GUIDANCE FOR WATER UTILITY RESPONSE,
RECOVERY & REMEDIATION ACTIONS FOR
« MAN-MADE AND/OR TECHNOLOGICAL
EMERGENCIES
Office of Water (4601M)
EPA810-R-02-001
www. epa. gov/safewater
April 2002
-------�
DISCLAIMER
The statements in this document are intended solely as guidance. This document is not intended, nor
can it be relied on, to create any rights enforceable by any party in litigation with the United States.
EPA and state officials may decide to follow the guidance provided in this document, or to act in
variance with the guidance, based upon an analysis of site-specific circumstances. This guidance may
be revised without public notice to reflect subsequent changes in EPA's policy.
This document was prepared by Michael Baker Jr., Inc. for the EPA's Water Protection Task Force
under contract EMW-2000-CO-0002.
-------�
Table of Contents
Introduction: 1
Background: 1
I. Incident types 1
n. Development of the Guidance 2
IE. Structure 2
Response Planning: 2
Notification Considerations: 2
Sampling: 4
Annexes: 4
1. Sample Collection, Identification and Chain-of-Custody Form Annex I-1
2. Incident-specific Guidance
I. Contamination Event: (Articulated Threat with Unspecified Material) Annex II- 1
n. Contamination Threat at a Major Event Annex II- 3
m. Notification from Health Officials of Potential Water Contamination Annex II- 5
IV. Intrusion through Supervisory Control and Data Acquisition (SCADA) Annex II- 7
V Significant Structural Damage Resulting from an Intentional Act Annex II-9
-------�
Introduction;
This document provides uniform response, recovery and remediation guidance for water
utility actions in response to man-made and/or technological emergencies. The guidance was
developed as an initiative of EPA's Water Protection Task Force and has been reviewed with
water utilities and associations, EPA Regions, EPA Office of Water and other federal agencies.
The intent of this guidance is to provide the minimum actions that EPA recommends be carried
out by a water utility for the events described.
Emergency response planning is primarily a local responsibility. Good business
practices suggest that every water utility have an Emergency Operations/Response Plan that is
coordinated with state and local emergency response organizations, regulatory authorities and
local government officials. Water utilities ought to consider whether the actions contained
within this guidance have been thoroughly coordinated with these entities.
The Federal Response Plan (section VT) identifies Federal responsibilities and
capabilities that can support the local response effort dependent upon the type and severity of the
incident. Throughout this guidance "water system" includes the "system" elements of source
water (ground and surface), drinking water treatment, drinking water distribution and storage,
wastewater collection and wastewater treatment.
Background;
The Environmental Protection Agency (EPA) has been given the responsibility under
Presidential Decision Directive (FDD) 63 for working with the Water Sector (including water
and wastewater utilities) to provide for the protection of the nation's critical water infrastructure
including the systems used to collect, treat and distribute potable water. The EPA has a similar
responsibility for wastewater operations. These critical infrastructures are fundamental to the
public health and welfare and are subject to both natural disasters such as floods and
earthquakes, and man-made hazards such as terrorist attacks. Such disasters could place
surrounding areas and populations at significant risk. In October, 2001 the EPA established an
internal Water Protection Task Force to ensure that activities to protect and secure water supply
infrastructure are comprehensive and carried out expeditiously. This guidance supports the Task
Force's mission of providing information in an expeditious manner to public and private water
utilities that can be used to protect public health and critical water infrastructure.
I. Incident types
This guidance was developed for five (5) different incident types:
• Threat of or Actual Intentional Contamination of the Water System
• Threat of Contamination at a Major Event
• Notification from Health Officials of Potential Water Contamination
• Intrusion through the Supervisory Control and Data Acquisition (SCADA); and
• Significant Structural Damage Resulting from an Intentional Act
While this guidance is oriented toward these 5 incident types, it should also serve as a
guide for response, recovery and remediation actions for other threatened or actual intentional
acts that would affect the safety or security of the water system..
