Incident Management - Procedures

Accessibility links

Incident Management - Procedures

Breadcrumbs

Approval authority
Vice-Chancellor and President
Responsible officer
Vice-Chancellor and President
Designated officer
Chief Operating Officer
First approved
21 August 2018
Last amended
22 August 2018
Effective start date
22 August 2018
Review date
21 August 2023
Status
Active
Related documents
Critical Incident Management - Governing Policy
Enterprise Risk Management and Resilience - Governing Policy
Health, Safety and Wellbeing - Governing Policy
ICT Security - Managerial Policy
Risk Management - Procedures
Sexual Harassment Prevention (Students) - Governing Policy
Staff Code of Conduct - Governing Policy
Student Conduct - Governing Policy
Student General Misconduct - Procedures
Related legislation / standards
University of the Sunshine Coast Act 1998
Privacy Act 1988 (Cth)
Education Services for Overseas Students Act 2000
Work Health & Safety Act 2011 (Qld)
Building Fire Safety Regs 2008
National Code of Practice Providers of Education ... Overseas Students
Information Privacy Act 2009 (Qld)
Workers' Compensation and Rehabilitation Act 2003 (Qld)
AS 3745 -2010
Fire & Emergency Services Act 1990
Environmental Protection Act 1994
AS ISO/IEC 27035
Disaster Management Act 2003 (Qld)
Download PDF

Definitions

Please refer to the University’s Glossary of Terms for policies and procedures. Terms and definitions identified below are specific to these procedures and are critical to its effectiveness:

Australasian Inter-Service Incident Management System (AIIMS): a national system used by all emergency agencies and first responders when organising the managing of a disaster or emergency by function.

Business Continuity Plan (BCP): The University’s plan that outlines how critical business operations can be maintained or recovered in a timely fashion.

Campus: means any campus or site owned or operated by USC.

Corrective action or Controls: action taken to improve USC’s systems or processes to address non-conformance and/or eliminate or reduce risk.

Critical Incident: An incident that has a risk rating of extreme or high under the University’s Risk Management Framework with a consequence of at least moderate. It requires a focused and concerted response and ongoing management by the Cost Centre Manager in conjunction with the IRT.

Crisis Management Team: The team that is mobilised to activate and oversee the BCP.

Emergency Planning Committee (EPC): The EPC is established to ensure all applicable legislative requirements are met and sufficient resources (time, finance, equipment and personnel) are provided to enable the development and implementation of emergency (incident) plans in a multi-campus environment. This is a requirement of Australian Standard 3745-2010, Planning for emergencies in facilities. The EPC has broader planning responsibilities under USC’s protection, resilience and sustainability system.

Emergency Control Team: An IRT that is established in the event of an emergency requiring an immediate response is also known as the Emergency Control Team.

First Aid: Initial treatment for an injury which is normally given by a first aid officer.

Hazard: A source or a situation that has the potential to harm a person, the environment, cause damage to property, or a combination of these.

Incident:  An incident is an issue that requires a response. An incident may impact on any area of University activity. An incident that is not considered to be critical has a localised containable impact and is unlikely to escalate in severity but requires response and management as part of ongoing business-as-usual.

Incident Response Team (IRT): A team of specialists that is mobilised to assess and respond to a significant incident that has occurred. An IRT is established with each critical incident, which is defined within the Incident Management - Governing Policy, and its composition will depend on the type of incident requiring action. An IRT that has been established to respond to an emergency is also known as the Emergency Control Team.

Medical treatment: treatment by a registered medical practitioner, paramedic or registered nurse practitioner.

Near miss: an incident that could have resulted in an injury or illness to people, danger to health, and / or damage to property or the environment, but did not.

Notifiable incident: an incident for which USC is legally required to notify State or Commonwealth government or a regulatory body.

Responsible officer/s (includes - Security/Manager/Supervisor/Academic staff member/Head of Work Unit/Executive Member):  a person who has responsibility for others at work / study / research / field trip, volunteer, contractor activities and first aid duties. If there is no identifiable supervisor, (e.g. if the person involved is a member of the public, or a student not engaged in university activities) USC Security should be contacted. If the person involved is a contractor, their supervisor or manger is a person from where they are employed. USC Security is a primary point of contact for first aid in the case of an incident on campus.

