#VJMEJOH
#VTJOFTT
3FTJMJFODF

Business Continuity Planning

Guide
Contents
5IF
DPNQSFIFOTJWF
BQQSPBDI
                              3FDPWFSZ                                                       

Introduction. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1
What is the comprehensive approach?. . . . . . . . . . . . . 1
Business Continuity Planning . . . . . . . . . . . . . . . . . . . . . . . . 1
1SFWFOUJPO
                                                     
Introduction. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2
What is risk? . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2
Risk and business . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2
Introduction. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16
Recovery Planning . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16
Recovery strategies . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16
Your Recovery Plan . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16
After the crisis . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17
Key points . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19
:PVS
#VTJOFTT
$POUJOVJUZ
1MBO
                          

What is risk management? . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2 Introduction
                                            20

Benefits of risk management . . . . . . . . . . . . . . . . . . . . . . . . . 3
Identifying risks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3
Analysing the risks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5
Evaluating the risks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6
Treating the risks . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6
The Risk Management Plan . . . . . . . . . . . . . . . . . . . . . . . . . . . 8
Key points . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9
1SFQBSFEOFTT
                                                
Your Business Continuity Plan . . . . . . . . . . . . . . . . . . . . . 20
Rehearse, maintain and review . . . . . . . . . . . . . . . . . . . . 22
Test your plan . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 22
Why bother?. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 22
Continuous Improvement . . . . . . . . . . . . . . . . . . . . . . . . . . . 22
Learning from the past . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 23
Key points . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 23
Business Continuity Plan template . . . . . . . . . . . . . . . 23

Introduction. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10
Business Impact Analysis . . . . . . . . . . . . . . . . . . . . . . . . . . . 10
Key points . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11

3FTQPOTF
                                                      

Introduction. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12
Incident Response Management . . . . . . . . . . . . . . . . . . . 12
Examples of Business Crises . . . . . . . . . . . . . . . . . . . . . . . . 12
Characteristics of a crisis . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12
Putting together an Incident Response Team . . . . 13
Your Incident Response Plan . . . . . . . . . . . . . . . . . . . . . . . . 13
Key points . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15

Disclaimer

This publication has been produced to provide a guide for people anticipating going into business and for business owners.
It should not be regarded as an exhaustive presentation on the subject. Whilst the Department of Employment, Economic
Development and Innovation believes this publication will be of great assistance to its readers, the Department expressly
disclaims all liability for errors or omissions of any kind whatsoever (whether negligent or otherwise) or for any loss, damage
or other consequence which may arise from any person relying on the publication.

The publication is issued on the understanding that the Department is not engaging in rendering any legal or other
professional service. If legal or other expert assistance in relation to the subject matter is required, the advice of a competent
professional should be sought.

©The State of Queensland (Department of Employment, Economic Development and Innovation) Year of Publication 2009

Inquiries should be addressed to the Manager, Small, Medium Enterprise Development, Department of Employment,
Economic Development and Innovation.

Version: 1 October 2009

5IF
DPNQSFIFOTJWF
BQQSPBDI
Introduction
The comprehensive approach to
disaster management recognises
four elements of emergency/
disaster management – Prevention,
Preparedness, Response and
Recovery (PPRR). PPRR is a
framework or model which has been
used by Australian emergency
management agencies since the
1980’s. The model anticipates crises
and utilises sequential planning and
implementation of actions before,
during and after an event.
By following this approach you will
be able to develop a Business
Continuity Plan for your business.
What is the
comprehensive approach?
The comprehensive approach to
emergency or disaster management
incorporates the key components of
Prevention, Preparation, Response,
and Recovery (PPRR).
t
Prevention:
– Actions taken to reduce or
eliminate the likelihood and/
or effects of an incident. This
element is largely covered by
Risk Management Planning.
t
Preparedness:

NBJOUBJO
1SFQBSFEOFTT
– Actions taken prior to an
incident to ensure an
effective response and
recovery. This element is
largely covered by Business
Impact Analysis.
t
Response: As part of the whole process of
– Actions taken to respond to developing your Business Continuity
Plan there should also be rehearse,
an incident in terms of
maintain and review components
containment, control and
where actions are taken to ensure
minimising impacts. This
your plans continue to meet the
element is largely covered by
needs of your business over time.
Incident Response Planning.
t
Recovery: Depending on the size and nature of
your business, you may choose to
– Actions taken to recover
have separate Risk Management,
from an incident in order to
Business Impact Analysis, Response
minimise disruption and
and Recovery Plans, or for a small
recovery times. This element
business, a single plan that
is largely covered by
incorporates all the above elements
Recovery Planning.
may be sufficient.
Business Continuity
Planning
Business Continuity Planning is a
process used to develop a practical
plan for how your business could
recover or partially restore critical
business activities within a
predetermined timeframe after a
crisis or disaster. The resulting
plan is called a Business Continuity
Plan (BCP).
#VTJOFTT
$POUJOVJUZ
1MBOOJOH
1SPDFTT
1SFWFOUJPO
Risk Management Plan
3FDPWFSZ 3FIFBSTF
Recovery Plan BOE
SFWJFX Business Impact Analysis
3FTQPOTF
Incident Response Plan
#VTJOFTT
$POUJOVJUZ
1MBOOJOH | Guide 
1SFWFOUJPO
Introduction
Prevention includes the
identification of risks, the
assessment of threats to life and
property, and ensuring protective
measures are in place to reduce
potential loss of life, property and
business damage. Risk management
largely captures the entire
prevention aspect of the
comprehensive approach.
What is risk?
A risk is the likelihood of something
happening as a result of a hazard or
threat and the impact it will have on
your business activity. Risk arises
out of uncertainty. It is measured in
terms of the likelihood of it
happening and the consequences if
it does happen.
Risk and business
Every business has risks. Just think
for a moment about the hundreds of
things that most business owners
worry about. While a few are
predictable, others are not. You can,
however, plan for and control risks
to a certain extent. Some of these
could be changing salary costs,
taxes, overhead expenses,
equipment and supply costs.
Others are unpredictable and
largely beyond your control such as
actions your competitors may take,
changing tastes and trends,
disasters, industrial accidents and
global economic factors such as
rising oil costs and increased costs
of raw materials.


