Critical Incident Response Policy

Emergency information

• Call 000 if there is an immediate danger.
• UTS Security: Free call 1800 249 559 (24 hours) or dial 6 from any campus phone.
• NSW Police Assistance Line: Call 131 444 (24 hours).

Further information on reporting emergencies or critical incidents is available at Urgent help and emergency response.

1. Purpose

1.1 The Critical Incident Response Policy (the policy) outlines UTS’s framework for the management of critical incidents.

1.2 Critical incidents are emergency events that are outside the normal range of university experience and assessed as posing a serious threat to members of the UTS community or to UTS.

1.3 This policy:

1. classifies and defines critical incidents (refer Definitions)
2. outlines how to identify and report a critical incident
3. coordinates the implementation of the university’s response functions to effectively manage critical incidents
4. helps to support the health, wellbeing, safety and security of UTS staff, students, affiliates, visitors and other members of the UTS community
5. addresses requirements outlined in the Higher Education Standards Framework (Threshold Standards) 2021 (Cwlth), and
6. addresses the obligations under the Education Services for Overseas Students Act 2000 (Cwlth) (the ESOS Act) and the ESOS Framework.

2. Scope

2.1 This policy applies to the assessment and management of critical incidents and to:

1. staff, students, affiliates and visitors (collectively the UTS community) who are impacted by a critical incident while on campus
2. staff, students and affiliates undertaking approved university business or travel, and
3. controlled or associated entities that use UTS’s campus, and any person with responsibilities under the Critical Incident Response Framework (refer Appendix 1).

2.2 On campus incidents or accidents that are not assessed as critical incidents are out of scope of this policy and will be managed in line with the relevant UTS policy or process.

3. Principles

3.1 The principles outlined in the Health, Safety and Wellbeing Policy and the Campus Policy apply for this policy.    

4. Policy statements

Reporting and identifying a critical incident

4.1 UTS community members must report actual or suspected critical incidents to UTS Security and Emergency Management as soon as possible for immediate assessment: 

1. free call: 1800 249 559, or
2. email: security.general@uts.edu.au 

4.2 The Head of Security and Emergency Management will: 

1. assess the report (together with relevant stakeholders) to determine whether it meets the threshold of a critical incident
2. identify the incident type as outlined in the Critical Incident Response Framework (the response framework) (refer Appendix 1)
3. make a report via the Hazard and Incident Reporting Online (HIRO) where required, and
4. notify the Director, Risk who will determine whether a written notification about the incident (critical or otherwise) needs to be provided to the insurer.

Critical Incident Response Framework

4.3 The response framework outlines the appropriate policies, procedures and plans that support the management and coordination of activities in response to critical incidents at UTS (refer Appendix 1). 

4.4 As part of this framework, UTS has in place an Emergency Management Plan (EMP) and a Business Continuity Plan (BCP), which outline the university’s emergency response and recovery processes. 

4.5 The EMP and BCP are reviewed and approved annually to ensure alignment with UTS policy, procedures and organisational structure (refer Roles and responsibilities), and to ensure continued compliance with any regulatory instruments. UTS’s Emergency Management Team and emergency management responsibilities are detailed in the EMP.

Response protocols

4.6 The Head of Security and Emergency Management will act as the leading authority at the scene to apply the response protocols and coordinate the university’s response framework as appropriate to the incident type. Where necessary, this may include reporting to or liaising with the NSW Police in line with the Campus Policy. 

4.7 Critical incident response protocols generally comprise the following steps: 

1. Groundwork: preparing, testing, understanding the situation, confirming the incident type or types, approving and communicating response mechanisms.
2. Mitigation: assessing the situation, making the situation safe, controlling, treating and monitoring risks.
3. Response: appropriate to the incident type, ensuring the safety of people, property and the community; working with the Marketing and Communications Unit to communicate with the UTS community; working with the Office of General Counsel and the People Unit to notify regulatory bodies; and, where necessary, initiating the EMP.
4. Recover: implementing the business continuity plans and other recovery arrangements.
5. Support: linking members of the UTS community to available emergency services and wellbeing provisions (for example, counselling support or financial or legal advice).
6. Improve: formally reviewing UTS’s preparedness and, where an incident occurs, its response as part of a continuous improvement cycle. 

4.8 Together with the Chief Operating Officer (COO), the Head of Security and Emergency Management may divert resources to respond to and stabilise the incident. Advice will also be sought from the: 

1. Pro Vice-Chancellor (Students) for support for students making the report or directly impacted by the report (where international students are involved, this may include the need to notify relevant embassies and consulates and/or the Department of Home Affairs) (refer also Support for Students Policy), and
2. Executive Director, People and Culture for support for staff and affiliates making the report and/or directly impacted by the incident (refer Employee Assistance Program (SharePoint)).

