GREEN - LOW (LOW RISK of terrorist attack)
 Recommended Protective Measures:

• Disseminate the GREEN advisory and share pertinent information related to the Threat Condition with tribal, county or municipal departments / agencies, emergency operations, fire districts, and government officials identified on the Warning / Alerting Notification List (Appendix A).   

• Identify critical facilities that may need protection.  Budget for physical security measures.  

• Develop, review and/or update Emergency Response plans.  Conduct training, seminars, workshops and exercises using the emergency response plans. 

• Develop or review, coordinate and exercise Mutual Aid agreements with other jurisdictions for use during emergencies.  

• Be alert to suspicious activities and / or individuals and report it to proper authorities or law enforcement agencies.  Be suspicious of person(s) taking photographs of critical facilities, asking detailed questions about physical security or are dressed inappropriately for weather conditions.  

• Routine operations without security stipulations are allowable.  Possible security recommendations or considerations include:

• Reviewing physical security precautions to prevent theft, unauthorized entry or destruction of property.

• Providing access control and locking of high security areas.

• Marking all security keys with “Do Not Duplicate.”

• Continue to include safety and common sense practices in daily routines.  Conduct emergency preparedness training for citizens and employees. Provide emergency preparedness information to employees via paycheck inserts, tips, newsletters, articles and posters.  Obtain copy of Terrorism: Preparing for the Unexpected brochure from your local Red Cross chapter.  Obtain a copy of the United for a Stronger America:  Citizens’ Preparedness Guide from the National Crime Prevention Council (http://www.weprevent.org).

• Provide training on homeland security advisory system and physical security precautions.

• Review staffing of emergency management and response functions.  Recruit and train volunteers to augment full time staff, as appropriate.  Contact Citizen Corps for potential volunteers http://www.citizencorps.gov/.

• Encourage employees to take Emergency Management, Red Cross first aid and Cardio-Pulmonary Resuscitation (CPR)/Automated External Defibrillator (AED) training.

• Conduct routine inventories of emergency supplies and medical aid kits.  Update and restock as required.

• Encourage programs for employee immunizations and preventative health care.

BLUE – GUARDED (GENERAL RISK of a terrorist attack)
Recommended Protective Measures:

• Disseminate the BLUE advisory and share pertinent information related to the Threat Condition with tribal, county or municipal departments/agencies, emergency operations, fire districts, and government officials identified on the Warning/Alerting Notification List (Appendix A).

• Continue all measures listed in Threat Condition GREEN Advisory. 

• Review all applicable emergency plans. (Emergency Operations Plan, Standard Operating Procedures (SOP)/Standard Operating Guides (SOG), personnel staffing schedules, internal security plans, Mutual Aid Agreements, etc., as applicable)  Each department should be familiar with their assigned responsibilities according to the plan.  Conduct tabletop and functional exercises as necessary, to increase familiarity with emergency plans and Mutual Aid agreements.

• Review and update public and private critical infrastructure target listings.  Estimate the threat vulnerability of each critical facility and the countermeasures required to protect them.

• Check all equipment for operational readiness, fill fuel tanks, check specialized response equipment. (HAZMAT, TRS, SWAT, bomb squad, command post, generators, etc.), as appropriate.

• Brief Public Information Officer (PIO) on appropriate response measures, protective actions, and self help options appropriate to the threat level.  Activate the jurisdiction’s Emergency Public Information System, as appropriate.  Coordinate information releases with other government entities, if possible.

• Assess mail handling procedures against intelligence in relation to the current Threat Condition.  Advise personnel who handle mail, courier, and package delivery to remain vigilant and report any concerns or suspicious items. Consider off-site mail / package processing and sorting facility to reduce the threat to government employees, if situation dictates.

• Actively support the Neighborhood Watch, Community Emergency Response Team (“CERT”), Community Policing (“COP”) and Amateur Radio Emergency Service (“ARES”) (http://www.ares.org/) programs.

• Evaluate information available on public websites that could compromise security.

YELLOW – ELEVATED (SIGNIFICANT RISK of terrorist attack)

Recommended Protective Measures:

• Disseminate the YELLOW advisory and share pertinent information related to the Threat Condition with tribal, county or municipal departments/agencies, emergency operations, fire districts, and government officials identified on the Warning/Alerting Notification List (Appendix A).

• Continue all measures listed in the Threat Condition GREEN and BLUE Advisories.

• Implement critical infrastructure facility security plans as appropriate. Assess potential terrorist targets and develop additional plans, if necessary, to counteract an attack.  Conduct additional vulnerability assessments of each critical facility and government building, as necessary.  Assess the consequence of loss and assign a priority for their protection.  Meet with appropriate representatives of critical infrastructure facilities to review contingency and evacuation plans and brief employees, as appropriate. Possible security recommendations or considerations include:

  • Increasing spot checks of specific high-risk targets/facilities.  At the beginning and end of each work shift, as well as at other regular and frequent intervals inspect the interior and exterior of buildings in regular use for suspicious or unattended packages.

  • Not leaving emergency response vehicles unattended.  If it is necessary to leave the vehicle, lock it and check the vehicle and its chassis underside before opening the door and starting the engine.

  •  Checking all deliveries to facilities.

• Check recall roster and recall processes for accuracy.  Consider alternative work schedules of operational and staff personnel if the situation escalates.  Include plans to maximize staffing and response capabilities with defined work/rest cycles.