-------�
II. Development of the Guidance
Each incident type was assessed for potential impact on water system operations and
public safely to identify the minimum actions for each element of the water system to consider
taking in response to the incident, recover from the incident and to remediate the impacts of the
incident. Response refers to actions immediately following awareness of the incident, recovery
refers to actions to bring the system back into operation, and remediation refers to longer term
restoration actions. Where applicable, each incident type was assessed as if it had occurred
separately at each of the system elements and the potential impacts were assessed upstream and
downstream of the incident location. Additionally, the guidance was developed considering the
response needs of large, medium and small water and wastewater systems. Water utilities
should apply the concepts contained in the guidance to meet their system configuration and
capabilities.
m. Structure:
The guidance provides recommended actions in the categories of Response Actions,
Recovery Actions, and Remediation Actions in separate tables for each incident type. Each of
these categories contain a section on notifications and utility actions. Where applicable, specific
actions for each element of the water system are provided under the utility actions section.
The Notification Considerations section recommends standard notifications for any
suspicious or threatened intentional man-made or technological emergency. Supplemental
notifications are recommended within the incident tables for some events based on the potential
impact of the event.
Response Planning;
This response, recovery and remediation guidance to intentional acts can be used to
supplement existing water utility emergency operations plans (EOPs) developed to prepare for
and respond to natural disasters and emergencies. EPA recommends that established policies
and procedures contained in existing plans be used to the maximum extent while incorporating
the recommendations in this guidance.
A high quality water utility EOF clearly delineates the organizational structure within the
water system that will be responsible for incident response and management. This structure
should identify specific individual roles and responsibilities for decision-making, logistics,
operations, incident response control and finance. The structure could be based on the Incident
Command System, or other similar system, that is compatible with the system(s) used by other
elements (Fire, Law Enforcement, Emergency Management, Emergency Medical Services
(EMS), etc.) of the community's incident response and management structure. It would be
helpful to coordinate potential response requirements and expectations with local response
organizations prior to an incident to ensure that the water utility's response needs are met.
Notification Considerations;
Water utilities that have established notification procedures to meet a regulatory requirement,
such as the Emergency Planning and Community Right-to-Know Act (EPCRA), should use them
as the starting point for developing broader notification procedures. Utilities that do not have
established notification procedures should work with their Local Emergency Planning
-------�
Committee (LEPC) or similar local emergency planning organization, prior to an incident, to
coordinate the specific procedures for contacting local, state and federal officials when an
incident occurs. You can find the LEPC for your location at
http ://www. epa. gov/ceppo/lepcli st.htm.
EPA expects that the facility would first call local law enforcement officials to initiate local
emergency response actions. This may be accomplished by calling 911 or direct call to local law
enforcement. The local notification coordination effort should determine which additional
emergency response and management agencies (fire, Emergency Medical Services (EMS), the
community emergency management organization and state agencies) need to be notified. For
instance, do fire and EMS need to be notified in addition to law enforcement for a water-related
incident?
The notification procedures developed within the local notification coordination effort
should provide agency-specific names and contact numbers for these notifications on a 24-hour
basis and define what information about the incident needs to be provided, who will make the
notifications and which authorities are notified when a call is placed. As a minimum, these
notification procedures should include protocols for notifying local and state health and
environmental authorities, local critical care facilities (hospitals, dialysis centers, etc.) and others
as identified in state and local requirements.
An intentional act to disrupt the operations of a water utility or to jeopardize public
health is a criminal act. This creates the need for notifications to the appropriate FBI field office,
National Response Center and other entities that may not normally be contacted in response to a
natural disaster or emergency. Water utilities should work with the LEPC or similar
organization, in conjunction with appropriate state offices, to verify how these additional
notification requirements will be met and who has responsibility for the notifications.
