Federal Continuity Directive 1: Federal Executive Branch National Continuity Program and RequirementsPurpose: Presidential Policy Directive 40 (PPD-40), National Continuity Policy, directs the Secretary of Homeland Security through the Administrator of the Federal Emergency Management Agency (FEMA) to coordinate the implementation, execution, and assessment of continuity activities among executive departments and agencies (D/As). Specifically, the Administrator of FEMA is directed to develop and promulgate Federal Continuity Directives to establish continuity program and planning requirements for executive departments and agencies. This Federal Continuity Directive 1 (FCD-1) implements this requirement by establishing the framework, requirements, and processes to support the development of D/As' continuity programs and by specifying and defining elements of a continuity plan. These required elements include delineation of essential functions; succession to office and delegations of authority; safekeeping of and access to essential records; continuity locations; continuity communications; human resources planning; devolution of essential functions; reconstitution; and program validation through testing, training, and exercises (TT&E).Scope: In accordance with PPD-40, the provisions of this FCD apply to the D/As enumerated in 5 United States Code (U.S.C.) § 101, including the U.S. Department of Homeland Security (DHS), independent establishments as defined by 5 U.S.C. § 104(1), government corporations as defined by 5 U.S.C. § 103(1), and the United States Postal Service. The D/As, commissions, bureaus, boards, and independent organizations are hereinafter referred to as “Organizations” to better reflect the diverse organizational structures within the Executive Branch. The provisions of this FCD are applicable at all levels of Executive Branch organizations regardless of their location, including regional and field locations. Headquarters (HQ) elements are responsible for providing oversight and promulgating this directive to their subcomponent and field organizations. In this FCD, the term "headquarters" refers to the central, head offices of operations for organizations identified in PPD-40, Annex A, Categories of Departments and Agencies. The terms “component” or “subcomponent” refer to all organizational elements, whether at headquarters or a regional or field office.Federal Emergency Management AgencyFEMA_f3aea7da-0276-40be-8963-931fdd9d37afW. Craig FugateAdministrator, FEMADepartment of Homeland SecurityFederal AgenciesContinuity CoordinatorThe senior D/A official responsible for coordinating with the Organization Head and national continuity leadership to ensure the organization maintains a viable and effective continuity capability. The Continuity Coordinator represents the D/A on the Continuity Advisory Group (CAG) and works with other D/A heads to complete the Mission Essential Function (MEF) and Primary Mission Essential Function (PMEF) identification process, and advocates for the continuity program within the organization. The Continuity Coordinator is also responsible for validating Readiness Reporting System (RRS) reports on behalf of the organization to FEMA.Continuity ManagerContinuity Program Manager: On behalf of the Continuity Coordinator, Continuity Managers oversee day-to-day continuity programs and represent their D/As at inter-agency forums and working groups including the Interagency Continuity Working Group (ICWG) as appropriate. The Continuity Manager serves as the primary point of contact (POC) with the FEMA National Continuity Programs Directorate (NCP) for D/A continuity program matters, including preparedness and operational activities. The Continuity Manager administers support to components to ensure that D/A leadership and continuity personnel are properly trained and facilities properly equipped to execute continuity plans with little or no notice. Continuity Advisory Group(CAG): FEMA NCP representatives chair this interagency forum focused on the implementation of continuity policy and programs. As the CAG Chair, and a member of the Domestic Resilience Group (DRG), FEMA will introduce continuity policy concerns identified by the CAG to the DRG for consideration and resolution as appropriate. The CAG is comprised of Continuity Coordinators, or their designees, from Category I, II, III, and IV organizations. State, local, tribal, and territorial (SLTT) government representatives from the National Capital Region (NCR) and representatives from the legislative and judicial branches may also participate, as appropriate. Interagency Continuity Working Group(ICWG): FEMA NCP chairs this forum comprised of