Procedure for Contact with Authorities
Details
| Date | Version | Status | Information Classification | Document Template ID | Document No |
|---|---|---|---|---|---|
| 20-02-2020 | 1.0 | Approved | Internal | AMS DOC |
Revision History
| Date | Version | Description | Author | Reviewed by | Approved by | Approved date |
|---|---|---|---|---|---|---|
| 19-02-2020 | 1.0 | Initial Version | Shaila | Binu, Praveen | Suresh Kumar B V | 20-02-2020 |
Acronym Used
| Acronym | Expanded Form |
|---|---|
Purpose
This purpose of this procedure is to establish steps for maintaining relationships and communication with other organizations for the purpose of escalation of incidents or in the event of an emergency.
ISO 27001 Reference
- A.6.1.3 Contact with authorities
Scope
This procedure is applicable to
Organizations that interact with Antares Systems for the conduct of business, i.e. third party contractors
Authorities required for resolving emergency issues relating to ASL and its personnel, i.e. fire department, hospitals, etc.
Third party support organizations for Facilities and IT Infrastructure support, i.e. AMC organizations.
Key Practices & Responsibility
| Srl. | Key Practice | Responsibility |
|---|---|---|
| Contact Establishment Process | Facilities Manager, Head – IT | |
| Contact Update Process | Facilities Manager, Head –IT | |
| Communication/Co-ordination with Authorities | Facilities Manager, Head – IT |
Key Practice Details
Contact Establishment Process
Facilities Manager will establish appropriate contacts with law enforcement authorities, regulatory bodies, hospitals, and office security provider such that appropriate action can be quickly taken and advice obtained, in the event of a security incident. The Facilities Manager will maintain the contacts of the following organizations
Law enforcement
Fire stations
Hospitals
Blood banks
Office security provider
Electrical maintenance contractors
Housekeeping contractors
Head - IT will establish appropriate contacts with ISPs, telecom service providers, hardware vendors and software vendors such that appropriate action can be quickly taken and advice obtained, in the event of a security incident.The Head - IT will maintain the contact details for the following third party contractors
Internet service providers
Hardware vendors
Software vendors
Telecom service provider
The contact details for each agency/vendor will at a minimum contain the following
Organization Name
Contact Name
Contact Address
Telephone
Availability (24/7)
Email address
Alternate agencies/vendors will be identified where possible as a backup measure. This is significant for contact establishment with hospitals, fire stations, police stations, etc.
The contact details for each facility will be published in notice boards on every floor and will be available with the front desk of the facilities. At a minimum, the following are displayed:
Key contacts in the facility in case of emergencies
Fire department
Hospitals
The latest contact list pertaining to IT contacts (ISPs, telecom service providers, hardware vendors and software vendors) will be published in the following areas.
Network Rooms
IT work Area
The latest hard copy of the contact details will also be maintained at the offsite backup storage and included in the Business Continuity Plan.
Contact Update Process
Contact details will be recorded in the following registers:
IT Contact Register
Facilities Contact Register
Head - IT and Facilities Manager are responsible for updating changes to contact information in the respective contact registers.
Communication/Co-ordination with Authorities
In the event of emergency or routine maintenance activities communication will be established with the external authorities/vendors as required.
In addition to the Facilities Manager and Head - IT, representatives will be identified in Business Continuity Plan for the purpose of contact establishment with the organizations in the event of an emergency. An up-to-date contacts list will be available to all the representatives at any given point in time.
The individuals responsible for communication with organizations will ensure that confidential information is not disclosed to unauthorized individuals.
References
| Srl. | Document/Section Name |
| ASL Business Continuity Plan |
Implementation Artifacts
| Srl. | Template ID | Artifact Name |