#VTJOFTT
DPOUJOVJUZ
QMBOOJOH | Guide
These events can, and do, happen What is risk management?
to businesses all the time. They can
directly affect your day-to-day
The risk management process
operations or impact on profits and
consists of a series of steps that,
result in financial losses that may
when undertaken in sequence,
be serious enough to cripple the
enable continual improvement in
business or even bankrupt it.
decision-making. They are:
It is not always easy to recognise
Step 1: Identify risks that could
the hazards or threats that can lead
impact your business.
to adverse consequences. For
example, unless you have Step 2: Analyse risks to assess their
experienced a fire you may not impacts.
realise how extensive fire damage
Step 3: Evaluate risks to prioritise
can really be. Damage to the
their management.
building and its contents are
obvious exposures, but you should Step 4: Treat risks to minimise their
also consider damage from smoke impact.
or water, damage to employee’s
Step 5: Develop and review your Risk
property (personal belongings,
Management Plan.
tools etc) and to property belonging
to others (machinery and equipment
Risk management is not something
leased from other businesses).
that you will do once – you will need
There is also the impact on the
to constantly monitor and review the
business during the time that it
strategies you are using to manage
takes to get the business back to
risk. Risks do not always remain the
normal and the effect of customers
same. You may find that, over time:
and staff who may not return when
you re-open the business. t
new risks are created
t
existing risks are increased or
decreased
t
risks no longer exist
t
the priority order of risks changes
t
risk treatment strategies are no
longer effective.

Benefits of risk
management
Risk management processes are all
about businesses reviewing all
areas of the business to evaluate
possible risks and putting in place
strategies for treating those risks.
Sound strategies would assist in
producing the following benefits:
t
ensuring business continuity
t
reducing insurance premiums
t
reducing your chance of being
sued in certain circumstances
t
reducing the time when the
business may be unable
to operate
t
allowing for a plan to replace
key personnel
t
reducing the loss/damage to
machinery and other equipment
that is necessary for the efficient
running of the business
t
strengthening your capacity to
stay in business.
There are also limitations with the
risk management processes that
you should be aware of, including:
t
risk management will not
eliminate all risk – it is
impossible to plan for and treat
all of the risks to your business
t
accidents can and will happen,
and this may lead to an incident
t
your ability to manage risk will
be influenced by your resources,
budget, time and the
information that you have
available to you.
Identifying risks
Risks can be both internal and
external to your business. Risks can
be hazard based (for example
chemical spills), uncertainty based
(such as natural disasters) or
associated with opportunities
(taking them up or ignoring them).
Businesses often fail to look at risk
broadly enough and tend to
consider the most obvious things
like fire, theft, and market
competition. The questions to ask
yourself are:
t
What could cause an impact?
t
How serious would that
impact be?
t
What is the likelihood of this
occurring?
t
Can it be reduced or eliminated?
Some common risk categories are
listed below.
t
Natural disaster events
(e.g. floods, storms, bushfire,
drought, pandemic)
t
Legal (e.g. insurance,
liability, staff, safety,
warranties, contracts)
t
Technology (e.g. failure,
obsolescence)
t
Regulatory (e.g. water
restrictions, restriction on
operation time, quarantine
restrictions, carbon emission
restrictions)
t
Property and equipment
(e.g. fire, flood, vandalism)
t
Environmental (e.g. chemical,
pollution)
Prevention
t
Workplace Health and Safety
t
Security (e.g. theft, fraud,
technology intrusion, IP,
terrorism, extortion)
t
Economic and financial (e.g.
rising input costs, interest rates,
product life cycle timeframe,
failure to pay)
t
Personnel (e.g. industrial
relations, human error, inability
to fill vacancies)
t
Supply chain (e.g. failure,
interruption)
t
Inputs (e.g. rationing,
restrictions, removal of item
from supply)
t
Market (e.g. changes in consumer
preference, competition)
t
Political/civil unrest (e.g. from
supplier countries or in countries
to which you export)
t
Government policy changes (e.g.
tax, industrial relations, carbon
footprint policy)
t
Failure/interruption of utilities
and services (e.g. power, water,
transport, telecommunications)
Once you have established the
categories of risk that could affect
your business you need to identify
the risks within each category. You
can do that in a number of ways,
including brainstorming with key
staff members.
#VTJOFTT
$POUJOVJUZ
1MBOOJOH | Guide 
1SFWFOUJPO
$BTF
TUVEZ
°
#JMM
4NJUI
4BEEMFSZ

Throughout this workbook we will The key assets of his businesses

be referring to a fictitious are:
business run by Bill Smith. Bill is
t
stock/inventory
34 years old, married with two
children. He is the Director and t
Intellectual Property
sole shareholder of “Bill Smith (saddle designs)
Saddlery” which he has owned t
factory premises.
and operated since 2000.
The main sources of income for
He has: his business are:
t
two stores (Warwick and t
sale of saddles and
Beaudesert) plus online sales accessories to the
t
one factory (at home) making recreational horse industry
saddles and other accessories customers

t
six staff (three full-time and t
sale of saddles to Queensland

three casual) saddleries (wholesale).

t
revenue $95,000 per month. His key resources are:

Let’s look at identifying the risks t
factory equipment

to his business that would affect
t
saddle materials.
his ability to continue to operate
and profit. Through the Listed below are three risks to his
identification of these risks Bill business that can be prevented:
will be able to develop a risk
t
loss of production
management plan that protects
his business from potential harm. t
loss of key supplier
t
insufficient cash to meet
expenses.

Listed below are three risks that

cannot be prevented:

t
loss of staff
t
natural disaster
t
loss of on-site records.