Post-incident reports

4.9 Following a critical incident, the Head of Security and Emergency Management must develop a critical incident report (CIR) to formally document actions taken in line with this policy. The CIR must include: 

1. the type of incident and how this was assessed
2. details of the first indication of the incident (taking into consideration privacy requirements)
3. details of the response (for example, the response protocols used, response timelines, incident duration, numbers of staff involved, key personnel risk identification mitigation and response mechanisms)
4. approximate costs involved in the response (with support from the COO's office)
5. any reporting activities (internally or externally) undertaken in line with legislation or UTS requirements
6. any recovery activities undertaken
7. outcome and assessment reports, and
8. recommendations for mitigating any risk of the incident reoccurring and for potential improvements associated with the response. 

4.10 The CIR is documented on the UTS critical incident register (the register) managed by the Head of Security and Emergency Management and used to review and improve this policy, the EMP and the BCP. 

4.11 In line with the Health, Safety and Wellbeing Policy UTS must report notifiable incidents to the appropriate authorities (refer Health Safety and Wellbeing: Safety Incident Reporting and Investigation (SharePoint)). 

4.12 The COO must report critical incidents to the next Audit and Risk Committee of Council. The CIR will also be provided to the Audit and Risk Committee for noting.

Critical incident readiness

4.13 The Head of Security and Emergency Management will request reassurance of the operational readiness of physical infrastructure, systems, assets and processes designed to support critical incidents at UTS from the responsible owners. This is undertaken as part of the annual review of the EMP and the BCP. This includes IT systems, surveillance systems, fire and alarm systems, fire safety equipment, security management equipment and any other infrastructure, system, asset or process identified by the Head of Security and Emergency Management. 

4.14 All responsible owners must work with the Head of Security and Emergency Management to ensure operational readiness in line with the responsibilities in the Health, Safety and Wellbeing Policy.

Records management

4.15 Records related to critical incidents, including assessments, responses, decisions and authorities, must be recorded in line with the Records Management Policy and, where the incident involves personal information, the Privacy Policy. The UTS Privacy Officer must be contacted about the management of records on critical incidents (refer Privacy contacts).

Roles and responsibilities

5.1 Policy owner: The Chief Operating Officer (COO) is responsible for enforcement of and compliance with this policy, ensuring that its principles and statements are observed. The COO is also responsible for the Emergency Management Plan (EMP) and for the approval of any associated university level procedures.

5.2 Policy contact: The Head of Security and Emergency Management and the Head, Health, Safety and Wellbeing provide advice on the implementation of this policy.

The Head of Security and Emergency Management is responsible for:

1. the day to day implementation of the policy, acting as a primary point of contact for advice on fulfilling its provisions
2. the coordination of the EMP (including staff training, exercises, management and review)
3. the annual review of the EMP and the Business Continuity Plan (BCP) in consultation with the Director, Property and the COO
4. advice on implementing the EMP and BCP, and
5. the maintenance of the UTS critical incident register.

The Head, Health, Safety and Wellbeing (in consultation with the Office of General Counsel) is responsible for:

1. notifying the University Leadership Team of any high-risk health, safety and wellbeing staff incidents
2. reporting incidents that meet the notifiable provisions of the Work Health and Safety Act 2011 (NSW) to SafeWork NSW, and
3. coordinating an investigation into any high-risk health, safety and wellbeing staff incidents to establish cause and recommend risk mitigating actions.

5.3 Implementation and governance roles: The Vice-Chancellor (as UTS’s emergency planning authority) is responsible for approving the Emergency Management Plan and the Business Continuity Plan.

6. Definitions

The following definitions apply for this policy and all associated procedures. Definitions in the singular also include the plural meaning of the word.

Campus (also UTS campus or campuses) is defined in the Campus Policy.

Critical incident means a situation or event, generally of an emergency nature, that result from both manufactured and natural disasters and civil disturbances. Critical incidents at UTS include but are not limited to the following:

1. severe natural events (for example, storms, floods or earthquakes)
2. explosions, fires or chemical spills
3. acts of terrorism, including bio-terrorism
4. bomb threats or active shooters
5. civil disturbances (including riots, disorders and violence arising from dissidents, marches, protests and/or labour disputes)
6. spread of a pathogen or other infectious disease designated by local health authorities as a pandemic or epidemic, or
7. war or civil unrest.

Notifiable incident is defined under the Work Health and Safety Act 2011 (NSW) and includes the requirement to report to the relevant authorities the death of a person on a UTS campus, a serious injury or illness of a person on a UTS campus and/or a potentially dangerous incident occurring on a UTS campus.

University travel is defined in the Staff Travel, Expenses and Credit Card Policy and, for students, in the Student Travel and Expenses Policy.