Federal Continuity Managers and continuity planners. The ICWG meets regularly to provide a forum for Continuity Program Managers to coordinate a collaborative strategy for the implementation of the National Continuity Policy and Federal Continuity Directives. The ICWG promotes improved federal continuity standards, practices, and procedures, and is specifically intended to enhance continuity planning, training, and exercises; emergency management; and resiliency capabilities for executive branch organizations. Small Agency Council Continuity of Operations Committee(SAC COOPC): A forum for the implementation of continuity policy and development and integration of continuity programs among Category IV organizations. FEMA assists the SAC COOPC on continuity preparedness matters as requested by the SAC COOPC Chair. Continuous performance of National Essential Functions (NEFs) under all conditions._05cd4dc6-ef13-11e7-bf36-f860c2516356To establish the framework for implementation, execution, and assessment of continuity activities among executive departments and agencies_05cd5096-ef13-11e7-bf36-f860c2516356National Essential FunctionsMaintain a comprehensive and effective continuity capability for NEFs._05cd51fe-ef13-11e7-bf36-f860c25163561Policy: As established in PPD-40, "it is the policy of the United States to maintain a comprehensive and effective continuity capability through Continuity of Operations (COOP), Continuity of Government (COG), and Enduring Constitutional Government (ECG) programs, ensuring the resilience and preservation of government structure under the United States Constitution and the continuous performance of National Essential Functions (NEFs) under all conditions." National continuity programs are based on the continuous performance of NEFs through the sustainment of essential functions performed by D/As. NEFs are the focal point of all continuity programs and capabilities and represent the overarching responsibilities of the Federal Government to lead and sustain the Nation before, during, and in the aftermath of a catastrophic emergency. The NEFs are:GovernanceEnsure the continued functioning of our form of government under the United States Constitution, including the functioning of three separate branches of government_05cd52f8-ef13-11e7-bf36-f860c25163561.1Trust & ConfidenceProvide leadership visible to the Nation and the world and maintaining the trust and confidence of the American people_05cd53f2-ef13-11e7-bf36-f860c25163561.2DefenseDefend the United States against all enemies, foreign and domestic, and preventing or interdicting attacks against the United States or its people, property, or interests_05cd54ec-ef13-11e7-bf36-f860c25163561.3Foreign RelationsMaintain and foster effective relationships with foreign nations_05cd55e6-ef13-11e7-bf36-f860c25163561.4Justice & Homeland SecurityProtect against threats to the homeland and bringing to justice perpetrators of crimes or attacks against the United States or its people, property, or interests_05cd588e-ef13-11e7-bf36-f860c25163561.5Response & RecoveryProvide rapid and effective response to and recovery from the domestic consequences of an attack or other incident_05cd59a6-ef13-11e7-bf36-f860c25163561.6Economy & FinanceProtect and stabilize the Nation's economy and ensuring public confidence in its financial systems_05cd5aa0-ef13-11e7-bf36-f860c25163561.7Health, Safety & WelfareProvide for Federal Government services that address the national health, safety, and welfare needs of the United States_05cd5bb8-ef13-11e7-bf36-f860c25163561.8Continuity Capability ElementsSet forth the elements that are fundamental to a successful continuity program._05cd5cbc-ef13-11e7-bf36-f860c25163562Continuity ManagersContinuity PlannersChief Information OfficersChief Human Capital OfficersGeneral CounselsChief Financial OfficersPPD-40 outlines the overarching continuity requirements for organizations. The consideration, preparation, and execution of the continuity elements listed in this section are fundamental to a successful continuity program. Continuity Managers and continuity planners must coordinate with the offices of Chief Information Officers, Chief Human Capital Officers, General Counsels, Chief Financial Officers, and others to provide specialized subject-matter expertise to enhance the organization's continuity program planning and implementation. Annual requirements of this FCD are defined as those scheduled to occur during the federal fiscal year, October 1 through September 30. Required continuity elements are as follows:Program Management, Plans & ProceduresEstablish of continuity program planning objectives and procedural requirements._05cd5dac-ef13-11e7-bf36-f860c25163562.1Establishment