#VTJOFTT
DPOUJOVJUZ
QMBOOJOH | Guide

 Prevention

Analysing the risks $BTF
TUVEZ
°
#JMM
4NJUI
4BEEMFSZ

Once you have identified the risks to
your business, you need to assess
the impact of those risks. You want Looking at the identified risks to
to separate minor acceptable risks
Bill’s business, the consequence
from major risks which must be
managed immediately. and likelihood of each risk
would be:
This involves deciding on the
relationship between the likelihood Identified risk Likelihood Consequences
(frequency or probability) and the
1. Loss of production L VH
consequences (the impacts) of the
risks you have identified. 2. Loss of key supplier M H
3. Insufficient cash to meet expenses L H
Risk = consequence x likelihood
4. Loss of staff H M
The result is a level of risk, often 5. Natural disaster M VH
described as low, medium, high or 6. Loss of on-site records M H
very high, that should be analysed
in relation to what you are currently
doing to control it. Remember,
control measures decrease the
level of risk, but do not always
eliminate it.

This risk analysis can be

documented in a matrix. Different
organisations use different ratings,
and you may want to tailor
something to suit your own
business. A simple example of a risk
matrix is given below.

Likelihood
Consequence
Low Medium High Very high

Low Low Low Medium Medium

Medium Low Medium Medium High

High Medium High High Very high

Very high High High Very high Very high

#VTJOFTT
$POUJOVJUZ
1MBOOJOH | Guide 
1SFWFOUJPO
Evaluating the risks
Once you have identified the risks to
your business and analysed them
for their likelihood and
consequence, you need to evaluate
your risks to determine whether
they are acceptable or require
treatment. You may decide that
some risks are acceptable because
the costs of treating the risks
outweigh the benefits.
Those risks that are not considered
acceptable or tolerable should be
treated or controlled, in order to
either reduce or eliminate negative
consequences, or to reduce the
likelihood of an adverse incident.
Treating the risks
Risks may be treated in a number of
ways including:
t
avoid the risk – make the
decision to discontinue the
activities or processes giving
rise to risk
t
reduce or mitigate the risk – take
measures to reduce the
likelihood or impact of the risk
t
share the risk – transfer or share
a portion of the risk to reduce it
t
retain or accept the risk – make
a decision to take no action due
to a cost/benefit analysis.
Insurance is one method of sharing
risk. You pay an insurance premium,
rather than run the risk of not being
protected against the possibility of
a much larger loss.
In business insurance you can
decide which exposures you
absolutely must insure against and
which ones you can cover yourself.


#VTJOFTT
DPOUJOVJUZ
QMBOOJOH | Guide
Some decisions in this regard have
already been made for you such as
those required by law (eg workers’
compensation) and others required
by customers or clients (where
lenders will finance a vehicle, but
require you to take out insurance
before they pass over the loan).
As far as obtaining insurance is
concerned, make time for a full
discussion with an insurance
professional who will take you
through all the methods of risk
cover and put in place what the
business needs. If you are not
already insured or your current
insurance cover has not been
reviewed recently you should
consider discussing your needs with
your insurance company or
your broker.
Aside from insurance, businesses
can also treat risks through:
t
developing contingency or
‘back-up’ plans
t
quality control processes
t
staff training
t
implementing Workplace Health
and Safety strategies
t
properly maintaining facilities,
plant and equipment
t
using appropriate security
devices
t
establishing appropriate
systems and controls
e.g. segregation of duties
(cash receipting, banking
and accounting)
t
undertaking pre-storm
and cyclone season
preparedness checks.
 Prevention

$BTF
TUVEZ
°
#JMM
4NJUI
4BEEMFSZ

In Bill’s case the risks identified It is often either not possible or

above could be treated as cost-effective to implement all
follows: treatment strategies. A business
owner should aim to choose,
1. Loss of production – purchase
prioritise and implement the
business interruption
most appropriate combination of
insurance and source
risk treatments. For example, in
alternative production site.
the case of ‘loss of production’
2. Loss of key supplier – above, the business may not be
identify alternate suppliers able to afford to purchase
and build working business interruption insurance
relationship with them. because the cost of the insurance
is greater than the potential
3. Insufficient cash to meet
financial loss. It may be more
expenses – introduce weekly
cost effective to source an
cash flow reviews and
alternative production site in the
quarterly forecasts to identify
short term.
when and how much cash is
required. Make adjustments
to spending to ensure there is
sufficient cash to meet
expenses when required.

4. Loss of staff – ensure all

staff are properly trained and
there is succession planning
in place.

5. Crisis/disaster – ensure
insurance is in place and the
business has a plan on how to
respond in the event of a
disaster, eg fire, severe storm.

6. Loss of on-site records

– ensure back ups of
computer records and
financial data exist and are
stored at a different location.

#VTJOFTT
$POUJOVJUZ
1MBOOJOH | Guide 
 Risk management plan – Bill Smith Saddlery

3JTL
EFTDSJQUJPO 1SFWFOUBUJWF
BDUJPO $POUJOHFODZ
QMBOT

-JLFMJIPPE
1SJPSJUZ

$POTFRVFODF
t
1VSDIBTF
CVTJOFTT
JOUFSSVQUJPO
JOTVSBODF t
*NNFEJBUF
BDDFTT
UP
QFSTPOBM

Loss of production L VH M resources whilst waiting for
t
4PVSDF
BMUFSOBUJWF
QSPEVDUJPO
TJUF insurance payments
1SFWFOUJPO
The Risk Management Plan



#VTJOFTT
DPOUJOVJUZ
QMBOOJOH | Guide

t
*EFOUJGZ
BMUFSOBUF
TVQQMJFST
BOE
CVJME
XPSLJOH
SFMBUJPOTIJQ
XJUI
t
1VSDIBTF
GSPN
BMUFSOBUJWF
TVQQMJFST

Loss of key supplier M H M them or use suitable substitute products
collated and displayed in a table as shown:

t
*EFOUJGZ
TVJUBCMF
TVCTUJUVUF
QSPEVDUT

t
*OUSPEVDF
XFFLMZ
DBTI
nPX
SFWJFXT
BOE

XFFL
GPSFDBTUT
UP
t
*ODSFBTF
CVTJOFTT
XPSLJOH
DBQJUBM

Insufficient cash to identify when and how much cash is required from personal cash reserves
H VH VH
meet expenses t
.BLF
BEKVTUNFOUT
UP
TQFOEJOH
UP
FOTVSF
UIFSF
JT
TVGmDJFOU
DBTI

