INCIDENT MANAGEMENT PLAN

REVISION 2: 02/12/2021

1. INTRODUCTION
1.1     PURPOSE
1.2     SCOPE
1.3     REFERENCES
1.3.1     SafePass Management Systems
1.3.2     Project Incident Database
1.3.3     Project Document Repository
1.3.4     Other References
1.4     GLOSSARY AND ACRONYMS
1.5     DOCUMENT MAINTENANCE
2. PARTICIPANTS ROLES AND RESPONSIBILITIES
2.1     PROJECT DIRECTOR
2.2     PROJECT MANAGER
2.3     INCIDENT MANAGER
2.4     PROJECT STAFF MEMBERS
2.5     EXECUTIVE STEERING COMMITTEE
3. INCIDENT AND ESCALATION APPROACH
3.1     IDENTIFICATION
3.2     VALIDATION AND PRIORITIZATION
3.3     INCIDENT ANALYSIS
3.4     TRACKING AND REPORTING
3.5     ESCALATION PROCESS
3.6     RESOLUTION & CLOSURE
3.6.1     Resolution
3.6.2     Closure
APPENDIX A: SAMPLE FORMS
APPENDIX B: INCIDENTS AND RESOLUTIONS DATABASE INSTRUCTIONS

List of Figures

FIGURE 1. INCIDENT AND ESCALATION PROCESS FLOW CHART

FIGURE 2. RESPONSE TIME AND RESOLUTION TIME CHART

FIGURE 3. ESCALATION TIME CHART

1. INTRODUCTION

1.1      PURPOSE

This document describes the Incident Management Plan for SafePass, Inc. The purpose of the process is to ensure unanticipated Incidents and action items are assigned to a specific person for action and are tracked to resolution.   However, when a resolution cannot be reached, the item should be escalated to ensure a decision is made before it causes impact to SafePass operations.  The escalation process documents how to raise an incident to a higher-level of management for resolution, particularly when resolution cannot be reached at the incident level.

1.2      SCOPE

The Incident Management Plan identifies the procedures used to manage incidents, action items, and escalation throughout the incident life cycle. The process documents the approach to incident identification and analysis, the approach to escalation and how resolutions are documented.

1.3      REFERENCES

1.3.1             SafePass Management Systems

For guidance on the management systems of SafePass, Inc. please contact Company President.

1.3.2             Project Incident Database

The current list and status of project incidents are kept in an incidents database.

1.3.3             SafePass Document Repository

SafePass uses Google Drive as their document repository for all documentation.

1.3.4             Other References

  • SafePass Incident Governance Document

1.4      GLOSSARY AND ACRONYMS

Action Item An assigned task (usually related to project management concerns) assigned to a person for resolution which can be completed and has a defined deadline for completion. Action items may be a subset of an incident or may be a stand-alone item (e.g., an assignment as a follow-up to a meeting discussion).
Escalation An incident that is elevated to a higher level of authority. Escalation should only occur when all avenues to resolution have been exhausted at the lowest possible levels within the project.
Incident A point or matter in question or in dispute, or a point or matter that is not settled and is under discussion or over which there are opposing views or disagreements.  An incident is a statement of concern or need:

(1)    whose resolution is in question or lacking agreement among stakeholders

(2)    that is highly visible or involves external stakeholders such as requests from control agencies

(3)    which has critical deadlines or timeframes that cannot be missed

(4)    that results in an important decision or resolution whose rationale and activities must be captured for historical purposes or

(5)    with critical deadlines that may impede SafePass operations.

An incident is a situation which has occurred or will definitely occur, as opposed to a risk which is a potential event. Items that are “normal” day-to-day tasks related to a person’s normal job duties are not considered incidents or action items.

1.5      DOCUMENT MAINTENANCE

This document will be reviewed annually and updated as needed.

2. PARTICIPANTS ROLES AND RESPONSIBILITIES

2.1      INCIDENT DIRECTOR

The Incident Director will participate in incident and action item resolutions. If an incident could not be resolved at the incident level, the Incident Director will escalate the incident to the Executive Steering Committee for resolution.

2.2      INCIDENT MANAGER

The Incident Manager has overall responsibility for driving, participating, and managing the overall incident resolution and escalation process at the incident level. The Incident Manager will escalate the incident to the Incident Director level for resolution when necessary.

2.3      INCIDENT COMMANDER

The Incident Commander is responsible for overseeing the incident and action item management process and for periodic reporting on incident status and process metrics. The Incident Commander generates reports for monthly operations team review meetings. The Incident Commander also monitors due dates and escalates incidents and action items to the Incident Manager, as appropriate.

2.4      PROJECT STAFF MEMBERS

Any staff member or stakeholder may generate an incident or action item. Typically, incidents and actions are only assigned to staff to ensure proper visibility and tracking. Other stakeholders may be asked to assist with analysis and review of proposed incident and/or action item resolutions, when appropriate.

2.5      EXECUTIVE STEERING COMMITTEE

The Executive Steering Committee is a governing organization that is comprised of members of executive level who will discuss status, incidents and concerns related to Company operations. The Executive Steering Committee will resolve escalated incidents and provide direction to the Incident Director. Refer to SafePass Incident Governance Document for list of Executive Steering Committee members.

