content-left-bg.png
content-right-bg.png

Continuity, disaster and emergency management policy

Version number 2.0 | Version effective 24 January 2022

Categories

PublishingPageContent
Continuity, disaster and emergency management policy

Audience

Department-wide

Purpose

This policy outlines the Department of Education's (the department) business continuity, disaster and emergency management arrangements that help minimise the impact of disruptive events, regardless of their nature, scale, impact and duration. These arrangements assist the department to continue or resume critical services during, and effectively return to normal operations following a disruptive event.

Policy statement

Minimising the impact of disruptive events is essential to the department's pursuit of quality outcomes for children, students and the community. The department has a risk-based, multi-tiered approach to managing disruptive events which draws from both business continuity management and disaster and emergency management approaches.

During a disruptive event, the department applies these approaches to achieve critical objectives, which are:

  • maintaining the safety and wellbeing of children, students, staff and volunteers who work or participate in state schools, institutions and workplaces
  • continuing direct service delivery, and critical business functions that support community recovery and safeguard the department’s areas of lowest risk appetite:
    • safety of children and students
    • workplace health and safety of its staff and the community
    • security of confidential and personal information held by the department
    • fraud and corruption.
  • protecting assets.

For the purpose of this policy, the Office of Industrial Relations is equivalent to a division.

This policy should be read in conjunction with the:

Principles

Principle

What this means for the department

Comprehensive

  • The department will employ an all-hazards approach to managing disruptive events in order to recover and resume normal business operations as soon as possible.
  • The department will ensure it continuously improves and strengthens its approach to prevention, preparedness and response to enhance ongoing resilience.

Responsive

  • Our integrated plans provide us with line-of-sight and are scalable and adaptable to change to manage all disruptive events as they unfold.
  • Our structures and plans enable leaders to access support when they require additional, or specialised capabilities.

Empowering

  • Leaders in schools, regions, divisions and the department are supported to use consistent approaches and make informed decisions to manage disruptive events in their area of responsibility.

Collaborative

  • Staff expertise will be identified and leveraged to ensure best practice across prevention, preparedness, response and recovery phases.
  • The department recognises its role in supporting Queensland government efforts to prevent, prepare for, respond to and recover from disruptive events.
  • All staff will seek to proactively identify and establish productive partnerships to meet needs.

Safe

  • All leaders and staff prioritise the safety and protection of children and students and the health, safety and wellbeing of workers and visitors in our schools and workplaces.

Requirements

1. Legal and other mandatory requirements

The department's requirements are stated in:

In fulfilling these requirements, the department must:

2. The department's approach to the management of disruptive events

The department must manage disruptive events in accordance with the department's Continuity, disaster and emergency management framework, policy, procedures and plans. Under this approach, the department applies the PPRR methodology, that is, Prevention, Preparedness, Response and Recovery.

The focus of departmental activity is as follows in each of the phases: 

  • Prevention: The department focuses on developing and implementing strategies to reduce the likelihood of disruptive events and minimise the impact of disruption.
  • Preparedness: The department builds capability for response and recovery through risk-based planning, resourcing, training, exercising and testing.
  • Response: To minimise adverse effects, the department activates and tailors teams and plans to address the nature, scale, impact and duration of the disruptive event. The department focuses on communication and coordination to ensure the effectiveness of response activities.
  • Recovery: The department focuses on returning the department to usual operations through coordinating efforts to address the impact of disruption and leveraging lessons learned to improve organisational resilience.

3. What the department must include within its approach

At a departmental-level, the following plans must be developed and maintained:

  • a disaster management plan (DMP)
  • a business continuity plan (BCP), which provides the basis for the department to negotiate its contribution to state-wide critical response and recovery
  • a range of sub-plans, as required.

Regions and divisions must undertake business impact assessment/s (BIA), at least every two years, and following:

  • changes to the department's risk profile
  • machinery-of-government changes or significant internal restructuring
  • implementation of new services, and/or functions
  • significant changes to the function, for example, what is included or how it is delivered.

