Embed Size (px)
Citation preview
1
Financial Asset Services, Inc. Business Continuity Plan
VERSION 1.0
2
It is the goal of the firm’s management to maintain Financial Asset Services, Inc. [“FAS”] as a continuing business in the face of Significant Business Disruptions [“SBDs”]. It is the policy of the firm’s management to respond to SBDs by first safeguarding employees’ lives and firm property. Securing mission critical systems, protecting the firm’s records, making a financial and operational assessment and quickly recovering and resuming operations. This will allow our customers the ability to transact business and provide immediate client services. A copy of the plan is maintained on the FAS workflow system under security password protection. Updating and maintaining this plan on our workflow system is the responsibility of the IT Project Mgr.
The plan anticipates two kinds of SBDs, internal and external. Internal SBDs affect only our firm’s ability to communicate and do business, such as a fire in our building or loss of power. External SBDs are more serious in nature and affect wider physical areas or disrupt entire operational segments. Such segments as the operation of a number of our vendor partners, a terrorist attack, or a wide-scale regional disruption as a result of an earthquake or civil unrest. The response to an external SBD relies principally on other emergency organizations and systems and on the capabilities of our business partners located in diverse geographic localities; however, in these instances where major external SBD impact our ability to perform our normal business activities, we will follow the procedures as outlined in this plan with respect to communications and client notification.
The purpose of this business continuity plan is to prepare FAS in the event of extended service outages and to restore services to the widest extent possible in a minimum time frame. At FAS, preventive measures have been implemented to minimize network failure and to recover as rapidly as possible when a failure occurs.
This plan identifies vulnerabilities and recommends necessary measures to prevent extended service outages. It is a plan that encompasses all FAS system operations facilities. Emergency Notification Contacts
Name Address Home Mobile/Cell Phone Stacy Seminoff President 949-661-4469 949-285-7788 Katy Severson Valuations
Operations Manager 949-589-3114 949-683-5871
Jimmy Alvarez Director of Risk Management
714-288-8795 949-903-5585
Jeff Flory Bus. Development Manager
714-381-1927
Michael Haynes IT - Project Mgr. 949-278-6643 Jason Rockwood IT - Network
Administrator 949-929-9445
Commercial Property Services
18022 Cowan # 203C Irvine, CA 92614
949-474-8191
3
1.1 Scope The scope of this plan is limited to business level functionality that guides the emergency response of FAS personnel and resources during a moderate to major disaster. This is a business continuity plan, not a daily problem resolution procedures document.
1.2 Plan Objectives
• Serves as a guide for the FAS recovery teams • References and points to the location of any data that resides outside this document • Provides procedures and resources needed to assist in recovery • Identifies vendors and customers that must be notified in the event of a disaster • Assists in avoiding confusion experienced during a crisis by documenting, testing and
reviewing recovery procedures • Identifies alternate sources for supplies, resources and locations • Documents storage, safeguarding and retrieval procedures for vital records
1.3 Assumptions • Key people (Team Leaders or Alternates) will be available following a disaster • A national disaster such as nuclear war is beyond the scope of this plan • This document and all vital records are stored in a secure off-site location and not only
survived the disaster but are accessible immediately following the disaster • Each support organization will have its own plan consisting of unique recovery procedures,
critical resource information and procedures
1.4 Disaster definition Any loss of utility service (power, water), connectivity (system sites), or catastrophic event (weather, natural disaster, vandalism) that causes an interruption in the service provided by FAS operations. The plan identifies vulnerabilities and recommends measures to prevent extended service outages.
1.5 Recovery teams
• Emergency Management Team (EMT) • Location Response Coordinator (LRC) • Local Restoration Team (LRT) • Incident Response Team (IRT) • Technical Services Engineering (TSE) See Appendix A for details on the roles and responsibilities of each team.
4
1.6 Team member responsibilities
• Each team member will designate an alternate backup • All the members have an updated calling list of their work team members’ work, home, cell
phone numbers both at home and at work • All team members have this binder for reference at home in case a disaster happens during
after normal work hours. All team members should familiarize themselves with the contents of this plan
1.7 Instructions for using the plan 1.7.1 Invoking the plan This plan becomes effective when a disaster occurs. Normal problem management procedures will initiate the plan, and remain in effect until operations are resumed at the original location, or a replacement location and control is returned to the appropriate functional management. 1.7.2 Disaster declaration The Emergency Management Team and Location Response Coordinator are responsible for declaring a disaster for Technical Services and activating the various recovery teams as outlined in this plan. In a major disaster situation affecting multiple business units, the decision to declare a disaster will be determined by FAS Management. The Emergency Management Team/Location Response Coordinator will respond based on the directives specified by Corporate. 1.7.3 Notification Regardless of the disaster circumstances, or the identity of the person(s) first made aware of the disaster, the Emergency Management Team (EMT) must be activated immediately in the following cases: • Network Systems and/or sites are down concurrently for five (5) or more hours. • Any problem at any system or network facility that would cause either of the above
conditions to be present or there is certain indication that either of the conditions are about to occur.
