1 3 rd Miracle Conference: Summary Report October 30 th, 31 st, and November 1 st The Netherlands, 2013 Social Engineering for Emergency Management: Transforming the work of critical infrastructure protection and resilience (CIP/R) through cooperation. Organisers: Veiligheidsregio Kennemerland (VRK), Postbus 5514, 2000 GM Haarlem Rapporteurs: Rob Peters, Frank Wilson : Summary version Nov 8 th (Point of contact: Overview. The conference was held in the context of the MIRACLE project and programme of work (www.miracle-fp7.eu), and was originally designed as a one-day event to allow examination of the early views of critical stakeholders participating along with project partners. This focus and scope was extended and elaborated, due to the wider interest and enthusiasm of stakeholders. Expansion allowed the MIRACLE initiative to more rapidly explore the key themes of its study through presentations by stakeholders, open discussion, collaboration to investigate identified issues, plus a variety of workshops, round tables, video recorded interviews, and key CIP/R site visits for development of contacts for in-depth investigation in future. The conference attracted more than 160 participants from Europe and overseas. The feedback during the event shows that the successful organisation and facilities ensured exposure to ideas, current practice, and operational pilots of critical infrastructure protection in a way that has stimulated debate and exchange of experience in fulfilment of the conference objectives. The conference, despite being the first MIRACLE project workshop, was entitled the 3 rd conference in recognition of the fact that MIRACLE is an initiative designed to continue the work of the critical infrastructure protection community who previously established the basis of the Europe-wide study via conferences in Milan 2011, and then Edinburgh The on-going work of this group is accelerated and further elaborated by the conference summarised in this brief report. Note: this report presents proceedings and discussion at a general level, then extracts ideas and issues arising. Potentially sensitive information shared by security professionals at the conference is not included in this public document, but was noted by the research team as a basis for follow-up interviews and case studies.
2 Critical Infrastructure Protection and Resilience (CIP/R) Summary. Day 1: Location - Madurodam, The Hague. Opening Addresses and Orientation: Martin Madern, Crisis Management Advisor Paolo Trucco: Miracle Project and FPM The conference was opened with an overview of Miracle and its objectives. The key aims shared with the European Commission CIPS/ISEC programmes in supporting MIRACLE are to understand: - The characteristics and the added value of regional CIP/R strategies and programmes? - How to build on these existing initiatives following EPCIP subsidiarity and complementarity principles? - How to promote and support regional CIP/R strategies and programmes in the EU? The study will support Multi-level Alignment of Regional Approaches to Critical Infrastructure Resilience by Learning from Experience (MIRACLE). The opening discussion highlighted the role of business and citizens as active partners in Resilience. Bert van de Velden, Director VRK and Regional Public Health Bert introduced the region and the rationale for being in Madurodam, The Hague (Netherlands in miniature). The general organisation of Dutch crisis management was presented, along with its specific safety regions. The formation of a single national police service (2013) and 25 safety regions were described, showing operational and informational integration of Police, Fire Dep. & Ambulance who share a Regional Risk Profile, Regional Policy Plan, Regional Crisis Plan (nationally uniformed), and regional cooperation in municipal crisis management (planning, training & exercise). The essential features are open dialogue, cooperation, equivalence, openness, trust & transparency. These rely on clear identification of each agency s own role, strengths, discipline, mutual respect, and leadership. The challenge for European discussions, beyond the MIRACLE project, is to identify how and in what direction each of us is going to make a difference in Resilience (Professionally, Personally, Organisationally, and within our Network and Community). Partnership in The Netherlands is seen as a sustainable connection of Roles, Responsibilities, Strengths, Opportunities, and identified Limitations. This is not a threat for identity but a strengthening. Resilience is about Defensibility, Independence, Flexibility, and Society bouncing back after an incident. Linda Bouw: Haarlemmermeer Municipality The presentation reflected on major disasters faced by Dutch society in the past, lessons learned, and their relevance to a society affected by global changes in weather. Responsibility for The Netherlands crisis management is localised via municipalities, and supported by 25 safety regions in which all safety services are integrated and collaborative in prevention and control. The roles of the Mayor, Policy Team, Operational Teams and Task teams were characterised and explained. The case presentation of Schiphol showed it to be equivalent to a small city, with 136 thousand
