Applied Business Continuity during real life crisis @ STIB ... · Applied Business Continuity...
Transcript of Applied Business Continuity during real life crisis @ STIB ... · Applied Business Continuity...
Applied Business Continuity during real life crisis @ STIB-MIVB: Belgium 22 March 2016
Challenges, benefits and valuable ‘side effects’ of business continuity management
Koen Luykx – Business Continuity Manager @ Belgocontrol – former Business Continuity manager @ STIB-MIVBContinuation Training seminar 26/10/2017
Agenda1. Business continuity management
• Basic principles
• A strategic management objective
2. Implementing BCM in public services
• Pretty straight forward at first sight
• Desired level of control?
• Levers to implement “second line of defense” – activities
• Points of attention for succesful implementation of BCM
3. Implementing BCM in STIB-MIVB
• Company profile
• Trigger to implement BCM
• BCM implementation in STIB - initiatives
4. Risk analisys on terror threat
• A raising concern
• Being aware of vulnerabilities
• Multidisciplinary cooperation
• Recommendations
5. Terror attacks – Brussels 22/03/2016
• No surprise
• How the organisation responded
• Long term effects
• Never waste a good crisis 2
1. Business Continuity ManagementBasic principles
Time
Service
Level
Normal Level
of Service
Minimum Level
of Service
Loss of Service
Objective
Time
Max Time
CMP Continuity Recovery
Time normal level
Objective:
• Less incidents
• Reduced impact
• Faster recovery
3
• SLA with stakeholders
1. Business Continuity ManagementA strategic management objective
Business continuity management is about:according to ISO22301
Understanding how value is (and will be) created and maintained
Understanding vulnerabilities and dependancies in delivering that value
Increasing organisation’s ability to absorb, respond and recover from disruptions to its value
creating activity, to safeguard its reputation as well as the interest of its key stake holders.
How to translate this to an organisation’s reality?
That’s where the fun starts! 4
2. Implementing BCM – in public servicesPretty straight forward at first sight …
providing quality,
efficiency &
innovative services
…
No legacy
acceptance!
Company Mission,
Vision & Strategy
Safety is
primary objective!
Fix basics first!
Priority setting …
No disruptions to
critical services!
Flexibel & participatory
organization
…
Reliable & efficient
service provisioning
Personal
Opinions &
Emotions
Trade-offs
…
Long term investment
versus short term
mandate
Social peace
@ all price
Responsibility
versus authorityWhat’s in
it for me?
Personal
liability?
5
2. Implementing BCM – in public servicesDesired level of control?
Always too much
&
Never enough
No legal obligation, no hard compliancy requirements, high investment & time consuming for low probability risks …
High customer expectations, increasing awareness of vulnerabilities and fear for heavy service disruptions, corporate
ambition for being a reliable service provider, …
6
2. Implementing BCM – in public servicesLevers to implement ‘second line of defense’ - activities
• Compliancy requirements
Legal framework / professional league / international standards / …
• Commercial pressure
Globalisation / extended liberalisation (Uber) / compelling events (Brexit, data protection, …) / loss of monopoly / …
• Heavy failures/accidents
Never waste a good crisis …
• Supplier requirements
Could be ‘forced’ via (public) tendering process
7
2. Implementing BCM – in public servicesPoints of attention for succesful implementation of BCM
• Company culture
‘how we do things around here’, norms and values, tone @ the top, learning/blaming environment …
Align with company profile (do-er / think-ers, flat / vertical, formal / informal, …)
• Pace of implementation
Choose the battles carefully / implement gradually / apply change management techniques
Accept the fact this will be a long lasting organisational transition
• Anchoring the discipline in core business
Apply BCM as response to real business needs, make implementation a joint effort
Avoid theory owned by methodologist ( ‘perfect world on paper’) , … spread knowledge & ownership!