Emergency management standards
5
FAS has contracted through a SAS-70 certified and compliant Collocated Data Center [“CDC”] for data storage. The CDC allows for recovery, functionality and data availability to FAS and its clients within twenty-four (24) hours of a qualified emergency event. As a standard operating practice, a scheduled appointment with valid identification is required at time of entrance to the hosting facility. The CDC has its own emergency protocols in place which are consistent with operating industry standards. Data Safeguard Control Objective was established to ensure that there is no accidental loss of data as a result of day-to-day operations, or a qualified emergency impact event. Operations System internal protocols notifies designated IT staff personnel of any procedural and/or potential system failures, or reduction in capacity or speed. All data of a personal or non-public nature is treated as mandated by the Gramm-Leach-Bliley Act [“GLBA’], also known as the Financial Services Modernization Act of 1999, promulgated and codified at Pub.L. 106-102, 113 Stat. 1338.; CIP Section USA Patriot Act of 2001, U.S. Department of Treasury security requirements USA Patriot Act of 2001, and the Sarbanes-Oxley Act of 2002. Data backup policy
Qualified mission critical applications and data are backed-up nightly. Backups are sent to a secure data center via the Internet using SSL. Before data is transmitted, it is encrypted using Blowfish with a variable length key then compressed for transfer. Local backup system mirroring is performed on a nightly basis for restoration due to equipment failure. Restoration of backup files is tested in the development environment on a quarterly basis.
1.7.4 Emergency management procedures The following procedures are to be followed by system operations personnel and other designated FAS personnel in the event of an emergency. Where uncertainty exists, the more reactive action should be followed to provide maximum protection and personnel safety. In the event of any SBD, immediate client notification as to the event and alternate communication arrangements will be posted to FAS’ website; the IT Project Mgr. is responsible for posting emergency messages to the company’s website. If the IT Project Mgr. is unavailable, then our IT Sr. Programmer will perform these duties. The process of notification of the SBD to active clients will be the President’s responsibility to ensure such notifications are promptly conducted. In the absence of the President, the REO and Valuations Operations Managers will assume responsibility for ensuring such contacts are made. Vendor partner staff will be notified. A “status” information message will be established on our recorded phone line message system detailing the nature of the event and directing clients to an alternate phone number or an alternate location, if necessary. The IT Project Mgr. is responsible for activating the telephone message system. If the IT Project Mgr. is unavailable, then either the IT Sr. Programmer will be responsible.
6
These procedures are furnished to FAS’ management personnel. Note: Anyone not recognized by the Technical Services staff as normally having business in the area must be challenged by the staff who should then notify security personnel. In the event of any situation where access to a building housing a system is denied, personnel should report to alternate locations. Primary and secondary locations are listed below. Alternate locations
• Attempt to contact your immediate supervisor or manager via telephone. Home and cell phone numbers and an employee roster are included in this document. Management personnel will direct you to report to a secondary location.
1.7.5 In the event of a natural disaster
In the event of a major catastrophe affecting a FAS facility, immediately notify the President.
1.7.6 In the event of a fire In the event of a fire or smoke, the guidelines and procedures in this section are to be followed. If fire or smoke is present in the facility, evaluate the situation and determine the severity, categorize the fire as major or minor and take the appropriate action as defined in this section. Call 911 as soon as possible if the situation warrants it. • Personnel are to attempt to extinguish minor fires (e.g., single hardware component or
paper fires) using hand-held fire extinguishers located throughout the facility. Any other fire or smoke situation will be handled by qualified building personnel until the local fire department arrives.
• In the event of a major fire, call 911 and immediately evacuate the area
• In the event of any emergency situation, system site security and personal safety are the major concern. If possible, the Operations Supervisor should remain present at the facility until the fire department has arrived
• In the event of a major catastrophe affecting the facility, immediately notify the firms Technical Manager (Stay away from Regional reference. This suggests you have offices elsewhere.)
