HomeMy WebLinkAboutIntegrated Public Alert and Warning System (IPAWS) 2018-10-03 DEPARTMENT OF HOMELAND SECURITY COU No. i f 1 q" /q q
Federal Emergency Management Agency
IPAWS PUBLIC ALERTING AUTHORITY APPLICATION OMB Control No.xxxx-xxxx
Expires:xxlxxlxxxx
PAPERWORK BURDEN DISCLOSURE NOTICE
Public reporting burden for this form is estimated to average 1 hour per response.The burden estimate includes the time for reviewing
instructions,searching existing data sources,gathering and maintaining the needed data,and completing,reviewing,and submitting the form.
This collection of information is mandatory. You are not required to respond to this collection of information unless a valid OMB control number
appears in the upper right corner of this form.Send comments regarding the accuracy of the burden estimate and any suggestions for reducing
this burden to: Information Collections Management, Department of Homeland Security, Federal Emergency Management Agency,500 C
Street,SW,Washington,DC,20472,Paperwork Reduction Project(1660-NEW). NOTE:Do not send your completed form to the above
address.
PRIVACY NOTICE
Authorities: Executive Order 13407,"Public Alert and Warning System'
Purpose: FEMA is collecting this information to assess an entity's eligibility to use FEMA's Integrated Public Alert and Warning System
(IPAWS),and to provide access to specific members of the requesting entity to facilitate access to IPAWS.
Routine Uses: The information will be used by and disclosed to DNS personnel or other agents who need the information to assist in activities
related to the use of IPAWS. The information on this form may be disclosed as generally permitted under the Privacy Act of 1974, as amended
(5 U.S.C. §552). This includes using this information as necessary and authorized by the routine uses published in DHSIALL-004 General
Information Technology Access Account Records System GITAARS (September 29,2009,74 Fed. Reg.49,882,and upon written
request,by agreement,or as required by law.
Disclosure: Furnishing this information is voluntary;however, failure to furnish the requested information may delay or prevent DHSIFEMA
from providing the requested access to its IPAWS system.
Instructions for Organizations Applying for Access to IPAWS-OPEN for Public Alerting
The following are the requirements for access to IPAWS-OPEN for Public Alerting:
• Your software vendor/system developer must have an executed Memorandum of Agreement(MOA)with FEMA for access to the IPAWS
test environment. See http://www.fema.(iov/library/viewRecord.do?id=5670.
• Your sponsoring organization must have an executed MOA with FEMA for system security requirements with signed Rules of Behavior.A
separate application form is required. See https:/1www.fema.govllibrary/viewRecord.do?id=6019.
• Demonstrated successful completion of the Emergency Management Institute(EMI)Independent Study 1S-247.a:Integrated Public Alerts
and Warning System course,posted online at htto://training-fema.gov/EMIWeb/IS/IS247a.asp.(See Note#5 below.)
Notes on the Public Alerting Application:
1. COG Name and COG ID#:This information is used to identify your organization and is provided by FEMA upon execution of an MOA. If
you did not receive this information from FEMA, please contact the IPAWS office for assistance(ipaws(&fema.dhs.gov)
2. Geographic area of responsibility: List the area name and FIPS codes for which you are authorized to issue public warnings,typically
one or more counties.
• A list of FIPS codes can be found here:http-1/www.census..Qoy/geo/www/ansi/countylookup.html
• If you are requesting state-wide alerting authority,simply list the state
• If you are requesting alerting authority in multiple states,please complete one separate form for each state
3. Event Codes:Check the event code boxes that apply to your alerting authority
• A list of definitions for event codes can be found in Appendix C of the National Weather service Instruction 10-518
(http://www.nws.noaa.gov/directives/�SVm/PdOlOO5018curr.odf)
• Note that some event codes are not available for certain dissemination systems(e.g. TOE is not available for WEA)
• Consult your state reviewer if you are requesting Child Abduction Emergency(CAE)for Wireless Emergency Alerts (WEA)
4. Signature: Do not sign this form! This form must be signed by the state reviewer point of contact.
• Applicant: Send the completed,unsigned form to the stale reviewer contact provided by FEMA. If you did not receive this
information from FEMA,please contact the IPAWS office for assistance(ipaws(ZDfema.dhs.gov)
• State Reviewer: Please review the requested alerting permissions. If consistent with state alert and warning plans, please
complete the remainder of the form,sign and return to the applicant.