• Build on achievements
Evaluate existing maturity to determine next steps, build on existing grounds
Illustrate added value of BCM through improved performance / spread successes
8
Some numbers
Challenges
Organization
3. Implementing BCM in STIB – MIVBCompany profile
• Public entity charged with the public transport operation in the Brussels-Capital Region
• Administrative autonomy under the auspices of ministry of mobility (by 5-year contract)
• Mission : Offer the most appropriate transport solution in Brussels, with a competitive travel time, an affordable price and with adequate safety and comfort conditions
• Vision : To be the preferred mobility solution in Brussels
• 8295 employees – multicultural environment
• More than1 million trips per day (70% increase over 10 years)
• 66 metros, 397 trams, 702 busses ; 45,6 M. km travelled
• 69 underground stations, 2197 levelground stations
• Annual energy consumption high voltage (36KV) close to 250.000.000 KWh (>70K falimies)
• Public tendering: + 800.000.000€
• Ridership challenges : 20% increase (415 million trips) by 2017
• Public transport offer challenges : important investments in infrastructure and in rolling stock
• Internal challenges : increase productivity, recruitment and transfer of know-how
Travelers
2016
9
3. Implementing BCM in STIB – MIVBTrigger to implement BCM in STIB – MIVB: Heavy rail accident , Buizingen 2010
Belgium, Buizingen 15/02/2010 08h28
Lateral collision between 2 opposite trains
19 people died, 162 got injured
Parliamentary committee of inquiry has
revealed technical shortfalls as well as
organistional issues (degraded safety cuture)
as underlying causes.
Concern for possibility of a similar
catastrophe in the Brussels PT network was
a trigger for implementing ERM (2012) end
BCM (2013) in STIB - MIVB
10
• Structuring crisis management
The killing of an employee by traffic aggression on 7/4/2012 disclosed lack and need of structural crisis management
• Duplicate dispatching center
A ‘what if’ - analysis caused an increased awareness of impact on core business of losing this functionality.
• BCP for black out scenario
Increased dependancy of green energy production techniques is disturbing the balance production / consumption
Loss of nuclear power plant after sabotage caused fear for power shortage and a black out in winter 2014 - 2015
• Risk analisys on terror threat
Increased terrorist activity and new trends in terror attacks observed
Public Transport has the perfect ‘soft target’ profile that terrorists were/are aiming at
3. Implementing BCM in STIB – MIVBFirst initiatives of BCM implementation in STIB - MIVB
11
BCM initiatives - Structuring Crisis managementprepare for the unknown
• Define tresholds for Crisis Management activation
• “Score card” : Department / transport mode / company wide
• Define an activation process for Crisis Management
• Roles & responsibilities
• Set up a Crisis Management team
• Considering existing hierarchy!
• Develop tools for Crisis Management activity
• Decision making cycle / focus on process rather than on outcome
• Exercise the Crisis Management practice
• Table top exercise
12
Ad hoc Emerging Developing
No defined structure
No defined procedures
Intend is to get the
‘right’ people together if
a crisis happens and
‘deal’ with it
Initial membership
(often individual
names rather than
roles)
Some supporting
documentation (e.g.
contact list)
No (succesful)
exercises
Roles &
Responsibilities defined
Deputies identified and
at least some practiced
Procedures &
supporting information
available & tested
1 or more exercises
completed succesfully
Roles &
Responsibilities in
place and proven
Members & most
deputies have
practiced
Procedures &
supporting information
proven in tests/ actual
crisis
Regular comprehensive
exercises
At least 1 crisis
succesfully handled
Mature
Maturity
Crisis Management Maturity - evolution
Risk level
MIVB2015
Improvising basics structure experience
2014
BCM initiatives - Fall Back Dispatching centerLoss of dispatching function would cause a paralyzing traffic issue in Brussels
• Critical service to the core business - implemented as SPOF
• Monitor & control center for daily operations
• Additional safety layer (dealing with “dangerous anomalies” & POC for emergency services)
• Key element in “top-down” command structure
• Implementation programme > 2 years
• Building technical solution to duplicate all dispatching functionalities
• Creating operational procedures
• Organising training & doing exercises
14
BCM initiatives - BCP for scenario Black outSudden power outage in the Brussels PT network will cause serious safety issues!