to meet expenses when required

t
&OTVSF
BMM
TUBGG
BSF
QSPQFSMZ
USBJOFE t
$POUBDU
SFDSVJUNFOU
BHFODZ
UP

source short term contract staff until
Loss of staff H M M t
1VU
TVDDFTTJPO
QMBOOJOH
JO
QMBDF suitable permanent replacement
t
-PDBUF
SFDSVJUNFOU
BHFODJFT
JO
ZPVS
BSFB staff can be sourced

t
&OTVSF
JOTVSBODF
JT
JO
QMBDF
t
*NNFEJBUF
BDDFTT
UP
QFSTPOBM

The results of this risk management process for Bill Smith Saddlery can now be

Natural disaster M VH H resources whilst waiting for

t
%FWFMPQ
B
CVTJOFTT
DPOUJOHFODZ
QMBO
PO
IPX
UP
SFTQPOE
JO
UIF
insurance payments
event of a disaster, eg fire, severe storm

Loss of on-site t
&OTVSF
UIFSF
BSF
CBDLVQT
PG
DPNQVUFS
BOE
mOBODJBM
SFDPSET t
6TF
CBDLVQ
EBUB
UP
SFTUPSF
MPTU
mMFT

M H H
records t
4UPSF
B
DPQZ
PG
BMM
EBUB
BU
B
TFQBSBUF
MPDBUJPO

Key: VH = Very high

H = High
M = Medium
L = Low

Key points
6OEFSTUBOE
ZPVS
CVTJOFTT
You need to have a complete picture
of the interactions inside your
business and between you, your
customers and suppliers. Make sure
that you also understand the
environment you operate in.
Assess the risks to your
business
Every business has risks. You need
to identify and analyse the risks that
may have an adverse affect on your
business and choose the best
method of dealing with each of
these identified risks.
Prevention
Be realistic
Determine which risks you can
accept and which ones you need to
treat. Put strategies in place for
treating those risks. Ask yourself,
how much could you afford to lose if
a crisis prevented you from doing
business for days, weeks or
months? How would suppliers,
customers and potential customers
react if your business received
adverse publicity because you were
unprepared for a critical incident?
Take a long-term approach
Regularly review and update your
risk assessment to keep up with the
changes in the business and the
variations in your risk. This is an
ongoing process otherwise it will
lose relevance. Ensure your staff
understands that risk management
is everyone’s responsibility.
#VTJOFTT
$POUJOVJUZ
1MBOOJOH | Guide 
1SFQBSFEOFTT
Introduction
Preparedness involves:
t
taking action prior to an incident
occurring to ensure an effective
response and recovery
t
being proactive and planning for
the likelihood of an event that
has the capacity to interrupt
your business operations
t
a personal commitment to dispel
any thoughts that “it won’t
happen to me”.
Preparedness is all about being
proactive and planning. Business
Impact Analysis (BIA) largely
captures the preparedness aspect
of PPRR.
Business Impact Analysis
Every business has numerous
activities in its overall operations
but only a percentage will be key to
its survival. The purpose of a
Business Impact Analysis (BIA) is to
gather information to determine
basic recovery requirements for your
business in the event of a crisis.
It will show which parts of your
business will be most affected by
an incident and what effect it will
have upon the business as a whole.
In other words, a BIA is used
to establish:
t
your critical business activities
t
the resources required to
support each activity
t
the impact of ceasing to perform
these activities.
As part of your BIA you should
assign Recovery Time Objectives
(RTO) to each activity. The RTO is the
time from which you declare a
crisis/disaster to the time that the
critical business activity must be
fully operational in order to avoid
serious financial loss.


#VTJOFTT
DPOUJOVJUZ
QMBOOJOH | Guide
$BTF
TUVEZ
°
#JMM
4NJUI
4BEEMFSZ
The Department of Primary Critical business activities:
Industries & Fisheries (DPIF) has
t
purchasing materials
declared an alert due to the
suspicion of a series of Equine t
purchasing stock
Influenza (EI) outbreaks in t
manufacturing
SE Queensland. The DPIF had
t
distribution.
previously been in an
investigation phase where it Description of critical business
collected and collated disease activities:
data. The DPIF has notified
t
purchasing of quality leather
(via an Industry Alert) relevant
and materials for production
stakeholders and key response
of saddles
staff have been placed on
standby. No restrictions are t
purchasing of stock for the
store at the lowest price
currently in place.
from suppliers
In preparing for a possible
t
manufacturing process of
outbreak of EI, Bill needs to
saddles
identify the key information
t
distribution of saddles to own
about his business.
store and others for sale.
Key stakeholders:
Possible impacts:
t
bank
t
Revenue and costs:
t
landlord
– probable drop in sales by
t
leather supplier
up to $20,000 per month
t
equipment lessor
– inability to pay fixed costs
t
staff
and rent due to decreased
t
customers. income.

t
Staffing:
– may be necessary to let
some staff go
– casuals would go first and
a skeleton full time staff
would be kept to operate
the stores.
t
Product/service:
– popular products, such as
saddles may not sell
– apparel and clothing lines
may continue to sell,
but with a reduction in
sales numbers.
Recovery Time Objectives:
t
purchasing materials – 48 hrs
t
purchasing stock – 1 week
t
manufacturing – 2 weeks
t
distribution – 2 weeks.
Priority of critical business
activities (on a scale of 1 to 5 with
1 being the most important and
5 being the least important)
t
purchasing materials – 2
t
purchasing stock – 3
t
manufacturing – 1
t
distribution – 1.
Preparedness
Key points
Identify your critical
business activities
Take the time to identify the
operations that are most critical to
the success of the business on a
day-to-day basis, and determine
how long you can go with each of
those activities not available.
Concentrate on the impact
not the incident
What will the impact of the loss or
interruption to critical business
activities be on your business?
Spend your time establishing
exactly how it will affect your
business and what you need to do
to manage the situation. Identify the
immediate impacts and subsequent
consequences and get ahead of
them if you can.
6OEFSTUBOE
UJNF
GSBNFT
Assign a Recovery Time Objectives
(RTO) to each activity. The RTO is
the time at which the activity must
be back in operation or impact to
the business will result. Once an
RTO is established for each activity,
a prioritisation of the activities can
take place.
6TF
ZPVS
#*"
UP
JOGPSN
ZPVS