5. When you have successfully completed the IPAWS Independent Study course,submit a copy of your EMI training certificate to the FEMA
IPAWS MOA coordinator(ipaws(&fema.dhs.gov)
Next steps: Once your application has been processed,you will be notified when your public alerting permissions have been implemented in
he IPAWS system and are ready to use.
FEMA FORM xxx-x-xx (7/16)
Page i of 2
Application for IPAWS Public Alerting Authority
COG Name: CA Ukiah Police Department COG ID#:201634
Geographic Area of Responsibility: [list the name(s)and FIPS Code(s)for your geographic area of
responsibility. Attach additional pages as needed]
Name: FIPS Code:
City of Ukiah Police Department 06 045
Event Codes: [Check all that apply for WEA, EAS, and NWEM dissemination systems]
Event Code Event Description WEA EAS NWEM
ADR Administrative Message N/A ❑✓ ❑✓
AVA Avalanche Watch N/A ❑ ❑
AVW Avalanche Warning ❑ ❑ ❑
CAE Child Abduction Emergency N/A* 0 ❑✓
CDW Civil Danger Warning ❑✓ ✓❑ ❑✓
CEM Civil Emergency Message ❑✓ ✓❑ 0
EQW Earthquake Warning ❑✓ ❑ 0
EVI Evacuation Immediate ❑✓ Q 0
FRW Fire Warning 0 0 0
HMW Hazardous Materials Warning 0 21 Q
LAE Local Area Emergency 0 Q 0
LEW Law Enforcement Warning 0 Q 0
NUW Nuclear Power Plant Warning 21 0 0
RHW Radiological Hazard Warning 0 Q 0
RMT Required Monthly Test N/A Q N/A
RWT Required Weekly Test N/A ❑ N/A
SPW Shelter In-place Warning 2 Q Z
TOE 911 Telephone Outage Emergency N/A 0
VOW Volcano Warning Q 0 0
The undersigned has reviewed this application and the public alerting authorities requested by
the applicant are consistent with the state Emergency Alert System plan, AMBER Alert System
plan, or other operational public warning plans.
For the State of California Agency: Ukiah Police Department
Signature: Date:
Name: Title:
Email: Telephone:
FEMA FORM xxx-x-xx (7116) Page 2 of 2
Memorandum of Agreement
between the
City of Ukiah Police Department
and the
pA���li•
w
ND 5EG�4.:
Federal Emergency Management Agency
Integrated Public Alert and Warning System
(IPAWS) Program Management Office
Regarding the use of:
City of Ukiah Police Department
Interoperable System(s)
and
IPAWS OPEN Platform for Emergency Networks
(IPAWS-OPEN)
Version 1 . 1
03 Oct 2018
WARNING:This document is FOR OFFICIAL USE ONLY(FOUO). It contains information that may be exempt from
public release under the Freedom of Information Act(5 U.S.C.552). It is to be controlled,stored,handled,
transmitted,distributed,and disposed of in accordance with DHS policy relating to FOLIO information and is not to
be released to the public or other personnel who do not have a valid "need-to-know"without prior approval of the
FEMA Integrated Public and Warning System and the FEMA Disclosure Offices.
MEMORANDUM OF AGREEMENT
SUPERSEDES: None
INTRODUCTION
The purpose of this memorandum is to establish a management agreement between the City of Ukiah Police
Department hereinafter referred to as the Collaborative Operating Group(COG), and the Federal Emergency
Management Agency(FEMA)IPAWS Division regarding the utilization and security of City of Ukiah Police
Department Interoperable System(s)(as shown in Appendix A),which interoperate with the IPAWS Open Platform
for Emergency Networks(IPAWS-OPEN).The expected benefit is to enable information interoperability across
emergency response organizations and systems as intended by the IPAWS Initiative.
This agreement will govern the relationship between the Collaborative Operating Group and FEMA, including
designated managerial and technical staff and system users associated with the aforementioned COG. As indicated
within the terms of this agreement,both parties agree to allow system interoperability through the use of SOAP over
HTTPS via the public internet.Under this agreement,no direct or networked connection using VPN(or equivalent
technology)between the systems named in Appendix A and IPAWS-OPEN is allowed.In the event a direct
connection is required,an Interconnection Security Agreement must be executed.