The procedures developed within the local notification coordination effort should ensure
that all of the entities listed below are notified, identify who the utility must contact to initiate
the notifications and identify who within the organization should make the notifications. These
organizations are not listed in any particular order of preference.
• Notify local law enforcement
• Notify local FBI Field Office (to begin the threat assessment process) Your local FBI
field Office can be located by visiting http://www.fbi.gov/contact/fo/info.htm or
in the front pages of your local telephone book
• Notify National Response Center 1-800-424-8802 (to notify pre-determined federal
response agencies) for more information on NRC see http://www.nrc.uscg.mil
• Notify state/local emergency management organization
• Notify Governor's office
• Notify local EPA CID Special Agent in Charge (SAC)
• Notify other associated system authorities (wastewater, water)
• Notify local government official (responsible authority for the water utility)
• Notify state/local health, water and/or environmental department
• Notify critical care facilities
• Notify employees
• Notify EMS and Fire Department as deemed necessary
• Consider when to notify customers and what notification to issue
-------�
The recommendations provided in this guidance are supplemental to regulatory or other
promulgated reporting requirements. Normal reporting/notification to state health and/or
environmental agencies, or the EPA for states without approved state programs, will still be
required when the impacts of an incident result in an inability to meet Water Quality or
National Primary Drinking Water Standards or to meet CERCLA and/or EPCRA requirements.
Sampling;
The results of sample analysis after a threatened or actual contamination event can serve
a critical role in determining response, recovery and remediation actions; assessing the potential
impacts of the contaminant; and, providing data for eventual prosecution. Sampling
requirements (quantity, type of sample container, environmental controls, type of sample,
sample locations, etc.) can vary significantly depending upon the properties of the contaminant
and where the contaminant was introduced into the system. This guidance provides
recommendations for when sampling might be beneficial but can not provide specific sampling
requirements for every potential contaminant.
It is important to ensure that sampling is conducted by trained personnel and that the
safety of sampling and other personnel is fully considered while conducting sampling activities.
The diversity of sampling capabilities and resources among large and small water utilities
makes it difficult to establish standard requirements for all water utilities. Water utilities should
work with their LEPC and appropriate local, state and federal agencies to develop procedures
for obtaining requirements or recommendations on taking samples, sample control, sample
distribution and use of sample analysis results on an event-by-event basis. The water utility's
sampling capabilities and procedures for obtaining sampling recommendations should be
contained within the utility's EOF.
In the event of an incident that is suspected or confirmed to be the result of an
intentional act to disrupt the operations of a water utility or to jeopardize public health, law
enforcement officials may also require/take additional samples for evidence preservation.
Annexes:
Annex I provides a Sample Collection, Identification and Chain-of-Custody Form and
instructions for its use. The form is an example of the information needed for recording data on
samples taken in response to an intentional act and for maintaining a record for chain-of-
custody of the sample.
Annex II provides incident-specific response, recovery and remediation guidance for
each of the five (5) incident types.
-------�
Annex I - Sample Collection, Identification and Chain-of-Custody Form
Sample Collection, Identification and Chain-of-Custody Form
Sample ID #
(Place ID Label Here)
Sample Description
Comments
Sampler
Signature
Print
Date/Time
Sample ID
Sample Date/Time
Sample Location
Witness
Signature
Print
Date/Time
Location
1. Released by:
Signature
Print
2. Released by:
Signature
Print
3. Released by:
Signature
Print
4. Released by:
Signature
Print
Date/Time
Sample ID
Date/Time
Sample ID
Date/Time
Sample ID
Date/Time
Sample ID
Received by:
Signature
Print
Received by :
Signature
Print
Received by:
Signature
Print
Received by:
Signature
Print
Date/Time
Location
Date/Time
Location
Date/Time
Location
Date/Time
Location
Annex I -1
-------�
Instructions for Sample Collection, Identification and Chain-of-Custody Form
Whether from an epidemiological or evidentiary standpoint, it is critically important that
samples taken in response to an intentional act against a water system be taken in a systematic
manner. Each sample collected should have a separate identifying number (Sample ID #) and
the transfer of each sample should documented. The Sample Collection, Identification and
Chain-of-Custody Form provides a standardized format for annotating this information.