recovery planning
Your BIA will help you to determine
the strategies or actions you need
to include in your recovery plan.
#VTJOFTT
$POUJOVJUZ
1MBOOJOH | Guide 
3FTQPOTF
Introduction
The Response phase of PPRR occurs
as the incident happens and
immediately after. It covers actions
taken to respond to an incident in
terms of containment, limiting loss
to life and property and preventing
incident escalation. Response
generally involves an operational,
management and communications
response. Incident Response
Management largely captures the
response aspect of PPRR.
Incident Response
Management
A crisis can be defined as anything
that has a negative impact on your
business. Incident Response
Management is a business plan
of action that is implemented
quickly when such a negative
situation occurs.
Although crisis events are often
unpredictable, they are not always
unexpected. Typically, these crises
have the capacity to have negative
financial, legal, political,
or governmental repercussions on
the business, especially if they are
not dealt with in a prompt and
effective manner.
Examples of Business Crises
Hundreds of threats exist for every
business. Crises can take many
forms including:
t
Natural disasters
t
Pandemics
t
Extortion or embezzlement


#VTJOFTT
DPOUJOVJUZ
QMBOOJOH | Guide
t
Terrorist attack
t
Industrial accidents
t
Computer tampering
t
Systems failure
t
Product defects/recall
t
Hazardous material leak
t
Explosion
t
Economic downturn
Of course, each business will have
their own vulnerabilities and it is
important that you spend time
identifying those that could
significantly affect the running of
your business. Take a hard look
at your business, examine
potential vulnerabilities from every
angle, and seek out potential
problems in your dealings with your
customers, your employees, and
even your suppliers.
Characteristics of a crisis
There are some common
characteristics of all crisis events.
They include:
t
possible physical danger
– physical safety and
protection should always be
your first priority during
a crisis
t
confusion, friction, pressure and
stress will exist
– when a crisis hits, take a few
moments to stop and think
– try to keep calm, issue
clear instructions, and send
for assistance if you need to
t
key people will be busy and
unable to do normal duties
– crises can make it difficult
or even impossible to carry
out your normal day-to-day
activities
t
external support may be required
– you may need to consult
with the Police and/or
Emergency Services
t
lack of quality information,
answers and time
– during the first few hours of
a crisis you may not know
what to say, what to do or
what’s really happened –
activate your Incident
Response Plan to avoid
making rash decisions
t
media and stakeholder interest
will be intense
– activate your communications
plan immediately a crisis is
established – your
communications with
authorities and stakeholders
must be open, honest, timely
and accurate
t
news travels fast
– when a crisis develops,
prompt and proactive
communication is essential
– the hours and days
immediately following a crisis
are often the most important
in shaping public perception
of the event

Putting together an
Incident Response Team
When a crisis hits time is a
luxury you never have. Before a
specific crisis occurs, you need to
put together an Incident Response
Team with the expertise to
understand and evaluate the
specific crisis and come up with the
solutions that can help your
business cope with it. Team
members should have a backup and
everyone must be clear about their
roles. To be effective, an Incident
Response Team should include:
t
Team leader
– The team leader should be
someone who knows the
business inside and out,
and who can take full
responsibility for the
ongoing management of a
crisis incident.
t
Response team
– This team, or individual in
a small business, must be
able to make decisions,
approve recommendations
and provide direction in the
event of a crisis.
t
Assessors
– Assessors, along with their
backups, are responsible for
assessing the business
interruption impact and
providing feedback to the
entire Incident Response
Management Team.
t
A spokesperson
– The spokesperson should be
the one voice responsible for
all internal and external
communications and should
be trained in dealing with
the media. Your
spokesperson must create
and build the perception that
the business is under
control; that the company
knows and understands
what is happening; and that
it will resolve the situation.
t
Others
– Depending on your business,
you may also include
personnel from departments
such as HR, IT, security and
other specialists who have
specific expertise regarding
your business.
During a crisis do not burden your
Incident Response Team members
with other duties. The crisis should
be their top and only priority.
Response
Your Incident Response
Plan
Your Incident Response Plan should
be simple without being simplistic.
Although you will never be able to
plan your response in detail for every
2–Prevention
possible event, remember that
people need to be able to react
quickly in an emergency – stopping
to read lots of detail may make that
more difficult.
Your plan should include:
t
clear direct instructions for the
crucial first hour after a crisis hits
t
a list of the personnel who
have the authority to invoke
the plan and under what
circumstances this should occur
t
a list of Response Team members
and their backups as well as a
detailed explanation of their roles
and functions in response to
a crisis
t
checklists that people can
easily follow
t
an evacuation plan
t
a ‘GO pack’ – an emergency kit
containing critical documents
and equipment which can be
picked-up and quickly and easily
carried off-site
t
contact lists for both internal and
external personnel
t
an Event Log to record
information, decision and
actions in the period immediately
following the critical event
or incident.
#VTJOFTT
$POUJOVJUZ
1MBOOJOH | Guide 
3FTQPOTF
$BTF
TUVEZ
°
#JMM
4NJUI
4BEEMFSZ
The Department of Primary
Industries & Fisheries (DPIF) has
now confirmed an outbreak of EI
in South East Queensland.
t
Several horses have already
succumbed to the disease.
t
Containment areas have been
declared and all movement of
horses in SE Qld has been
suspended for a minimum of
four weeks.
t
In addition, a case of EI
has also been confirmed in
NSW, with authorities also
implementing strict
movement restrictions in
that State.
This crisis could impact Bill’s
business in a number of ways.
t
revenue for at least the next
month would likely be down
t
he would have a potential
build up of stock
t
he might also need to use
his cash reserves to meet
bill payments.