IT system storage is armed with moisture censors in addition to other conventional censors. (GSE requirement in some cases)
7
Procedure STEP ACTION
1 Dial 9-1-1 to contact the fire department.
2 Immediately notify all other personnel in the facility of the situation and evacuate the area.
3 Alert emergency personnel on: 911
Provide them with your name, extension where you can be reached, building and room number, and the nature of the emergency. Follow all instructions given.
4 Alert the Regional Technical Manager.
He/she will notify the Emergency Management Team Coordinator.
Note: During non-staffed hours, security personnel will notify the IT Project Mgr. directly.
5 Notify Building Security/Management.
Local security personnel will establish security at the location and not allow access to the site unless notified by the IT Project Mgr. or his designated representative.
6 Contact appropriate vendor personnel to aid in the decision regarding the protection of equipment if time and circumstance permit.
7 All personnel evacuating the facilities will meet at their assigned outside location (assembly point) and follow instructions given by the designed authority. Under no circumstances may any personnel leave without the consent of supervision.
8
1.7.7 In the event of a network services provider outage In the event of a network service provider outage to any facility, the guidelines and procedures in this section are to be followed. Procedure STEP ACTION
1 Notify IT Project Mgr. of outage.
Determine cause of outage and timeframe for its recovery.
2 If outage will be greater than 1 hour, route all calls via cell phones or other service to alternate location.
1.7.8 In the event of a flood or water damage In the event of a flood or broken water pipe within any computing facilities, the guidelines and procedures in this section are to be followed. Procedure
STEP ACTION
1 Assess the situation and determine if outside assistance is needed; if this is the case, dial 911 immediately.
2 Immediately notify all other personnel in the facility of the situation and to be prepared to cease operations accordingly.
3 If water is originating from above the equipment, power down the individual devices and cover with protective shrouds located in the facility.
It should be noted, the FAS facility is situated in FEMA Flood Zone X.
9
4 Water originating from below may have different causes:
— If water is slowly dripping from an air conditioning unit and not endangering equipment, contact repair personnel immediately.
— If water is of a major quantity and flooding beneath the floor (water main break), immediately implement power-down procedures. While power-down procedures are in progress, evacuate the area and follow supervisor’s instructions.
1.8 Plan review and maintenance This plan is intended to be a living document and as such must be reviewed on a regular basis. This plan is reviewed semi-annually and exercised on an annual basis. The test may be in the form of a walk-through, mock disaster or component testing. Additionally, with the dynamic environment present within FAS, regular review of personnel and phone numbers contained in this plan are reviewed regularly. Copies of the plan are kept with the President, Director of Risk Management and Facility Manager. Wherefore, it can be viewed by system site personnel and the Emergency Management Team. Each recovery team has its own directory with change management limited to the recovery plan coordinator. The Recovery Plan Coordinator is responsible for the plan. A recovery plan coordinator has been assigned for each company location. Their specific responsibilities are as follows:
Frequency of plan update: Quarterly or when there is a change in personnel
• Provide hard copy of plan to all team members. Team members must store copy at home, in a personal car, or electronically via a hand-held device or laptop computer.
• Regularly review and update information in the disaster recovery plan (e.g., contact lists,
equipment inventories). Communicate with the Emergency Management Coordinator to get up-to-date information periodically.
• Hold initial team meeting to get team members acquainted with the plan and hold
annual/semi-annual meetings to review the plan on an ongoing basis.
10
• Maintain an accurate record of the locations of alternate sites, equipment suppliers, data storage locations, portable power generators and implementation plans.
1.9 Notification of incident affecting the site On-duty personnel responsibilities
If in-hours: Upon observation or notification of a potentially serious situation during working hours at a system/facility, ensure that personnel on site have enacted standard emergency and evacuation procedures if appropriate and notify the Location Response Coordinator.
If out of hours: Technical Services personnel should contact the Location Response Coordinator.
1.10 Provide status to EMT 1. The Location Response Coordinator (LRC) will contact the Emergency Management Team (EMT) and provide the following information when any of the following conditions exist: (See Appendix B for contact list) • Facility is down concurrently for five or more hours. • Any problem at the facility where the above condition appears to be present or there is
certain indication that the above condition is about to occur. The LRC will provide the following information:
◊ Location of disaster (specific to facility) ◊ Type of disaster (e.g., fire, earthquake, civil unrest, etc., etc.) ◊ Summarize the damage (e.g., minimal, heavy, total destruction) ◊ Emergency Command Center location and phone contact number; a
meeting location that is close to the situation, but away from the disaster scene
◊ An estimated timeframe of when a damage assessment group can enter the facility (if possible).
The EMT will contact the respective market team leader and report that a disaster has taken place.