of continuity program planning objectives and procedural requirements are critical to sustainment of essential functions during a continuity activation. Alignment of resources to continuity plans and procedures is critical to ensure execution and to sustain essential functions through all phases of activation. The application of risk management principles can preserve resources by assessing the probability of occurrence for catastrophic emergencies and related consequences. See Annex A - Program Management, Plans and Procedures for specific requirements.Essential FunctionsIdentify MEFs and PMEFs and establish programs to ensure continuity of those functions throughout, or to resume them rapidly, during a disruption to normal operations. _05cd5ec4-ef13-11e7-bf36-f860c25163562.2Sustainment of the NEFs in an all-hazards environment requires federal organizations to identify MEFs and PMEFs, and to establish programs to ensure continuity of those functions throughout, or to resume them rapidly, during a disruption to normal operations. The identification and prioritization of essential functions is the foundation of continuity planning, and establishes the parameters that drive an organization’s continuity planning and preparedness efforts. When MEFs are performed outside the National Capital Region (NCR), organizations must implement procedures for assessing and reporting the ability to sustain essential functions when regional and field offices are affected by catastrophic emergencies that occur in their areas. See Annex B - Essential Functions for specific requirements.Orders of SuccessionEnsure that key personnel have been identified to assume leadership positions in the event that regularly appointed personnel are unavailable._05cd5fc8-ef13-11e7-bf36-f860c25163562.3Orders of succession ensure that an organization has identified key personnel to assume leadership positions in the event that regularly appointed personnel are unavailable. Those identified in the orders of succession must be trained annually on responsibilities and shall participate in TT&E events. See Annex C - Orders of Succession for specific requirements.Delegations of AuthorityClearly establish delegations of authority to ensure that continuity personnel have the appropriate legal authority to make key decisions and take action during catastrophic emergencies._05cd60e0-ef13-11e7-bf36-f860c25163562.4Clearly established delegations of authority are essential to ensure that continuity personnel have the appropriate legal authority to make key decisions and take action during catastrophic emergencies. Delegations of authority are activated when normal operational conditions are disrupted, and are deactivated once the organization determines that the disruption has ended and normal operations can be resumed. Organizations establish delegations of authority in advance to ensure the orderly transition of leadership responsibilities during a continuity activation. See Annex D - Delegations of Authority for specific requirementsCommunications & Information SystemsEnsure the availability, diversity, and redundancy of communications and information systems to sustain essential functions performed at primary and alternate locations._05cd620c-ef13-11e7-bf36-f860c25163562.5Availability, diversity, and redundancy of critical communications and information systems are critical to sustain essential functions performed at primary and alternate locations including devolution locations as well as telework or mobile work environments. Communications and information systems provide the connectivity between and among key government leadership, internal elements, other organizations, and the public to perform essential functions. Telework and mobile work environments require use of portable telecommunications technology such as laptop computers, mobile telephones, and satellite communications equipment. See Annex E - Communications and Information Systems for specific requirements. Essential Records ManagementIdentify, protect, and ensure accessibility of electronic and hardcopy essential records at primary, alternate, and devolution locations._05cd632e-ef13-11e7-bf36-f860c25163562.6Viable continuity programs include comprehensive processes for identification, protection, and accessibility of electronic and hardcopy essential records at primary, alternate, and devolution locations. Essential records may include documents, references, personnel records, and information systems. Redundant data management software applications and equipment should be standardized throughout the organization, and must provide the appropriate level of access and cybersecurity