Third-Party Providers: Organisations contracted by USC to provide services on its behalf (e.g. Australian Technical and Management College and cloud service providers).

Third-Party Sites: Sites that USC staff or students visit other than USC campuses and Third-Party Providers. This includes sites where staff and students are on work placements or study tours.

University Community: relates to USC students, staff and other stakeholders engaging with the University, including visitors, contractors and volunteers.

1. Purpose of procedures

The purpose of these procedures is to plan for, respond to, manage and escalate a critical incident quickly and effectively, bringing it under control, and limiting the impact to the University Community.

These procedures should be read in conjunction with the Critical Incident Management – Governing Policy and related documents.

2. Scope and application

These procedures are designed for the management of all incidents that have impacted upon or have the potential to impact the University Community, or the University’s services and operations, property and the environment. These incidents include both physical actions or hazards and other forms which may cause major reputational damage or loss of University functions or operations. It applies to all USC campuses.

These procedures also apply to USC staff and/or students who are hosted at sites operated by Third-Party Providers, visiting other Third-Party Sites and on study tours or work placements.

All incidents will require response, notification, management, control, recording and closure as outlined below.

3. Procedures

3.1 Respond
3.1.1 Incident Response

An incident response can occur at any time and may be triggered from an alarm, conversation, email, phone call or a report.

The nature of the incident including the severity/consequence of an incident will determine the response required. Most incidents can and will be managed locally as part of a business-as-usual approach.

All incidents should be responded to with the following actions:

  • ensure you protect your health and safety
  • ensure you protect the health and safety of others, and if safe to do so, take appropriate action to make the area safe or to prevent any further likelihood of injury or illness
  • if required, contact emergency services (000)
  • if required contact USC Security on (+61) 7 5430 1168 or extension 1168
  • if required, and if safe to do so, provide first aid to any other persons affected by or involved in an incident
  • if safe to do so, activate standard operating procedures/processes to protect key assets, data and critical systems
  • incidents of a confidential nature must only be shared/progressed with agreement and with authorised personnel (i.e. for student related incidents, these will be managed by Student Services and Engagement and will be escalated to the Director, Asset Management Services for critical incidents and/or where required)
  • if required, maintain communication with USC Security and/or emergency services
  • if applicable, make notes of the incident such as names, location, time and a brief description of what occurred.

Non-critical incidents are those that are considered minor in nature. If they relate to people, this includes most injuries that require limited first aid treatment and result in less than one week off work or study, lacerations, slips and trips, small or non-hazardous chemical spills that require in-house clean-up and short-term technological systems outages. Minor incidents can also relate to information technology, facilities/access such as a short-term power outage that is rectified quickly, or another incident that is not regarded as being high risk under the University’s Risk Management Framework.

More serious non-critical incidents may be escalated to a critical incident response in accordance with the incident management decision tree process (Appendix 1) and will then require an IRT to be activated in accordance with 3.1.2. Note that the Pro Vice-Chancellor (Students) must be consulted on the management approach for student related incidents.

3.1.2 Critical incidents

Critical incidents are actual or impending incidents that require ongoing management by an IRT. These incidents are typically of an emergency nature.

Examples or critical incidents may include, but are not limited to:

  • a serious injury, illness or death;
  • psychological episode involving students and/or staff;
  • sexual and/or physical assault;
  • kidnapping or hostage situation;
  • major overseas events that may have an impact to the USC Community;
  • missing staff member or student;
  • unplanned technological systems outage impacting critical systems;
  • floods, fire or other extreme weather events;
  • environmental hazard;
  • chemical spill that requires involvement of external parties for clean-up/control, or requires closure of area other than the immediate area;
  • breaches of information security;
  • cyber security attack; and
  • compliance breaches of high risk obligations.

When a critical incident has occurred, the people involved and/or a Responsible Officer/s must respond to the incident as per 3.1.1 and as soon as possible:

  • activate emergency alarm/systems if required
  • notify Security (+61) 7 5430 1168 or extension 1168, and emergency services on (000) if required
  • notify Supervisor and/or Responsible Officer
  • notify Director, AMS and the IRT to facilitate the incident response. The Director, AMS can be contacted on (+61) 7 5456 5778 or extension 5778, or email ams@usc.edu.au. The IRT can be contacted by email IRT@usc.edu.au
  • In the event of a serious or potentially serious safety incident involving members of the USC Community, (see Appendix 2) requiring notification to WHSQ, contact HR immediately on (+61) 7 5430 2830 or by email to hsw@usc.edu.au
  • The Director, AMS, as the IRT Lead, will inform the relevant members of the IRT and Executive staff before convening an IRT. For student related incidents, the Pro Vice-Chancellor (Students) must be consulted on the management response approach.

