Incident Management Plan: Management of a non-routine incident, de-escalation and closure

Command and Control set up for non-routine incident

3.1 The Amber Book and ISO Standards: 22361:2022 Security and Resilience are the legal and doctrinal framework that Central Government operate from for emergency response arrangements and are the default starting position for emergencies irrespective of cause. These set out guidelines that help plan, establish, maintain, review, and continually improve a strategic crisis management capability. All departments across HM Government (HMG) have a responsibility to plan, train and exercise for handling incidents and emergencies, maintaining a state of readiness and building resilience. 

3.2 In the Food Standards Agency (FSA), once an Incident has been declared as non-routine the basic principles apply in setting up the command-and-control structure. These arrangements can be scaled up to manage large incidents as well as those incidents that fall outside our remit but may require both a tactical and strategic response from the FSA in their approach. 

3.3 The FSA operates the same incident response structure, applying the procedures coherently, across England, Wales and Northern Ireland. Depending on the extent of the geographical area(s) affected, the relevant FSA incident response team located in each of FSA’s offices usually leads the response to serious incidents within their country. Food Standards Scotland (FSS), follow their own procedures, and will lead on incidents within their country and work closely with the FSA. In line with the FSA/FSS memorandum of understanding (MOU), there may be occasions where FSS lead a UK wide incident using the FSS Incident Management Plan. However, in some circumstances, depending on the nature and scope of the incident, the FSS and FSA will mutually agree that the FSA should lead the non-routine incident using the FSA’s Plan. 

The daily rhythm

3.4 The daily rhythm is the routine of events (briefings, teleconferences, meetings etc.) at set times that are designed to flow from one to another, providing a sense of continuity and familiarity to the handling of an incident. It does not need to be taken literally, in that meetings must occur daily but sets out the sequence of events preceding meetings and the processes that follow meetings at the tactical and strategic levels. Although the daily rhythm is usually set early in an incident, it can change as the incident develops and should consider meetings held by FSS as part of the control and command structure. 

3.5 It should be noted that when Cabinet Office briefing room (COBR) or its equivalents in Wales and Northern Ireland are convened, the daily rhythm should take account of the requirement to submit information for the Common Recognised Information Picture (CRIP), two hours before COBR or its equivalent meet. The procedures to be followed when COBR or its equivalents are invoked are contained in the Amber Book.

3.6 The Agency has internal standard operating procedures (SOPs) that set out the roles and responsibilities that may be required during a non-routine incident and the purpose of each of those roles. 

3.7 The following sections provide an overview of some of the key roles within the response to a non-routine incident.

Incident Manager

3.8 Depending on the nature or scope of an incident, one of the following may be appointed as the Incident Manager: the Head of Incidents, from the Incidents and Resilience Unit (IRU), the Head of Incident Management in Wales, the Head of Consumer Protection in Northern Ireland; the head of a division for the relevant operational area; or the head of a policy team with responsibility for the issue. 

3.9 The Incident Manager takes responsibility for the ICA and the risk management of the incident, making sure the FSA is effective in taking corrective action. The Incident Manager will need to be able to understand the technical issues and the nature of the risk management strategies needed and co-ordinate situational awareness to inform the Incident Management and Co-ordination Group (IMCG).

Incident Management and Co-ordination Group (IMCG)

3.10 The objective of an IMCG is to manage, co-ordinate and deliver a proportionate response at a tactical level for non-routine incidents classified as serious. The IMCG will co-ordinate and manage the incident at the tactical level and determine or agree the need for a risk assessment. For incidents classified as severe and major, the IMCG will, in addition, support and deliver the strategic direction and decision making provided by the Strategic Incident Oversight Group (SIOG). 

3.11 Membership of the IMCG will be decided on the classification level and location of the incident. Other government departments may have input into the incident if there are cross cutting issues and may be invited to be members of the IMCG. The higher the level of classification, the greater the expectation for more senior staff or Other Government Department (OGD) representation to attend.

3.12 For serious incidents and above, the IMCG will consider the meeting frequency or 'daily rhythm', be responsible for producing a Situational Awareness Report (SitRep), make decisions on the implementation of the Emergency Call Handling Centre (also known as the incidents hotline) if required, and the set-up of any stakeholder liaison meetings. In addition, it will also consider creating operational leads, staff resourcing, financing; and establishing taskforces to manage work streams.

3.13 Decisions and issues that require strategic input and direction will be escalated by the IMCG Chair to SIOG.

3.14 The IMCG will be maintained for the duration of non-routine incidents and de-escalate as quickly as possible once the incident response has met the criteria requirements for routine handling.  