• 2014: stability of energy production system under pressure
• Increased dependancy on unpredictable green energy sources (wind / solar / bio-energy)
• August 5 2014: Loss of nuclear power plant after sabotage (Doel4 -1000MW)
(65.000l forced oil drain caused irreparable damage to turbine: 30M€ repair cost + 27M€/month operational losses)
• 2 more nuclear power plants in BE out of service – maintenance (25% of BE production capacity disturbed)
• Fear for black out: most critical periods = winter (Jan/feb) evenings (17h00-20h00)
• Response of public authorities:
• Estimated cost of a Black Out in Belgium on a normal working day : 120 Mio €
• Treath of (inter)national black out anticipated by a national disconnection plan
• Response of STIB / MIVB: composition of a BCP > 1year
• Agreement on a company position and approach for the plan
• Complete review of underground infrastructure (power backup for critical functions!)
• Creating continuity procedures
• Organising training & doing exercises (-communication part)
15
FULL
POWER
HALF POWER(STIB: 5MW / connection Elia = 25 MW)
NO POWER
Scénario 1 ‘sudden unexpected Black Out’Basics of the business continuity plan
Metro / Tram:
Evacuation vehicles
Evacuation stations
Clearing tunnels
Metro / Tram:
Recuperation vehicles -> garage
Prepare operations for the next day
Tram:
Free public cross roads
• MIVB uses own backup systems to organise safe evacuation
• Elia will deliver 5MW per interconnection point with MIVB within 4 hours (gas power plant)
• This energy will be used to prepare resumption of operations (next day when BO appears in late
afternoon – otherwise resumption of operations will be done the same day)
Busses:
End trajectory in periphery, go to garage
FULL
POWER
Normal
operationsSudden interruption
of operations
Resuming
operations
Preapring resumption
of operations
T+2h T+6hT+4h T +12h
16
Scénario 2 ‘Black Out after disconnection’Basics of the business continuity plan
FULL
POWER
FULL
POWER
HALF POWER( 5MW / connection Elia: 25 MW)
NO POWER
• Disconnection per zone will be announced 24h upfront (Min. internal affairs) T1 -24h
• No national railway operations on a ‘disconnection day’!
• Bruxelles is not included in the disconnection plan
• STIB could continue operations but the risk of total black out increases! – scenario 1 to be avoided!
DISCONNECT
evacute
securing
unblocking #
Recuperation vehicles
Prepare operations for
the next day
Normal
operations
Normal
operations Operations STIB?
T1 -24h T1 T2 T2 +2h T2 +4h T2 +6h T2 +12h
Announcement
of zone x power
disconnection
due to scarcity
Zone 1
Zone 2 Zone 3
Zone 4
Zone 5 Zone 6Preapring resumption
of operations
Cease of
operations
500 MW
500 MW 500 MW
500 MW
500 MW 500 MW
Cease of operations Metro / Tram between 17.00 et 21.00h
in case more than 4 zones are disconnected
worst case:
17
4. Risk analysis terror threat – initiated december 2014
A raising concern …
• Social observations:
• IS exclaiming the caliphate 29/06/2014
• Increasing number of terror attacks on ‘soft targets’ – everyone is threatened
• BE participating in international aliance against IS
• Increasing flow of refugees coming to EU
• Public transport as ‘traditional target’
• Madrid 11 / 03 / 2004
• London 07 / 05 / 2005
• WEF Global risk report 2015 - risk trends
• Increasing national sentiments
• Increasing polarisation of societies
• Shifts in power
• Rise of hyperconnectivity
• Rising geographic mobility18
WORLD ECONOMIC FORUM: Global Risks 2015 - The Global risk landscape
Terrorist attacks
Cyber attacks
WEF identifies Terrorism
and cyber attacks as
important risks
WEF 2015 -
Global Risks
19
4. Risk analysis on terror threatBeing aware of vulnerabilities
• Inherent vulnerabilities of underground public transport
• Open system (free access for all)
• Large & complex netwerk structure.