11
1.11 Decide course of action Based on the information obtained, the EMT decides (with the LRC) how to respond to the event: mobilize IRT, repair/rebuild existing site (s) with location staff, or relocate to a new facility.
1.12 Inform team members of decision If a disaster is not declared, the location response team will continue to address and manage the situation through its resolution and provide periodic status updates to the EMT. If a disaster is declared, the Location Response Coordinator will notify the Incident Response Team members immediately for deployment. Declare a disaster if the situation is not likely to be resolved within predefined time frames. The person who is authorized to declare a disaster must also have at least one (1) backup who is also authorized to declare a disaster in the event the primary person is unavailable.
1.13 EMT notifies account teams/customers Using the call list in (Appendix D), EMT members contact team members to inform them of the situation. If known, advise as to when operations will be restored or what actions will be taken to restore operations.
1.14 Contact general vendors (see Appendix I)
2. Disaster declared: mobilize incident response team/Report to command center Once a disaster is declared, the Incident Response Team (IRT) is mobilized. This recovery team will initiate and coordinate the appropriate recovery actions. IRT members assemble at the Command Center as quickly as possible. See Appendix E for Regional Command Center Locations. The LRT remains at the affected site to perform a preliminary damage assessment (if permitted) and gather information until the IRT arrives.
12
2.1 Conduct detailed damage assessment (This may also be performed prior to declaring a disaster)
1. Under the direction of local authorities and/or LRC/IRT assess the damage to the affected location and/or assets. Include vendors/providers of installed equipment to ensure that their expert opinion regarding the condition of the equipment is determined ASAP.
A. Participate in a briefing on assessment requirements, reviewing:
(1) Assessment procedures (2) Gather requirements (3) Safety and security issues
NOTE: Access to the facility following a fire or potential chemical contamination will likely be denied for twenty-four (24) hours or longer. B. Document assessment results using Assessment and Evaluation Forms contained in Appendix G Building access permitting:
• Conduct an on-site inspection of affected areas to assess damage to essential hardcopy records (files, manuals, contracts, documentation, etc.) and electronic data
• Obtain information regarding damage to the facility (s) (e.g., environmental conditions, physical structure integrity, furniture, and fixtures) from the LRC/LRT
2. Develop a Restoration Priority List, identifying facilities, vital records and
equipment needed for resumption activities that could be operationally restored and retrieved quickly
3. Develop a Salvage Priority List identifying sites and records which could eventually be salvaged
4. Recommendations for required resources 5. Contact the EMT and decide whether the situation requires the initiation of
business recovery plans (long-term disaster months) or if work can return to the primary location (short-term week or so).
13
2.2 Contact EMT/decide whether to continue to business recovery phase The LRC gathers information from the IRT and other sources; contacts the EMT and provides the EMT with detailed damage assessment information. Based on the information obtained from the LRC, the EMT decides whether to continue to the business recovery phase of this plan. If the situation does not warrant this action, continue to address the situation at the affected site (s). Provide periodic status updates to the EMT Leader. The business recovery phase of this plan will be implemented when resources are required to support full restoration of system and/or facility functionality at an alternate recovery site (e.g., another company office, vendor hot site, cold site) that would be used for an extended period of time. NOTE: During the Initial Response Phase, service may be shifted to the alternate site to allow operations to begin functioning and provide service to its customers. Initially reduced service may be provided until site can be fully restored. Within 48 hours / 2days the system and facilities should be functional at 100%.
3. Business recovery phase This section documents the steps necessary to activate business recovery plans to support full restoration of systems or facility functionality at an alternate/recovery site that would be used for an extended period of time. Coordinate resources to reconstruct business operations at the temporary/permanent system location, and to deactivate recovery teams upon return to normal business operations.
3.1 FAS System and facility operation requirements The system and facility configurations for each location are important to re-establish normal operations. A list for each location will be included in Appendix F.
14
3.2 Notify technical engineering staff/coordinate relocation to new facility/location See Appendix A for Technical Engineering staff contacts associated with a new location being set up as a permanent location (replacement for site).
3.3 Secure funding for relocation Make arrangements in advance with suitable backup location resources. Make arrangements in advance with local banks, credit card companies, hotels, office suppliers, food suppliers and others for emergency support. Depending on the incident, its severity and alternate location option selected, contact the appropriate alternate site organization, the local bank office and other relevant firms.
3.4 Notify EMT and corporate business units of recovery Startup Using the call list in Appendix B, notify the appropriate company personnel. Inform them of any changes to processes or procedures, contact information, hours of operation, etc. (may be used for media information)
3.5 Operations recovered Assuming all relevant operations have been recovered to an alternate site, and employees are in place to support operations, the company can declare that it is functioning in a normal manner at the recovery location.