3 passengers per day using over one thousand flights. The integrated and interdependent critical services of flight, public transport, public health, fuel, electric power, food provisions, road and rail transport, and others were demonstrated to be dependent on a collaborative approach to critical infrastructure protection and resilience involving a wide variety of stakeholders. During the interactive session, key contacts were introduced to project partners for further collaboration in Miracle research. Bernhard Jens: Utrecht Police Department The work of the Utrecht police department was presented and illustrated via a case involving lost children at risk. A film was shown illustrating the case with life media material covering those days (see conference website). The role of the citizens and citizen groups in resilience was explored by examining historic data from this case and others to show how partnership with citizens can be beneficial but carries risks of interference with formal investigations. Citizen reaction and information sharing, especially via social media, were discussed and shown to require careful management and validation of emerging information of potential relevance to crisis management and resilience organisation. It was noted that The Netherlands has a strongly citizenled culture, with a strong and active voice for citizens and citizen groups. This was also demonstrated in presentation of the experience during fires in Leeuwarden. Four persons from the fifteen-person communication team were assigned to monitor social media in crises as described, and the self-organising activities of citizens were characterised and show a need to recognise this social phenomenon and to integrate it as part of a resilience strategy. Interactive Session The conference further discussed the preceding presentations and issues arising, and were led in debate by David Bamaung and Margaret Nicoll from Scottish Government. Partnership and collaboration were strongly emphasised, and the idea of regional resilience was explored. The idea of region was seen to have a formal dimension derived from organisation by public agencies, and also a flexible dimension based on the affected area determined by events. The problem of sharing sensitive information was highlighted, along with the need for protocols for crisis response that are flexible in meeting emerging regional focus and involved stakeholder groups. Exercise in Risk Profiling and Interactive Session The conference participants took part in an exercise in risk profiling by forming small groups to survey the Madurodam (The Netherlands in miniature) where all key infrastructures are represented in a novel geographical layout (rail, canal, docks, airport, chemical plant, government, housing, etc.). They used a common scheme for risk assessment and each group developed its own risk assessment profile and issues. The interactive session allowed presentation of group findings and discussion of CIP/R issues arising. Examples such as a potential ferry disaster showed that the challenges can go far beyond the capacity of emergency services, as do the consequences. The various options for wider stakeholder collaboration were debated in several cases, and ensured conference awareness of the scope of CIP/R in different contexts.
4 Day 2: Location - Hotel Van Der Valk and CIP/R Study Sites. Opening Address and Orientation Frans Schippers, Director of VRK, and Regional Fire Chief. A profile of Dutch culture and history was presented, showing that its roots in poldering and creative commons demonstrate an inherently collaborative approach, highlighting the need to consider cultural differences in the wider European context of CIP/R. Frans showed how emergency services have taken lessons from large companies to organize and inform further culture change within the emergency services, leading to re-planning of 400 brigades into 25 safety regions using both common and specialized information management and service delivery strategies to meet real needs. The described experience shows tensions between benefits of scale versus locality, distance versus proximity, and the discussion emphasised future refinement to maximize capacity in resilience. Dutch creative ideas inspired from early poldering society through to Habermas and the present were considered as informing the role of emergency services in resilience, reflecting the collective approach of Dutch society. Sharing information for preparation and reaction during crisis is the basis of a poldering organisation. Sharing is based on trust, knowledge, and standards manifested in architecture. Resilience requires reaching out to others, acknowledging unknowns, and learning from each other. Panel Discussion: led by Simon Stenneberg, Information Officer with responsibility for Planning and Training, VRK. Simon presented an overview of the vital partnership programme, designed to engage key stakeholders in CIP/R and overall regional safety. Risks were illustrated and supported by video of flooding events, consequences, and resilience management. Caveats for Dutch water and energy were presented and shown to cover risks, crisis planning and communication, training, partner alignment and regional alignment. A strong message is that resilience has no bosses, only partners. Timing and tasks create 1 st, 2 nd,and 3 rd responders, and these can vary depending on circumstances. There is no simple fixed formula, but a set of effective response patterns tuned to needs. A panel of experts was introduced from Electricity and Gas National Grids, Port Authority, Ministers for Environment and Infrastructure. These experts initiated the debate around issues raised, and openly shared perspectives and future concerns. Chain effects were emphasised (cascade) around Safety Regions, Municipalities, Schiphol, Waterway Locks, Inland Shipping, Vessels, Highways, Waterways, Water Systems (drinking and surface), Electricity Production and Distribution, Gas Storage and Distribution, and Fuel Storage and Supply. It was noted that duration of effects determined cascade (some organisations have limited resilience e.g. hospitals), and experts noted a need to further exchange information with responders to address likely areas of effect (to refine current view of response needs). This can improve preparation to support different user needs and priorities. Discussion also highlighted the need to involve stakeholders not only as recipients of support, but as actors who can apply CIP/R approaches to themselves so as to reduce crisis effects and increase own capacity in resilience. This has implications for Miracle in its increased emphasis on education of stakeholders.
