These are the detailed bomb threat procedures for a U.S.-based non-profit organization that promotes environmental activism and causes. A bomb threat procedure was drafted after the organization received a threat.You are free to use or adapt this sample policy, which was contributed by the security community, for use in your own organization (but not for re-publication or for-profit use).Reporting a bomb threatRemain calm. Do not alarm other employees.If threat is by telephone:Keep the caller on the line for as long as possible. Be polite and show interest.Ask:Location of bombTime set to explodeWhere is the bomb located?What does it look like?What kind of bomb is it?What will make it explode?Did you place the bomb? Yes NoWhy?What is your name?Do not hang up, even if the caller does. Not replacing the handset enables the call to be traced.If possible, write a note to a colleague to call the authorities or, as soon as the caller hangs up, immediately notify authorities yourself.If your phone has a caller ID display, copy the number and/or letters on the window display.Note:Caller’s voice and accentBackground soundsEstimated age of callerTone of threatIf a suspicious object or package is found:Do not touchKeep areas clearContact authoritiesSigns of a suspicious package include:No return addressExcessive postageStainsStrange odorStrange soundsUnexpected DeliveryPoorly handwrittenMisspelled WordsIncorrect TitlesForeign PostageRestrictive NotesIf threat is by letter:Do not handle more than necessaryWhere possible, the item should be placed into a plastic pocket to preserve any physical evidence.When contacting authorities:Do not use mobile phones or other electronic equipment that may trigger a device.Turn off mobile phonesSecurity bomb threat assessment:Where possible, a threat assessment team shall communicate and consider the information available, assess the legitimacy of the threat and determine the course of action. Where concerns for safety exist police shall be notified and requested to attend, manage the incident and investigate.Evacuation:(Company name) may through its security management direct the evacuation of any building, area or part thereof and/or request a search of the area be conducted by suitably trained security and/or emergency services personnel.Employees and visitors should be prepared to evacuate and await further instruction from security.Evacuate the building as instructed to do so by the emergency personnel.Persons may be asked to remove all personal belongings, such as bags and briefcases when evacuating.Incident recordingA Security Incident Report will be completed for ALL reported threats. Get more sample security policies from CSO. Related content brandpost How an integrated platform approach improves OT security By Richard Springer Sep 26, 2023 5 mins Security news Teachers urged to enter schoolgirls into UK’s flagship cybersecurity contest CyberFirst Girls aims to introduce girls to cybersecurity, increase diversity, and address the much-maligned skills shortage in the sector. By Michael Hill Sep 26, 2023 4 mins Back to School Education Industry IT Training news CREST, IASME to deliver UK NCSC’s Cyber Incident Exercising scheme CIE scheme aims to help organisations find quality service providers that can advise and support them in practising cyber incident response plans. By Michael Hill Sep 26, 2023 3 mins IT Governance Frameworks Incident Response Data and Information Security news Baffle releases encryption solution to secure data for generative AI Solution uses the advanced encryption standard algorithm to encrypt sensitive data throughout the generative AI pipeline. By Michael Hill Sep 26, 2023 3 mins Encryption Generative AI Data and Information Security Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe