IT Hurricane Disaster Planning

In the event of a hurricane watch or hurricane warning, complete the following checklist.

Task

PRE HURRICANE TASKS

1. Upon notification or detection of a Hurricane Watch or Hurricane Warning, determine whether to convene a Crisis Management meeting.
2. Notify the members of the Crisis Management Team of the Hurricane Watch/ Warning.  Convene a[Company]Crisis Management Team meeting and determine any immediate priorities including when staff will be told to go home.
3. Conduct a poll of IT staff and determine whether they intend to leave the area.  For those staff leaving the area, request details of where they will be located and a contact number.
4. Identify a location where the Crisis Management Team will assemble on day 1 to 3 after the hurricane (in the event that system wide communications channels are unavailable).
5. Ensure that all IT equipment is secured and determine whether any IT systems will be powered down for the duration of the storm.
6. Devise a strategy for IT staff to meet and perform a damage assessment once the storm has passed.
7. Liaise with Facilities to ensure that all IT staff have access to the buildings to perform a damage assessment after the storm has passed.
8. Stand down IT staff when the decision has been made to do so.

POST HURRICANE TASKS

1. Once the hurricane has passed:
   • Listen to the government advisory on the radio for a status of damage to the local infrastructure.  Determine whether landline and mobile communications are available (including text messaging services);
   • Attempt to contact members of the [Company] Crisis Management Team and advise them of your well-being; AND
   • Advise the members of the Crisis Management Team that you intend to attempt to perform an initial damage assessment of the data centers and IT infrastructure and inform them to standby.
2. Monitor the status of damage to the local infrastructure and accessibility to the buildings in conjunction with local and Government radio broadcasts.
3. In the event that it is not possible to gain access to the building to perform an IT related damage assessment:
   • Determine whether it is possible to assess systems availability without gaining access to the affected building; AND
   • Liaise with Facilities to enable IT to gain access to the affected building at the first opportunity.
4. Complete the IT related damage assessment at the first opportunity and establish the extent of the damage including:
5. Which systems are affected;
   • Whether it is possible to repair the damage to the IT systems with technology supplies that are available locally;
   • Whether the affected building will be available for the rebuilding of the damaged IT infrastructure; AND
   • An estimate of time it will take to repair the damage to the IT infrastructure.
   • Convene a Crisis Management Team meeting and communicate the results of the damage assessment.  Inform the Crisis Management Team of the estimated time it will take to restore the affected IT services.
6. In conjunction with the Crisis Management Team, determine whether it is necessary to invoke the affected business, service delivery and IT recovery plans.
7. Confirm the affected systems criticality ratings and ensure that application restore priorities meet with[Company]group priorities.
8. Ensure IT staff, suppliers and any required contract staff are available to commence systems repairs.
9. Conduct any repairs to the IT infrastructure that is possible.
10. Liaise with Human Resources to identify and obtain any out of area specialist skill-sets that are required to assist with the repairs to the IT infrastructure.
11. Continue to liaise with the Crisis Management Team and ensure that they are continually aware of the status of the availability of the IT infrastructure.