to protect classified, sensitive, and personally identifiable information. Official access rosters must be carefully managed and maintained, and primary and alternate essential records management personnel must be identified to ensure access to essential information at all locations, under all conditions. See Annex F - Essential Records Management for specific requirements.Alternate LocationsIdentify alternate locations are where essential functions can be continued or resumed, or where organizational command and control may occur during a continuity event._05cd6450-ef13-11e7-bf36-f860c25163562.7Alternate locations are where essential functions are continued or resumed, or where organizational command and control may occur during a continuity event. An alternate location should be chosen based on risks identified during the Business Impact Analysis process and should be located with sufficient geographical distance from the organization’s primary facility. Alternate locations may be intended to support deployed Emergency Relocation Group (ERG) members who perform continuity operations, or may only support deployment of the Organization Head (or successor) and a small continuity team. A devolution site is located outside the primary region, and is capable of assuming the statutory and legal authority and responsibilities of the primary operating staff and facilities to sustain essential functions when necessary. Telework, mobile work, and work performed from directed work locations may be leveraged to support continuity operations. Mobile work refers to tasks performed while employees travel from one work location to another. Directed work locations refer to occasions when employees are directed to perform assigned duties at locations other than at designated work locations, which may include private residence, satellite offices, and alternate locations. Telework is a program that can provide critical support to the sustainment of essential functions. Employees who participate in an approved telework program may be incorporated into the organization’s continuity plan and may be leveraged during catastrophic emergencies. See Annex G – Alternate Locations for specific requirements.Human ResourcesIdentify continuity personnel capable of relocating to alternate locations or assuming devolved functions._05cd6586-ef13-11e7-bf36-f860c25163562.8Organizations must identify continuity personnel, consisting of leadership, staff, and functional support elements capable of relocating to alternate locations or assuming devolved functions. During continuity activation, organizations will mobilize designated personnel as needed to sustain essential functions in accordance with approved continuity plans and procedures. Viable continuity programs include procedures to sustain administrative services, personnel accountability, and support services to employees not identified as continuity personnel, and are likely to be affected by a catastrophic emergency. See Annex H – Human Resources for specific requirements.DevolutionEstablish procedures to transfer statutory authority and responsibilities from an organization's primary operating staff and facilities to another designated staff and one or more facilities for the purpose of sustaining essential functions._05cd6748-ef13-11e7-bf36-f860c25163562.9Devolution is a component of continuity planning that establishes procedures to transfer statutory authority and responsibilities from an organization’s primary operating staff and facilities to another designated staff and one or more facilities for the purpose of sustaining essential functions. Devolution may be temporary, or may endure for an extended period. A devolution plan is activated upon the threat of, or in response to a catastrophic emergency that either renders the organization’s primary leadership and operating staff unavailable, or leaves them incapable of sustaining essential functions from primary facilities. See Annex I – Devolution for specific requirements.ReconstitutionConduct processes by which surviving and/or replacement personnel resume normal operations._05cd6874-ef13-11e7-bf36-f860c25163562.10Reconstitution is the final phase of a continuity event, and is the process by which surviving and/or replacement personnel resume normal operations and may occur at any designated location that provides the staff, facilities, and systems necessary to sustain essential functions. See Annex J - Reconstitution for specific requirements.Test, Training & ExercisesValidate continuity plans, policies, procedures, systems, and alternate locations._05cd69c8-ef13-11e7-bf36-f860c25163562.11Test, training, and exercise (TT&E) events assess and validate