CRITICAL INCIDENT MANAGEMENT WITHIN FEDERATION OPERATIONS

Terminology – Explanatory Note

The attached document developed by the Security Unit outlines a proposed protocol for dealing with crisis/critical situations
within the International Federation.

The terminology used to define such situations is Critical Incident and the definition of a Critical Incident is:

A situation that, threatens, or has impacted on, the safety / security of Federation personnel, assets or operations to the extent
that there is the potential to be a significant disruption or even incapacity to continue to operate.

Typically in most organisations the term crisis is used in the same context and organisations have crisis management plans.
Within the Federation one of our primary mandates is disaster response and recovery – arguably this is in itself crisis
management and hence by our nature we are a crisis management organisation. The term critical incident has therefore been
used so as to differentiate that this protocol is not aimed at introducing a new methodology for or operational planning for
disaster response, although aspects of this protocol could be utilised to strengthen some of our existing procedures, but rather is
aimed at situations that affect the Secretariat directly as opposed to the Secretariat responding to situations that affect others.
 -1-

CRITICAL INCIDENT MANAGEMENT WITHIN FEDERATION OPERATIONS

INTRODUCTION

International Federation personnel-- including international and local staff, NS personnel and volunteers – operate in a wide
range of working environments around the world. By the nature of the work the Federation undertakes, personnel often operate
in a higher risk environment. As a result there is a requirement to have procedures to manage situations that may develop due
to this higher risk environment.

The actions required to manage a critical incident will vary depending on the situation, however the process involved should
follow a predefined sequence.

Emergency
Response Plan

Critical Incident Contingency

INCIDENT /
SITUATION
Management Plan
Protocol

Business
Continuity Plan
Scope

This paper outlines a critical incident management protocol for International Federation operations from Geneva headquarters to
country level, and includes operations carried out by PNSs under the security responsibility of the Federation. It incorporates the
notification process for incidents and provides guidance for managers on developing emergency response plans for situations
not covered by existing continuity plans. Guidance on the development of business continuity plans is contained in a separate
document.
 -2-

Defining a Critical Incident

By definition an incident is a situation that causes a deviation from normal activities that requires specific corrective action.

Definition of a Critical Incident

A situation that, threatens, or has impacted on, the safety / security of Federation personnel, assets or operations to the extent
that there is the potential to be a significant disruption or even incapacity to continue to operate.

The term situation is used in the definition so as to be sufficiently broad to encompass, specific situations e.g. death of a
delegate or third party caused by Federation personnel, accidents with serious or multiple injuries, violation of status agreement,
kidnapping; or a major disruptive events such as a building fire or pandemic.

Minor Critical Incident Significant Critical Incident Major Critical Incident

Description Incidents that cause minor Incidents that cause significant Incident that jeopardises Federation’s operations
disruption to the Federation’s disruption to Federation operations or that incapacitates the local office’s ability to
operations e.g. vehicle accident e.g. accidental death of a delegate, function. e.g. serious deterioration in security
without serious injury, theft, accident with serious or multiple situation, multiple loss of life, violation of status
burglary.
1 injuries etc.1 agreement, major equipment loss, office fire,
pandemic etc.1

Management Senior manager2 manages the HoZ or in case of Geneva Department Incident managed through Geneva, field teams
Approach incident, and Geneva SMT advised Head/Director manages incident with provide information and act on direction from the
through incident reporting advice and if required direction critical incident manager, a support team may be
procedures. provided by higher management. deployed in the case of a field incident.

Reporting Normal incident report 3 Immediate verbal report via telephone Immediate verbal report via telephone
Requirements

1
The examples given are not exhaustive, but designed to be indicative.
2
The term Senior Manager is used as a generic term, dependent on the situation in the field this could be a Head of Operations, Country Representative,
Regional Representative, or a FACT/ERU Team Leader; in Geneva it will likely be a Department Head.
3
Security incident reporting procedures are outlined in the Security Section of the Fednet - go on FedNet-secretariat-security and then incident reporting.
NOTIFICATION AND RESPONSE PROTOCOL

The notification and response protocol for significant and major incidents is as follows:

INCIDENT
Key Initial Information
Requirements

 Incident type (e.g. kidnap,

 Critical Incident Manager
death, serious assault, loss
appointed
of assets, pandemic)
Manager Advised  Critical incident
 Context management team
(Country/Unit/Department)
 Exact location established to manage
 Casualties incident / Situation
 Response by Federation, by
Government, Movement
partners  Critical Incident Manager
Senior Manager Advised appointed
 Emergency Response action
(Zone/Director/USG  Critical incident
taken so far
management team
 Assistance required established to manage
 Media interest incident / Situation

Secretary General Advised

/ SMT Consulted

 Critical Incident Manager appointed

 Critical incident management team
established to manage incident /
Situation
 -4-

Once an incident occurs or a developing situation is identified then the first manager to be advised has an obligation to ensure
that a report is made up the chain in order that ultimately senior management either in the field or in Geneva are made aware.
The first line manager involved automatically assumes the role of Initial Incident Manager until relieved by an appointed critical
incident manager. Annex A outlines and role and responsibilities of the Initial Incident Manager.

Upon notification of the incident the Head of Zone or in the case of Geneva the Department Head will assess the situation.
Dependent on this assessment a decision will be made as to whether the incident can be managed at the relevant field level or
department or whether, due to the seriousness, potential strategic implications or requirement for additional resources it should
be managed at a higher level. In which case the appropriate USG or Director is to be informed.

The Director will inform the Secretary General, who in consultation with the Director and if necessary, members of the senior
management team, will direct whether the incident is to be managed at field or department level or whether this is to be
managed by an appointed Critical Incident Manager. Annex B outlines the role and responsibilities of the Critical Incident
Manager.

If during the initial assessment it is assessed that the incident can be managed at field or department level then the relevant
USG/Director is to be informed in order that there is an awareness at a Geneva Senior Management level and so that resources
can be more readily mobilised if the situation should deteriorate.

NOTE: In accordance with the Federation’s incident reporting procedures, in the case of any incidents or situation in which
personnel safety or security are threatened then the Security Unit is to be informed immediately, regardless of any decision to
manage the incident at a lower level.

Critical Incident Manager (CIM)

A CIM may be appointed by, the country manager, department head, appropriate Director/USG or the Secretary General
dependent on the level of the incident. The CIM is responsible for assembling the Critical Incident Management Team (CIMT)
and then managing the response to the situation, and is relieved from the responsibilities of their regular position for the duration
of the response. The CIM will have the delegated functional authorities necessary in order to commit the appropriate personnel,
equipment, finances and other resources to ensure an effective and timely response to the situation, or incidents related to the
 -5-

crisis. This would include access to a pre-authorized PEAR established for emergency situations so that funds could be
accessed immediately if required, as well as the authority to task across divisional lines and to zone offices.

The CIM will report directly to the appointing manager who retains the authority to replace the CIM at any time.

Best practice for crisis management argues that CIM should not be the either the HoZ or Secretary General for three reasons:

 Other organizational issues may arise that require attention and management, outside of the critical incident affecting the
Secretariat. For example, an earthquake or hurricane occurs during the response to a pandemic. The appointment of a CIM
ensures organisation responds to the critical incident, while the rest of the organization responds to the organization’s regular
demands.
 The senior manager provides oversight of the CIM and can replace him or her if required.
 Staff members need to be able to elevate concerns with the CIM to a higher level if they disagree with decisions or actions
being taken.

Critical Incident Management Team

A Critical Incident Management Team (CIMT) is to be established once details of the incident have been confirmed. From the
moment an incident is confirmed, the CIMT takes over all line and operational responsibilities of the incident. The lines of
command should be as short as possible and the authority of the CIMT sufficiently strong to allow immediate urgent decisions,
but equally restrained when it comes to potential liability of the organisation as a whole.

CIMT Composition. Ideally the CIMT should comprise between 4 – 6 persons selected from experienced personnel from
key departments involved. In addition to the appointed CIM this could include:
 In the field, representatives from legal, Information/media, HR Security, Programme Coordinator(of programme
involved), FACT/ERU Team Leader or PNS Head of Mission (if incident involves these entities).
 In Geneva, representatives from HR, Security, Legal, and Media and the technical department involved.
 Others may be seconded for specific planning or executing tasks; however it is vital that the core CIMT does not get
too big such that it becomes ineffective in planning and making decisions.
 -6-

In a complex incident or situation where there are operational issues as well as strategic organisational issues that must be dealt
with there may be a requirement to have an operational CIMT in the field and also a strategic level CIMT based in Geneva. For
example in the case of a pandemic there is likely to be a requirement for response management/coordination at a Zone level
while at that same time there will be a requirement for management/coordination at a global level. Where dual CIMTs are
established, the Strategic level CIM and CIMT retains primacy of control and issues directives/guidance to any operational level
CIM/CIMT.

CRITICAL INCIDENT MANAGEMENT PROCESS

To resolve the incident a five stage process will normally be worked through.

Stage 1 Stage 2 Stage 3 Stage 4 Stage 5

What Analyse Option Analysis Implementation Debrief – Post

has happened? the situation incident
support

Stage 1: Establishing What has Happened

The first action must be to identify whether there is any immediate action required to protect life – if so this must be taken.

Verifiable information must be established outlining the details of the incident. This will be initiated as part of the initial reporting.
Additional information or changes must be advised as they occur and recorded.

An incident log is to be initiated by the Initial Incident Manager immediately after the incident is notified. This is to record the
chronology of events, log phone calls, record notes of all meetings and ensure all documents are recorded and filed.

Stage 2: Analyse the situation / Map the playing field

 -7-

A useful tool to be established and maintained throughout the incident/situation is four ‘white boards’ or flips charts titled:

What do you know? What do you need What has been What do you need
to know? done? to do?

These boards/charts can be updated regularly and provide a ready reference along with the log of the status of the situation and
can be used to brief senior management or external parties as needed.

The primary aim of this stage is to identify the problem and the parameters surrounding the problem:
 RC Movement actors involved (ICRC, NS, PNS) and current status (locations, operational agreements in force)
 External actors involved
 Country context – current situation (disaster, conflict etc), infrastructure (transport, medical, food and water, sanitation),
capability of Government, status and capability of NS in country, status of Federation in country, limitations on ability to
act
 Legal issues
 Medical issues
 Communications issues
 Media issues
 Determine the end-state objective (injured person evacuated, body repatriated, hostage released)

The CIMT must also decide:

 Whether due to risks to personnel, any programme activities should be suspended or whether personnel should be
withdrawn to a more secure location.
 If additional support personnel should be deployed to any field location to assist.
 What information should be circulated internally and externally, and identify any limitations or confidentiality issues.
 If any additional personnel or external specialists should be included in the CIMT.

CIMT members may be assigned specific roles/tasks and responsibilities for managing relations with specific stakeholders.
 -8-

Stage 3: Option Analysis

At the start of this stage two questions must be asked:

 Is this situation covered by existing contingency plans – if so, can they be implemented?
 Is the situation severe enough to warrant the activation of a business continuity plan?
 Does the Federation have the internal expertise to manage the incident – if not, where can this be accessed?

Established contingency plans currently exist for numerous situations such as medivac or emergency relocation. Based on the
initial assessment, if an appropriate contingency plan exists for the situation at hand it should be activated. If initial analysis
determines that the critical incident is severe enough that it may disrupt the Secretariat’s capacity to continue normal business
(e.g. pandemic, natural disaster, major destruction of assets etc) then the CIM should determine if an existing business continuity
plan has been prepared for the situation. If a situation-specific plan does not exist, the CIM can adapt the generic business
continuity plan for the situation.
Initiating a contingency or business continuity plan will normally replace Stage 3 (Option Analysis) and Stage 4
(Implementation) in this process. However, Stage 5 – Debrief / post incident support must still be initiated. at the completion of
the end state objective.

If there are no existing contingency plans or no existing continuity plans that can be adapted, then a response plan must be
developed. This requires the identification and analysis of options to reach the end-state objective. During this stage the
following should be considered:

 Only options and factors that contribute to the identified end-state should be discussed and analysed
 Options should have technical input from all members of the CIMT
 If technical input is required that is not available from CIMT then this must be obtained.
 Options tested against
o Fundamental principles
o Code of conduct
o Limitations imposed by country context
o Resources available to implement
 -9-

 Preferred option is identified and presented to the HoZ, USG/Director or Secretary General as appropriate for executive
decision.
During this stage additional personnel may be utilised to provide specific technical information, or members of the CIMT may
utilise additional personnel from their departments to assist with work involved in option analysis; for example the media advisor
may use members of the media department to assist development of press lines and proposed media releases. However, the
CIM is to adopt a disciplined approach to those that are part of the CIMT so that the team does not expand and develop into a
task force or committee.