AUTHORITY
The authority for this agreement is based on the Communications Act of 1934,as amended(47 U.S.0§ 606)and the
implementation of regulation 47 C.F.R§ I 1 which establishes the statutory basis under which the FEMA IPAWS
Program operates emergency alerting systems. In addition, Executive Order 13407 of June 26,2006, Public Alert
and Warning System Executive Order states,"It is the policy of the United States to have an effective,reliable,
integrated, flexible,and comprehensive system to alert and warn the American people...establish or adopt,as
appropriate,common alerting and warning protocols,standards,terminology,and operating procedures for the
public alert and warning system to enable interoperability and the secure delivery of coordinated messages to the
American people".In response,FEMA established the IPAWS Program Management Office(PMO)in April 2007.
BACKGROUND
it is the intent of both parties to this agreement to establish and utilize a standardized web based application interface
(as defined by the[PAWS-OPEN Web Service Interface Design Guidance)between the information technology(IT)
systems shown below to facilitate the exchange of emergency messages within the production environment. The
testing of the interoperability of these systems has been performed through the use of FEMA'.s Test and
Development environment to ensure the transference and receipt of emergency messages using approved messaging
standards. The interoperability between these systems is supported by the use of SOAP over HTTPS via the public
internet.
COMMUNICATIONS
Frequent formal communications are essential to ensure the successful management and operation of system
interoperability. Both parties agree to maintain open lines of communication between designated staff(as indicated
in Appendix B)at both the managerial and technical levels. All communications described herein must be conducted
in writing and may be disseminated by electronic means unless othenvise noted.
The owners of the respective systems agree to designate and provide contact information for technical leads for their
respective systems,and to facilitate direct contacts between technical leads to support the management and
operation of system interoperability.To safeguard the confidentiality, integrity,and availability of the systems and
the data they store,process,and transmit,both parties agree to provide notice of specific events within the
timeframes indicated below:
• Security Incidents: Technical,administrative and/or help desk staff will immediately notify their designated
counterparts by telephone or e-mail when a security incident(s)is detected and/or a violation of the Rules of
Behavior(see Appendix C)has been identified. Both parties agree to make the appropriate technical and
administrative individuals available for all necessary inquiries and/or investigations.Containment and/or
resolution procedures will be documented by the identifying party and after action reports generated and
submitted to the system owner and-or designated security officials within five(5)business days after detection
of the incident(s).
2
• Disasters and Other Contingencies: The FEMA]PAWS Program Office will notify the COG by telephone,
e-mail or other acceptable means in the event of a disaster or other contingency that disrupts the nortnal
operation of IPAWS-OPEN.
• System Interconnections: This MOA is intended for systems interoperating with IPAWS OPEN using SOAP
over HTTPS via the public Internet. If in the future,an interconnection(i.e.dedicated system-to-system
connection)is required to IPAWS-OPEN, this MOA must be updated and an Interconnection Security
Agreement(iSA)must he executed.If a change in status from interoperating to interconnected system is
required, the initiating party will notify the other party at least 3 months before the planned interconnection is to
be in place.
• Discontinuation of Use: In the event the use of IPAWS-OPEN is no longer required,the COG agrees to
immediately notify, in writing,the FEMA IPAWS Program Office at which time the COGID and associated
access credentials will be deactivated.
• Personnel Changes: Both parties agree to provide notification of changes to their respective system owner or
technical lead. in addition,both parties will provide notification of any changes in the point of contact
information provided in Appendix B. All relevant personnel changes and changes to contact information must
be provided within 5 business days of the change.
TYPE OF INTERCONNECTIVITY
Both parties agree that the COG will utilize only the assigned COGID,associated credentials and digital certificates
provided by the FEMA IPAWS Program Office to support interoperability between the system(s)listed in Appendix
A and IPAWS OPEN. In addition,all interoperable systems must be configured to interface with IPAWS-OPEN
over the public Internet using only approved web service standards and associated requirements. A listing of
approved web service standards and supporting requirements can be obtained from the IPAWS-OPEN Web Service
Interface Design Guidance document.
In the event,a dedicated connection is required,both parties will agree to negotiate and execute an Interconnection
Security Agreement(ISA)as required per Department of Homeland Security(DHS)policy which must be signed by
all required parties before the interconnection is activated.Proposed changes to either system that affect system
interoperability will be reviewed and evaluated to determine the potential impact. If the proposed changes impact the
agreed upon terms, the MOA will be renegotiated and executed before changes are implemented.