3. INCIDENT AND ESCALATION APPROACH

The incident and action item management process consist of six steps.

  • Identification
  • Validation and Prioritization
  • Analysis
  • Tracking and Reporting
  • Escalation (if needed)
  • Resolution and Closure

Figure 1. Incident and Escalation Process Flow Chart

Figure 2. Response Time and Resolution Time Chart

PRIORITY RESPONSE TIME RESOLUTION TIME PRIORITY DEFINITION
1. Critical 30 Minutes Four Hours SafePass Systems completely unavailable.

Essential facilities/tools do not work.
2. Urgent One Hour Eight Hours Non-essential features and/or functionalities of the SafePass Systems are unavailable or not fully functional, significantly impairing ability to use the system; incidents that could weaken system integrity over a period of time; problems that can be ‘worked’ around in the short term but cause significant operational disruption the long term.
3. Important One Business Day Two Business Days Assistance required for technical or functional features of system. Problems that exist, which cause minor operational difficulties with the systems.
4. Monitor Two Business Days One Week Undefined problems that may cause minor operational difficulties. Problems that require additional research and monitoring to define and resolve.
5. Information One Week When commercially feasible Comments or suggestions on services, technical features, design or other topics.

Figure 3. Escalation Time Chart

PRIORITY ESCALATION TIME
1. Critical Every Eight Hours
2. Urgent Every 16 Hours
3. Important Every 4 Business Days
4. Monitor N/A
5. Information N/A

The incident and escalation process is initiated via the SafePass support phone number or support email address.  It is preferred that reporting individual contact SafePass via phone and speak to a live person in order to assist with the process flow and expedite the overall process.

3.1      IDENTIFICATION

Reporting individual will call the 24-hour support hotline (888-559-0903 x 2) to speak with the On-Call Support Personnel and email [email protected] immediately upon discovery of an Incident.

3.2      VALIDATION AND PRIORITIZATION

During the initial support phone call with the On-Call Support Personnel, SafePass will confirm the validity of the Incident and determine the Priority Definition found on figure 2 above.  This is a critical step in ensuring the appropriate controls are put in place for the remainder of the process.

3.3      INCIDENT ANALYSIS

During the initial discussion with Reporting Individual, the On-Call Support personnel will attempt to resolve the incident within ten minutes.  If unresolved within this time frame, the On-Call Support personnel will proceed to the next step.

3.4      TRACKING AND REPORTING

The On-call Support personnel enter the incident into the Incidents and Resolutions Database.

3.5      ESCALATION PROCESS

If unable to resolve within 10 minutes, the following escalation criteria is followed:

  • Critical Incident – The On-Call Support personnel contacts the Incident Commander via cell phone or home phone until contact is made.  If unable to be reached immediately by phone, the On-Call Support personnel will contact the Incident Manager in the same manner above.  If the Incident Manager is not immediately available, the Incident Director will be contacted via phone.
  • Urgent Priority – The On-Call Support personnel contacts the Incident Commander via cell phone or home phone until contact is made.  If unable to be reached immediately by phone, the On-Call Support personnel will contact the Incident Manager in the same manner above.  If the Incident Manager is not immediately available, the Incident Director will be contacted via phone.
  • Important Priority – The On-Call Support personnel will email the Incident Commander immediately during business hours.
  • Monitor Priority – The On-Call Support personnel will email and call the Incident Commander within 24 hours during business hours.
  • Information Priority – The On-Call Support personnel will email and call the Incident Commander within 48 hours during business hours.

The Escalation Process will be used to ensure critical incidents are raised soon enough to prevent undesirable impacts to operations and to ensure the appropriate parties are informed and involved in critical decision-making.

3.6      RESOLUTION & CLOSURE

3.6.1           Resolution

The Executive Steering Committee will be notified immediately after any Critical, Urgent or Important Incident has been resolved.  All documented Incidents will be reviewed by the Executive Steering Committee on a monthly basis.  During this meeting, all incidents will incorporate the following discussion and documentation.

  • Root Cause Analysis of Incident
  • Mitigating steps to avoid recurrence of the Incident
  • Notification of any Incidents that are impacted with any regulatory agencies
  • Lessons Learned memorandum shared with entire SafePass organization
  • Plan any required training for SafePass personnel
  • Update any affected management system manuals to incorporate Lessons Learned and any mitigating actions

3.6.2           Closure

Upon successful completion and documentation of Resolution, the Incidents and Resolutions Database will be updated accordingly, and date of closure submitted to quality assurance teams or other designated personnel.

APPENDICES

 

APPENDIX A:  SAMPLE FORMS

Incident and Resolutions Database:

APPENDIX B:  INCIDENT AND RESOLUTIONS DATABASE INSTRUCTIONS

 

There are 6 primary fields required to be entered and kept updated.

  • Date of Incident
  • Priority
  • Key Personnel Notified
  • Time of Notification
  • Notes throughout Incident
  • Date/Time of Resolution

It is the responsibility of the Incident Manager to enter and maintain this database.