#VTJOFTT
DPOUJOVJUZ
QMBOOJOH | Guide
The top 5 things he could do
immediately would be:
1. Obtain as much reliable
information on the outbreak
so informed decisions can
be made.
2. Review and invoke his
Business Continuity Plan,
including his Incident
Response and Recovery
plans.
3. Assess cash reserves and
determine the cash needs of
the business.
4. Cancel or reduce orders of
stock for the next month.
5. Inform staff of likely effect on
business and possible
reduction in work hours.
His stakeholders who would
require management during the
crisis period would be the bank,
his staff, his suppliers and
his landlord.
He should also consider the
situation where his current cash
reserves do not meet his current
bills by:
t
collecting all accounts
receivable (debtors) as soon
as possible
t
identifying any assets that
could be sold
t
identifying any new markets
where demand for product
exists
t
reducing costs where possible
and consider reducing staff or
staff hours
t
making new arrangements
with stakeholders for
payment such as extended
terms of trade, larger
discount for early payment or
accepting some stock lines
on consignment.

Key points
Define the real problem
and determine strategy
accordingly
Examine the situation quickly,
confirm the precise details of the
incident and decide on the
appropriate action.
Respond quickly and
effectively
The first hour is vital. If a critically
injured person is treated within one
hour, their chances of survival
increase significantly. Pretty much
the same applies to crisis
management. If your crisis response
is quick, your chance for business
survival increases.
6OEFSTUBOE
UIF
DIBOHJOH

situation and manage
information effectively
Keep on top of the crisis and
communicate changes in the
situation as quickly as you can.
There is often no way to tell how
long your particular crisis will last,
so regularly assess the momentum
of the situation.
Response
Assume worse case and
that the situation will
escalate
What is the worst thing that can
3–Preparedness
happen to your business? How will
you deal with it? If there is even a
slight chance that it could happen,
assume that it will and develop
strategies to deal with it.
Cultivate and call on subject
matter experts and allies
Depending on your business and
the type of crisis, you may need
specialists in public relations, legal,
management, personnel, or
security. For example, if you have
the possibility of a chemical spill,
ideally a chemist ought to be on the
team so you know what risks the
chemical does or does not pose to
the general public.
#VTJOFTT
$POUJOVJUZ
1MBOOJOH | Guide 
3FDPWFSZ
Introduction
Recovery includes actions taken to
recover from an incident (this may
not always be possible). Recovery
can be broadly divided into:
t
Resumption (continuity) of
business activities
t
Restoration (recovery)
of resources.
Recovery Planning
Whilst Incident Response is
concerned with events as they
unfold during a crisis or emergency,
recovery planning is a proactive
approach to getting the business
back on its feet in the shortest
possible time after such an event.
It is vital that you take recovery
planning seriously. It is not a task
that can be left until you can
find enough time to deal with it –
a serious incident can occur at
any time.
As with all of your plans, the
more work done during the
planning process, the better your
business’s chance of recovery.
Not only does the planning process
get everyone thinking about the
needs of the business during a
critical event, it also puts people in
the right mindset for preparing for
the unexpected.


#VTJOFTT
DPOUJOVJUZ
QMBOOJOH | Guide
Recovery strategies
Your recovery strategies should
demonstrate a clear understanding
of your business’s recovery
objectives and reflect what the
business needs to continue.
You should:
t
Establish a Recovery Team,
assign backups and ensure
that all are aware of their
roles and functions in the
recovery process.
t
Establish a disaster recovery
location where employees may
work off-site, when necessary,
and are able to access critical
back-up systems, records and
supplies. This may be a room or
space at another business
location or at a hotel or home.
t
Determine which assets,
including documents, are
essential for recovery and
therefore require protection.
Make sure essential
documentation is safely stored
off-site or in fireproof cabinets.
t
Make sure that you have contact
lists of all people who may be
affected by the incident,
including staff, key customers
and suppliers and your
insurance company. You may
need to let your customers and
suppliers know of alternative
methods of contacting you or
placing orders and what to
expect from your business in the
event of a lengthy outage.
t
Develop relationships with more
than one supplier, so that if one
is affected by an incident your
business can continue as usual.
t
Be prepared for the possibility of
broken or damaged equipment,
machinery and systems. Know
who can fix them and have their
contact details at hand. Consider
renting or borrowing equipment
if possible.
t
Plan for disruptions to electricity,
gas, water, sewerage and
telecommunications systems.
Are backup systems available?
Are there alternatives that can
be used?
t
Be prepared for cashflow
emergencies. Keep enough cash
on hand to handle immediate
needs and consider setting up
internet banking services.
Your Recovery Plan
Your Recovery Plan should contain
information relating to planning
for recovery and resumption of
critical business activities after a
crisis or emergency has occurred.
It should include:
t
strategies to recover your
business activities in the
quickest possible time
t
resources required to recover
your operations
t
your previously identified
Recovery Time Objectives
t
the people who have
responsibility for each task/role.

After the crisis
Once the incident is over, there are a
number of steps that you need
to take:
t
Assess the extent of the damage
caused during the crisis. Record:
– injury to any people,
including staff, clients and
other members of the public
– damage to buildings,
equipment, company
vehicles and stock
– impacts on your business
functions
– damage to your reputation
t
Conduct a critical incident
debrief
– Within 48 hours, preferably
within 24 hours, following a
critical incident, hold a
meeting for debriefing
employees. The purpose of
the critical incident
debriefing is to help
employees understand some
of the reactions they may
have, by encouraging
employees to gain support
from each other, and by
allowing them an
opportunity to verbalise their
thoughts and feelings.
Recovery
t
Keep staff informed throughout
the recovery process. They may
be concerned about:
– colleagues who may be
injured
– what is expected of them
– whether they should turn up
for work the next day
– whether they will still have
a job.
t
Look into the possibility of
applying for government support
programs to assist the recovery
of your business after a
critical incident.
t
Each crisis provides an
opportunity for learning to occur
and plans to be revised. As part
of this process you need to
ensure that you record what you
have learnt, update your plan
accordingly and conduct a
critical incident review after
every incident. The questions
asked should include:
– What went well and
what didn’t?
– What key lessons were
learned?
– What changes do we need to
make to our business
processes?
#VTJOFTT
DPOUJOVJUZ
QMBOOJOH | Guide 
3FDPWFSZ
$BTF
TUVEZ
°
#JMM
4NJUI
4BEEMFSZ
It is now four weeks after the
initial alert of EI. The Department
of Primary Industries & Fisheries
(DPIF) has moved to the stand-
down phase of their response
due to no additional reported
cases of EI. Most DPIF
investigative and operational
activities have ceased and most
restrictions on horse movements
have been lifted.
Bill has assessed his financial
position:
t
he knows that his current
cash reserves will only last
three more weeks and
therefore he must increase
sales or find other sources
of cash
t
his inventory is still high and
expenses have been reduced
to a minimum
t
he has missed one lease
payment.