When considering options and having identified the preferred option the CIMT must always consider the fluid nature of the
situation and the potential implication this might have – the question ‘What if?’ (something changes or something new happens)
should constantly be tabled.

Stage 4: Implementation

Implementation of the preferred option should be in the form of a plan. This should:

 Clearly define the objective

 Assign roles
 Detail clear coordination aspects – timings, reporting requirements, interaction with other players – ICRC, PNS, NS,
external
 Define clear command and control framework
 Information flow – the CIMT needs to ensure that Federation Media and External Communication Department, ICRC and
NS are kept informed on the need for control over information to the press/media and information sharing with our stake
holders. This might involve information black outs or preparing press lines, media statements and internal information
sharing with NS.

The CIMT’s role is to monitor the implementation and be prepared to adjust things if required.

Management of the situation also requires constant looking to the future, the question must be asked ‘what if’.

Dependent on the incident it is possible that the situation might continue for a sustained period. After the initial intensity things
may slow down but a sustainable management framework must to be implemented that will enable other business to be conduct
unimpeded; e.g. a hostage situation could go on for months or years.
 - 10 -

Stage 5: Follow Up/Debrief

After the incident has been resolved a debriefing process is to be implemented.

In the first instance the incident and situation surrounding the incident is to be fully investigated to determine why it occurred and
whether it could have been prevented. Secondly the debrief is to examine how the incident or situation was managed to
determine what can be learned and whether the manner in which it was managed could be improved; lessons learned are to be
identified and documented.

This process is to work through the incident from start to finish and examine actions taken at each stage.

 Confirm the incident log and sequence of events is accurate

 Were the actions taken appropriate?
 Were existing procedures followed and are these procedures appropriate or do they need changing?
 Lessons should be identified and recorded
 Are there any on going follow up requirements: e.g. counselling, legal, insurance requirements should be actioned.

A post incident report is to be produced and forwarded to senior management.

It is mandatory to ensure support is provided to those directly affected and those closely involved with the situation.

Annexes:

A. Role and Responsibilities Initial Incident Manager

B. Role and Responsibilities Critical Incident Manager
C. Role and Responsibilities HR Advisor
D. Role and Responsibilities Media Advisor
E. Role and Responsibilities Security Advisor
F. Role and Responsibilities Information Manager
G. Role and Responsibilities External Relations Team
H. Planning room operation
I. Incident log template
 - 11 -

ANNEX A
Roles and Responsibilities: Initial Incident Manager

Who: Receiver of the initial report. He/she will act as the Incident Manager in the early period of the incident and
will continue in that role until relieved or handover to another person.
Reports To: Next senior manager until a Critical Incident Manager is appointed or as directed by Senior Management
Authority:  Unless relieved or otherwise directed, the authority to manage the immediate operational impacts and
use all reasonable endeavours to combat the emergency response
Responsibilities:  Manage the overall operational and service response to an incident, bringing together and
coordinating the necessary people and their resources to cover all aspects of the operational and
service response and recovery.
 Ensure the response is managed with the following priorities:
o protection of human life,
o reduction of trauma,
o protection of reputation,
o protection of equipment and other assets.
Initial Actions  Assume overall operational control.
 Determine level of response and whether the incident should be escalated.
 Review and assess the situation:
o establish whether there is a loss of life or injury or a potential threat to anyone
o ensure the safety of personnel
o co-ordinate other support resources
o establish minimum reporting requirements and communication links
 Commence Incident log.
Ongoing  Ensure an Incident log is maintained until relieved
Actions
 - 12 -

ANNEX B

Roles and Responsibilities: Critical Incident Manager

Reports To: Appointing Manager

Authority: Defined in the appointing directive
Responsibilities:  Establish & manage CIMT.
 Identify and approve additional members of the CIMT
 Ensure the formulation of an effective critical incident management plan
 Coordinate with the SMT as required
 Initiate and lead post-incident analysis
 Ensure the response is managed with the following priorities:
o protection of human life,
o reduction of trauma,
o protection of reputation
o protection of equipment and other assets.
Initial Actions  Establish, clarify and assess the details of the situation.
 Notify the appointing mangers of the status and response activities implemented and planned.
 In the event of a fatality or serious injury, consult with the most senior person in-country, to ensure that
the next of kin notification is managed in a timely and proper manner. Ensure that no public
notifications are made until this is properly undertaken.
 Activate the CIMT and any additional support personnel required:
o give brief details of incident, and
o advise location to convene.
 Ensure your staff are briefed on your whereabouts, how to contact you, and on what is critical and
what can be deferred.
 Coordinate the operation of the CIMT
o announce emergency details as known,
o advise on how the CIMT and Support Teams will operate,
o assign initial roles and responsibilities,
o ascertain specialist support requirements and mobilise as required, and
o ensure the Crisis Log and individual Logs are operating
 - 13 -

