus-wide Planning for BusinessContinuity and Emergency OperationsGloria Hauck Thiele & Alan McCordUniversity of Michigan Office of the University CIOEDUCAUSE 2000

Agenda Welcome, Overview, Icebreaker Campus-wide project planning: Backgroundand context setting using Y2K Unique Aspects/Outcomes Discussion/Sharing Tools & Templates Examples: how to leverage gains Summary, evaluation, wrap-up

Purpose of the Session Share U-M preparedness model and lessonslearned Learn how to leverage the Y2K success forcampus preparedness Explore how to ensure your campus isprepared for technical outages & otheremergencies Share successful tools, techniques, &experiences Take home some “how to’s”

Icebreaker Activity After forming small groups, introduceyourselves to each other Discuss, then identify the questions, issues,and desired outcomes that brought you to thisworkshop today Write each on a Post-it Note Post them on the “Questions/Issues” board Time - 15 minutes

Background & Context Setting: U-MModel Timeline /MethodologyProject OrganizationTools and AidsEmergency Operations PlanIT Support

“What we can’t measure are things thatwere built like trust, collaborations,comradery, and a better understandingfrom all levels, of how different areasinteract, does business or just surviveswithin the University environment.”— Y2K school/college/unit representative

Timeline/Methodology Information & awareness campaignUnit Representative awareness and trainingAssessment completedAction plans developedQuarterly reportsContingency planning trainingUnit contingency plans completedY2K Communication & event management plancompleted Communication & event management plan implemented Emergency response team formed and trained Emergency response center created and activated

Project OrganizationBuilt on existing linemanagementstructure:Specific for this effortfrom UCIO: Executive Committee Project Leader Unit Representatives Communications teamleadership Emergency ResponseTeam Tools and Helps

Unit Representatives: Responsibilities Coordinate with Executive Committee toensure unit awareness and completion of allproject deliverables Ensure focus on mission-critical processes Provide information channel between unitsand University-wide sources Submit quarterly status reports Identify outstanding issues and action plansto resolve

Emergency Response Team:Responsibilities Coordinate incident response andcommunications Ensure a University-wide view of conditions Build on current practices making best use ofexiting processes and resources Service Provider Teams direct responsedeployment within their campus operationscenters Coordinate communications with serviceproviders and their constituencies tocoordinate a comprehensive view

Tools and Aids U-M Organizational Priorities defined by theU-M Executives Information & Awareness Campaign Web site Training sessions Contingency Planning Fully equipped EOC and secure web-basedstatus board

Tools and Aids: Information &Awareness Campaign Web site– enhancing information and tool sharing– automated forms submission and reporting– full-phased project support and complete historicaldocumentation Information and training sessionsExtensive use of mediaSchool, college, unit presentationsCommunity outreach

Tools and Aids: Contingency Plans Focused on mission-critical processes: U-Mpriorities Identified dependencies Developed/updated unit’s plans Increased communication and sharing Leveraged technology

Tools and Aids: Emergency OperationCenter Documented existing capabilities &responsibilities Define and established a communicationcenter to address gaps Fully equipped and IT supported EOC Automated staffing and scheduling process

Tools and Aids: IT Support Campus-wide Y2K web site enhancinginformation and awareness campaign and toolsharing Fully equipped EOC: telephones, radios,workstations, televisions, video 1-877-UM-Y2K-OK Conference Bridge Secure web-based EOC “status board”

Share Session Purpose: To identify additional activities fromyour campuses’ that can be added to thepreparedness model Instructions– Identify and discuss preparedness activities– Write activity on Post-it Notes Share with everyone & bring Notes tofacilitators 15 minutes

How We Benefited from Y2KWe know: how the fabric of ourorganization is woventogether the value of informationsharing how to build diversepartnerships andcooperationWe have: visibility at the top “can-do” reputation

Unique Aspects/Outcomes1.2.3.4.5.6.Finally seen not only as an IT ProblemProject management facilitationEnhanced relationships & partnershipsBasis for campus Business Continuity PlanEnhanced Emergency Operation PlanEnhanced communication and cooperation

Unique Aspects/Outcomes1. Seen not only as an IT Problem-- Loss of IT capabilities has great businessprocess impact-- IT facilitated the successful response to abusiness/management problem

Unique Aspects/Outcomes2. Project Management -- decentralized andworking through exiting U-M managementstructures-- Unit Representatives-- Contingency Plans-- Communications Team-- Emergency Response Team

Unique Aspects/Outcomes3. Enhanced Relationships & Partnerships-- Dept Public Safety-- Risk Management-- Plant & Facilities-- Medical Center IT-- Faculty Leadership -- Prof. James Snyder

Unique Aspects/Outcomes4. Basis for Campus Business Continuity Plan-- Focused on mission-critical processes:U-M priorities defined-- Identified dependencies-- Developed/updated unit’s plans-- Increased communication and sharing-- Leveraged technology

Unique Aspects/Outcomes5. Response Center Model:– Response Center Emergency Operations Center Information Team– Tier 1 service providers– Tier 2 unit representatives– DPS Dispatch– ITCom Dial-0 operators

U-M Y2K Response Centerand Tier 1 Command CentersTier 1ProviderTier 1ProviderTier 1ProviderU-M Y2KResponse CenterTier 1Provider

Emergency Response Team Purpose– Insure coordination and cooperation of Y2KEmergency Response Center, DPS EmergencyOperations Center, and service providers’ operationscenters.– Relieve service providers of the burden to provideinformation to a concerned UM Community whenresources will be strained.– Insure Y2K incidents are resolved quickly.– Insure timely and accurate communication is tointernal and external stakeholders.– Provide a well-trained and properly supplied center.– Successful management of the rollover event.