The first formal meeting of the IRT should be held as soon as possible after the team has been mobilised.

The IRT will consist of nominated members of the University including:

  • Director, AMS (IRT Lead)
  • Director, Human Resources
  • Director, Student Services and Engagement
  • Director, Marketing and External Engagement
  • Coordinator, SafeUSC
  • University Risk Manager

If a critical incident occurs at any campus or USC site other than the Sippy Downs campus, the Campus Manager is to be a member of the IRT.

Subject specialists may be appointed to the IRT depending on the nature of the incident. Should the Director, AMS not be available, any nominated IRT member or appointed subject specialist of the IRT may be appointed as the event IRT Leader.

Specific tasks of the IRT include:

  • evaluating the extent of the risk to University (staff, students, facilities, environment, reputation, etc.)
  • developing strategies to manage the response to an incident with the immediate focus on containing the extent of the damage or incident
  • coordinating resources, including emergency services
  • restoring USC operations
  • liaising internally with Marketing and External Engagement to distribute consistent messages to the USC Community and externally
  • liaising with external agencies/ organisations, including Federal/State/Local Disaster Management Groups
  • providing accurate and timely information to Executive staff if required
  • initiating the Business Continuity Plan if necessary

At certain times it might be appropriate to manage a critical incident under an alternative approach that is not a formal IRT. This may be appropriate in situations where the incident is confidential or sensitive in nature or for incidents where the consequence is moderate and it can be appropriately managed as part of Business as Usual. The Director, AMS will make this decision in consultation with the relevant operational area.

3.2 Notify

3.2.1 Notification requirements

For all incidents, once the initial incident response as per section 3.1 has been is established, appropriate personnel or support services must be notified. Based on the severity of the incident (refer to Risk Management - Procedures) the following notification processes need to be actioned accordingly:

  • Supervisor/s or a Responsible Officer must be notified as soon as possible if they have not yet been, except where there is a valid reason not to, for example, if the Supervisor/s or Responsible Officer is the subject of an allegation, or if they are absent.
  • If required USC Security should be notified by calling (+61) 7 5430 1168 or by using one of the USC Emergency Call Points.
  • Where a staff member requires additional support or assistance, HR should be notified by calling (+61) 7 5430 2820 or by email to hsw@usc.edu.au.
  • Where a student requires additional support or assistance, Student Wellbeing should be notified by email to studentwellbeing@usc.edu.au.
  • Where a contractor is involved in an incident, Security must be contacted on (+61) 7 5430 1168 or email ams@usc.edu.au.
  • USC insurance is to be notified of all incidents by email to insurance@usc.edu.au.
  • for all critical incidents IRT members must be notified (see 3.1.2).

An incident report should be completed as soon as is reasonably practicable or at least within 24 hours. The extent of the University’s insurer’s liability to pay compensation may be limited where an incident notification of injury or illness is not received within 20 business days of becoming aware of the incident.

3.2.2. Incidents impacting USC staff and students located off campus

Students and staff involved in an incident occurring domestically at a Third-Party Provider or a Third-Party Site are to follow the incident management procedures of the organisation as appropriate. In the event of an off-campus incident, an incident report is required to be submitted that is relevant for the organisation where the incident occurred. A USC specific incident report is also required to be completed, or a copy of the Third-Party report provided to USC.

Students and staff involved in an incident occurring domestically while undertaking placements, study tours and University research are to report any incident that has occurred and follow USC specific policies and procedures.

For incidents that occur offshore, students and staff are to follow the travel advice and information provided prior to the commencement of the travel and protocols of that overseas jurisdiction. The University, through the Director, AMS will collaborate with the nearest consular, foreign government agency or host country organisation responsible for the management of such incidents in their area. The Director, AMS will also collaborate with local, state or federal government agencies, including localised Disaster Management Groups, as required, and provide assistance, advice and information to support a coordinated incident management response.