3.15 The purpose, membership and example agenda for the IMCG are set out in the internal IMCG SOP.

Incident Management Co-ordination Group (IMCG) Chair

3.16 Depending on the nature of the incident or emergency response the IMCG should be chaired by a senior individual responsible for the subject matter concerned. Where an individual cannot be immediately identified one of the following will act as the default chair: the Head of Incidents and Resilience Unit, the Head of Delivery in Wales, or Head of Food Safety Policy and Delivery in Northern Ireland. 

3.17 The IMCG chair is appointed by and accountable to the Strategic Incident Director (SID). If there is no SID in place the IMCG Chair is appointed by the Director of Operations. The IMCG Chair responsibilities include oversight of and managing the tactical response, updating the SID, owning the SitRep and attending and updating SIOG when set up. If there is no SIOG set-up, the IMCG Chair will provide updates at an agreed frequency to the SID, Chief Executive (CE) and FSA Board.

3.18 The IMCG chair must make sure that plans for communications with external stakeholders, for example, OGDs, Local Authorities (LAs), Primary Authorities (PAs), and where appropriate, industry and consumer groups, are in place to ensure engagement, where suitable. For more information on FSA Communications and Engagement see section 5.

Strategic Incident Oversight Group (SIOG)

3.19 The overarching objective of the SIOG is to provide strategic leadership and decision-making. This includes setting the strategic direction for the IMCG to enable a proportionate response to an incident classified as severe or major to be delivered. Once the strategy is set, the SIOG will direct, support, and provide oversight for the implementation of operational delivery by the IMCG.

3.20 The SIOG are responsible for making strategic decisions based on the risk management advice to enable the IMCG to deliver the response. If the actions, as a result of the incident response, would exceed the Board’s agreed risk appetite the CE or Strategic Incident Director (SID) will consult the FSA Chair as soon as possible. 

3.21 The purpose, membership, example agenda and template meeting note for the group are set out in the SIOG SOP. Senior members of FSS will be invited to attend.

Strategic Incident Director (SID)

3.22 The SID is responsible for the strategic oversight of the incident. The SID is appointed by the CE and will usually be the director most relevant to the incident. Depending on the nature of or severity of the incident, the CE may decide to assume the role of SID themselves. The SID is responsible for activating the strategic management structure, including convening the SIOG that they will then usually chair. They will also be responsible for providing updates to the CE (if the CE is not attending SIOG), FSA Chair and Board.  

3.23 The SID is also responsible for convening any briefing or stock-take meetings with their counterparts in OGDs, co-ordinating these with the incident daily rhythm as required and establishing strategic level cross-government lines of communication. The SID will also lead on the liaison with the COBR Unit or its devolved equivalent.

3.24 The FSA’s internal roles and responsibilities SOP sets out the role and responsibilities of the SID and SIOG Chair during a non-routine incident.

FSA Chief Executive (CE)

3.25 The CE has overall responsibility for decision making and resolution of incidents.

3.26 In a major incident or emergency the CE will chair the SIOG assuming the role of the SID. In less complex incidents or when the situation has stabilised, the CE can decide to delegate this role including the ‘power of decision’ to the director most relevant to the incident who then becomes the SID.

3.27 The CE and SIOG Chair (if the CE is not the SIOG Chair) are responsible for keeping the FSA Chair informed of non-routine incident developments; the frequency will be determined by the incident daily rhythm. These discussions are also opportunities for consulting the Chair ahead of possible major decisions, recognising that the formal decision-maker is the CE.

3.28 When the FSA are the LGD it is normally expected that the most relevant party, or party requested by the COBR Unit, with expertise on the situation would attend. In the event of a COBR (O) or COBR (M), the most relevant party with expertise of the situation would attend. The CE and/or SID (if role has been delegated) will be responsible for providing any briefing or preparation for the attending Minister. Briefing or verbal preparation for the attending party would be prepared by IMCG.

3.29 The FSA’s internal roles and responsibilities SOP sets out the role and responsibilities of the CE during a non-routine incident.

FSA Chief Scientific Advisor

3.30 The Chief Scientific Advisor (CSA) as being closest to the scientific evidence surrounding the incident, is responsible for the rigour and reliability of the risk assessment produced by the FSA and is responsible for providing challenge and comment, as necessary. The CSA is responsible for assuring that any published statement regarding the risk assessment is understood by a lay audience. The FSA’s internal roles and responsibilities SOP sets out the role and responsibilities of the CSA during a non-routine incident.

FSA Chair and FSA Board

3.31 The FSA Chair and Board will be kept updated at an agreed frequency on non-routine incidents by the CE (or SIOG Chair) through existing channels. The CE (or SIOG Chair) will update the FSA Chair, in advance, wherever possible on issues that carry significant risk. 