Supporting Technologies U-M telephonesAmeritech telephonesRadio phonesCellular phonesDPS dispatchE-mailWebFax Action logsStatus boardVideotapingCable television––––CNNWeather ChannelBBCLocal news

Unique Aspects/Outcomes6. Enhanced Communications and Cooperation-- Diverse communication team of informationproviders from various University units-- Built on existing “campus watch group”

Enhanced Communications andCooperation– Reviewed existing processes and identifiedgaps– Created integrated communication plan– Developing matrix with key messages,audiences, vehicles and timelines– Working with members of team University wideto disseminate key information in a timely andappropriate manner– Provided standard press/media roomenvironment

BREAK15 minutes

Discussion & Sharing on Outcomes Identify your campus’ unique outcomes Discuss how these could be applied to othercampuses Make list of additional outcomes 15 minutes

OUTCOMES: What, Why, HowLeveragedDIRECT Business ContinuityPlan Emergency OperationsCenter IT Disaster RecoveryINDIRECT Infrastructure Review Security Architecture Emergency OperationsPlan (EOP)

OUTCOMES: Business Continuity PlanWork Group Charge: Ensure the maintenance of campus-wide businesscontinuity plans to sustain critical operations in theevent of a technical outage or other disaster. Establish an ongoing process that ensured theUniversity is prepared through business continuityplan readiness. Build on and further develop information collectedduring Y2K contingency planning.

OUTCOMES: Business Continuity PlanWork Group Outcomes: Successfully created basic procedures for businesscontinuity planning. Now ready to collect information from University unitsand integrate into the planning materials. Awareness and training sessions scheduled.

Transition from Y2K ContingencyPlanning: New features Web site: www.cio.umich.edu/office/bus-cont/ Status of business continuity planningactivities– Public page– Secure page Updated supporting information Checklist and trigger information added Establishing a yearly review & updatingprocess Year end: Critical information linked withDPS/EOP

Business Continuity Plan Process:www.cio.umich.edu/office/bus-cont/

Business Continuity Plan Process:www.cio.umich.edu/office/bus-cont/

Business Continuity Plan Process Check secure Web site for unit’s currentinformation Review “Update Triggers” with unit’s situation Review existing plan to ensure readiness(see “How to Develop a Business ContinuityPlan” on web site) Apply Emergency Response Checklist

Business Continuity Plan Process(cont.) Update plan as required Obtain reviews and approvals Submit Business Continuity Plan SummaryForm to “bus.continuity.reports@umich.edu” End of October: yearly review and updatetarget

OUTCOMES/TEMPLATES: EmergencyOperation Center

Tier 1 and 2 Service Providers Tier 1 service providers– DPSS– Housing– InformationTechnology– Plant– UMHS Tier 1 providers haveseats at EOC Tier 2 service providers–––––––––Human ResourcesProvost/administrationPurchasingRegional campusesResearchRisk rs

U-M Y2K Response Center ws &InfoPolicyPurchasingRisk ManagementTransportationStatus BoardBBCLCL

U-M Y2K Information FlowStatusBoardTier PSSDispatchHotlineTier 800 auto-attendantDial-0Operators

Tier 2 Service ProvidersCommunication Tier 2 service providers per published schedule Constituents and/or unit representatives report toTier 1 providers per normal procedures Unit representatives use hotline to ResponseCenter for specific information Service providers fan-out to constituent groups percontingency plan “triggers” Some Tier 2 representatives may be called toResponse Center per contingency plan “triggers”

Catastrophic Thinking & Practice “What’s the worst that can happen?” GroupDiscussion Exercise Table Top/Simulation Exercise

OUTCOMES/TEMPLATES: IT Support

OUTCOMES: IT Disaster RecoveryWork Group Charge: Strengthen existing business continuity and disasterrecovery planning efforts Build upon earlier work -- tool, methodology, Y2Kpreparedness Coordinate efforts with business continuity planning

OUTCOMES: IT Disaster RecoveryWork Group Outcomes: Central IT Service Providers stretched with Y2K and MPathways implementation demands Major IT service providers are creating project plans &timelines for the electronic capture of IT DisasterRecovery plans Barriers to be identified UMHS has and is implementing overall plan and will becooperative partner with campus. Building blocks for coordinated disaster response plans

OUTCOMES: Infrastructure ReviewF ig u re 1 : M ic h ig a n M o d e l o fIn fo r m a tio n T e c h n o lo g y S e r v ic e sC o s t - e f f e c t iv eS c a la b l eT r a n s f e r a b leS u s t a in a b leS p e c ia liz e d A p p lic a tio n s& S e rv ic e sC o r e A p p li c a t i o n s & S e r v i c e sM i d d l e w a r e / E n a b li n gT e c h n o lo g i e sF a c i lit i e s a n d O p e r a tio n sP h y s ic a l In fr a s tru c tu r eF u n c t io n a lR e s p o n s iv eA v a ila b leC o s t - e f f e c t iv e

OUTCOMES: Infrastructure Review Group charge––––––––campus networkcampus data centersdial-up networking servicesresident hall networkinghigh-speed connectivity to off-campus residencescampus computing sitescampus video servicesmicrowave and satellite uplink/downlink services

OUTCOMES: Infrastructure Review How Y2K readiness facilitated the success ofthis effort–––––up-to-date inventoriescurrent documentationpartnershipscommunicationsgreater awareness of interdependencies andneeds