continuity plans, policies, procedures, systems, and alternate locations. Initial and recurring training programs inform and familiarize leaders and staff with continuity plans and procedures. Exercise programs consisting of both planned and short/no-notice events improve an organization’s preparedness posture, and emphasize the value of integrating continuity functions into daily operations. The corrective actions identified during individual exercises are tracked to completion, ensuring that exercises yield tangible preparedness improvements. An effective corrective action program develops improvement plans that are dynamic documents, which are continually monitored and implemented as part of the larger system of improving preparedness. All organizations must incorporate a TT&E strategy into continuity programs. See Annex K - Test, Training, and Exercises for specific requirements.Readiness Reporting SystemTrack federal continuity capabilities._05cd6afe-ef13-11e7-bf36-f860c25163563The Readiness Reporting System (RRS) is an automated system FEMA maintains to track federal continuity capabilities at all times under all conditions. RRS provides a method for Executive Branch organizations to report their capacity to perform MEFs and PMEFs. FEMA provides information obtained from RRS to inform the National Continuity Coordinator on comprehensive Executive Branch continuity capability. Organizations are required to submit Continuity Status Reports (CSRs) and performance data via the RRS each month, during continuity events, or as otherwise directed. Continuity Managers coordinate RRS system access requirements and operator training with FEMA NCP. See Annex L - Operational Phases and Implementation for RRS reporting requirements during various phases of continuity operations.CapacitiesReport capacities to perform MEFs and PMEFs._05cd6d4c-ef13-11e7-bf36-f860c25163563.1CapabilitiesInform the National Continuity Coordinator on comprehensive Executive Branch continuity capability._05cd6eb4-ef13-11e7-bf36-f860c25163563.2Status Reports & Performance DataSubmit Continuity Status Reports (CSRs) and performance data via the RRS each month, during continuity events, or as otherwise directed._05cd7008-ef13-11e7-bf36-f860c25163563.3Access & TrainingCoordinate RRS system access requirements and operator training with FEMA NCP._05cd7148-ef13-11e7-bf36-f860c25163563.4Continuity ManagersRSS OperatorsFEMA NCPContinuity Operational Phases & ImplementationUse the four phases of continuity operations._05cd7300-ef13-11e7-bf36-f860c25163564There are four phases of continuity operations: readiness and preparedness, activation, continuity operations, and reconstitution. These four phases should be used to build continuity processes and procedures, establish goals and objectives, and support the performance of organizational PMEFs/MEFs during a catastrophic emergency. See Annex L - Continuity Operational Phases and Implementation.Processes & ProceduresBuild continuity processes and procedures._05cd7454-ef13-11e7-bf36-f860c25163564.1Goals & ObjectivesEstablish goals and objectives._05cd759e-ef13-11e7-bf36-f860c25163564.2Emergency SupportSupport the performance of organizational PMEFs/MEFs during a catastrophic emergency. _05cd7710-ef13-11e7-bf36-f860c25163564.3Integration & CoordinationIntegrate and coordinate executive, legislative, and judicial programs across all levels of government, Non-Governmental Organizations (NGOs), and critical infrastructure sectors. _05cd785a-ef13-11e7-bf36-f860c25163565Government AgenciesNGOsNon-Governmental OrganizationsCritical Infrastructure SectorsFEMA NCPFEMA NCP and the 10 FEMA Regional Headquarters located throughout the country conduct regional and state-level CWGs, and host annual continuity conferences to promote and assist in integrating federal and SLTT continuity planning. FEMA NCP training courses to support development of continuity programs at SLTT levels, and within critical infrastructure sectors are also available through the Emergency Management Institute. FEMA Regional HeadquartersEmergency Management InstituteCoordination with State, Local, Tribal, and Territorial Governments, Non-Governmental Organizations, and Private Sector Critical Infrastructure Owners and Operators -- Continuity of Government and sustainment of the NEFs requires the integration of executive, legislative, and judicial programs that are coordinated across all levels of government, Non-Governmental Organizations (NGOs), and critical infrastructure sectors. Government offices at the SLTT levels are critical to serving the public through delivery of essential services during catastrophic emergencies. The resilience of SLTT governments enhances