3.3 Manage

When an incident has occurred, the people involved and/or a Responsible Officer/s must, as soon as reasonably practicable, assess, refer or initiate:

  • actions required to protect the health and safety of any persons affected by, involved or potentially involved in the incident
  • actions required to protect key assets, data and critical systems
  • additional actions or controls to be implemented to effectively manage the incident through to resolution and closure (e.g. localised incident management processes)
  • escalation of the incident to a critical response based on the severity/consequence (see Appendix 2)

In the case of a critical incident or a safety related notifiable incident, the area and/or any information should be preserved as much as possible for the purposes of any investigation.

3.3.1 Management of minor or non-critical incidents

Non-critical incidents should be managed within business-as-usual arrangements and/or through local incident management processes. Supervisors should be notified and additional support such as a first aid officer, technical, counselling or maintenance personnel requested as required.

3.3.2 IRT management of critical incidents

The Incident Response Team (IRT) is responsible for the coordinated management of a critical incident and is normally mobilised as soon as possible following a critical incident in accordance with the Critical Incident Management - Governing Policy.

The IRT will assess and respond to the incident accordingly and will co-opt additional members, including subject specialists, as required and depending on the nature of the incident.

The Director, AMS will act as the IRT Lead and convene an IRT for critical incidents. The IRT Lead will manage the incident response and resolution phases by coordinating and drawing upon subject specialists as required. If the Director, AMS is unavailable, another member of the IRT will assume the responsibility of IRT Lead. For student-related incidents, where the Director, Student Services and Engagement is unable to participate in the IRT, the IRT must include an appropriate delegate from Student Services and Engagement.

The IRT may nominate additional IRT members or appoint subject specialists to participate in the IRT and provide information and advice, facilitate resources to assist in the management of the incident, and provide recommendations for appropriate action as required.

IRT subject specialists may provide information and assistance specific to the incident, which may include emergency management, safety, information technology, asset management, campus management, field work, human resources, crisis management, legal and emergency services.

An IRT that has been established to respond to an emergency is also known as the Emergency Control Team.

3.3.3 Student-related incidents

Where a student is involved in a critical incident and an IRT is activated, the Director, Student Services & Engagement, as a member of the IRT, will advise the Pro Vice-Chancellor (Students) of the incident and the proposed response and the Pro Vice-Chancellor Student will be involved in the management of that response. The Director, Student Services / Pro Vice-Chancellor Students will be involved in any decision making around the management of that response through the operation of the IRT.

3.3.5 Activation of the University’s Business Continuity Plan

Some critical incidents will require activation of the University’s Business Continuity Plan (BCP). Activation of the BCP will be required if the incident has impacted critical functions of the University for greater than the maximum tolerable outage time. Activation of the University’s BCP will be determined by the IRT and if the BCP is activated, the IRT will become the Crisis Management Team under the University’s BCP.

3.4 Incident Control

During and following any incident, controls or corrective actions may need to be implemented to help resolve any immediate or residual physical, psychological, financial, environmental, reputational or social risk emanating from the incident.

Where possible, controls or corrective actions should be monitored to ensure they have been implemented correctly and a positive or effective outcome is achieved.

Where a near-miss or hazard is identified, the Responsible Officer/s and/or Supervisor or Cost Centre Manager must, so far as reasonably practicable, consider, implement and record immediate corrective actions to be taken and additional controls required to prevent the possibility of an incident occurring.

3.5 Communication and record keeping

3.5.1 For all incidents

All records relating to incidents must be captured in an approved records management system, in accordance with the University’s Information and Records Management – Procedures.

Hazards or residual risks, such as property or environmental damage that have the potential to cause injury, illness, or to affect core business facilities and services, are to be reported through USC’s maintenance reporting system.

3.5.2 Confidentiality

The University generally will keep information it obtains in the course of risk assessments and management of incidents confidential. Confidential information will be used only for the purpose of risk assessment and the management of incidents.

Subject to limits of confidentiality (as per below), information about individuals will not be disclosed to any other person unless the individual concerned has given consent to its use. Release of information about an individual will normally require a written consent for disclosure, signed by the individual.

Limits of Confidentiality - Confidential information will be disclosed without the consent of the individual when:

  • there exists a clear danger to the individual or to others, and/or
  • there exists a legal requirement to do so
3.5.3 Critical incident communication and record keeping

An IRT debrief is a debrief with IRT members relating to a critical incident that has occurred and how it was managed. An IRT debrief will be conducted within one week after the critical incident response ending and will involve all available IRT members. The debrief will be facilitated by the IRT Lead or delegate.

The debrief is to be undertaken to consider observations, insights, and processes, and to record learnings from the incident in such a way as to focus and understand:

  • what went well (to be reinforced and highlighted)
  • what needs amendment, adjustment
  • where there are gaps
  • what needs to be created or fixed.

A summary of the debrief findings will be shared with all IRT members and reported to the University Risk Manager, the relevant Executive Member, and/or the Audit and Risk Management Committee as required.

3.5.4 Incident investigations

An incident investigation is an investigation into the incident itself. An incident investigation aims to identify causal factors across the entire organisational system (e.g. communication, training, procedures, incompatible goals, equipment, etc.) which contributed to the incident (before, during and after) such as:

  • people – e.g. documents and records, rosters, work history, physical and psychological state, ability, supervision, experience, training, communication, team cohesion
  • equipment – e.g. design, construction, Personal Protective Equipment, testing, inspections, maintenance, modifications
  • materials – e.g. hazardous substances, heavy loads
  • environment– e.g. electricity, weather conditions, wind, noise, dust, pollution, vibration, wildlife, workplace layout and space
  • processes – e.g. usage, content, format, review and monitoring, document control.

Critical incidents will be investigated by the IRT unless it is deemed by the IRT Leader that an alternative approach is more appropriate.

The Director, AMS, in consultation with IRT members and appointed subject specialists, will determine the best approach for undertaking an investigation if required. Incident investigations should commence within 48 hours, or as soon as reasonably practicable, after the incident has occurred.

Non-critical incidents will be investigated in accordance with business as usual processes.

3.5.5 Notifiable incidents

Certain incidents are notifiable under relevant Commonwealth and/or State legislation. Incidents that are notifiable are required to be reported within required timeframes by the relationship manager for that regulator or government agency. For details as to who the relationship manager is, contact Legal Services or the University Risk Manager.

A health and safety incident is notifiable if the incident involves workers or students and results in death, serious injury or illness of a person, or involves a dangerous incident with the potential to cause serious injury or illness.

For more information regarding ‘notifiable incidents’ see Appendix 2.

3.6 Incident closure

A review may be required immediately post-incident to ensure adherence to, and continuous improvement of, these procedures and any local operational process. It may also assist with ensuring all appropriate controls or corrective actions have been considered to prevent a recurrence of the incident.

Once an incident has been responded to in accordance with these procedures, the incident can be closed. An appropriate response may include any of the following actions:

  • notification/escalation depending on the risk severity or consequence;
  • initiation or implementation of all control and corrective actions, so far as reasonable practicable; and
  • recording of the incident in line with USC requirements
  • Post implementation, the effectiveness of controls should be monitored by the Responsible Officer/s or Cost Centre Manager, to ensure they achieve the desired outcome and do not introduce additional hazards

4. Responsibilities

Activity University Officer/Committee
Responsible and accountable to the USC Council for Incident Management. Vice-Chancellor and President
Provide the Audit and Risk Management Committee with summary information concerning any critical incidents. Chief Operating Officer  
Develop, implement, resource and maintain the protection, resilience, and sustainability system, including emergency plan, incident response procedures, and the readiness, training and awareness sessions for all persons responding to incidents and emergencies. Chief Operating Officer  
Trained in incident management procedures and prepared to convene an Incident Response Team to evaluate and manage incidents across campuses. Key Management Personnel. Key Management Personnel are required to nominate an appropriate delegate who will be trained to manage an IRT in their absence.
Advise staff within their area of responsibility of this policy and its associated procedures on a regular basis. Cost Centre Managers  
Responsible for the administration of the University Critical Incident Management – Governing Policy. Chief Operating Officer  
Responsible for assessing incidents that are escalated and advising on the notification requirements. University Risk Management Committee and/or Regulatory Relationship Manager
Act as Incident Controller for a significant incident or for Local/District Disaster Management responses. Director, Asset Management Services or Coordinator Safe USC.
Develop and maintain close liaison with relevant Intelligence and Government Agencies, Queensland Police Services, other Emergency Response Services and Disaster Management Groups to ensure an effective notification, alert, support and response to potential or actual USC incidents. Regulatory relationship management with USC’s regulators (including but not limited to the Office of the Information Commissioner, WorkSafe and the Tertiary Education Quality Standards Agency) remain the responsibility of the designated USC staff member within each relevant area. Coordinator SafeUSC or delegate
Ensure students receive information about this policy and its associated procedures as part of their induction or orientation to the University. Director, Student Services and Engagement  
Ensure staff receive information about this policy and its associated procedures as part of their induction or orientation to the University. Director, Human Resources
Notified of all student related incidents, informed about all significant student-related incidents, consulted prior to IRT and involved in the management of all critical student related incidents. Pro Vice-Chancellor Students
Ensure staff and students on field trips or study tours are prepared for any incident in terms of orientation, induction, in-country briefings, incident responses, host nation contacts and third-party emergency contact in country of activity. Executive Deans of Faculties

