Before a disaster strikes, it is incumbent upon school system IT personnel to have emergency operations plans in place to ensure continuity of learning. Natural disasters can be spontaneous events, requiring school system leaders to implement and train team members on procedures so that they can act swiftly. Administrative and school personnel should be able to assess damage quickly, update all stakeholders, bring critical systems back online, and resume operations as quickly as possible.

You must be logged into your member account to see the Member Exclusive resources.

“Our K12 districts are on the front lines of protecting their data and systems against much large, better funded organizations and a rapidly evolving cyberthreat environment. They need access to staffing and technical resources to continue to securely deliver education.” - Amy McLaughlin, CoSN Cybsersecurity Expert.

Read more on Disaster Preparedness by clicking on the resources below.  Please note that some of these are Member-Exclusive, so you won't be able to see the link unless you are logged in.

amy mclaughlin on the hill
CoSN cybersecurity expert Amy McLaughlin testifies before U.S. Senate

Additional Resources

Building A Learning Continuity Plan

It is important to have an identified scope when developing an LCP or BCP for your school or district IT organization. It is recommended that IT organizations focus on building a technical plan that helps IT prioritize services and identify strategies for continuing to deliver high-priority services to support the district in the event of a disaster that destroys or severely cripples one or more of the district’s data centers, networks, and server systems. This plan is not limited to on-prem systems; cloud services and applications are within the scope of this plan. While the district’s LCP or BCP should encompass the entire district's operations, this document focuses on the information technology components that support the district’s overall plan.

Disaster Recovery Plan Template (Member Exclusive)

Building Your Disaster Recovery "Go Kit" (Member Exclusive)

Natural or human created disasters, including natural disasters and cybersecurity attacks, can occur at any time. Having disaster recovery and learning continuity plans (CoSN’s Learning Continuity Planning) is helpful. Still, during a disaster scenario it can take time to pull together the basic resources you need to respond and deliver continuity of services.

Being prepared means having the basic tools and supplies readily at hand to respond to a disaster scenario as it unfolds. In survival scenarios, a “GO KIT” includes all the basics necessary to survive for the short term. Likewise, this checklist identifies critical items that should be in your technology “GO KIT” to facilitate your disaster response (DR) and learning continuity plan (LCP). Assembling and maintaining a DR/LCP go bag can enhance the speed of response and recovery.

Disaster RTO & RPO – Setting Recovery Priorities Before a Disaster (Member-Exclusive)

Disasters, whether human or natural, can have sudden and serious impact on the ability of the school district to deliver services, including core services for the support of students and staff. Many critical resources that impact not only the delivery of teaching and learning, but also the basic life, health and safety functions of the school district are dependent upon technology to continue to operate.

In today’s interconnected digital landscape, Software-as-a-Service (SaaS) solutions have become indispensable tools for educational institutions and businesses alike. However, the convenience of outsourcing critical functions to SaaS vendors comes with inherent cybersecurity risks. Unlike district-specific cybersecurity incidents where organizations have direct control and access to details, incidents involving SaaS vendors can provoke anxiety due to the lack of direct control and oversight. Despite rigorous vendor selection processes and compliance with standards and certifications, breaches can still occur, impacting sensitive data and operational continuity.

Strategies for Building Information Security Governance (Member-Exclusive)

Given the pervasive nature of cybersecurity security threats and attacks against school systems, it is not viable for IT Directors or Chief Technology
Officers to be solely responsible for protecting schools and districts from cyber adversaries. Cybersecurity and cyber safety are not technical issues but organizational challenges that affect all members of the education community.

Self-Assessment (District Security Checklist) - Member Exclusive

What is your district’s state of security readiness? Security means reliability and integrity of the operation as well as keeping the door locked on data. Use this questionnaire to gain a quick sense of your overall security profile. Then get a more in-depth analysis by using the District Security Rubric and Planning Grid to pinpoint areas of concern and identify next steps.

Building Checklist: Essential Guide for IT Leaders' Construction Projects (Member-Exclusive)

Construction and substantial renovation of school district buildings must consistently incorporate technology planning from conception to building. This member document is a game-changer, providing a concise yet powerful roadmap for designing and renovating buildings focusing on future-proofing district technology.

Identifying and Prioritizing Critical System Risks: The Business Impact Analysis (Member-Exclusive)

A Business Impact Analysis (BIA) is a structured process designed to identify and evaluate the potential effects of an interruption to critical school district operations due to a cyber attack, natural or physical disaster, accident, or emergency. It helps districts identify and plan for the consequences of disruption and gather information needed to develop recovery strategies. Conducting a BIA involves identifying key district systems and applications, the processes they support, and any dependencies that must be fulfilled for those resources to be available. Completing the BIA also involves assessing the impact of those systems & applications being unavailable or lost and determining recovery priorities and timeframes.

The resource includes the Importance of Identifying Critical Resources through BIA and a tool for Completing the Business Impact Analysis.