Sample Identification Number (Sample ID #)
Each sample should have separate identification number. A uniform system should be
established for assigning sample identification numbers.
Sample Date/Time
Annotate the date and time that the sample was taken.
Sample Description
Describe the type of sample taken (water, sludge, sediment basin, etc.)
Sample Location
Annotate as specifically as possible where the sample was taken so that later samples can be
taken (if necessary) from the exact same location.
Comments
Provide any additional comments that may assist in sample analysis (water temperature,
humidity, how sample was taken or materials used to take sample, etc.).
Sampler Identification
The person taking the sample should sign his/her name in the Signature block, annotate the
date/time of signature in the Date/Time block, print the sampler's name in the Print block and
annotate the sample ID number from the Sample ID# block at the top of the form.
Witness Identification
The person witnessing the taking of the sample should sign his/her name in the Signature
block, annotate the date/time of signature in the Date/Time block, print the sampler's name in
the Print block and annotate the location of where the sample was taken from the Sample
Location block at the top of the form.
Chain-of-Custody Tracking
A record of control for all samples should be maintained. Each person who releases control of
the sample should maintain a copy of who the sample was released to. Persons who receive
samples should verify the sample identification number ON THE SAMPLE before signing for
receipt of the sample. The original copy of the form, with original signatures should remain
with each sample until final disposition.
The person releasing the sample should sign his/her name in the Signature block, annotate the
date/time of release in the Date/Time block, print the releaser's name in the Print block and
annotate the sample ID number from the Sample ID# block at the top of the form.
Annex 1-2
-------�
The person receiving the sample should sign his/her name in the Signature block, annotate the
date/time of receipt in the Date/Time block, print the receiver's name in the Print block and
annotate the location where the sample was received in the Location block.
Other Considerations
Photographs
When possible a photograph should be taken of each collected sample at the sample location.
Ideally, the photograph would show the completed sample ID label and security seals in-place.
Photographs should be annotated or dated-stamped with the date and time that the photo was
taken.
Annex 1-3
-------�
Water Utility Response, Recovery & Remediation Guidance for Man-made and/or
Technological Emergencies
April 15, 2002
I. Contamination Event: (Articulated Threat with Unspecified Material)
Event Description: This event is based on the threat of intentional introduction of a contaminant into the water system (at any point
within the system) without specification of the contaminant by the perpetrator.
Initial
Notifications:
RESPONSE
ACTIONS
• Notify local Law
Enforcement
• Notify local FBI
Field Office
• Notify National
Response Center
Source Water
• Increase sampling
at or near system
intakes
• Consider whether
to isolate the
water source if
possible
• Notify local/state
emergency
management
organization
• Notify ISAC
Drinking Water
Treatment Facility
• Notify other
associated system
authorities
(wastewater, water)
• Notify local
government official
Water Distribution
/ Storage
• Preserve latest full
battery background
test as baseline
• Increase sampling
efforts
• Consider whether to
continue normal
operations (if
determination is
made to reduce or
stop water treatment
- provide
notification to
customers/issue
alerts)
• Coordinate
alternative water
supply
• Consider whether to
isolate the water in
the affected area if
possible
• Notify local/state
health and/or
environmental
department
• Notify critical care
facilities
Wastewater
Collection System
• Notify employees
• Consider when to
notify customers and
what notification to
issue
• Notify Governor
Wastewater
Treatment Facility
• Assess what to do
with potentially
contaminated water
within the system
based on
contaminant,
contaminant
concentration,
potential for system
contamination, and
ability to by-pass
treatment plant.
• If by-passed-notify
local & appropriate
state authorities, &
downstream users.