SECURTI'Y
To ensure the joint security of the systems and the message data they store,process,and transmit,both parties agree
to adhere to and enforce the Rules of Behavior(as specified in Appendix Q. In addition,both parties agree to the
following:
• Ensure authorized users accessing the interoperable system(s)receive, agree to abide by and sign(electronically
or in paper form)the IPAWS-OPEN Rules of Behavior as specified in Appendix C. Each jurisdiction is
responsible for keeping the signed Rules of Behavior on file or stored electronically for each system user.
• Utilize FEMA approved PKI certificates to digitally sign messages as they are transported over the public
Internet.
• Certify that its respective system is designed, managed and operated in compliance with all relevant federal
laws, regulations,and policies.
• Document and maintain jurisdictional and.:or system specific security policies and procedures and produce such
documentation in response to official inquiries and/or requests.
• Provide physical security and system environmental safeguards for devices supporting system interoperability
with IPAWS-OPEN.
• Ensure physical and logical access to the respective systems as well as knowledge of the COGiD and associated
access criteria are only granted to properly vetted and approved entities or individuals.
• Where applicable,ensure that only individuals who have successfully completed FEMA-required training can
utilize the interoperable systems to issue alerts and warnings intended for distribution to the public.
• Where applicable,document and maintain records of successful completion of FEMA-required training and
produce such documentation in response to official inquiries and/or requests.
3
COST CONSIDERATIONS
This agreement does not authorize financial expenditures by the COG on behalf of FEMA.The FEMA—IPAWS
Division is responsible for the costs associated with developing,operating and maintaining the availability of the
IPAWS.-OPEN system. The COG is responsible for all costs related to providing their users with access to IPAWS•
OPEN via the public Internet. These costs may include hardware,software,monthly Internet charges,completion of
security awareness training and other related jurisdictional costs.
PROPERTY ONAFNERSHIP
Each Party agrees and acknowledges that nothing in this Agreement shall be construed as giving a party any
proprietary rights in or to the intellectual property of the other party. Each Party further agrees that nothing in this
Agreement shall be construed as creating or granting to a party any implied or express license in or to the
intellectual property of the other party.
TIRIELINE
This agreement will remain in effect based on the life of the Authority to Operate(ATO)for IPAWS-OPEN or a
maximum of three(3)years after the last date on either signature in the signature block below.Upon expiration of
the IPAWS-OPEN ATO or after three(3)years(whichever comes first),this agreement will expire without further
action and system access privileges will be revoked. If the parties wish to extend this agreement,they may do so by
reviewing, updating,and reauthorizing this agreement.This newly signed agreement Supersedes all earlier
agreements,which should be referenced above by title and date.If one or both of the parties wish to terminate this
agreement prematurely,they may do so upon 30 days'advanced notice or in the event of a security incident that
necessitates an immediate response.
SIGNATORY AUTHORITY
I agree to the terns of this Memorandum of Agreement.Noncompliance on the pan of either organization or its
users or contractors concerning the policies,standards,and procedures explained herein may result in the immediate
termination of this agreement.
Cite of Ukiah Police Department Official Federal Emergency Management Agency
Name:Justin%Vyatt IPAWS OPEN System O,.iner
Title: Chief of Police Name: Mark A.Lucero
Title: Chief,IPA«'S Engineering
a ![! '•1' —ivis, _
(Sign ure Date) (Signature Date)
Uki Polic Department Attn: IPAR'S-OPEN System 011ner,Suite 506
300 Seminary Avenue Federal Emergency Management Agency
Ukiah,CA,95482 500 C Street SW
Washington,D.C.20472-0001
FERIA Authorizing Official or Designee FERIA CISO or Deputy CISO
(Signature Date) (Signature Date)
4
Appendix A
Listing of Interoperable Systems
IPAWS recognizes that Emergency Management organizations may utilize multiple tools to facilitate the
emergency management process. As a result,jurisdictions may need to interoperate w:th IPAWS-OPEN
using more than one system. In order to comply with DHS policy, all systems interoperating with IPAWS-
OPEN must be documented and supported by a Memorandum of Agreement. As a result this appendix
must be completed to identify all systems associated with the COG and used for interoperating with
IPAWS-OPEN. This Appendix must be amended as applicable systems are added or removed from
operations.
