View Current

Critical Incident Management procedure

This is the current version of this document. To view historic versions, click the link in the document's navigation bar.

Section 1 - Preamble

(1) This Procedure was approved by the Vice-Chancellor on 27 May 2017.

(2) This Procedure is pursuant to the Critical Incident Management policy.

Top of Page

Section 2 - Purpose

(3) This Procedure outlines the University's processes to effectively manage critical incidents.

(4) In addition to this Procedure, the Critical Incident Management Plan contains operational instructions and guidance relating to critical incident management at the University.

Top of Page

Section 3 - Scope

(5) This Procedure applies to the management of any critical incident, whether on or off-shore, that has an impact on members of the Deakin community or University activities.

Top of Page

Section 4 - Policy

(6) Refer to the Critical Incident Management policy.

Top of Page

Section 5 - Procedure

Detecting and reporting a critical incident

(7) Any incident has the potential to start as or escalate into a critical incident. Incident types include, but are not limited to:

  1. crisis events such as fire, explosion, chemical spill, gas leak, pandemic, natural disaster, international critical incident, power outage, violent attack, fatality or serious injury
  2. issues or events (internal or external) which may develop into crisis situations, such as  health concerns, fraud or mismanagement.
  3. seemingly innocuous activities that may attract adverse attention from government, regulators, interest groups, the public or media.

(8) All incidents must be reported to the University's Security Services by calling 222 (internal) or 1800 062 579, if they:

  1. cannot be controlled through standard procedures; or
  2. threaten or have potential to threaten the Deakin community or the University’s operations, assets or environment.

(9) There are a number of procedures established within the University for the management of incidents, these include:

  1. emergencies: the University's Emergency and Crisis Information web page outlines the process for responding to different types of emergencies.
  2. security incidents: the security web page outlines the security management arrangements of the University; in addition, the Safer Communities service web page outlines the University's process for responding to concerning, inappropriate or threatening behaviour.
  3. travel incidents: the Student International Placements and Programs procedure and the University's Travel policy and Travel procedure outline specific processes in relation to travel related incidents.
  4. cyber security incidents: the Information and Communications Technology Use procedure outlines the specific process in relation to cyber security.
  5. other: there are a number of other standard procedures established within the Faculties and Portfolios of the University for the management of specific incidents that are minor or operational in nature.

Responding to a critical incident

(10) All incidents reported to Security Services are classified as Level 1, 2 or 3 according to the risk-based critical incident classifications outlined in the Critical Incident Management policy.

(11) Level 2 or 3 incidents must be escalated by Security Services in accordance with the Critical Incident Management Plan. This process results in the incident being reviewed and where necessary, directed to the Critical Incident Management Team Leader for formal incident classification

(12) The Critical Incident Management Team Leader will evaluate the reported incident and where necessary activate the Critical Incident Management Team. Where appropriate the Critical Incident Management Team Leader will consult:

  1. advice issued by the government agencies including the Commonwealth Department of Health and the Victorian Department of Health and Human Services
  2. travel warnings issued through SmartTraveller or the University's approved Travel Management Consultant
  3. advice from international agencies such as the World Health Organisation
  4. Faculties and Portfolios of the University to determine the impact of the disaster, emergency or pandemic to the University community and University activities.

(13) The Critical Incident Management Team will refer to the Critical Incident Management Team Leader and provide executive decisions and strategic direction on University priorities when responding to the critical incident.

(14) The Critical Incident Management Team will:

  1. seek advice from the University Solicitor about any statutory obligations or external reporting obligations arising from a critical incident
  2. report any incident involving suspected fraud or corruption to the Chief Financial Officer in accordance with the Fraud and Corruption Prevention and Control policy
  3. ensure that stakeholders and regulatory bodies, including but not limited to, the Tertiary Education Quality Standards Agency, WorkSafe Victoria and the University's insurer are notified in a timely manner and provided with appropriate information.