 Establish clear lines of communication with the Field Critical Incident Management Team (if
established). Ascertain any immediate support requirements, and action.
 Notify Communication Team and advise details as known and agree initial internal and external
communication arrangements:
o who will collect information and draft text,
o what is required and timing for media release and interviews, staff notifications,
authorisation arrangements, and
o who will be external spokesperson(s).
 Ensure any staff welfare issues are being addressed.
 Encourage all Managers to actively contribute and that multiple perspectives are applied to vital
decisions - be alert for assumptions ensure they are surfaced and tested for certainty and importance.
Ongoing  Identify potential problem areas and issues that may arise directly or indirectly as a result of an
Actions ongoing response.
 Manage appropriate contacts and ensure effective communications with:
o Senior Management (as appropriate/directed)
o Media, and HR teams
o ICRC
o National Societies (as appropriate)
o Other key Stakeholders as identified
o Affected families and employees, other employees,
 Continually assess the impact of Federation involvement in the incident and coordinate response
actions to meet any changes in the situation.
 Ensure adequate resources are available and that they are effectively assisting the response.
 Review and initial the incident log on a regular basis.
 Establish CIMT shift arrangements as necessary.
Stand Down  Confer with the Field Critical Incident Management Team (if established) on timing and actions of the
Actions stand down process.
 Ensure full stand down plans and recovery plans are developed, communicated and implemented.
 Ensure all parties (both external and internal) involved in the response are notified and already
understand why the response is being wound down/ceased.
 Finalise, as appropriate, the terms of reference and process for the incident debrief and incident
investigation with involved parties.
 Obtain advice from the Head of Legal on the terms of reference and matters of legal privilege for any
 - 14 -

investigation.
 Ensure Incident Reporting requirements are complied with.
 Ensure the Information Manager collects, records and stores all documents pertinent to the incident.
 Advise the Chief Executive Officer of the stand down.
 Ensure Critical Incident Stress Debrief sessions as required are conducted for the staff involved in the
response.
 Ensure that the SMT and other Stakeholders are aware of the stand down.
 Thank all groups for their support.
Follow Up  Consult with the Senior Management and the areas affected on any issues related to staff welfare,
Actions: morale, or recognition - consider the families of those involved.
 Review and identify issues and impacts arising from the incident.
 Undertake an incident debrief / investigation procedure, and manage the implementation of
recommendations / actions.
 - 15 -

ANNEX C

Roles and Responsibilities: HR Advisor

Reports To: Critical Incident Manager

Authority:  All HR related issues and as instructed by the Critical Incident Manager.
Responsibilities:  Provide relevant advice, support and assistance to the CIMT.
 Coordinate the management of the Human Resource involvement in the incident.
Initial Actions  Ensure your staff are briefed on your whereabouts, how to contact you and on what matters.
 Initially assess and advise the CIMT on the human resource implications of the incident with respect
to:
o HR policy or procedural issues
o fatalities or injuries,
o contact arrangements with affected next of kin,
o need for immediate personnel assistance or trauma counselling,
 Check that any contractual issues related to external personnel called in to provide support/technical
advice to the CIMT are actioned. Consider Confidentiality Agreements for any external(s).
 In the event of a fatality or serious injury, consult with the CIMT, and ensure that the next of kin
notification is managed in a timely and proper manner – if necessary through the appropriate National
Society. No public notifications are to be made until this is properly undertaken.
 Ensure that the Receptionist has been briefed on crisis procedures and where to route calls.
 Maintain your own log of events using the Log Sheets.
Ongoing  Consult with the Critical Incident Manager the most appropriate implementation.
Actions  Provide feedback on the tenor and content of the interaction with the next of kin and relatives to the
CIMT.
 Ensure Federation statements and releases contain correct Human Resources information.
Stand Down  Ensure all contractual issues relating to external personnel are auctioned.
Actions  Advise on terms of reference and provide assistance to debrief investigation process.
 Ensure effective debriefing and trauma counselling services.
 Provide Logs for reference
 - 16 -