Increase monitoring
of receiving stream.
• Preserve latest full
battery background
test as baseline
• Increase sampling
efforts
• Consider whether to
continue normal
operations (if
determination is
made to reduce or
stop water treatment
- provide
notification to
customers/issue
alerts)
Annex II-1
-------�
1 '1 ,•.
-iT
Water Utility Response, Recovery & Remediation Guidance for Man-made and/or . ., ^ _ 2002
Technological Emergencies '
I. Contamination Event: (Articulated Threat with Unspecified Material)
RECOVERY
ACTIONS
Recovery actions should begin once the contaminant is through the system.
Recovery
Notifications:
• Notify Customers
• Notify Media
• Notify ISAC
Appropriate
Utility Elements:
Sample appropriate system elements
(storage tanks, filters, sediment basins,
solids handling) to determine if residual
contamination exists.
• Flush system based
on results of
sampling
• Monitor health of
employees
• Plan for appropriate disposition of personal
protection equipment (PPE) and other
equipment
REMEDIATION
ACTIONS
• Based on sampling results - assess need to
remediate storage tanks, filters, sediment
basins, solids handling.
• Plan for appropriate
disposition of PPE
and other equipment
• If waste water treatment plant was by-passed
sample and establish monitoring regime for
receiving stream and potential remediation
based on sampling results.
Notes:
1. Response, recovery and remediation actions may be tailored to a specified (identified) material if the physical properties for the material
are known.
Annex II-2
-------�
Water Utility Response, Recovery & Remediation Guidance for Man-made and/or
Technological Emergencies
II. Contamination Threat at a Major Event
April 15, 2002
Event Description: This event is based on the threat of, or actual, intentional introduction of a contaminant into the water system at a
sports arena, convention center or similar facility.
Initial
Notifications:
RESPONSE
ACTIONS
• Notify local Law
Enforcement
• Notify local FBI
Field Office
• Notify National
Response Center
• Notify ISAC
Source Water
• No recommended
action to take
• Notify local/state
emergency
management
organization
• Notify wastewater
facility
• Notify Governor
Drinking Water
Treatment Facility
• No recommended
action to take
• Notify other
associated system
authorities
(wastewater, water)
• Notify local
government official
Water Distribution
/ Storage
• Coordinate isolation
of water
• Assist in plan for
draining the
contained water
• Assist in
developing a plan
for sampling water
for potential
contamination
based on threat
notification
• Provide alternate
water source
i Notify local/state
health and/or
environmental
department
' Notify critical care
facilities
Wastewater
Collection System
• Notify employees
• Consider when to
notify customers and
what notification to
issue
Wastewater
Treatment Facility
• Coordinate acceptance of isolated water
• Monitor accepted water
• Assist in plan for draining the contained
water
• Assist in developing a plan for sampling
water for potential contamination based on
threat notification
Annex II-3
-------�
Water Utility Response, Recovery & Remediation Guidance for Man-made and/or
Technological Emergencies
II. Contamination Threat at a Major Event
April 15, 2002
RECOVERY
ACTIONS
Recovery actions should begin once the contaminant is through the system.
Recovery
Notifications:
• Notify customers in the area of the facility of actions to take
• Notify customers in affected area once contaminant-free clean water is re-established
• Notify down-stream users such as water suppliers, irrigators, electric generating plants, etc.
Water Distribution
/ Storage
• Consider flushing system via hydrants in distribution systems
REMEDIATION
ACTIONS:
Notes:
Water Distribution/Storage
Wastewater Treatment Plant
• Assess need to decontaminate/replace distribution system components.
• Based on
sampling results
- assess need to
remediate
storage tanks,
filters, sediment
basins, solids
handling.
• Plan for
appropriate
disposition of
PPE and other
equipment
• If waste water treatment plant was
by-passed - sample and establish
monitoring regime for receiving
stream and potential remediation
based on sampling results.