• IPAWS-OPEN
IPAWS-OPEN is the backbone system that structures the alert and
distributes the message from one interoperating and/or interconnected
Function: system (message sender)to another interoperating and/or interconnected
system (message recipient).
Location: FEMA Emergency Operations Center
Description of data, Messaging data is considered Sessitive But Unclassified(SBU)information and does not
including sensitivity or contain Personally Identifiable Information(Pit),Financial data,Lau-Enforcement Sensitive
classification level: Information or classified information. Each message that flows through the
IPAWS-OPEN system will be associated to a specifically assigned system
User ID and COGID as captured within the message elements. This
information will be retained in system logs.
The systems listed below are managed and operated by the COG and are subject to the terms defined
within the Memorandum of Agreement including the Rules of Behavior in Appendix C. Each interoperable
system will be assigned unique authentication credentials, which must be protected by the COG. In the
event these credentials are compromised, the COG is expected to immediately contact the IPAWS
Program Management Office. The systems listed below are only allowed to interoperate with IPAWS-
OPEN based on the criteria set forth within the IPAWS-OPEN «'eb Service Interface Design Guidance,
• Everbridge
Everbridge-Nixle MNS provides critical information to residents during emergencies
Function: by sending public alerts for major events for dissemination to W1A/CMAS,EAS,
NWEM and Public Feed.
Location: Burbank,CA; Denver, CO;Amazon West Northern,CA;
Description of data, Data is comprised of emergency public alert messages.
including sensitivity or
classification level:
*Add additional tables as needed.
5
Appendix B
COG Point of Contact Information
Designated COG Primary Point of Contact:
Name: Tracey Porter
Title: Communications Supervisor
Business Email Address: tporter(a cityofukiah.com
Primary Phone Number: 707-467-5727
Alternate Phone Number:
Organization: Ukiah Police Department
Mailing Address: 300 Seminary Avenue, Ukiah,CA, 95482
Designated Alternate Point of Contact:
Name. Sean Kaeser
Title: Police Captain
Business Email Address. skaeserka cityofukiah.com
Primary Phone Number: 707-463-6254
Alternate Phone Number:
Organization: Ukiah Police Department
Mailing Address: 300 Seminary Avenue, Ukiah, CA,95482
Designated Technical Point of Contact:
Name: Michael Ingwell
Title: IT Network Specialist
Business Email Address. mingwell(tucityofukiah.com
Primary Phone Number: 707-463-6209
Alternate Phone Number:
Organization: City of Ukiah
Mailing Address: 411 W.Clay Street, Ukiah, CA,95482
6
FEMA: Integrated Public Alert and Warning System
Open Platform for Emergency Networks (IPAWS-OPEN)
Contact
Contact Name Number Email Address Summag of System Responsibilities
Patsy Garnett 202-646-4629 patsy.garnett@fema.dhs.gov Chief Information Officer,FEMA(Acting)
Craig Wilson 202-212-1523 Craig.Wilson@fema.dhs.gov Chief Information Security Officer
Actin
Mark Lucero 202-646-1386 Mark.Lucero@fema.dhs.gov System Owner
Gary Nam 703-899-6241 Gary.Ham@associates.fema.dhs.gov FEMA PMO -]PAWS-OPEN
Gustavo Barbet 202-212-3586 gustavo.barbetCl,associates.fema.dhs.gov FEMA ISSO -IPAWS-OPEN
Neil Bourgeois 703-732-6331 1 Neil.Bourgeois@associates.fema.dhs.gov FEMA-EADIS IPAWS-OPEN Tech Lead
7
Appendix C
IPAWS-OPEN Rules of Behavior
1.0 INTRODUCTION
The following rules of behavior apply to all persons with application access to City of Ukiah Police Department
Interoperable System(s)and/or who have been issued a COGID with associated credentials for I PAWS.OPEN. These
individuals shall be held accountable for their actions related to the information resources entrusted to them and must
comply with the following rules or risk losing their access privileges.The Rules of Behavior apply to users on official
travel as well as at their primary workplace(e.g., Emergency Operations Center—EOC)and at any alternative
workplace(e.g.,telecommuting from a remote or satellite site)using any electronic device including laptop computers
and portable electronic devices(PED's). PED's include personal digital assistants(PDA's)(e.g. Palm Pilots),cell
phones,text messaging systems(e.g,, Blackberry),and plug-in and wireless peripherals that employ removable media
(e.g. CDs, DVDs,etc.). PEDs also encompass USB flash memory(thumb)drives,external drives,and diskettes.