4. Appendixes
4.1 Appendix A: FAS recovery teams
4.1.1 Emergency management team (EMT) Note: See Appendix B for contact list. Suggested members to include: Senior management, Information Systems, Risk Management and Operations Charter:
15
Responsible for overall coordination of the disaster recovery effort, evaluation and determining disaster declaration, and communications with senior management Support activities: The Emergency Management Team • Evaluate which recovery actions should be invoked and activate the corresponding recovery
teams • Evaluate and assess damage assessment findings • Set restoration priority based on the damage assessment reports • Provide senior management with ongoing status information • Act as a communication channel to corporate teams and major customers • Work with vendors and IRT to develop a rebuild/repair schedule
4.1.2 Location Response Coordinator (LRC) Note: See Appendix B for contact list. Recommend that the IT Project Mgr. assume this role. Charter: Responsible for overall coordination of the disaster recovery effort for the facility, establishment of the command center, and communications with Emergency Management Team Support activities: • Notify the Incident Recovery Team • Gather damage assessment information and report it to EMT • Determine recovery needs • Establish command center and related operations. The command center is a prearranged
meeting facility where EMT/LRT/IRT members meet to coordinate damage assessment and business recovery tasks for the affected operations
• Notify all Team Leaders and advise them to activate their plan(s), if applicable, based upon the disaster situation
• If no disaster is declared, then take appropriate action to return to normal operation using regular staff
• Determine if vendors or other teams are needed to assist with detailed damage assessment • Prepare post-disaster debriefing report • Coordinate the development of site specific recovery plans and ensure they are updated semi-
annually
16
4.1.3 Location Response Team (LRT) Note: See Appendix B for contact list. Recommend that technicians and other suitably trained staff located at the facility assume this role. Charter: The Location Response Team (LRT) is responsible for the initial alerting/notification of the problem to the LRC during normal business hours. During off hours, the LRT will be notified along with the LRC. In the event of a disaster declaration, this team will become a part of the Incident Response Team. Support activities: • Provide the following information to the LRC in the event of an outage: a. Type of event b. Location of occurrence c. Time of occurrence • Coordinate resumption of voice and data communications: a. Work with management to re-route voice and data lines, especially when alternate site(s) or alternate work locations are predefined b. Recover voice mail and electronic mail systems, when requested by EMT c. Verify voice mail and electronic mail are operational at the alternate site d. Review the FAS Minimum Acceptable Operational Requirements checklist to determine if sufficient resources are in place to support operations • Coordinate resumption of information system operations: a. Work with management to recover critical systems, applications and infrastructure at recovery site(s) or alternate work locations b. Recover critical data files and related information when requested by EMT c. Ensure that network and perimeter security is re-established at alternate location d. Verify normal, secure operation of systems and servers at alternate site e. Review the FAS Minimum Acceptable Operational Requirements checklist to determine if sufficient resources are in place to support operations
4.1.4 Incident Response Team (IRT) Note: See Appendix B for contact list. Recommend that Facility Supervisors and other suitably trained staff assume this role. Also included in this team should be members of IT’s System Deployment group.
17
Charter: The Incident Response Team (IRT) is formed to deploy to the disaster location when a disaster is declared. Support Activities • Provide recovery support to the affected location and operations • Coordinate resumption of voice and data communications: a. Work with management to re-route voice and data lines, especially when alternate site(s) or alternate work locations are predefined b. Recover voice mail and electronic mail systems when requested by EMT c. Verify voice mail and electronic mail are operational at the alternate site d. Review the FAS Minimum Acceptable Operational Requirements checklist to determine if sufficient resources are in place to support operations • Coordinate resumption of information system operations: a. Work with management to recover critical systems, applications and infrastructure at recovery site(s) or alternate work location(s) b. Recover critical data files and related information when requested by EMT c. Ensure that network and perimeter security is re-established at alternate location d. Verify normal, secure operation of systems and servers at alternate site e. Review the FAS Minimum Acceptable Operational Requirements checklist to determine if sufficient resources are in place to support operations
4.1.5 IT Technical Support (TS) Charter IT Technical Support will facilitate technology restoration activities. Support activities: • Upon notification of disaster declaration, review and provide support as follows:
1. Facilitate technology recovery and restoration activities, providing guidance on replacement equipment and systems, as required. 2. Coordinate removal of salvageable equipment at disaster site that may be used for
alternate site operations.
