- Home
- Government
- Public Safety
- 911/Public Safety
- Homeland Security
- HSAS Checklists
- Information Technology
Information Technology
Low
Low Risk of Terrorist Attacks
- Refine and exercise pre-planned Protective Measures.
- Regularly assess vulnerabilities of information technology infrastructure.
- Recommend and take mitigation and security measures for the information technology infrastructure.
- Have an emergency plan for IT operations.
- Ensure the IT plan identifies all business critical information and information systems (including applications and databases) and their operational importance.
- Ensure the IT plan identifies all points of access and their operational necessity.
- Conduct education and training for users, administrators, and management.
- Ensure an effective password management program is in place.
- Conduct periodic internal security reviews and external vulnerability assessments.
- Conduct normal auditing, review, and file back-up procedures.
- Ensure effective virus protection, scanning processes are in place.
- Confirm the existence of newly identified vulnerabilities and test and install patches as available.
- Periodically review and test higher Threat Alert Level actions and IT recovery plans.
- Maintain law enforcement liaison - e.g. local FBI, InfraGard, RCMP, etc.
- Submit PEIRS Report information to 911 Center.
Guarded
General Risk of Terrorist Attacks
Take all actions from previous levels, plus:
- Communicate work force awareness messages to be alert and who to report unusual cyber-activities to.
- Review security and operational plans and procedures and ensure they are up-to-date.
- Submit PEIRS Report information to 911 Center.
Elevated
Significant Risk of Terrorist Attacks
Take all actions from previous levels, plus:
- Alert key personnel of possible emergency duty.
- Review assignments and recall list with all personnel.
- Check readiness of all equipment, supplies, and facilities.
- Increase level of auditing, review and critical file back-up procedures.
- Conduct internal security review on all critical systems.
- Increase review of intrusion detection and firewall logs.
- Conduct more frequent checks of cyber security communications for software vulnerability.
- Identify additional business/ site specific measures as appropriate.
- Increase frequency of liaison with law enforcement agencies.
- Provide PEIRS Report information to the 911 center.
High
High Risk of Terrorist Attacks Take all actions from previous levels, plus:
- Alert personnel of possible emergency duty.
- Place off-duty personnel on stand-by.
- Conduct immediate internal security review on all critical systems.
- Determine staffing availability for backup operations and provide notice.
- Consider increasing physical access restrictions to computer rooms, communications closets, and critical operations areas.
- Consider account access restrictions-temporarily disable non-critical accounts.
- Consider delaying scheduled, routine maintenance or non-security sensitive upgrades.
- Media releases should be reviewed with public information officer prior to release.
- Review plan for returning to a lower HSAS Alert level.
- Take additional business/ site specific measures as appropriate.
- Submit PEIRS Report information to the 911 center.
Severe
Severe Risk of Terrorist Attacks Take all actions from previous levels, plus:
- Recall and mobilize crisis response team.
- Consider 27/7 staffing and operations.
- Be prepared to handle emergency information technology requests.
- Consider continuous 24/7 monitoring of intrusion detection and firewalls.
- Consider continuous 24/7 monitoring of cyber security communications for latest vulnerability information.
- Contact software vendors for status of software patches and updates.
- Consider reconfiguring information systems to minimize access points and increase security.
- Consider rerouting mission-critical communications through unaffected system.
- Consider disconnecting non-essential network access.
- Consider alternative modes of communication and disseminate new contact information, as appropriate.
- Consider activation of the company emergency management team/ procedures.
- Actively monitor communications with all appropriate law enforcement and cyber security agencies for two-way updates on threat status.
- Review plan for returning to a lower HSAS Threat level.
- Submit PEIRS Report information to the 911 center.