Consider developing an overview of these priorities and identifying potential areas for attention given risk probabilities and vulnerabilities. The planning team should aim to clearly identify the planning constraints and institutional limitations that will influence the SEMP building blocks and the subsequent development of the SEMP. For example, an institution can be constrained by the availability of training for EM planning team members and by the number of EM positions they have staffed.
Similarly, certain assumptions will be made that influence the development of the SEMP building blocks. For example, an assumption might be made that the resources required to develop the SEMP will be paid out of the current fiscal year's budget. Each federal government institution is unique. When developing the SEMP, numerous planning considerations can be addressed.
Although planning considerations will vary from institution to institution, the following identifies the most common planning considerations associated with the four pillars of EM planning. These are in large part taken from the Federal Policy for Emergency Management.
The cross-reference table of existing plans by identified institutional risks provided in Annex C, Appendix 4, can assist in cross-referencing your most prevalent risks and the tools in place to address them such as existing plans. A further cross-referencing can then be undertaken with the four pillars of EM to help target specific activities in one or more of the following areas. A SEMP should inform each federal government institution's overall priorities and tie into its business and strategic planning activities.
This will allow greater integration of the SEMP into existing resource allocation mechanisms within federal government institutions. The objective of planning activities associated with prevention and mitigation efforts is to reduce risk.
Accordingly, the planning team may wish to consider:. Federal government institutions can perform a cost-benefit analysis of the prevention and mitigation options e. The objective of planning activities associated with preparedness is to have an effective and coordinated approach to EM and operational readiness. Federal government institutions should consider personnel surge capacity requirements in their plans to support sustained operations, as well as the ability to react to any additional hazard or event that may occur while the response and recovery operations are taking place.
This capacity can be supported through a number of mechanisms, including mutual assistance agreements between jurisdictions and other pan-Canadian resources, such as professional associations, corporations and non-government organizations e.
The objective of planning activities associated with institutional responses to changing threats, hazards or specific incidents is to have an effective and integrated response in accordance with established strategic priorities.
Accordingly, the planning team may wish to:. The ICS helps to promote clear lines of authority, is scalable to large or small events, and is widely used by first responders such as police or fire departments in various jurisdictions.
It is also the basis of the response framework for the FERP. Think about engaging your communications branch so that they are aware of internal and external communications requirements. This will also help you target key message as appropriate. The objective of planning activities associated with the recovery component of EM is to provide for the restoration and continuity of critical services and operations.
Once the event is over and response operations are completed, federal institutions should participate in any whole-of-government reviews as appropriate. Federal institutions should also undertake their own internal reviews through meetings with all staff and stakeholders involved in the incident response to compare notes on the recovery operations, identify the lessons learned and best practices, and finalize the after event report AER and the Capability Improvement Process CAIP matrix.
Consider developing an inventory of the plans that the institution currently has in place, and then "overlay" these plans with the risks that have been identified and the gaps requiring the attention of senior management, so that a decision can be made as to what other plans may need to be produced. The cross-reference table provided in Annex C, Appendix 5, as stated above, can serve as a tool to complete this task. The SEMP establishes a federal government institution's objectives, approach and structure for protecting Canadians and Canada from threats and hazards in their areas of responsibility, and sets out how the institution will assist the coordinated federal emergency response.
It should be strategic and be designed to have safeguards and processes to trigger appropriate actions in response to changing threats and hazards, as well as in response to specific incidents and events. Planning inputs into the development of the SEMP should include key linkages, including, but not limited, to:.
In order to develop an effective SEMP, institutions are encouraged to consider the following activities:. The template serves as an outline that can be modified to meet institutional requirements and provides additional guidance on how to complete each section. The template comprises six parts:. It should also provide an overview of any legislative requirements, limitations and authorities. Part V: Logistical Support and Resource Requirements — Identifies logistical support and resource requirements annexes may be used to expand as required.
It also details any financial management and administrative requirements. Appendices — Supporting plans e. Include information on its owner and location. While writing the SEMP, it is important to once again engage internal and external stakeholders in order to have a comprehensive approach to plan development. This will also assist in open communications with key partners.