18
4.2 Appendix B: Recovery team contact lists
4.2.1 Emergency Management Team (EMT)
Name Title Home Mobile/Cell Phone Stacy Seminoff President 949-661-4469 949-285-7788 Katy Severson Valuations Ops Mgr. 949-589-3114 949-683-5871 Jimmy Alvarez Director of Risk
Management 714-288-8795 949-903-5585
Jeff Flory Business Development Manager
714-381-1927
Location Response Coordinators (LRC) If either of the IT Program Mgr. or Sr. Progammer are not on site at the time of the event, then the person or persons assuming the role of LRC will be the Senior Manager on site at the time of an event. If the Senior Manager is not available, the first to arrive on scene after an event has taken place or the first Senior Manager notified by staff of the occurrence of an event assumes the role of the temporary LRC until the designated LRC is on site.
Name Title Home Mobile/Cell Phone Michael Haynes IT – Project Mgr. 949-278-6643 Patrick Meagher IT – Sr. Programmer 714-222-5280
4.2.2 Location Response Team Members (LRT) – FAS Cowan St Name Title Home Mobile/Cell Phone
Michael Haynes IT – Project Mgr. 949-278-6643 Patrick Meagher IT – Sr. Programmer 714-222-5280
19
4.2.3 Incident Response Team (IRT) Name Title Home Mobile/Cell Phone
Michael Haynes IT – Project Mgr. 949-278-6643 Patrick Meagher IT – Sr. Programmer 714-222-5280 Katy Severson * Valuation Ops Mgr. 949-683-5871 * Also acts as Facility
Manager
Technical Services (TS)
Name Title Home Mobile/Cell Phone Michael Haynes IT – Project Mgr. 949-278-6643 Jason Rockwood IT – Network
Administrator 949-929-9445
Patrick Meagher IT – Sr. Programmer 714-222-5280 Heidi Lee IT - Programmer 949-212-4394
4.3 Appendix C: Emergency numbers
4.3.1 First Responders, Public Utility Companies, Others Utility Name Phone Response type
Emergency 911 EMERGENCY Irvine Police Dept. Non Emergency 949-724-7000 POLICE Orange County Sanitation District 714-962-2411 SANITATION Southern California Edison 800-655-4555 POWER Irvine Ranch Water District 949-453-5300 WATER Hoag Memorial Hospital 949-764-4624 MEDICAL
20
4.4 Appendix D: Contact list
Staff
Ext #
Department
Home / Cell Adriana Macavei 429 REO (714) 826-0189 / (714) 306-4956 Arlene Semko 431 ACCOUNTING MANAGER (949) 830-9262 Candace Coy 405 ACCOUNTING (714) 204-6690 Candice Lam 438 REO (714) 403-6009 Cecilia Alonso 415 REO (714) 404-4069 Daniel Lee 432 VALUATIONS (909) 762-2380 Danny Lugo 436 REVIEWER/APPRAISER (714) 249-5919 Denyce Fernando 435 REO (949) 470-1302 / (949) 233-9823 Derek Fitzsimmons 424 VALUATIONS (714) 299-4836 Eddie Quinteros 410 REO ASSISTANT (909) 717-7580 Elizabeth Luna 454 VALUATIONS (949) 903-1358 / 419-1054 Frank Lam 407 REVIEWER/APPRAISER (714) 914-9966 Gabrielle Lopez 419 REO (949) 338-1727 Heidi Lee 417 IT - PROGRAMMER (949) 212-4394 Helen Lee 422 VALUATIONS (714) 808-3401 Ian Buchanan 428 REO (714) 606-6022 Jane Kim 437 ACCOUNTING (714) 728-2228 Jason Tobin 406 REO (949) 295-2248
Jeffrey Flory 403 BUSINESS DEVELOPMENT MANAGER (714) 381-1927
Jesse Montgomery 423 VALUATIONS (949) 852-1629 / (714) 369-4175
Jimmy Alvarez 420 DIRECTOR OF RISK MANAGEMENT (714) 288-8795 / (949)903-5585
Jim McCracken 425 NATIONAL SALES DIR. (714) 943-9736 Katy Severson 418 VALUATION MANAGER (949) 589-3114 / (949) 683-5871 Kaylie Avila 427 VALUATIONS (562) 822-1447 Kim Santana 409 REO (951) 205-4206 Lilli Maust 430 REO (714) 362-1267 Linda MacPherson 426 REO/TITLE (949) 295-3752 Meredith Carroll 404 VALUATIONS (949) 887-2030
21
Michael Haynes 440 IT – PROJECT MGR. (949) 278-6643 Michelle Munoz 433 REVIEWER/APPRAISER (714) 650-6728 Patrick Meagher 434 IT – Sr. PROGRAMMER (714) 222-5280 Ranee Martinez 456 REO/TITLE (949) 713-4865 / (949) 350-9111 Robert Valle 414 VALUATIONS (949) 636-2411 Rod & Sue Surratt 401 BROKER/OWNER (949) 218-7530 / (949) 433-2495/433-8877
Sandra Rivera 402 REO (714) 357-9177 Stacy Seminoff 416 PRESIDENT/OWNER (949) 661-4469 / (949) 285-7788 Stephanie Line 411 REO (909) 262-6120 Svetla Mladenova 455 ACCOUNTING (949) 713-6040 (949)335-8861 Tina Nguyen 413 VALUATIONS (714) 260-6606 Vince Abernathy 408 VALUATIONS (949) 584-5061
4.5 Appendix E: Emergency Command Center (ECC) Locations Emergency Command Center
4.5.1 Primary: 17 Acorn Ridge Rancho Santa Margarita, CA 92688
Katy Severson: - (949) 589-3114 (949) 683-5871
Alternate: 8801 Luss Drive Huntington Beach, CA 92646 Michael Haynes: - (949)278-6643
4.6 Appendix F: Minimum acceptable recovery configuration
22