All departmental workplaces must have a fire and evacuation plan (FEP) for fire and hazardous materials incidents.

Additionally, schools, regions and divisions must develop, maintain, test and exercise a range of sub-plans to be used to respond to disruptive events. This includes, for the following areas:

  • Schools:
    • an emergency response plan (ERP)
    • planning that enables the transition to alternate delivery models and supports the continuity of learning.
  • Regions:
    • a regional DMP
    • BCPs which support the coordination, resumption and continuation of critical business functions identified in the BIA.
  • Divisions:
    • BCPs which support the coordination, resumption and continuation of critical business functions identified in BIAs.

4. How the department responds to disruption

Schools, regions, divisions and the department as a whole must respond appropriately to disruptive events that may interrupt service delivery.

Incident management is appropriate when the incident can be managed within business-as-usual capabilities, using existing structures, resources and processes to return to normal operations. This follows standard reporting and escalation pathways and does not require the activation of a plan (for example, an ERP or BCP).

Business continuity management is appropriate when schools, regions or divisions are unable to deliver one or more critical business functions and the period of disruption is likely to exceed the maximum acceptable outage. Business continuity management includes activating and tailoring one or more BCPs to address the nature, scale, impact, duration and unfolding of the disruptive event.

Disaster and emergency operations are appropriate when additional and/or specialised capabilities are required to safeguard people and assets, continue or resume critical business functions and return the department as quickly as possible to normal service delivery. To address the event's nature, scale, impact and duration, this includes:

  • activating and tailoring governance arrangements, for example, school, regional and/or executive response teams
  • activating and tailoring one or more of the following:
    • the ERP for affected schools or workplaces
    • the FEP for affected schools or workplaces
    • the DMP for affected areas
    • departmental plans and sub-plans, for large, complex and severe events
    • BCPs (including coordination BCPs) for affected critical business functions including alternate delivery models to continue to deliver services, if required.

In disruptive events, including disasters and emergencies, the business continuity needs of schools are primarily addressed by regions, with communication and consultation ensuring business continuity strategies employed are appropriate to:

  • address the nature, impact, scale, duration of the disruptive event
  • the needs of the school and wider community.

Business continuity strategies include transitioning to, and enacting contextually appropriate continuity of learning arrangements to continue service delivery in alternate delivery models.

The temporary closure and reopening of state schools may be appropriate in disaster and emergency events, in line with the Temporary closure and reopening of state schools in disaster and emergency situations directive.

In disaster events, the department requires that offers of assistance are managed in line with the Managing offers of assistance in disaster events procedure.

Definitions

Term

Definition

Activating and tailoring

Activating involves putting a plan into effect or standing up a governance group (e.g. response team). Tailoring is adjusting the plan or group to suit the situation, such as:

  • selecting the most appropriate strategies
  • changing activation priorities of critical business functions or resourcing requirements
  • selecting capabilities required for the response team.

Alternate delivery model

A model of service delivery used to continue operations to respond to the nature, scale, impact and duration of a disruptive event.

Business continuity management

A holistic approach to managing risks related to disruptive events.

Business continuity plan (BCP)

BCPs detail resources and strategies to support the coordination, resumption and continuation of critical business functions in disruptive events that are identified in BIAs.

Critical business functions in all regions and divisions are summarised in the Department of Education Business Continuity Plan.

Business impact assessment (BIA)

In this policy, the business impact assessment is a risk-based process, which:

  • considers the department’s business functions and associated activities, people, processes, infrastructure, resources, information and interdependencies
  • uses identified risk criteria aligned with the achievement of critical objectives to assess the consequences associated with the loss of the department's business functions in disruptive events
  • identifies critical business functions that require plans to support continuation and resumption during and following disruption.

Critical business function

A business function (or part of a business function) that is identified as essential for the department in the achievement of its critical objectives. The identification of critical business functions occurs as part of a business impact assessment (BIA).