3.32 As is normal between meetings of the Board, the FSA Chair has the delegated authority to act on behalf of the Board in order to deal with the business of the FSA. The FSA Chair will update the Board at the earliest opportunity, as part of responding to any incident. Where, in the opinion of the Chair, significant operational matters go beyond the Board’s risk appetite, the Chair shall report to the Board at the earliest opportunity on any action that he/she may take. The Board may decide to hold an extraordinary meeting to assess risk if it is intended to go beyond the Board’s risk appetite. The CE or SID, informed by the SIOG, will consider the possible impacts of such a decision and, where possible consult the Chair for their view on potential consequences. 

3.33 The FSA’s internal SOPs provides further information on the role of the FSA Chair and Board during a non-routine incident.

IMCG Meeting Secretariat

3.34 For non-routine incidents, the IMCG Secretariat will issue a calling notice for the IMCG meeting or a SIOG meeting and set the daily rhythm, in collaboration with the IMCG Chair. Representation from the FSA offices in Wales, Northern Ireland and FSS are included, and additional representation from other government departments may be included when required, depending on the nature and cross-cutting remit of the incident.

3.35 Meetings are virtual by default and the standard calling notice will include details of call/dial-in procedures, as well as a meeting agenda. The IMCG’s secretariat operating instructions sets out the detail on the role of the Secretariat.

FSA Emergency Response Support Team (FERST)

3.36 The FSA Emergency Response Support Team (FERST) provides a flexible surge capability to strengthen the Agency’s response during non routine incidents or emergencies. FERST comprises trained volunteers drawn from across the organisation, enabling rapid mobilisation of skilled personnel when additional capacity is required. This resource supports the IMCG and SIOG by undertaking tasks such as administrative support, data handling, stakeholder liaison, and other functions essential to scaling up the incident response effectively.

Operational cascade briefings

3.37 Any operational leads will be confirmed by the IMCG. They are responsible for specific areas of the FSA’s emergency response and will be expected to attend IMCG meetings and other related meetings. Operational leads are responsible for briefing their team members on the outcomes of these meetings.

3.38 It is important for operational leads to hold cascade briefings on a regular basis with their team members (this may be on a daily or more frequent basis). The briefings will cover relevant outputs from the IMCG, SIOG or bird table meetings. Tasks for the team will be assigned, timescales agreed, quality standards set and clearance routes for work sign off will be established.

3.39 Further information on Cascade Briefings is contained in the Operational cascade briefing standard operating procedure.
Resilience during protracted incidents 

3.40 During an incident with a prolonged response phase, it is the responsibility of the IMCG, the Incident Manager, and when necessary, the SID to establish robust resourcing arrangements to ensure that staff involved in the response can be rotated and rest periods taken. Rotation of staff should be co-ordinated, with handover procedures put in place.

3.41 A flexible approach is employed between FSA Incidents Teams in the three countries (and in liaison with the FSS) to address resource shortfalls and ensure the well-being of staff. Further to this, the FSA will muster suitable resource from across its structure to support and undertake specific roles and functions as the response dictates. Where necessary decisions may be taken to secure additional external resource from outside the FSA.

De-escalation and closure 

3.42 As an incident draws towards resolution, it is appropriate to de-escalate to a lower level, to handle the response as routine business or close the incident. De-escalation will be based upon agreed criteria set out by SIOG and/or IMCG and the agreed criteria being met to inform the decision to de-escalate. The decision will be taken by IMCG collectively, and the recommendation to de-escalate will be notified to the SID or SIOG if stood up, for agreement. The incident de-escalation process from non-routine to routine or closure includes considering whether the incident has met the agreed criteria for de-escalation from non-routine in consultation with the relevant subject matter expert (SME). Where: 

• the de-escalation criteria have been assessed but have not been met the incident will continue as non-routine and follows the usual process
• the de-escalation criteria are met and SIOG (if stood up) or SID agree with IMCG recommendation to de-escalate, the incident will then return to routine or if appropriate closed

3.43 All response level changes will be communicated formally to those involved in the response, internally and externally. Options to be considered during incident closure should include handing over to FSA teams that can carry out surveillance or monitor corrective measures.

3.44 Any decision to de-escalate or close an incident may need to consider any specific requirements for recovery. The IMCG should consider the necessary strategy, resources and authority for successful recovery. The examples of incidents, where recovery is a consideration, are radiological incidents and/or other environmental contamination affecting food. Recovery for major incidents should follow the procedures set out in the Amber Book using command and control arrangements in place for a major incident.

3.45 Once closed, all non-routine incidents are subject to incident review – see section 6 incident review and planning.

Information management

3.46 All information relating to an incident is accurately documented and captured on the FSA records management system to ensure that decisions can be justified, and activities can be evidenced.

3.47 All key business information/official record sets are information assets and must be listed on the information asset register.