5 Interactive Session In response to the issues raised in the panel session, a wider discussion was held to allow comparison of perspectives. Paula Scalingi reported that the Bay Area of San Francisco has 12 counties and 8 million people at risk of earthquake and flooding. The lack of knowledge on interdependencies indicates risk of cascade effects in future. Mayors have a typically you must approach which may be effective but is highly localised, and so they need to consider other shared models to inform advancement. Culture change has to start now, not when the shock happens, and so preparation of collaborative CIP/R is critical. In response, various conference participants shared perspectives. It was noted that while business contingency planning is well developed, social contingency has responsive citizens but is less well formalized. Initial work uses campaigns such as Think Ahead, Burger Net, NL Alert, etc., and could examine the further integration of these. People can self-organise, but the risk of self-organising the wrong way can be mitigated by training, and exposure to emergency services to understand and improve future collaboration. Carmelo di Mauro of RGS noted that if we know our vulnerability we can prepare. Learning as a group broadens knowledge, and hence preparation capacity. Simply asking for more safety services can be replaced with improved self-reliance, awareness of different group capacities, and ways to cooperate. MIRACLE Study Presentation. Representatives from the Scottish Government/Police Scotland team presented on the ongoing research being undertaken by Scotland, and RGS in Italy, regarding their part of the Miracle Project. They provided participants with a briefing pack and information gathering template which explained what they were trying to achieve. The form was structured to capture status, opinions and views on a set of specific CIP/R topics. Each was described and discussed. It was acknowledged during the session that Resilience had a different meaning for different individuals. The issue of Public-Private Partnerships was also discussed, where the key issue was basically collaboration between organizations. Emphasis was also placed on the topic of Resources and People and respondents to the survey were asked to identify the People Risks in their organizations, which could potentially lead to the threat from insider attack. Participants were invited to provide their responses on the information gathering template contained in their briefing pack, to either David BaMaung or Margaret Nicoll during the conference. The information-gathering template will also be ed to them after the conference. Plans have been made for the Scottish Miracle team to return to Holland in March 2014, where they will conduct follow-up interviews and focus groups with selected individuals who have been identified at the conference and by other means. Visit to TATA Steel The group was transported to TATA steel where the visit was initiated by a presentation from TATA on its business process and CIP/R approach. Planning for emergency is a continuous process as knowledge develops and as stakeholder relationships progress. All markets are growing and production is in high demand. Processes have been automated with distance control to improve internal safety. The plant is surrounded by municipalities, and so focus on risk reduction is paramount. Re-usage of all waste materials in other industries removes environmental impact, and re-cycling and treatment of water ensures no impact from effluent. Risks of plant or
6 process failure have been modelled and CIP/R strategies determined for all current processes. Nonetheless, partnership with regional emergency services work on what-if scenarios to ensure internal and external resilience have been modelled, studied, and exercised to ensure all stakeholders have maximum response capability. Process safety is based on process design and process understanding, and sharing this with CIP/R partners ensures they are fully conversant with hazards, risks, scenario thinking, training, exercises, and emergency plans. This approach equips security services to maximise their effectiveness as partners in resilience, and a continuous audit and review process ensures ongoing conformance by all parties. This approach to partnership between TATA and the external stakeholders was seen to have potential for other CIP/R partnerships. Peter de Bruijn: Studio Veiligheid: Smart Connections Arie Duinveld, TATA Crisis Manager A presentation was provided on Smart Connections (Slim Verbinden). TATA produces 1 million litres of gas per hour and uses controlled cleansing to remove CO / CO2 and other unwanted by-products. The blast furnace pipe is 3 km long and 3 meters in diameter, and presents the greatest safety challenge. Previously there were 2 alarm control rooms, 2 gas diffusion models, plans for actions inside/outside TATA, and 2 communication protocols. These are now unified with a common alarm control room, a single gas diffusion model, a concerted regional action plan, and a single unified communication protocol. As a result the regional CIP/R strategy and plans around TATA are consolidated and under constant refinement to meet any process or plant changes. Achieving a robust CIP/R approach has required trust based on shared knowledge and joint activities to ensure understanding. The procedures and semantics are shared, and the agreement (procedures, protocols etc.) is built into the information architecture. Shared information is based on declared business rules (e.g. alert vehicles moving into an affect area), and so a clear audit trail is available. This collaborative approach reduces alert times, increases detail in the common operational