• High concentration of people according to a predictable pattern (rush hours)
• Underground infrastrucure & shopping centres – complicates emergency interventions
• Brussels EU capital (some subway stations carry politic sensitive names)
• Operational vulnerabilities
• Many technical / critical rooms in the field
• PT operation calls for multidisciplinary cooperation and coordination (internal & external),
interventions of third parties are hard to control
• Permanent supervision of complete undeground infrastructure is complex
• Shared controle in case of intermodality with national railway operations
• Degraded security through multiple construction sites
• Large workforce to keep ‘readiness’ of all staff high at all times20
Count of risks Probability
Impact 1 2 3 4 5 Grand Total
5 44 15 13 1 73
4 3 4 1 2 1 11
3 6 10 2 3 21
2 9 1 1 2 13
1 9 2 3 14
Grand Total 71 30 18 10 3 132
• Objective of the risk assessment
• Identification & analysis of main risks
• Evaluate existing measures & estimate residual risk
• Make recomendations for additional protective measures
• Inform TOP Management
• Create a basis for discussion with public security services (OCAD)
• Result of the analysis:
4. Risk analysis on terror threat - with experts & stakeholders
Result of several multidisciplinary workshops
21
STIB has no influence on
terror threath(broad social context)
STIB can’t control the
inherent vulnerabilities of
the (pre) metro system
Reactieve measuresPreventieve measures
Decrease organisational
vulnerabilities
STIB has only a limited
influence on the direct
impact of terror attacks
Increase capacity to react
(efficiency in response)
4. Risk analysis on terror threat – Recommendations
What can STIB do to reduce the risk of a terror attack or to reduce the impact thereof?
22
5. Terror attacks - Brussels 22/03/2016didn’t come as a surprise, still couldn’t be prevented …
people killed people injured
• 24/05: Brussels - shooting @ jewish museum : 4
• 29/06: IS exclaiming caliphate
• 07/01: Paris – attack on Charlie Hebdo : 12 11
• 18/03: Tunis – attack on Bardomuseum : 23 dozens
• 26/06: Lyon – attack on gas power plant : 1 (beheaded) 2
• 26/06: Sousse – active shooter on beach: 39 dozens
• 13/11: Paris – attacks on Bataclan & Stade de France: 130 dozens
• 21/08: Brussels – Brussels attack on Thalys, distorted by passengers / 3
• 22/03: Brussels – attack on airport & metro 34 (14 & 20) 340
• 14/07: Nice – attack with truck on Promenade des Anglais: 84 dozens
• 19/12: Berlin – attack with truck on christmas market: 12 48
• St Petersburg / Stockholm / Manchester / London / Barcelona / …
2014
2015
2016
2017
23
9h10: explosion in metro @ Maalbeek• Crisis Management activated• Immediate cease of operations• Support multidisciplinary
intervention• Underground evacuated within 30’
according to black out plan
8h00: 2 explosions @ the airport• STIB immediately informed• Securing busline 12• Railway police requesting
‘increased state of readiness’• Activation national emergency
plan
24
• Service impact
• Underground evacuated in 30’ – according to black out plan
• Recall & return of all tram vehicles completed in 1h42’
• Immediate cease of all bus operations after Maalbeek explosion
• Degraded mode
• Bus operations resumed later that day – NOCTIS plan (night operations)
• Normal bus operations resumed next day + shuttle service replacinginterrupted metro line
• Recovery phase
• Reopening of subway stations according to capacity for permanent military surveillance (it took several days before all subway stations reopened …)
5. Terror attacks - Brussels 22/03/2016How the organisation responded
25
Passengers shifting
from Metro to Tram & Bus
Tram & Bus are more vulnerableto black riding
Huge decrease
of income
5. Terror attacks - Brussels 22/03/2016Long term effects …
Number of flights EBBR
Macroeconomic impact:
Estimated between 0.2% - 0.5% of gross national product
NBB: 0,2% of GNP (excluding expectedgrowth 2016 +1.2%)
BE enterprise federation 0.57% of GNP (2,4 billion loss 15/11/’15 – 15/11/’16)
26
Administrative autonomy under the auspices of ministry of mobility
for public service provisioning during crisis ?
• Further development of degraded mode scenarios to facilitate –external- decision taking
• Close 1 tunnel
• Close 1 station
• Close x stations
• Close 1 line
• Close 1 transport mode
• Cease all PT operations
• Define command structure for accepting external commands …
5. Terror attacks - Brussels 22/03/2016Never waste a good crisis
27
Optimism is a moral obligation
being prepared a protective duty
“Protecting the present to safeguard the future”
28
29
Thanks