Once stakeholder consultations are concluded, the final draft of the SEMP is prepared for review by senior management. Steps can include integration of comments from consultation. In order to support the continued resourcing and relevance of the SEMP, federal government institutions should consider the optimal planning timeline for developing and reviewing the plan. It may be beneficial to align the EM planning cycle to the Government's business planning cycle, as demonstrated in Section Two.
The final stage in developing the SEMP is to seek the approval of senior management. This will provide the authority for the SEMP to be implemented. The inputs that contribute to this step include:.
The final and approved version of the institution's SEMP should be distributed to all members of the EM governance structure, the EM planning team, those employees who have key roles and responsibilities, and other stakeholders.
This includes distribution to the communications branch to ensure that they have it readily available. Blackberries are an excellent tool and can serve as a storage device for your SEMP. Ask your IT team how it can be uploaded to your device. The SEMP must be resourced. This process involves assessing available resources including supporting departments' emergency support functions ESFs and their ability to respond.
Key questions to consider include:. If the answers are no, identify what can be done to correct the problem. For example, you may need to:. The training plan should consider the training and information needs of employees, contractors, managers and those with an emergency response role identified in the SEMP.
Over a month period, the training plan should address the following questions:. An exercise is a focused practice activity that places the participants in a simulated situation requiring them to function in the capacity that would be expected of them in a real event.
Its purpose is to promote preparedness by testing policies and plans and by training personnel. Exercises can be designed to test individual essential elements, interrelated elements, or the entire plan s. They can take many forms, such as:. It is important to keep records of events that occur throughout the exercise and to take note of what works, what does not work, and areas in need of improvement e. After any exercise, consider completing an after activity report AAR.
The AAR should ideally recommend potential improvements to plans, policies, processes or procedures, closure of gaps or additional training required as best practices. In addition, the SEMP should ideally be reviewed following any exercise, in order to incorporate lessons learned and best practices identified though the CAIP. For further information, please contact EMPlanning. The SEMP should be executed in response to established triggers, an incident or a planned event.
Institutions should consider developing concise SOP to address how the relationship and interdependencies with other federal government institutions will be initiated when the SEMP needs to be executed. Once triggered, the SEMP will be executed in alignment with the FERP and in accordance with operational guidance provided by the federal government institution's senior management responsible for EM or assigned lead. Operational guidance can include response and execution considerations such as an Incident Command System.
The AER should ideally recommend potential improvements to plans, policies, processes or procedures, or additional training required. The SEMP should be reviewed once every two years. In addition to periodic reviews, institutions are encouraged to maintain and update the SEMP through the following activities:. Continuous capability improvement, including incremental and transformational change, is undertaken systemically as an integral part of EM functions and practices at all levels, as appropriate, to minimize the recurrence of problems.
Although reflected in Step 5 of the blueprint, capability improvement applies to all steps of the planning process. As well, conducting an evaluation of the entire SEMP once every two years or as appropriate should be considered.
The issues to be considered include the following:. It will assist federal government institutions in meeting federal legislative requirements. This template serves as an outline that can be modified to meet institutional requirements and provides guidance on how to complete each section. Text in black is proposed wording to complete a section that is more generic in nature; black text in brackets indicates sections to be customized. All text in blue italics serves as guidance on how to complete each section and should be deleted prior to finalizing the plan.
Provide a general introduction to the SEMP and discuss the most common emergencies affecting the institution's area of responsibility. Clearly identify the intention of the plan as it relates to your organization. This should be one paragraph.
The Emergency Management Act EMA states that each federal minister is responsible for the identification of risks that are within or related to his or her area of responsibility, including those related to critical infrastructure.
Under the EMA, ministers are required to prepare emergency management plans in respect of those risks; maintain, test and implement the plans; and conduct exercises and training in relation to the plans. Other relevant federal legislation should be identified. Specify areas of legislation that are specific to the institution and that were considered in preparation of the SEMP.
Comprehensive and integrated emergency management is a shared responsibility between all levels of governments, the private sector, non-governmental organizations and individual citizens. A key function for the Government of Canada is to promote the safety and security of Canada and Canadians.
Include applicability of the SEMP to the institution and discuss historical data of relevance to understanding the current context. Four pillars of effective emergency management in Canada have been considered in all aspects of this plan and are described as follows:.
Prevention and mitigation — Actions taken to identify and reduce the impacts and risks of hazards before an emergency or disaster occurs. Preparedness — increases a community's ability to respond quickly and effectively to emergencies and to recover more quickly from their long-term effects, and involves actions taken prior to an event to ensure the capability and capacity to respond.
Response — actions taken during or immediately after an emergency or disaster to manage the consequences. Recovery — actions taken after an emergency or disaster to re-establish or rebuild conditions and services to an acceptable level. Identify the objectives of the SEMP. Define the institution's risk environment based on the outputs of Step 2 of the Emergency Management Planning Guide. These outputs include the environmental scan, the criticality assessment and the all-hazards risk assessment.
This is the main part of the SEMP. A diagram should be included to illustrate the institution's EM governance structure. The inter-relationships during an emergency between the institution in question and the rest of the Government of Canada, as well as provincial and territorial EM organizations and other key stakeholders, should also be described and possibly represented graphically.
Response levels should also be defined. The institution 's emergency management governance structure is consistent with the structure of the Government of Canada as outlined in the FERP, which involves engaging existing governance structures to the greatest extent possible in responding to an emergency.
Describe logistics support and resource requirements. Appendices may be used to expand if required. Financial management requirements should also be identified in this section. Outline the procedures to be followed with regards to testing, exercising, maintaining and reviewing the SEMP. Supporting plans — e.
A core responsibility of the Government of Canada is to promote the safety and security of Canada and Canadians. Emergencies, disruptions and other threats have the capacity to endanger life, personal health and safety and property, and to disrupt service delivery to Canadians. The Government of Canada has adopted an all-hazards approach to emergency management, encompassing four interdependent, but integrated functions: mitigation, preparedness, response and recovery.
Federal government institutions are responsible under the Emergency Management Act to identify the risks that are within or related to their area of responsibility, including those related to critical infrastructure, and to prepare emergency management plans in respect to those risks; maintain, test and implement those plans; and conduct exercises and training in relation to those plans. It also details the responsibilities of federal government institutions within each of the four integrated functions.
This template provides further details on the responsibilities identified in the Federal Policy for Emergency Management to support senior departmental officials, managers and coordinators in meeting their integrated departmental emergency management planning requirements under the Emergency Management Act.
It provides a comprehensive overview of the steps and process required to produce a SEMP. This Guide should serve as the primary resource for the planning team. The size of the planning team will depend on the federal government institution's scope of operations, requirements and resources. Regardless of the size of the core planning team, it should seek input from the following areas: How can all levels of management be engaged in evaluating and updating the SEMP?
On authority of the federal government institution's senior management, the planning team develops and issues a mission statement. Social determinants of health maps , Centers for Disease Control and Prevention. Critical examination of knowledge-to-action models and implications for promoting health equity , National Collaborating Centre for Determinants of Health A guide to community engagement frameworks for action on the social determinants of health and health equity PDF document , National Collaborating Centre for Determinants of Health Alberta Health Services: Establishing province-wide social determinants of health and health equity approach , National Collaborating Centre for Determinants of Health British Columbia Addressing the social determinants of health of Aboriginal infants, children and families in British Columbia , National Collaborating Centre for Aboriginal Health Towards reducing health inequities: A health system approach to chronic disease prevention: A discussion paper PDF document , Provincial Health Services Authority Ministry of Health and Social Services Norway National strategy to reduce social inequalities in health , Minister of Health and Social Services Rio political declaration on social determinants of health PDF document A conceptual framework for action on the social determinants of health PDF document Closing the gap in a generation: Health equity through action on the social determinants of health PDF document A guide to community engagement frameworks for action on the social determinants of health and health equity , National Collaborating Centre for the Determinants of Health and Healthy Public Policy Tools and approaches for assessing and supporting public health action on the social determinants of health and health equity , National Collaborating Centre for the Determinants of Health and Healthy Public Policy Integrating social determinants of health and health equity into Canadian public health practice , National Collaborating Centre for the Determinants of Health Thirteen public interventions in Canada that have contributed to a reduction in health inequalities , National Collaborating Centre for Healthy Public Policy A conceptual model for use in surveillance and public health planning.
Developing the SEMP can be supported by a formal work or project plan to ensure that established timelines for plan development are met. After completing the above steps, the planning team should consider developing a detailed work plan that includes a schedule with realistic timelines, milestones that reflect the institutional planning cycle, and a responsibility assignment matrix with assigned tasks and deadlines.
Specific timelines should be modified as priorities become more clearly defined. This is also an ideal time to develop an initial budget for such items as training, exercises, research, workshops and other expenses that may be necessary during the development and implementation of the SEMP. As a next step, federal government institutions should consider developing a comprehensive understanding of the planning context.
This step is often the most comprehensive and complex. Notwithstanding the blueprint provided, this step is not proposed as a linear process, but rather as a set of related components and activities that can be undertaken in the sequence that best suits the institution.
Additional supporting planning tools and templates as well as an EM glossary are provided in Annexes C and D, respectively. An environmental scan involves being aware of the context in which an institution is operating so as to understand how it could be affected. It entails a process of gathering and analyzing information and typically considers both internal and external factors see Figure 3: The Planning Context for additional information on the factors to consider.
Scanning can be done on a regularly scheduled basis, such as annually, or on a continuous basis for environmental factors that are dynamic or that are of greatest interest to the institution. As part of the environmental scan, the institution defines the internal and external parameters to be taken into account when managing the risk and setting the scope and risk criteria for the remaining risk assessment process.
It sets the time, scope and scale and contributes to adopting an approach that is appropriate to the situation of the institution and to the risks affecting the achievement of its objectives. Additionally, federal government institutions are responsible for conducting mandate-specific risk assessments, including risks to critical infrastructure.
The key to any emergency planning is awareness of the potential situations that could impose risks on the organization and on Canadians and to assess those risks in terms of their impact and potential mitigation measures. The following diagram illustrates the external and internal environmental factors to consider. The Planning Context is represented in a target diagram that consists of three circles representing the factors federal institutions should consider in order to understand the context in which it operates and how it could potentially be affected.
The outer and middle circles represent the external context in which the institution seeks to achieve its objectives. The external context includes the following elements:.
The inner circle is depicted as a radial diagram with the federal institution undertaking an environmental scan as its core internal factors that influence its work. These are arranged in small circles around the centre and are directly linked to the centre, the institution. The internal factors that all have an influence on the institution are:. Understanding the internal context is essential to confirm that the risk assessment approach meets the needs of the institution and of its internal stakeholders.
It is the environment in which the institution operates to achieve its objectives and which can be influenced by the institution to manage risk. The internal context may include:. Understanding the external context is important to ensure that external stakeholders, their objectives and concerns are considered. The external context is the environment in which the institution seeks to achieve its objectives and may include:.
There are several approaches to developing an institutional environmental scan. Consider reviewing your federal government institution's most current environmental scan, as well as the most current RCMP Environmental Scan which can be found on the RCMP Web site , in order to develop a better understanding of pressures and issues facing your institution.
Once all documentation is identified, consider conducting a gap analysis to determine whether the institution is currently meeting its obligations as identified in Step 1.
If gaps are identified, these should ideally be gathered and presented as part of Step 3 when developing the EM Planning Framework and confirming the institution's strategic EM priorities.
During this process, consider conducting a full review and analysis of stakeholder documentation and reports. Where possible, input from external partners should be sought.
This process will add the extra assurance that your institution is linked in with partner agencies and others to assist in developing the broader environmental picture and in identifying EM-related interdependencies. Stakeholders may include First Nations, emergency first responders, the private sector both business and industry , and volunteer and non-government organizations. An inventory of critical assets and services will assist the planning team in identifying the associated threats, hazards, vulnerabilities and risks unique to their institution.
This activity may be accomplished as follows:. It is important to identify, appraise and prioritize all institutional assets. Assets can be both tangible and intangible and can be assessed in terms of importance, value and sensitivity.
This assessment should ideally consider the entire institution i. If a business impact analysis BIA has already been completed for your federal government institution's BCP, this analysis can greatly inform your criticality assessment.
When conducting a criticality assessment, it is important to be objective when prioritizing the importance of institutional assets, as not all assets are critical to an institution's operations. Adopting the current Treasury Board Policy related to material and asset management and coding criteria will help structure an effective approach. Federal government institutions may wish to list potential "external" hazards and threats i. All available threat assessments should ideally be reviewed by analyzing the assessment's evaluation of hostile capability, intentions and activity, the environment influencing hostile and potentially hostile groups, and environmental considerations, including natural, health and safety hazards.
A comprehensive but non-exhaustive list of hazards and threats relevant to the Canadian context can be found in Annex C, Appendix 3. For further information, you may wish to consult the Canadian Disaster Database, which contains detailed disaster information on over natural, technological and conflict events excluding war that have directly affected Canadians over the past century. The database can help federal government institutions to better identify, assess and manage risks, and can be accessed by sending a request to Public Safety Canada at cdd-bdc ps-sp.
Traditionally, a threat assessment is an analysis of intent and capabilities in the occurrence of a threat. It should:. The all-hazards risk assessment, presented below, can use information contained in institutional threat risk assessment TRA reports or information from other sources such as the Integrated Threat Assessment Centre ITAC. A threat awareness collection process should ideally link to the federal institution's information requirements and available resources.
As appropriate, more specific terrorist threat and hazard information can be obtained from ITAC. They can also add your federal government institution to a distribution list that contains unclassified information. ITAC can be contacted at itac1 smtp. A vulnerability assessment looks at an inadequacy or gap in the design, implementation or operation of an asset that could enable a threat or hazard to cause injury or disruption. In order to identify vulnerabilities, an institution should first identify and assess existing safeguards associated with critical assets and activities.
With respect to known threats and hazards, a vulnerability exists when there is a situation or circumstance that, if left unchanged, may result in loss of life or may affect the confidentiality, integrity or availability of other mission-critical assets. Risk assessment is central to any risk management process as well as the EM planning cycle.
It is a formal, systematic process for estimating the level of risk in terms of likelihood and consequences for the purpose of informing decision-making. Each institution has its own strategic and operational objectives, with each being exposed to its own unique risks, and each having its own information and resource limitations.
Therefore, the risk assessment process is tailored to each institution. Institutions may choose to assess a portfolio of risks, as opposed to specific individual risks, which enables a holistic review of risk treatment decisions. The output of the risk assessment process is a clear understanding of risks, their likelihood and potential impact on achieving objectives.
It provides improved insight into the effectiveness of risk controls already in place and enables the analysis of additional risk mitigation measures. An all-hazards approach to risk management does not necessarily mean that all hazards will be assessed, evaluated and treated, but rather that all hazards will be considered.
This part of the process consists of three main activities: risk identification, risk analysis and risk evaluation. The outputs of these three steps provide decision-makers with an improved understanding of the relevant risks that could affect objectives as well as the effectiveness of risk controls already in place. A risk assessment should generate a clear understanding of the risks, including their uncertainties, their likelihood and their potential impact on objectives.
The all-hazards risk assessment AHRA process should be open and transparent while respecting the federal institution's context. It should be tailored to the institution's needs and should identify any limitations such as insufficient information or resource constraints.
Third-party review may be used to confirm the integrity of the AHRA process. In this section, risks translate into events or circumstances that, if they materialize, could negatively affect the achievement of government objectives. The hazard risk domain is covered by the AHRA process. However, the strategic risk domain e.
The AHRA process focuses on risks that may occur in the medium term generally years. It also encourages an all-hazards approach when considering risks to be assessed. Once the institution's context is clearly understood refer to the environmental scan in Step , the next step is to find and recognize hazards, threats and possibly trends and drivers, and to describe them in risk statements.
Risks should be described in a way that conveys their context, point of origin and potential impact. The aim is to generate a comprehensive list of risks based on those events that might prevent, degrade or delay the achievement of objectives. It involves the identification of risk sources, areas of impact, events and their causes, as well as potential consequences.