picture (COP), reduces risk, and enhances the partnership capacity for response and resilience. Later discussion suggests the model is transferable and scalable to support any situation willing to explore such an ecosystem approach for protection of social and economic interests. The film of Sail 2010 was then used to demonstrate how the underlying model had been explored by VRK and Studio Veiligheid in its development phase, whereby transponders on all sailing craft and emergency vehicles, linked to a centralised control room, were shown to allow a rapid and effective response when a sailor suffered heart problems on board ship crisis averted. Visit to Schiphol Airport: DISASTER Pilot Experiment: Rob Peters, VRK The conference visited Schiphol airport to view a live experiment of emergency management system (EMS) interoperability. In preparation, the background was presented by Rob Peters and Mario Schoonderword from VRK, along with several key actors in the airport resilience process. It was noted that The Netherlands crisis management norms were established in 2006, and since then Information Management has been a key topic in preparation, response, protection and resilience. Since 2009 a standardised approach has been adopted (process and responsibility), and the polder crash at that time illustrated the need to share the COP, to manage information overload, and to deploy information managers in all crisis teams.
7 The Schiphol crisis manager Rene Verjans presented the operations of the Tower, Emergency Control Room and Safety Services, and showed how they are linked to the regional crisis centre (MICK) and the emergency services. The resilience model was illustrated and showed that all actors have clear roles, chain of command, and specific tasks. Within the hangar used as the observer base, all command systems and information systems were mirrored, so that participants could see the various information screens and camera views used by the actors described above. In addition, the new middleware platform could be seen as it controlled exchange of critical information during the demonstration. The demonstration scenario was an airplane collision with the hangar after brake failure. Victims were present in the process for realism. The complete procedure from initial alert, through observation of approaching emergency vehicles, to responder actions at the crash site, were all observed via the information systems and live video feeds. These feeds included the interior of the COPI (on site emergency command), Schiphol emergency control centre, and Haarlemmermeer regional control centre. The live exchange of information between the various emergency systems was seen as the process unfolded, and discussion with the participants afterwards allowed conference attendees to fully explore and understand the CIP/R implications of enhanced information exchange, preparation, and joint response. Day 3: Location - Cultuurgebouw Haarlemmermeer, Hoofddorp Opening Address and Orientation 1: Theo Wetterings, Mayor of Haarlemmermeer (Home to Schiphol Airport) and Vice Chairman of the Board of VRK The polder crash of 2009 saw 9 people die, and 120 injured people assisted by around 27 citizens. When emergency services arrived, only 7 people were still trapped, and so self-reliance is evident in Dutch society, but we must monitor in case errors are made, and help with training and coordination where possible. Where a working structure has formed we should acknowledge it because re-organisation can be counter productive intervene only when necessary. Some are not self-reliant, such as children, disabled or older people, and so have priority. Orientation 2: Eveline Rutten-Teuben, Director of Operations, VRK Several ways to organize despite protocols were presented and illustrated through examples. Responder flexibility can be achieved by accommodation of citizens actions, and by acknowledging their role as active partners in safety. CIP/R is not only about Government and Business relationships, because in most historical disasters around the world we have seen the community take part, along with responders and service providers, in protecting and restoring the facilities we depend upon. We can elaborate our planning and exercises to include a perspective of active citizens (knitting metaphor) so that all useful resources are brought together in a harmonious effort (paradigm shift). Paula Scalingi, San Francisco Bay Area Centre for Regional Disaster Resilience Paula presented the situation in the USA where she has worked for 18 years on promotion of resilience, and openly shared the reality that stakeholders are, in general, still not working together as a unified force in CIP/R. All levels of government,
8 utilities, business, NGO, and community/faith groups have some degree of involvement in discussion through the large list of forums presented. Paula presented a list of features of the US debate on resilience approaches. And these were seen to echo many of the conference topics (resilient people, strategies for involving communities, using social media, cascading impacts, etc.), suggesting a significant overlap of concerns between USA and Europe. Organisations such as RC3 (http://rtriplec.files.wordpress.com) continually encourage debate and awareness, and their toolkit (October 2013) reveals this orientation. Engagement is not shown yet to involve much formal planning and agreements between stakeholders. The All Hazards Consortium (http://www.ahcusa.org/) does list private sector participants with integrated planning programs, although these programs are not presented, and so comparison of progress on collaboration remains unclear. Stakeholders are encouraged not to stay in their own lane and so the