At FAS, our business Valuation and REO Asset Management operates entirely on a paperless web-based workflow. The fact that we are paperless and web based allows staff to work effectively from any location with web and telephone access. We have tested this process extensively over the past twenty four months with staff working at secondary locations and have maintained 100% uptime operational workflow. In the case of an unplanned event and extensive damage to our facility, staff would be directed to secondary locations where they would access our offsite web based paperless workflow via the internet; however, restoration of our email server in the event it was damaged would take approximately eight hours to rebuild and restore. Until the email server has been restored, alternative emails and phone communication would be utilized to communicate with our clients.
4.7 Appendix G: Forms
4.7.1 Incident/Disaster form Upon notification of an incident/disaster situation, the On-Duty Personnel will make the initial entries onto this form. It will then be forwarded to the ECC, where it will be continually updated. This document will act as the running log until the incident/disaster has ended and “normal business” has resumed. TIME AND DATE ________________________________________________________________________ TYPE OF EVENT ________________________________________________________________________ ________________________________________________________________________ ________________________________________________________________________ ________________________________________________________________________ ________________________________________________________________________ ________________________________________________________________________ BUILDING ACCESS ISSUES
23
________________________________________________________________________ ________________________________________________________________________ PROJECTED IMPACT TO OPERATIONS ________________________________________________________________________ ________________________________________________________________________ ________________________________________________________________________ ________________________________________________________________________ RUNNING LOG (ongoing events) ________________________________________________________________________ ________________________________________________________________________ ________________________________________________________________________ ________________________________________________________________________ ________________________________________________________________________ ________________________________________________________________________ ________________________________________________________________________ ________________________________________________________________________ ________________________________________________________________________
24
4.7.2 Critical equipment status form
CRITICAL EQUIPMENT STATUS ASSESSMENT AND EVALUATION FORM
Recovery Team: __________________________________________ [----------STATUS---------] Equipment Condition Salvage Comments 1. ___________________ ______________ ______ _________________________ 2. ___________________ ______________ ______ _________________________ 3. ___________________ ______________ ______ _________________________ 4. ___________________ ______________ ______ _________________________ 5. ___________________ ______________ ______ _________________________ 6. ___________________ ______________ ______ _________________________ 7. ___________________ ______________ ______ _________________________ 8. ___________________ ______________ ______ _________________________ 9. ___________________ ______________ ______ _________________________ 10. __________________ ______________ ______ _________________________ 11. __________________ ______________ ______ _________________________ 12. __________________ ______________ ______ _________________________ 13. __________________ ______________ ______ _________________________ 14. __________________ ______________ ______ _________________________ 15. __________________ ______________ ______ _________________________ Legend Condition: OK - Undamaged DBU - Damaged, but usable DS - Damaged, requires salvage before use D - Destroyed, requires reconstruction
25
4.8 Appendix H: Building Evacuation Information
EMERGENCY ACTION PLAN
FACILITY EVACUATION Section 1
1. In the event of an emergency necessitating the evacuation of the office, facility area, or any portion thereof, the supervisor in charge will immediately make repeated announcements over the public address system that an emergency exists and that all personnel in the danger area will evacuate the building in an orderly manner [29 CFR 1910.165].
2. As soon as an evacuation signal is given, or any and all supervisors will assume a station in the vicinity of the exit doors to receive reports that the building or buildings have been evacuated.
