Contingency Management Plan

Agharkar Research Institute

1. Purpose

The purpose of this Contingency Management Plan is to ensure the continuity of critical research, administrative, and technological operations at Agharkar Research Institute in the event of emergencies or disruptions. This plan outlines the procedures for preparing for, responding to, and recovering from incidents that could impact the institute’s ability to function effectively.

2. Scope

This plan applies to:

• Research infrastructure (labs, data systems, databases)
• Digital and IT systems (email, website, servers, cloud services)
• Administrative operations (HR, finance, grants)
• Physical infrastructure (buildings, utilities, equipment)

Personnel and communications

3. Objectives

• Minimize disruption to core research and administrative functions.
• Protect critical data and intellectual property.
• Ensure safety of personnel, assets, and facilities.
• Provide clear roles, responsibilities, and procedures during a contingency event.
• Facilitate a swift and effective recovery.

4. Types of Contingency Events Covered

• Natural disasters (earthquake, flood, fire, storms)
• Power outages or utility failures
• Cybersecurity incidents (malware, ransomware, data breaches)
• Equipment or system failures
• Pandemics or public health emergencies
• Human-caused events (theft, vandalism, terrorism)

5. Contingency Phases

5.1 Prevention & Preparedness

• Regular risk assessments of IT and physical infrastructure.
• Routine data backups and offsite storage/cloud redundancy.
• Staff training on emergency procedures and cyber hygiene.
• Physical security controls (access badges, surveillance, alarms).
• Periodic contingency drills (fire, cyberattack, evacuation).

5.2 Response

• Activation of Incident Response Team (IRT).
• Containment of threat or impact (e.g., shut down systems, evacuate area).
• Communication to staff, researchers, and stakeholders.
• Documentation of incident timeline and response actions.

5.3 Recovery

• Restore systems using backups and redundant systems.
• Resume research and administrative activities based on RTO priorities.
• Conduct impact assessment and adjust timelines as necessary.
• Coordinate with external agencies or vendors if applicable.

5.4 Post-Incident Review

• Analyze cause and response effectiveness.
• Update policies and procedures.
• Report findings to leadership and key stakeholders.

Implement corrective actions to prevent recurrence.

6.Communication Plan

• Primary Channel: Email, institute website, SMS alerts
• Backup Channels: Phone trees, WhatsApp groups, printed notices
• Stakeholder Notification: Researchers, funding agencies, collaborators, media (if applicable)

7.Testing and Maintenance

• Contingency plan is tested annually through tabletop or live simulations.
• Key systems are audited quarterly for risk exposure.
• Plan is reviewed and updated biannually or following a major incident.

8.Testing and Maintenance

• Contingency plan is tested annually through tabletop or live simulations.
• Key systems are audited quarterly for risk exposure.
• Plan is reviewed and updated biannually or following a major incident.

9. Roles and Responsibilities