imperative to collaborate more formally is already evident. Barry van t Padje, Business Intelligence and Resilience, City of Amsterdam The transition towards resilient communities was presented, and changes have been seen in the move towards welfare state where all concerns receive more equal consideration. In a participation society people and organisations are responsible, meaning we accept and trust they will support and act when needed. However some organisations still do not communicate with citizens until risks become evident (lack of preparation). Facilities such as Watdoeje (http://www.watdoeje.nl) for reporting hazards, and Risicokaart (http://risicokaart.nl) for displaying risks to citizens illustrate some of the exchange mechanisms (several others were presented here and elsewhere at the conference). However, a resistance by some organisations to tell citizens about risks is identified and still has to be solved. Curiously, safety professionals are more likely to share information than communication professionals, yet resilience communication helps create resilient organisations and societies. Security services are part of the emergent reliance organisations in real crises, and so we should acknowledge good examples of constructive collaboration to encourage wider learning. In the polder crash, some first responders did not acknowledge the work already being done by citizen-responders or offer to assist them. Instead they followed defined procedures that, at that time, did not recognise the role of citizens as we do now. Planning prepares us for the expected improvisation deals with the reality, so long as it has oversight to ensure safety. Carmelo di Mauro, Risk Governance Solutions, Italy The subject of Social Networks and Social Engineering was presented using experiences from Italy, and emphasising that Project Miracle seeks to learn from the experiences of those with some level of success in CIP/R. Studied examples show the regional focus is elastic and not fixed it addresses areas of common concern, and areas of effect. Resilience is the shock-absorbing capacity of a system (organisational, social, etc.), and capacity is created by many stakeholders who determine recovery and continuity. For this reason, interdependencies of infrastructures, organisations and people have to be understood to avoid fragmentation, and to allow planning a strategy for recovery that suits the collaborative partnership getting the right people to do the right things in the right way. Given that disasters have no fully predictable outcome, there is no fixed hierarchy, and yet leadership is required. Only a collaborative stakeholder partnership can prepare, understand each other, and have a flexible approach to leadership to meet circumstances. Collaboration also allows group
9 understanding of what we need, why we need it, when, and how it should be provided. Ed Parsons, Google Geospatial Technology; Google Crisis Response Ed presented the history of Google geospatial data usage, and the new approach to sharing resources (http://www.google.org/ Technology For Social Impact). Information is provided for citizens to help them react to their own problems in times of crisis, and to form an organised response when they choose to do so. Facilities are also used by community groups, security services, and governments, as was seen during Hurricane Sandy for example. Google.org is the non-profit side of Google that seeks to deliver accurate, credible and relevant information, using open standards and facilities for a rapid response. The example of the Haiti earthquake in 2010 showed how information is re-used by others to inform specific communities or to support recovery planning etc. The example of the Sydney bushfires in 2013 (http://google.org/crisismap/2013-nsw-bushfires) also demonstrated how multiple sources are concentrated in one display, with users having control of display layers / content so that they can select what (and whose information) to display. Sharing of views enriches the common operational picture (COP), and Google share much of their code so that people can independently benefit from that approach (http://code.google.com/p/googlecrisismap/). Google believe that sharing of views facilitates self-organisation, and publishing by data owners distributes value to those in need a resilient society. Odd Wagner, Information Management and Policy, Heemskerk, VRK Board member. Mhr Wagner was invited to respond to the Google presentation and it was noted that the benefits of Google.org are evident and welcome to those in need, and we are thankful, yet we still need caution. Google is external to our organisations, and because crowds vote with their feet we cannot be complacent about the on-going position and support of organisations like Google. Because we are planning for crisis we must consider all risks, and loss of access to Google in future could be problematic if we are too dependent. It is helpful that code is open source, and so users are not locked in to processes that are hard to change or replace. Even though we benefit from Google and its non-profit activities, we must be prepared to change if necessary in future. Paul Gelton, National Coordinator on Resilience and Counter Terrorism, The Netherlands Paul spoke about Building Social Networks and Stimulating Resilience. The Netherlands has a continuous cycle of risk assessment and perceived risks are shared via the Risicokaart (http://risicokaart.nl) so that citizens, organisations, responders and government are equally aware, and have a common resource for CIP/R. Government, safety and security service capacity is limited and so a collaborative partnership between government, security services, industry and citizens is required. Citizens are often the first responder, have valuable knowledge and skills, and can be self-organising to an extent, but we recognise benefits and risks. Safety services must learn how to collaborate with them, how to identify their strengths and weaknesses. For example, nurses responding to train crashes have been seen to manage citizen helpers and to get further support from fire fighters arriving later real collaboration. We need to react positively to what is happening and request to
