Home Project Overview About the Project Executive Summary Conference Handouts & Slides Press Releases For Superintendents & Policy Makers For Technology Leaders Security Updates & Articles Online Security for Students Share Your Story Free Newsletter Contact Us Join CoSN Blogs and Podcast
Navigation Bar
Keep In Touch

Just fill out the form below, and we'll contact you whenever new information, case studies and best practices are posted to the site!








Please send me more information about becoming a CoSN Member

 
For Technology Leaders
 

The Planning Process

Security Planning Protocol Phase 4:
Crisis Management

Flowchart Version of Phase 4

Reviewing the Risk Assessment Report for possible crisis scenarios, from environmental disasters to technology failures, the security team develops response protocols to limit damage and ensure continuity during a crisis, to rebuild and restore services, to marshal emergency support and services, and to communicate appropriately with all stakeholders.

Since crises vary in breadth and intensity, action plans must be modular and prioritized. District size, geography, and resources dictate the extent of crisis preparedness that’s possible. Not all districts can afford “hot-site” redundancy, but the value of thorough documentation and off-site backups will become apparent when the security team conducts dry runs and training for designated staff.

In addition to regular updates of emergency call lists and periodic training, practice and review must be done to ensure confidence in the crisis management plan, to keep the staff sharp and skilled at dealing with the unforeseen, and to reveal possible weaknesses in the plan.

Flowchart Version of Phase 4

>>Back to Phase 1: Set Security Goals

 

4-A. Crisis Brainstorming & Analysis

Purpose: To list and prioritize potential crises

Immediate outcome : To build an agenda for crisis planning

Phase 2’s Risk Assessment Report will significantly reduce the time to complete this step.

4-B. Create Response Protocols

Purpose: To establish procedures for rapid assessment of problem, limitation of damage, and operational continuity.

Immediate outcome : To create action plans for operational continuity that can be verified through testing

4-C. Recovery

Purpose: a system by system process of getting back to normal after a crisis, and incorporation of recovery needs into the current operational budget planning.

Immediate outcome : Knowledge and preparation for post-crisis activity.

4-D. Crisis Plan Testing

Purpose: Make sure the paper ideas actually work.

Immediate outcome : Improvements in the plan; confidence and skills in the IT staff – and among stakeholders – that problems will be dealt with.

 

  
A Leadership Initiative of CoSN