3. When orders are given to evacuate, all supervisors will render assistance to those persons evacuating the building and shall begin an immediate check of each room or office to make sure that everyone has left the building.
4. After being assured that a building or an area has been completely evacuated, supervisors shall report these to the EAP Manager.
5. If an evacuation occurs at night, the supervisors on duty will perform these assignments and notify the EAP Manager at the first opportunity.
6. Emergency telephone numbers are to be inserted in each EAP Packet and with each EAP Team Member.
Hospital Local Fire
Local Police County Emergency Operations Center
Electric Company Gas Company
Offsite IT staff Members FAS Staff Roster with after hour numbers
7. An emergency escape route chart has been posted throughout the office. ALL exits and
routes must be un-obscured [29 CFR 1910.38 & CA Labor Code 142.3].
8. Regular inspections of facilities are conducted with local fire agency.
26
9. Emergency evacuation routes and identification of EAP Team Members are discussed with staff on a quarterly basis.
10. The facilities EAP is revised when there are any physical changes to the facility or changes in the Emergency Evacuation Team personnel.
Section 2 EMERGENCY EQUIPMENT Fire Alarms Smoke Detectors Carbon Monoxide Detectors Fire Extinguishers Emergency Lighting Two-way Emergency Communication System [29 CFR 1910.164] 1. FIRE EXTINGUISHERS
a. One located at each exit b. One located in the Accounting office c. One located in the office at exit #2 d. Maintenance plan for fire extinguisher is in place e. Alternative to Fire Sprinkler System* [29 CFR 1910.157]
[NFPA 5.5.5 / 6.6.1] [NFPA 7.3.1.1] [NFPA 7.3.1.1.1] [CA Fire Code CFC 903-.2.17]
2. EMERGENCY LIGHTING
a. One located at each exit (3 total) b. One located in the Accounting office c. One located in the office by exit # 2 d. One in kitchen area e. One in main work station area
27
3. EMERGENCY TEAM PACKETS
a. Emergency packets are located at each exit (4 total) b. Emergency packets are distributed to each Evacuation team
member (including back-ups)
Emergency Team Packets include the following: c. Copy of Floor plan with all designated seating assignment for FAS staff members check list; and d. Copy of Emergency Exit Routes; and e. FAS Employee Roster with all after hour numbers and emergency contacts; and f. Emergency Services Phone List. 4. EMERGENCY TEAM MEMBERS Interior: Jimmy Alvarez
Jeff Flory Jesse Montgomery (Back-up)
Exterior: Katy Severson
Gabrielle Lopez Derek Fitzsimmons (Back-up) List of all FAS employees with after-hour numbers is available to all Emergency Team members. Emergency contact numbers are included with the emergency team packets.
The Emergency Services list has been distributed to all Emergency Evacuation Team Members.
5. EMERGENCY FLOOR TEAM – DUTIES
a. Two floor team members are to account for all employees (sweep) prior to final evacuation and can be completed externally. East sweep and West sweep.
b. Exterior Emergency Evacuation Team to account for all employees once they have been evacuated from the facility
28
c. Interior to notify external team once floor sweep has been completed (via emergency communication system)
6. EMERGENCY EVACUATION PLAN – Schedule of Company drills.
a. Emergency drills are scheduled semi-annually b. Emergency evacuation packets and floor plans are
updated, as any changes occur to change the affect of the packets and/or floor plan
4.9 Appendix K: Approved Vendor List
4.9.1 Server and Computer Equipment Suppliers Company Name Contact Work Mobile/Cell Phone
Dell Computers 800-999-3355 Linksys 800-546-5795 Peplink 866-463-0129 Cyberpower 877-297-6937
4.9.2 Communications and Network Services Suppliers Company Name Contact Work Mobile/Cell Phone
Partner in IT Jason Rockwood 949-929-9445 Cox 866-272-5777 ATT 877-937-5288 BTS - Business Telecommunication Systems, Inc
Kim Irey 951-272-3100
TelePacific 877-487-8722
29
4.9.3 Emergency Generators Company Name Contact Work Mobile/Cell Phone
Temp Power Systems
714-223-5650
Penhall Rentals 949-552-0151
4.9.4 Plumbing Company Name Contact Work Mobile/Cell Phone
APEX Plumbing 949-733-1899 Ontime Plumbing 949-243-7804 Kastle Plumbing 949-462-9173
4.9.5 Site Security Services Company Name Contact Work Mobile/Cell Phone
Patrol One 714-648-0948 Harbor Private Security
714-648-0948
American One 714-997-0605