These Rules of Behavior are consistent with existing DHS policies and DHS Information Technology(IT)Security
directives and are intended to enhance the awareness of each users responsibilities regarding accessing, storing,
receiving and/or transmitting information using IPAWS-OPEN,
2.0 APPLICATION RULES
2A Official Use
• IPAWS-OPEN is a Federal application to be used only in the performance of the users official duties in
support of public safety as described in the National Incident Management System(NIMS).
• The use of the IPAWS-OPEN for unauthorized activities is prohibited and could result in verbal or written
warning,loss of access rights,and/or criminal or civil prosecution.
• By utilizing (PAWS-OPEN,the user of the interoperable system(s)consents to allow system monitoring to
ensure appropriate usage for public safety is being observed.
• EMA's will be held accountable for safeguarding all configuration items and information entrusted to them by
FEMA. EMA's are expected to manage the relationship with supporting vendors, consultants and any other
entities providing system support on their behalf. In addition, EMA's will be held accountable in the event of
a security breach or disclosure of sensitive configuration information such as digital certificates. Each EMA
understands that the use of digital signatures used on behalf of the EMA is binding for the EMA and EMA's
will be held accountable accordingly. In the event sensitive information is mishandled, utilization of IPAWS
OPEN may be immediately revoked.
• If software interoperating with IPAWS-OPEN enables users to geo-target public alert messages by means of
geospatial polygons or circles, then the user shall restrict any such geospatial boundaries so as to remain
within the geographical limits of their public warning authority(or as near as possible),as determined by
applicable state and/or local laws and duly adopted operational plans.
2.2 Access Security
• All Email addresses provided in connection with interoperable system(s)user accounts must be associated
to an approved email account assigned by the users emergency management organization.The use of
personal email accounts to support emergency messaging through IPAWS-OPEN is prohibited.
• Upon approval of the MOA by FEMA,a COG account with COGID and Digital Certificate will be created and
issued to the designated technical representative. All individuals with knowledge of these credentials must
not share or alter these authentication mechanisms without explicit approval from IPAWS.
• Every interoperable system user is responsible for remote access security as it relates to their use of
IPAWS-OPEN and shall abide by these Rules of Behavior.
8
2.3 Interoperable System User Accounts and Passwords
• All users must have a d screle user account ID which cannot be the user's social security number.To protect
against unauthorized access, passwords linked to the user ID are used to identify and authenticate
authorized users_
• Accounts and passwords shall not be transferred or shared. The sharing of both a user ID and associated
password with anyone(including administrators)is prohibited.
• Accounts and passwords shall be protected from disclosure and writing passwords down or electronically
storing them on a medium that is accessible by others is prohibited,
• The selection of passwords must be complex and include:
At least eight characters in length
At least two(02)upper case and two(02)lower case letters
At least two(02)numbers and one(01)special character.
• Passwords must not contain names, repetitive patterns,dictionary words,product names,personal
identifying information(e.g.,birthdates,SSN, phone number),and must not be the same as the user ID.
• Users are required to change their passwords at least once every 90 days.
• Passwords must be promptly changed whenever a compromise of a password is known or suspected.
2.4 Integrity Controls&Data Protection
• All computer workstations accessing IPAWS-OPEN must be protected by up-to-date anti-virus software.
Virus scans must be performed on a periodic basis and when notified by the anti-virus software.
• Users accessing interoperable system(s)to utilize IPAWS-OPEN must:
Physically protect computing devices such as laptops, PEDs, blackberry devices,smartphones,
etc;
�. Protect sensitive data sent to or received from IPAWS-OPEN;
c. Not use peer-to-peer(P2P)file sharing,which can provide a mechanism for the spreading of
viruses and put sensitive information at risk;
Not program computing devices with automatic sign-on sequences, passwords or access
credentials when utilizing IPAWS-OPEN.
Users may not provide personal or official IPAWS-OPEN information solicited by e-mail. If e-mail messages are
received from any source requesting personal information or asking to verify accounts or other authentication
credentials, immediately report this and provide the questionable e-mail to the Local System Administrator and/or the
City of Ukiah Police Department Help Desk.