(15) Subject matter experts within the University will be enlisted by the Critical Incident Management Team to:

  1. assist with the response as required
  2. implement any operational guidelines relating to a specific incident type, e.g. international student incidents, off-shore incidents or world disasters.

(16) Where applicable, costs incurred by a student or student's next of kin or family as a result of a critical incident will be met by the student or the student's family, unless:

  1. approval to provide ex gratia financial support has been granted by the Vice-Chancellor; or
  2. the University Solicitor determines the University has an obligation to provide financial support.

Recovering from a critical incident

(17) The Critical Incident Management Team will design and implementing a comprehensive recovery process when the immediate aspects of a critical incident are under control, addressing short and long term issues.

(18) When an incident disrupts a critical activity or process, the University's Business Continuity policy and Business Continuity procedure will be implemented.

Learning and adapting from a critical incident

(19) The University undertakes a process of learning and adapting after critical incidents through debriefs conducted before the Critical Incident Management Team is stood down and a structured post incident debrief and evaluation process according to the scale and impact of the event.

(20) After the debriefing and evaluation program is complete, the Emergency Management Committee oversees a comprehensive follow-up process designed to:

  1. provide proper closure for those involved in an incident
  2. enable the University to identify lessons learned and implement improvements that reduce vulnerabilities to similar situations in the future.

Planning and preparing for a critical incident

(21) Annual training and testing of the University's critical incident management arrangements will be undertaken, with outcomes reported through the Emergency Management Committee and annual assurance provided to the University Executive.

Accountability

(22) In addition to the accountabilities outlined in the Critical Incident Management policy, the following responsibilities apply to critical incident management:

(23) The Critical Incident Management Team is responsible for providing executive decisions and strategic direction on University priorities when responding to, recovering and learning from critical incidents.

(24) The Emergency Management Committee is responsible for:

  1. periodically identifying threat scenarios which are particularly high risk (due to probability and consequence) and developing response guidelines accordingly
  2. overseeing an annual internal review to assess the adequacy of Deakin's critical incident management arrangements in light of any changes in the organisation and its operating environment
  3. providing strategic direction and identifying opportunities to improve the effectiveness, efficiency and integration of emergency management, risk management, business continuity, ICT recovery and health, wellbeing and safety areas
  4. overseeing an annual training and testing program to provide a reasonable level of assurance about the University's critical incident management capabilities, and to enable continuous improvement in relevant arrangements.

(25) The Executive Director, Campus Services is responsible for directing the annual training and testing program for the University's critical incident management arrangements, reporting outcomes through the Emergency Management Committeeand providing annual assurance to the University Executive.

(26) The Executive Director, Human Resources is responsible for providing subject matter expertise and incident response relating to health, wellbeing, safety and local emergency arrangements.

(27) The Executive Director, Student Life is responsible for providing subject matter expertise for critical incident response relating to all students.

(28) The Senior Manager, Global Mobility is responsible for providing subject matter expertise in responding to international critical incidents involving members of the Deakin community engaged in approved international mobility programs.

(29) Security Services are responsible for establishing and implementing the annual training and testing program for the University's critical incident management arrangements and the establishment and maintenance of systems to detect, respond and report to critical incidents.

(30) The Manager, Procurement Services is responsible for reporting significant travel warnings and advice relating to staff travel arranged through the University's approved Travel Management Consultant.

(31) The affected Faculty or Portfolio, in conjunction with the Critical Incident Management Team, is responsible for the identification of staff and students who are affected or traumatised as a consequence of a critical incident and for ensuring that appropriate communication and support is offered.

(32) All University staff, and where appropriate non-staff members of the Deakin community must ensure that all incidents are reported as per clause 8 of this Procedure.

(33) All University staff with management and supervisory responsibilities must ensure that any procedures established for the management of area specific incidents include appropriate reporting and escalation elements that satisfy clause 8 of this Procedure.

Top of Page

Section 6 - Definitions

(34) For the purpose of this Procedure:

  1. Pandemic: an epidemic of infectious disease that has spread across a wide geographic area and affected human populations across a large region i.e. a whole region or continent.