Follow Up  Consult with the Head of HR or SMT, and the Critical Incident Manager on any issues related to staff
Actions: welfare, morale, or recognition - consider the families of those involved.
 Participate in any management review, investigation or debriefing required on completion of the
incident.
 - 17 -

ANNEX D
Roles and Responsibilities: Media Advisor

Reports To: Critical Incident Manager

Authority:  All internal and external communication related issues and as instructed by Critical Incident Manager
 Provide relevant advice, support and assistance to the CIMT.
Responsibilities:
Initial Actions Ensure your staff are briefed on your whereabouts, how to contact you and on what matters.
 Initially assess and advise the CIMT on the Media/PR implications of the incident with respect to:
o reputation
o general awareness
o strategy for minimizing damage or taking opportunities
 Ensure that the Receptionist has been briefed on crisis procedures and where to route calls.
 Maintain your own log of events using the Log Sheets.
Ongoing  Consult with the Critical Incident Manager on the most appropriate strategy.
Actions  Provide feedback on Media and PR matters as they occur
 Ensure Federation statements and releases comply with policies and contain correct information
Stand Down  Monitor Media and PR issues post the event
Actions  Participate in debrief and any investigation
 Provide logs for reference
Follow Up  Participate in any management review, investigation or debriefing required on completion of the
Actions: Crisis.
 - 18 -

ANNEX E
Roles and Responsibilities: Security Advisor

Reports To: Critical Incident Manger

Responsibilities:  Provide relevant security advice, support and assistance to the CIMT.
Initial Actions  Provides initial context information and measures in place to deal with identified risks
 Alert CIMT to any additional security and safety risks
Ongoing  Ensure everybody is briefed on your whereabouts, how to contact you and on what matters.
Actions  Advise CIMT on response options and additional security and safety measures
 Identify potential security problem areas and issues that may arise directly or indirectly as a result of
an ongoing response.
 Liaise with ICRC/National Society Units and external security professionals on best practice
 Maintain your own log of events using the Log Sheets.
Stand Down  Advise and support of the incident debrief and incident investigation with involved parties.
Actions  Ensure Incident Reporting requirements are complied with.
 Ensure the Information Manager collects, records and stores all documents pertinent to the incident.
Follow Up  Participate in any management review, investigation or debriefing required on completion of the Crisis.
Actions:
 - 19 -

ANNEX F
Roles and Responsibilities: CIMT Coordinator

Reports To: Critical Incident Manager

Responsibilities:  Establish operation of the CIMT Room.
 Continually update the incident log and status board in the Incident Management Room.
 Provide administration assistance to the CIMT.
 Ensure all relevant personal logs and level of recording is appropriate.
 Ensure collation of information.
Initial Actions  Clarify with Critical Incident Manager:
o how the CIMT Log will be compiled; who will contribute / author / control, and
o need for cross referencing with other documents.
 Ensure that the log is:
o chronological and concise, and
o covers all events; decisions; transfers of information into and out of the Incident
Management Room.
 Assist in the operation of the Master Event board (recording all significant events/developments)
 Assist in the operation of the Secondary board(s) displaying information on:
o Key Contact Numbers - internal and external;
o Fatality / Injury Status;
o Actions Status; and
o Deadlines / Commitments.
 Prior to erasure ensure the record and retention of the full content of all Status boards, including
structures and drawings etc.
Ongoing  At the commencement and end of shift, record:
Actions o your name as Log Keeper, and
o the Incident Manager and other individuals present in the Incident Management Room.
Stand Down  Ensure all Logs are collected, recorded and stores all documents pertinent to the incident.
Actions
 - 20 -

ANNEX G

Incident Log Template

The log should record all activities and actions under taken. The second column should record details of
any updates received or advice on developments with any actions then taken recorded in the third
column. Action may also be initiated as part of normal planning/management of the situation not in
response to a change or update in which case the second column is left blank and the actions taken
simply inserted in the third column.

The Critical Incident Manager should regularly review the log and initial it signifying the logs accuracy.

Date/Time Information Received Response or Initiated Action Responsible Initials