#VTJOFTT
DPOUJOVJUZ
QMBOOJOH | Guide
What practical recovery activities t
He also needs to test and
could he be doing? review his plan on a regular
basis to ensure that it
t
Hold sale of old stock to
continues to meet the needs
increase cash.
of his business.
t
Set new sales targets to
t
He needs to ensure that he
increase cash reserves.
understands his business
t
Manage landlord and set up a both financially and non-
repayment agreement. financially. To do this he must
spend more time looking over
t
Advise staff of position and
the accounts and planning his
new sales targets.
t
Engage in direct and cheap cashflow.
marketing. t
He must relate the possible
t
Identify where the business changes in the market and
will sit in the market post his customers to the financial
the crisis. effects on his business so
he can proactively run
What lessons can he learn and
his business.
how can he incorporate these
back into his business?
t
Planning is essential as it
gives him a framework to
keep his business going
should another crisis occur.
He must continue to set goals
and have a continuity plan for
his business at all times and
not just when a crisis exists.

Key points
Continue to communicate
with all key stakeholders
Conduct periodic debriefing
sessions with recovery teams to
monitor progress and determine
problem areas. Keep the lines of
communication open with clients
and suppliers as well. Effective and
proactive communication will create
and build the perception that the
business is under control, that you
know and understand what is
happening and that the situation
will be resolved.
Ensure staff understand and
collectively work towards
recovery efforts.
It is vital that everyone on your staff
takes the development and
maintenance of the recovery plan
seriously and demonstrate a clear
commitment to establishing and
maintaining an effective recovery
planning process.
Recovery
Identify alternate suppliers, Do not forget the human
facilities, processes aspect of crisis recovery
t
The crisis may be affecting Keep a watchful eye on
your suppliers. Determine personnel after a critical incident.
how you would source Allow employees to discuss any
alternative supplies. feelings which have come up since
t
Think what you would do in a the critical incident debriefing and
crisis if your premises couldn’t monitor their progress.
be used.
t
If you use vital pieces of
equipment, you may want to
cover them with maintenance
plans guaranteeing a fast
emergency call-out.
Make sure that you have
adequate insurance
coverage
You should have coverage for when
your supplier/s are affected by a
crisis and can not deliver necessary
supplies as well as coverage for the
loss of income you would incur if
customers affected by the crisis
stop ordering your product or
service. Ensure that you also have
appropriate insurance to cover other
related issues such as on-site
injuries to staff or visitors or for loss
of your customers’ goods or
materials.
#VTJOFTT
DPOUJOVJUZ
QMBOOJOH | Guide 
:PVS
#VTJOFTT
$POUJOVJUZ
1MBO
Your Business Part Content Purpose
Continuity Plan
Distribution list and Detail: Lists the personnel who
associated are to receive that plan and
Introduction documents
t
who is to receive a copy of
the documents you may
the plan
t
other associated plans need to refer to. eg.
Your Business Continuity Plan (BCP)
Response Plan, emergency
should contain all of the information t
checklists
evacuation procedures,
required to ensure that your t
policy and procedures.
Recovery Plan, etc.
business is able to resume critical
business activities in the event of Introduction/ Broad description of the plan Provides an overall picture of
a crisis. executive summary to be executed, including what is to occur in order to
priorities, opportunities, and maintain business continuity.
Depending on your business, you assumptions.
may choose to have separate Risk
Management, Business Impact Objectives Clear and concise statement of Provides guidance to team
Analysis, Incident Response and the objectives of the plan. members on the objectives
Recovery Plans, or for a small of the plan which will allow
staff to work to that intent
business, a single Business
and make decisions in
Continuity Plan, which incorporates changing situations.
all the above elements, may
be sufficient. Glossary Lists terms used in the Provides an explanation of
document. terms, definitions and
acronyms that are used
Your Business Continuity throughout your BCP.
Plan
Risk management Details: May be a separate plan or part
Alongside is a suggested structure
t
identified risks of your BCP. Allows you to
for a Business Continuity Plan plan to minimise risks by
t
their likelihood
incorporating all of the above putting mitigation strategies
t
their consequences.
elements. This should be used only in place.
as a reference to get you started.
Business impact Details: Identifies the effect of
analysis t
comprehensive list of different external and
business activities internal impacts upon the
t
their affect on operations various parts of your
business in times of crisis.
t
resource requirements
Identifies the time that your
t
critical activity priority
business can survive without
list.
critical activities.

Incident response Documents the tasks that will
plan be required to manage the
initial phase of an incident
and the individual responsible
for each task.
May be a separate plan or
part of your BCP. Provides all
the information the
organisation needs to ensure
that it can manage the
immediate incident.

Plan activation Clear statement of Sets out the process for

circumstances when plan mobilising and standing down
should be invoked and the list the relevant teams.
of personnel authorised to
invoke the plan.



#VTJOFTT
DPOUJOVJUZ
QMBOOJOH | Guide

 Your Business Continuity Plan

Part Content Purpose

BCP teams List: Identifies and lists the

t
all personnel with a role
t
explanation of roles
t
list of backup personnel
for each role.
members of your planning,
response and recovery teams
and their roles as well as a
suitable backup should the
primary be unavailable.

Communications List: Guides all internal and

t
key stakeholders,
priorities, categories and
communication modes
t
reporting arrangements
t
control and coordination
arrangements
t
key timings.
external communications in
regards to the incident
response to ensure that
communications match
incident needs.

Contact lists Detail: Provides easy access to all

t
internal contact lists
t
emergency services
contact lists
t
external contact lists.
contact numbers, including
team members, emergency
personnel, staff, suppliers
and key customers that could
be required in a crisis.