Information can be gleaned from historical data, theoretical analyses, and informed and expert judgements. Risks can be identified though several mechanisms: structured interviews, brainstorming, affinity grouping, risk source analysis, checklists and scenario analysis.
Characterization of risks should use an appropriate breadth and scope; it can be difficult to establish a course of action to treat risks if the scope is too broad, while a scope that is too narrow will create too much information, thereby making it difficult to establish priorities.
Risks should be realistic, based on drivers that exist in the institution's operating environment. Risks are not to be confused with issues. Issues are events that may drive risks, but are not risks in themselves. A risk register or log is used to record information about identified risks and to facilitate the monitoring and management of risks. A risk register will typically describe each risk, assess the likelihood that it will occur, list possible consequences if it does occur, provide a grading or prioritization for each risk, and identify proposed mitigation strategies.
It can be a useful tool for managing and addressing risks, as well as facilitating risk communication to stakeholders. A risk portfolio or profile can be created from the register, helping to compile common risks in order to assess interdependencies and to prioritize groups of risks. The risk register will likely be adjusted as risk assessment results change.
The objective of risk analysis is to understand the nature and level of each risk in terms of its impact and likelihood. It provides the basis for risk evaluation and decisions about risk treatment.
Probabilistic methods provide more information on the range of risks and can effectively capture uncertainty, but require more data and resources. Qualitative analysis is conducted where non-tangible aspects of risk are to be considered, or where there is a lack of adequate information and the numerical data or resources necessary for a statistically significant quantitative approach. It is usually used for analyzing threats with less tangible intent judgements on terrorism, sabotage, etc.
Descriptive scales can be formed or adjusted to suit the circumstances, and different descriptions can be used for different risks. Qualitative data can often be estimated from interviews with experts. Qualitative analysis is often simpler, but also results in high uncertainty in the results. Consider consulting your institution's subject matter experts when evaluating quantitative likelihood through historical data, simulation models and other methods.
Subject matter experts can also assist in evaluating likelihood from a qualitative perspective, for instance by using a Delphi technique a group communication process for systematic forecasting. For instance, a pre-determined set of impact questions can be used to better assess risk consequences, such as:. Consequences can be expressed in terms of monetary, technical, operational, social or human impact criteria. They can be evaluated against predetermined segments of interest to the institutions e.
Additional information on analyzing likelihood and impact is provided in the Treasury Board Integrated Risk Management Framework Guidelines. The purpose of risk evaluation is to help make decisions about which risks need treatment and the priority for treatment implementation. This also provides a baseline as to risks without any management measures. Risk evaluation is the process of comparing the results of the risk analysis against risk criteria to determine whether the level of risk is acceptable or intolerable.
Existing controls, the cost of further risk treatment and any policy requirement implications are considered when deciding on additional mitigation measures. Risk criteria are based on internal and external contexts and reflect the institution's values, objectives, resources and risk appetite over-arching expression of the amount and type of risk an institution is prepared to take.
Risks can be prioritized by comparing risks in terms of their individual likelihood and impact estimates. Prioritization can be shown graphically in a logarithmic risk diagram, risk-rating matrix or other forms of visual representations. The one most commonly used is the risk matrix Figure 4 , which normally plots the likelihood and impact on the x- and y-axes the measured components of risks.
Based on a risk diagram or rating matrix, a clustering of risks can be shown, leading to decisions on priorities. Such a plot can help establish acceptable or intolerable risk levels, and establish their respective actions.
The risk-rating matrix allows for decisions to be made about which risks need treatment and the priority for treatment implementation. In order to prioritize risks, comparison is made based on their likelihood and impact estimates. The risk-rating matrix plots the likelihood on the x-axis and the impacts on the y-axis. Then, by measuring those components of risks, a clustering of risks can be shown and help establish acceptable or intolerable risk levels leading to decisions on priorities.
Risk treatment is the process of developing, selecting and implementing controls. Treatments that deal with negative consequences are also referred to as risk mitigation, risk elimination, risk prevention, risk reduction, risk repression and risk correction. Treatment options can include, but are not limited, to:. Risk treatment options can be prioritized by considering risk severity, effectiveness of risk controls, cost and benefits, the horizontal nature of the risk, and existing constraints.
0コメント