• Only devices officially issued through or approved by DHS, FEMA and/or approved emergency management
organizations are authorized for use to interoperate with IPAWS-OPEN and use of personal devices to
access and/or store IPAWS-OPEN data and information is prohibited.
• If a Blackberry, smartphone or other PED is used to access the interoperable system(s)to utilize IPAWS-
OPEN,the device must be password protected and configured to timeout or lock after 10 minutes of
inactivity.
• If sensitive information is processed, stored,or transmitted on wireless devices, it must be encrypted using
approved encryption methods.
9
2.5 System Access Agreement
• 1 understand that I am given access to the interoperable system(s)and IPAWS-OPEN to perform my official
duties.
• 1 will not attempt to access data: information or applications I am not authorized to access nor bypass
access control measures.
• I will not provide or knowingly allow other individuals to use my account credentials to access the
interoperable system(s)and IPAWS-OPEN_
• To prevent and deter others from gaining unauthorized access to sensitive resources, I will log off or lock my
computer workstation or will use a password-protected screensaver whenever I step away from my work
area,even for a short time and I will log off when I leave for the day.
• To prevent others from obtaining my password via'shoulder surfing', i will shield my keyboard from view as
I enter my password.
• I will not engage in,encourage,or conceal any hacking or cracking,denial of service,unauthorized
tampering,or unauthorized attempted use of(or deliberate disruption of)any data or component within the
interoperable system(s)and iPAWS-OPEwN.
• 1 agree to inform my Local System Administrator when access to the interoperable system(s)and/or IPAWS-
OPEN is no longer required.
• I agree that I have completed Computer Security Awareness training prior to my initial access to the
interoperable system(s)and IPAWS-OPEN and that as long as I have continued access, I will complete
Computer Security Awareness training on an annual basis.
2.6 Accountability
• I understand that I have no expectation of privacy while using any services or programs interoperating with
IPAWS-OPEN.
• I understand that I will be held accountable for my actions while accessing and using interoperable
system(s)and IPAWS-OPEN, including any other connected systems and IT resources.
• I understand it is my responsibility to protect sensitive information from disclosure to unauthorized persons
or groups.
• I understand that I must comply with all software copyrights and licenses pertaining to the use of IPAWS-
OPEN.
2.7 Incident Reporting
• I will promptly report IT security incidents,or any incidents of suspected fraud,waste or misuse of systems
to the Local System Administrator and/or the City of Ukiah Police Department Help Desk.
10
3.0 IPAWS-OPEN Rules of Behavior Statement of Acknowledgement
l have read and agree to comply with the requirements of these Rules of Behavior. I understand that the terms of this
agreement are a condition of my initial and continued access to City of Ukiah Police Department Interoperable
System(s)and IPA WS-OPEN and related services and that if 1 fail to abide by the terms of these Rules of Behavior,
my access to any and all IPA WS-OPEN information systems may be terminated and I may be subject to criminal or
civil prosecution. I have read and presently understand the above conditions and restrictions concerning my access.
Name(Pint): C.
Signature: Date:_10 -36) • i O
11
Emergency Management Institute
h
w
ND S�G�4
FEMA
This Certificate of Achievement is to acknowledge that
TRACEY A PORTER
has reaffirmed a dedication to serve in times of crisis through continued
professional development and completion of the independent study course:
IS-00247.a
Integrated Public Alert and Warning System
([PAWS)
Issued this 3rd DDav o------/---October, 2018 n `
Actingteven P. IICiIIiCl�ef
�'.:y� Acting[lepm� Supeeinlendent
0.2 IACF T CFU UEZE00= I:menzenc% \lawk,"cmelit hStittlie
Emergency Management Institute
AT
ry �
O
�r��q ND S�GJ4
FEMA
This Certificate of Achievement is to acknowledge that
TAMI M BARTOLOMEI
has reaffirmed a dedication to serve in times of crisis through continued
professional development and completion of the independent study course:
15-00247.a
Integrated Public Alert and Warning System
(I PAWS)
Issued this I Ith DaY of MaY, 201 S ltkyT
SteE Act en g D I lei%lechcr
1i'�-°� Acting[) put} tiaperi�itendcitt
+1? IACET CGU � lancrurnc% N[annyentcnt 111>titute