Recovery plan Detail: Provides the overall strategy

t
recovery steps to maintain or recover critical
t
RTO’s business operations, recover
property losses, and resume
t
dependencies
normal operations. Should
t
restoration steps.
include the time up to which
serious business impact or
loss will occur.

Testing and Detail: Outlines the specific training

maintenance t
schedule of testing to be
performed
t
review/update timetables
and deadlines
t
BCP revision history.
requirements necessary for
carrying out the response and
recovery activities as well as a
schedule defining the
frequency and types of drills
and exercises to be
conducted. Also defines when
and how the program will be
reviewed and evaluated.

#VTJOFTT
DPOUJOVJUZ
QMBOOJOH | Guide 
:PVS
#VTJOFTT
$POUJOVJUZ
1MBO
Rehearse, maintain and
review
A deceptive and dangerous
assumption is the idea that once a
plan is written it is complete. Plans
require constant reappraisal and
revision as flaws and omissions in
the plan will always be revealed
during exercises. At the same time,
changes in organisational structure
necessitate regular revision and
updating of the plan and, of course,
more training.
Test your plan
Your plans cannot be considered
reliable until they have been tested
and proved to be workable. Testing
involves:
t
validating plans
t
rehearsing key staff
t
testing your systems.
The frequency of testing will depend
on your business, but should take
into account changes in your
business and outcomes of any
previous testing (in particular if
weaknesses were identified and
changes made to the plan). As a
minimum, test plans annually.
Not all aspects of your plan can be
tested, but some elements can. For
example, you will be able to test
evacuation procedures in the event
of fire. Another way to test the plan
is to have planning meetings to
bring staff together to inform them
of the plan and their individual
responsibilities. You should also
examine the plan as a group to
identify problems and solutions.


#VTJOFTT
DPOUJOVJUZ
QMBOOJOH | Guide
This type of exercise is particularly
useful for training purposes and
provides an important tool for
embedding Business Continuity
Management in your organisation’s
culture. It is also effective as an
initial validation of a new plan.
Scenario testing is another useful
way of validating plans and
rehearsing key staff. A scenario
works by simulating a live event
and allowing staff to make decisions
as the scenario unfolds in very
much the same way they would in
the event of a real incident. When
writing scenarios, think about
the risks to your business that
you identified in your Risk
Management Plan.
Why bother?
Why bother reviewing and testing
your plan? There are a number of
very good reasons, including:
t
To strengthen your business.
Businesses need to live, grow
and change, and plans must
live, grow and change with
those needs.
t
To protect your investment.
You’ve put a lot of your time,
effort and money into
your business.
t
To maximise your return
on investment.
t
To ensure you have the ability
to respond to and recover from
whatever adverse situations
may occur.
t
To enable you to remain in
control of your business.
In monitoring and reviewing your
plans it pays to keep your eye on the
big picture, that is the business
environment around you.
t
What actions would you take in
your business if interest rates
rose? Are sales likely to go up
or down?
t
How would you respond to higher
fuel, power, and water costs?
Continuous Improvement
It cannot be over-emphasised that
planning is a long-term commitment,
not just something that you do once
and forget about. Whatever its size,
every business needs to develop
plans to deal with crises. In today’s
environment long term planning no
longer exists and is fast being
replaced by re-planning; making
strategic plans never-ending and
always evolving.
You can maximise your chances of
success by adopting a continuous
and regular planning cycle that keeps
your plans up-to-date. This should
include regular planning meetings
which involve key people from the
business to monitor and review
progress and to identify ways in
which planning and operations could
be improved.

Key questions that should
be asked include:
t
Do you have a Business
Continuity Plan that is
up-to-date and complete?
t
Do your employees know and
support your plan?
t
Have you practiced and tested
the plan to expose any
weaknesses, overlooked
aspects or problems?
Continuous improvement is about
making constant enhancements
towards excellence. Looking for
ways to make things better, do
things a little easier, a little faster, a
little bit cheaper, tweaking it or
polishing it.
Learning from the past
Businesses who are serious about
continuous improvement review
their plans to see what they can
learn from them. They use the past
to improve the future. Reflecting on
what they’ve done and how they’ve
done it helps to manage the next
incident better. You can follow any
one of the numerous continuous
improvement models that are
readily available. One of the more
popular models is:
Plan
Act
No matter which system model
you select, you must ensure it
is implemented to guide the
continuous improvement process
when reviewing and testing
your plans.
Key Points
Make sure you undertake
the planning process
A carefully thought-out plan will
make coping in a crisis easier and
enable you to minimise disruption
to your business and its customers.
It will also prove to customers,
suppliers and investors that your
business is robust enough to cope
with anything that might be thrown
at you – possibly giving you the
edge over your competitors.
Commence planning early
Give staff the opportunity to
familiarise themselves with all of
your plans to provide confidence
that the teams, technology, and
procedures are capable of working
when they need to.
Do
Check
Your Business Continuity Plan
Ensure your staff understand
and collectively work
towards the plan
If employees don’t understand the
plan, it will fail. They need to know
how to initiate action, how to work to
the plan, what to do in case any
element of the plan doesn’t work,
and where to go for additional
information.
6OEFSTUBOE
MFHBM
BOE

compliance requirements
t
Make sure that you understand
and comply with all regulatory
and ethical requirements.
t
Adopt a continuous improvement
process
t
You will no doubt put a lot of time
and effort into developing your
Business Continuity Plan. Protect
your investment by regularly
reviewing and updating your plan
to reflect the changing
environment.
Business Continuity Plan
template
The Department has developed a
Business Continuity Plan template
which you can download from our
website at www.business.qld.gov.au
Business operators should use it
as a guide only to developing a
Business Continuity Plan.
Customise it to suit your
business needs.
#VTJOFTT
DPOUJOVJUZ
QMBOOJOH | Guide 
With a statewide network of Department of Employment,
Economic Development and Innovation centres, use the
contacts below to find one near you.




*OUFSTUBUF
DBMMFST
t





XXXCVTJOFTTRMEHPWBV

10/07
SD4396 10/09
SD5799