the effectiveness of federal response and recovery operations, and provides visible leadership. FEMA will integrate continuity and resiliency requirements or incentives into future FEMA SLTT grant guidance to encourage jurisdictions to develop viable continuity plans to ensure the performance of essential functions and sustain the delivery of essential services and core capabilities across all hazards. Federal organizations, as applicable, will coordinate with SLTT governments, regional entities, and critical infrastructure sectors to promote integration and collaboration. Such partnerships improve resilience and enhance unity of effort. Examples of coordination activities that federal organizations may undertake include:CapabilitiesCollaborate to incorporate capabilities of other entities into the organization's continuity planning and exercise activities_05cd79ae-ef13-11e7-bf36-f860c25163565.1Threats & HazardsCoordinate risk assessments to identify threats and hazards relevant to the organization's mission and the location(s) where essential functions are performed_05cd7b20-ef13-11e7-bf36-f860c25163565.2PartnershipsPartner to coordinate continuity plans_05cd7c9c-ef13-11e7-bf36-f860c25163565.3Working Groups, Information & TrainingParticipate in Continuity Working Groups (CWGs), information sharing, training, and exercises, as appropriate_05cd7f30-ef13-11e7-bf36-f860c25163565.4Continuity Working GroupsShelter & EvacuationCoordinate occupant emergency, shelter-in-place, and regional and local evacuation plans_05cd80ca-ef13-11e7-bf36-f860c25163565.5Alert, Notification & CredentialingParticipate in existing alert and notification networks and credentialing initiatives_05cd8228-ef13-11e7-bf36-f860c25163565.6Interdependencies & ResilienceCollaborate to identify interdependencies and ensure critical infrastructure resilience at all levels_05cd837c-ef13-11e7-bf36-f860c25163565.7Resources & SecurityCoordinate continuity resources and security requirements, as appropriate_05cd852a-ef13-11e7-bf36-f860c25163565.8Coordination ActivitiesAugment and participate in coordination activities to include, but not limited to those of: DHS/FEMA Regional/State-level CWGs, DHS/Office of Infrastructure Protection, Critical Infrastructure Sector Coordinating Councils and Government Coordinating Councils, Information Sharing and Analysis Centers_05cd878c-ef13-11e7-bf36-f860c25163565.9DHS/FEMA Regional/State-level CWGsDHS/Office of Infrastructure ProtectionCritical Infrastructure Sector Coordinating CouncilsGovernment Coordinating CouncilsInformation Sharing and Analysis CentersOther ActivitiesParticipate in other coordination activities, as appropriate._05cd88ea-ef13-11e7-bf36-f860c25163565.10Operations SecurityProtect against an evolved threat environment targeting federal and SLTT agencies and critical infrastructure continuity plans and programs._05cd8b06-ef13-11e7-bf36-f860c25163566Federal AgenciesSLTT AgenciesOperations Security (OPSEC), Information Security (INFOSEC), Cyber Security, and other efforts are applied to protect against an evolved threat environment targeting federal and SLTT agencies and critical infrastructure continuity plans and programs.ActionsImplement comprehensive multi-disciplinary security actions_05cd8c82-ef13-11e7-bf36-f860c25163566.1Organizations must implement comprehensive multi-disciplinary security actions such as identification of essential elements of information; risk analysis; and application of appropriate physical, communications, information, and personnel security measures and countermeasures to protect continuity plans, programs, alternate locations, networks, and personnel against hostile actions.InformationIdentify of essential elements of information_05cd8ebc-ef13-11e7-bf36-f860c25163566.1.1RiskAnalyze risk_05cd9056-ef13-11e7-bf36-f860c25163566.1.2Security Measures & CountermeasuresApply appropriate physical, communications, information, and personnel security measures and countermeasures to protect continuity plans, programs, alternate locations, networks, and personnel against hostile actions._05cd91be-ef13-11e7-bf36-f860c25163566.1.3ReportsReport threats, events, and/or suspicious activity_05cd9326-ef13-11e7-bf36-f860c25163566.2OrganizationsU.S. Department of Homeland SecurityOrganizations shall report threats, events, and/or suspicious activity directed against continuity programs to the U.S. Department of Homeland Security within 12 hours of its occurrence or discovery, as conditions warrant, through normal suspicious activity reporting protocols. 2017-01-172018-01-01https://www.fema.gov/media-library-data/1486472423990-f640b42b9073d78693795bb7da4a7af2/January2017FCD1.pdfOwenAmburOwen.Ambur@verizon.net