Annex II-4
-------�
Water Utility Response, Recovery & Remediation Guidance for Man-made and/or . ., ^ _ 2002
Technological Emergencies '
III. Notification from Health Officials of Potential Water Contamination
Event Description: This event is based on the water utility being notified by Public Health officials of potential contamination based on
symptoms of patients.
Initial
Notifications:
RESPONSE
ACTIONS
• Ask notifying
official who else
has been notified
and request
information on
symptoms,
potential
contaminants and
potential area
affected
Source Water
• Increase sampling
at or near system
intakes
• Consider whether
to isolate
• Notify local Law
Enforcement
• Notify local FBI
Field Office
• Notify National
Response Center
• Notify local/state
emergency
management
organization
Drinking Water
Treatment Facility
• Notify other associated • Notify local/state • Notify employees
system authorities
(wastewater, water)
• Notify local
government official
• Notify Governor
health and/or
environmental
department
Notify critical care
facilities
• Consider when to
notify customers
and what
notification to issue
• Notify ISAC
• Preserve latest full
battery background
test result as baseline
• Increase sampling
efforts
• Consider whether to
continue normal
operations (if
determination is to
reduce or stop water
treatment - provide
notification to
customers/issue
alerts)
• Coordinate
alternative water
supply (if needed)
Water Distribution
/ Storage
Wastewater
Collection System
Wastewater
Treatment Facility
• Increase sampling in
the area potentially
affected and at
locations where the
contaminant could
have migrated to. It is
important to consider
the time between
exposure and onset of
symptoms to select
sampling sites
• Consider whether to
isolate
• Consider whether to
increase residual
disinfectant levels
• Increase sampling at pumps stations and
specifically in the area potentially affected
• Assess what to do with potentially
contaminated water within the system based
on contaminant, contaminant concentration,
potential for system contamination, and
ability to by-pass treatment plant
• If by-passed - notify local & appropriate
state authorities, downstream users
(especially drinking water treatment
facilities) & increase monitoring of
receiving stream
Annex II- 5
-------�
Water Utility Response, Recovery & Remediation Guidance for Man-made and/or
T u i • i -I?" •
Technological Emergencies
A ., t _
April 13,
III. Notification from Health Officials of Potential Water Contamination
RECOVERY
ACTIONS
Recovery actions should begin once the contaminant is through the system.
Recovery
Notifications:
• Assist health department with notifications to customers, media, downstream users and other organizations
Appropriate
Utility Elements:
' Sample appropriate system elements (storage
tanks, filters, sediment basins, solids
handling) to determine if residual
contamination exists.
• Flush system based
on results of
sampling
• Monitor health of
employees
' Plan for appropriate disposition of personal
protection equipment (PPE) and other
equipment
REMEDIATION
ACTIONS
• Based on sampling results - assess need to
remediate storage tanks, filters, sediment
basins, solids handling and drinking water
distribution system
• Plan for appropriate
disposition of PPE
and other equipment
' If waste water treatment plant was by-passed
sample and establish monitoring regime for
receiving stream and potential remediation
based on sampling results.
Notes: Patient symptoms should be used to narrow the list of potential contaminants.
Annex II-6
-------�
Water Utility Response, Recovery & Remediation Guidance for Man-made and/or . ., ^ _ 2002
Technological Emergencies '
IV. Intrusion through Supervisory Control and Data Acquisition (SCADA)
Event Description: This event is based on internal or external intrusion of the SCADA system to disrupt normal water system
operations.