Critical incident

Means any event requiring swift, decisive action by the Queensland Government in response to and recovery from such event and occurring outside of the normal course of routine business activities (Critical Response and Recovery Directive 10/14).

Disaster and emergency

An emergency is:

  • any explosion or fire
  • any oil or chemical spill
  • any escape of gas, radioactive material or flammable or combustible liquids
  • any accident involving an aircraft, or a train, vessel or vehicle
  • any incident involving a bomb or other explosive device or a firearm or other weapon
  • any impact of a naturally occurring event such as a flood, cyclone or a landslide
  • any other accident or incident:
    • that causes or may cause a danger of death, injury or distress to any person, a loss of or damage to any property or pollution of the environment, includes a situation arising from any report in respect of any of the matters referred to in the points above which if proved to be correct would cause or may cause a danger of death, injury or distress to any person, a loss of or damage to any property or pollution of the environment.

A disaster may be declared for a serious disruption in the community, resulting from the of impact of an emergency or other event and requiring a significant coordinated response by the State and other entities to help the community recover from the disruption.

Disaster and emergency management

Arrangements about managing the potential adverse effects of a disaster or emergency situation. These include arrangements for preventing, preparing for, responding to, and recovering from a disaster or emergency situation.

Disruptive event

Any event which causes disruption to service delivery.

Emergency response plan

A site-specific plan that details ‘all hazards’ responses to events, for example, evacuation, lockdown and temporary closure of facilities.

Hazard

A process, phenomenon or human activity that may cause loss of life, injury or other health impacts, property damage, social and economic disruption or environmental degradation. Hazards are:

  • natural – associated with natural processes and phenomena
  • anthropogenic – induced predominantly/entirely by human activities and choices
  • socio-natural – associated with a combination of natural and anthropogenic factors, including environmental degradation and climate change.

Maximum acceptable outage

Maximum period of time that the department can tolerate the disruption of a critical business function. Disruption may include both the discontinuance of an activity or the inability to perform it to an acceptable quality or with sufficient reliability (these may occur as a result of the loss of enabling resources, including, staff, ICT or infrastructure). The department defines outages in days, for example, 1-day, 2-days, 3 to 5 days etc.

Preparedness

The taking of preparatory measures to ensure that, if an event occurs, the department is able to cope with the effects of that event. It is a critical element in both minimising the consequences of an event on those affected and ensuring effective response and recovery. Preparedness includes capability development and integration, and planning.

Prevention

Involves the identification and application of risk responses (controls and, if required, additional actions) to maintain, reduce (mitigate) or eliminate risks, including those arising from hazards. Risk responses focused on reducing the risk, target reducing the likelihood and/or consequences of the hazard or risk.

Recovery

The coordinated process of:

  • supporting affected communities’ psychosocial and physical wellbeing
  • reconstructing physical infrastructure and the natural environment
  • restoring business-as-usual operations.

Recovery includes assessing, through debrief, and, if determined, review, the effectiveness of implemented controls and actions to improve the management of disruptive events. 

Response

The use of pre-planned strategies (controls) and the undertaking of additional actions when an event is imminent or occurring, to ensure that its effects are minimised. Response strategies are planned and documented prior to events and tailored, adapted and extended to meet the needs of imminent and occurring events.

Risk

Effect of uncertainty on the achievement of objectives.

Sub-plans

Any plan supporting the department's Disaster Management Plan. Examples include functional plans, for important services before, during and after the impacts of a disaster (e.g. recovery plan, communication plan) or hazard-specific plans, which may outline the department's arrangements to address a particular hazard (e.g. pandemic plan).

Legislation

Delegations/Authorisations

  • Nil

Other resources

Superseded versions

Previous seven years shown. Minor version updates not included.

1.0 Business continuity management policy

Review date

24 January 2027
Attribution CC BY

Policies and procedures in this group

PageFeedback_BottomLeft
Was this page useful?
SocialMedia_BottomRight