Appendix 1 – Escalation Pathway for incidents

Appendix 2 – Health and Safety ‘Notifiable Incident’

Preserve the site of the notifiable incident.

The site surrounding a notifiable/serious incident (as described below) must not be disturbed until the Health, Safety and Wellbeing team or a Workplace Health and Safety Queensland inspector has authorised the disturbance.

All such notifiable incidents must be reported immediately to the USC Health, Safety and Wellbeing team.

Preserving the area and/or information associated with an incident will assist with identifying possible root causes and the implementation of appropriate controls to eliminate or reduce the likelihood of reoccurrence.

What is a ‘Notifiable Incident’

All notifiable incidents are to be reported to the Workplace Health and Safety, Electrical Safety Office – Workers’ Compensation Regulator via the online incident notification form or by calling 1300 362 128.

In line with the Work Health and Safety Act 2011 section 35-37, a notifiable incident means:

  • the death of a person, or
  • a serious injury or illness of a person, or
  • a dangerous incident.

Serious injury or illness of a person means an injury or illness requiring the person to have:

  • immediate treatment as an inpatient in hospital
  • immediate treatment for:
  • amputation
  • a serious head injury
  • eye injury or burn
  • the separation of his or her skin from the underlying tissue (eg, degloving or scalping)
  • a spinal injury
  • the loss of a bodily function
  • serious lacerations
  • medical treatment within 48 hours of exposure to a substance
  • a prescribed serious illness (Work Health and Safety Regulation 2011 section 699) including:
  • any infection to which the carrying out of work is a significant contributing factor, including any infection that is reliably attributable to carrying out work:
  • with microorganisms; or
  • that involves providing treatment or care to a person; or
  • that involves contact with human blood or body substances; or
  • that involves handling or contact with animals, animal hides, skins, wool or hair, animal carcasses or animal waste products.
  • occupational zoonoses contracted in the course of work involving handling or contact with animals, animal hides, skins, wool or hair, animal carcasses or animal waste products such as:
  • Q fever, Anthrax, Leptospirosis, Brucellosis, Hendra Virus, Avian Influenza, Psittacosis

A dangerous incident means an incident in relation to a workplace that exposes a worker or any other person to serious risk to a person’s health or safety emanating from immediate or imminent exposure to:

  • an uncontrolled escape, spillage or leakage of a substance
  • an uncontrolled implosion, explosion or fire
  • an uncontrolled escape of a pressurised substance
  • electric shock
  • a fall or release from a height of any plant, substance or thing
  • the collapse, overturning, failure or malfunction of, or damage to, any plant that is required to be authorised for use under a regulation
  • the collapse or partial collapse of a structure
  • the collapse or failure of an excavation or any shoring supporting an excavation
  • the inrush of water, mud or gas in workings, in an underground excavation or tunnel
  • the interruption of the main system of ventilation in an underground excavation or tunnel
  • any other event prescribed under a regulation.

END

Back to top

Pro tip: To search, just start typing - at any time, on any page.

Searching {{ model.SearchType }} for returned more than {{ model.MaxResults }} results.
The top {{ model.MaxResults }} of {{ model.TotalItems }} are shown below.

Searching {{ model.SearchType }} for returned {{ model.TotalItems }} results.

Searching {{ model.SearchType }} for returned no results.