• Consider plans and contingencies to assist public safety employees’ family members regarding safeguard issues if the situation escalates and personnel are recalled leaving their family alone for extended periods of time.

• Identify any planned community events where a large attendance is anticipated.  Consult with event organizers regarding contingency plans, security awareness, and site accessibility and control.  Consider recommendations to cancel the event if warranted by the current situation.

• Increase the frequency of backups for critical information systems and review availability of technical support.  i.e.: systems programmers, technical personnel, redundancy of equipment, off-site storage of critical data, stockpile of critical spare parts, off-site data recovery site, etc.

• Keep the public informed on current threat conditions and advisories.

ORANGE – HIGH (HIGH RISK of terrorist attack)

Recommended Protective Measures:

• Disseminate the ORANGE advisory and share pertinent information related to the Threat Condition with tribal, county or municipal departments/agencies, emergency operations, fire districts, and government officials identified on the Warning/Alerting Notification List (Appendix A).

• Continue all measures listed in the Threat Condition GREEN, BLUE and YELLOW Advisories.

• Activate the jurisdiction’s Emergency Operations Center (EOC) for an initial situation briefing of EOC staff and government officials.  Following the initial briefing maintain staffing, as warranted and appropriate. 

• Place all emergency management and specialized response teams on full alert status, as appropriate.

• Review critical infrastructure and facility security plans and adjust accordingly.   Possible security recommendations or considerations include:

  • Limiting access points to critical infrastructure facilities to the absolute minimum, and strictly enforce entry control procedures. Locking all exterior doors except the main facility entrance(s).  Identifying and protecting all designated vulnerable points. 

  • Searching all suitcases, briefcases, packages, etc brought into a critical facility.

  • Checking all visitors’ purpose, intent and identification.  Ensuring that contractors have valid work orders outlining tasks to be performed within the secured facility.  Requiring a visitor’s sign-in log with information from their identification.  Escorting visitors when they are in the facility, until they leave.  Checking where the visitors were or worked to assure nothing is amiss or left behind.

  • Keeping critical response vehicles in a secure area or in an indoor facility.  Keeping garage doors closed except for bona fide needs.

  • Enforcing parking of vehicles away from sensitive buildings.  Erecting barriers and obstacles to control the flow of traffic, as appropriate.  Visually inspecting the interior and undercarriage of vehicles entering parking lots and terraces.

  • Increasing defensive perimeters around key structures and events.  Increasing security patrols around critical infrastructure facilities.  Contacting allied government agencies within the jurisdiction and advise them of the need for increased security and awareness.

  • Coordinating closing public roads and facilities that might make critical facilities more vulnerable to attack.

• Determine if personal protective equipment (PPE) and specialized response equipment has been checked, issued, and readily available for deployment, if applicable.

• Suspend public tours of critical infrastructure facilities.  Limit access to computer facilities.

• Increase monitoring of computer and network intrusion detection systems and security monitoring systems.  Determine if sufficient technical resources are available to respond to and mitigate a cyber attack.

RED – SEVERE (SEVERE RISK of terrorist attack)

Recommended Protective Measures:

• Disseminate the RED advisory and share pertinent information related to the Threat Condition with tribal, county or municipal departments/agencies, emergency operations, fire districts, and government officials identified on the Warning/Alerting Notification List (Appendix A).

• Continue all measures listed in the Threat Condition GREEN, BLUE, YELLOW and ORANGE Advisories.

• In the absence of a state “Declaration of Disaster,” consider a local declaration to authorize activation of the local emergency management system.

• Staff Emergency Operations Center (EOC) or Command Post on a 24-hour basis.  Provide security for this facility.

• Review critical infrastructure and facility security plans and adjust accordingly.   Possible security recommendations or considerations include:

  • Making a positive identification of all vehicles located or operating within operational or mission support areas.

  • Making frequent checks of the exterior of critical facilities and begin spot checking of lower risk targets.  Consider placing a security watch at all critical facilities 24-hours a day until the threat level has diminished.

  • Deliveries to critical facilities should not be accepted unless approved by supervisory staff.  All deliveries should not be opened inside of the critical facility, and minimal personnel should be in the immediate area when the package is opened.  

• Consider releasing non-critical function personnel.

• EOC has 24-hour access to the jurisdiction’s Principal Executive Officer (e.g. County Executive, Mayor, City Manager) or their designated alternate.

• Brief all EOC, government and first response personnel on critical facility evacuation routes and contingency communications plans.  Provide direction regarding what equipment and supplies should be taken in the event of an evacuation. 

• Conduct welfare checks of government personnel and facilities throughout the day and night.

• Activate, or place on high alert specialized response teams/personnel: i.e.: HAZMAT, TRS, EMS, SWAT, Crisis Counseling, etc.

• Be prepared to control access routes serving critical infrastructure facilities and evacuation routes.

• Maintain communications with, and provide security for hospitals and critical medical facilities, if appropriate.

• Stress the possibility of a secondary attack against first responders.

• Assemble trained volunteers including:  Community Emergency Response Teams (“CERT”), Community Policing (“COP”) Teams, Amateur Radio Emergency Services (“ARES”) teams.

• Implement Mutual Aid agreements, as required.

• Provide security for personnel dispatched to repair or restore damaged facilities and systems.