Initial
Notifications:
' Notify local Law
Enforcement
. Notify local FBI
Field Office
• Notify National
Infrastructure
Protection Center
(NIPC) at 1-888-585-
9078 (or 202-323-
3204/5/6)
Notify other
associated system
authorities
(wastewater, water)
Notify employees
If the water is
assessed to be unfit
for consumption,
consider when to
notify customers
and what
notification to issue
RESPONSE
ACTIONS
Source Water
• Increase sampling
at or near system
intakes
• Consider whether
to isolate
Drinking Water
Treatment Facility
Water Distribution
/ Storage
• Preserve latest full
battery background
test as baseline
• Increase sampling
efforts
• Temporarily shut
down SCADA
system and go to
manual operation
using established
protocol
• Consider whether to
shut down system and
provide alternate
water
• Monitor unmanned
components (storage
tanks & pumping
stations)
• Consider whether to
isolate
Wastewater
Collection System
Wastewater
Treatment Facility
• Temporarily shut down SCADA system and
go to manual operation using established
protocol
• Monitor unmanned components (pumping
stations) - required only if wastewater
SCADA system is compromised
• If SCADA intrusion caused release of
improperly treated water consider whether to
continue normal operations (if determination
is made to reduce or stop water treatment -
provide notification to customers/issue alerts)
Annex ll- /
-------�
Water Utility Response, Recovery & Remediation Guidance for Man-made and/or . ., ^ _ 2002
Technological Emergencies '
IV. Intrusion through Supervisory Control and Data Acquisition (SCADA)
RECOVERY
ACTIONS
Recovery actions should begin once the intrusion has been eliminated and the contaminant/unsafe water (if this
occurs) is through the system.
Recovery
Notifications:
Appropriate
Utility Elements:
• Employees
• Local law enforcement
• Notify customers and media if the event resulted in contamination and the full range (see scenario I) of standard
notifications were made
. With FBI
assistance, make
an image copy of
all system logs to
preserve evidence.
• With FBI assistance, check for implanted
backdoors and other malicious code and
eliminate them before re-starting SCADA
system
• Install safeguards before re-starting
SCADA
• Bring SCADA system up and monitor system
REMEDIATION
ACTIONS
Notes:
• Assess/implement additional protections for
SCADA system.
• Check for an NIPC water sector warning based on the intrusion that
may contain additional protective actions to be considered. NIPC
warnings can be found at www.NIPC.gov or at
https://www.infragard.org for secure access Infragard members.
Annex II- 8
-------�
Water Utility Response, Recovery & Remediation Guidance for Man-made and/or
TI u i • 1 171 •
Technological Emergencies
A ., t _
April 13,
V. Significant Structural Damage Resulting from an Intentional Act
Event Description: This event is based on intentional structural damage to water system components to disrupt normal system operations.
Initial
Notifications:
• Notify local Law
Enforcement
• Notify local FBI
Field Office
• Notify National
Response Center
• Notify local/state
emergency
management
organization
• Notify Governor
• Notify ISAC
• Notify other
associated system
authorities
(wastewater, water)
• Notify local
government officials
Notify local/state
health and/or
environmental
department
Notify critical care
facilities
• Notify employees
• Consider when to
notify customers and
what notification to
issue
Source Water
Drinking Water
Treatment System
Water Distribution
/ Storage
Wastewater Wastewater
Collection System Treatment Facility
RESPONSE
ACTIONS
• Deploy damage assessment teams, if damage appears to be intentional then treat as crime scene - Consult local/state law
enforcement and FBI on evidence preservation
• Inform law enforcement and FBI of potential hazardous materials
• Coordinate alternative water supply, as needed
• Consider increasing security measures
• Based on extent of damage, consider alternate (interim) treatment schemes to maintain at least some level of treatment
Recovery actions should begin as soon as practical after damaged facility is isolated from the rest of the utility
facilities.
RECOVERY
ACTIONS
Recovery
Notifications:
• Employees
• Law enforcement
Notify local FBI office
Appropriate
Utility Elements:
Dependent on the feedback from damage assessment teams
• Implement damage recovery plan
REMEDIATION
ACTIONS
Notes:
• Repair damage.
• Assess need for additional protection/security measures for
damaged facility, and other critical facilities within the
utility.
Annex II-9
-------� |