10 help that may mean managing the process or becoming part of it. The tendency to take over command and control may be wrong, and we should assess the on-going response and understand how to become part of it. The Dutch collaborative approach recognises that government represents citizens and acts for them in prescribed ways, but does not replace them. Identifying what government should do (and should not do) allows a clear role in a networked and collaborative society. Round Table Discussion Groups The day finished with a series of round table discussions in parallel (each was run for two rounds to allow attendees to address more than one topic). The discussion areas were situated under the general themes of: - Social Engineering - Social networks - Resilience - Governance - Geo-info - Netcentric Working (e.g. Burger Net) Groups had a coordinator and a reporter to gather inputs and discussions. These reports are compiled separately. Interactive Session Round Table Outcomes - Wrap-up Each of the round table coordinators presented the main findings of their group. The overall programme was discussed and it was generally agreed that the conference was hugely successful in bringing together the key stakeholders in CIP/R from the Haarlemmermeer region, plus National stakeholders and International guest experts on the topic. The approach taken in The Netherlands, and the track of evolution and refinement currently underway, has been shared openly. National and International perspectives have been added and compared, with further support from site visits, exercises, and case studies throughout the three days. The hosts thank all participants for their energy and commitment in ensuring we collaboratively advance the area of critical infrastructure protection and resilience in the context of wider socio-economic security and safety. The MIRACLE project coordination confirmed this summary and indicated it was a great journey into resilience and a perfect mix between key lectures, open discussions and direct experiences. Now we are committed to open these best practices and knowledge to other interested European regions and to involve them in our MIRACLE process. We will arrive at the next MIRACLE workshop in Scotland in 2014 with even more European stakeholders involved, thanks to this good start.
11 Key Messages Identified Resilience is about readiness for, response to, and recovery from challenging circumstances. In society we must pragmatically prepare for, withstand, and recover from natural threats, failure of infrastructure, accidents and deliberate attacks. Resilient societies include government, citizens and socio-economic organisations that show strong features in common. The "poldering society" model summarises a variety of positive social features that ensure resilience. National Policies Ensure Conformance To Best Practice. - recognise all stakeholders and their needs. - codify best practice and arrangements for CIP/R. - encourage standards and interoperability for best information usage. - recognise limits of government and focus on other stakeholders and capacity. Safety Regions Must Be Flexible in Scope. - be flexible in defining "region". - governmental/organisational focus for improvement of governance capacity. - geographical for focus on areas of effect. - multi-organisational for coverage and inclusion of sectors. Integration of Safety and Security Services Improves Capacity. - organisational integration focuses roles, strengths, and tasks. - informational integration must be formalised, but also ready for improvisation. - gains are improved planning, response, and overall capacity. - integrated response needs exercises or common tasks for development. Planning and Training Ensure Good Preparation and Capacity. - planning for collaboration / training for collaboration. - inclusion of stakeholders in planning and exercises. - planning and preparation are continuous adaptive processes. - models of events and effects inform preparation and response. Collaborative Partnerships Increase Capacity. - inclusion of all stakeholders for improved preparation and response. - recognition of citizen roles / needs / and capacities. - loosening of organisational and functional boundaries for better CIP/R. Communications Are Critical. - interoperability of existing information systems helps everyone. - exchange of information for Common Operational Picture (COP) / shared response. - social media can be used to effectively enrich COP with care. - online facilities for citizen engagement can support awareness and feedback. Trust Makes Collaboration Work. - trust is based on familiarity, knowledge and experience (proof). - trust requires active collaboration and shared activities / tasks.
12 Responsibility And Self-Reliance Must Be Recognised. - persons, groups and organisations are responsible. - we need to understand the limits of responsibility. - people and organisations can be self-reliant but are varied. - needs for support can be clarified so highest needs are the primary focus. - citizens are self-organising and can collaborate in Resilience response. - business contingency planning is more developed than social/citizen contingency. - citizens need awareness and training where appropriate. Cascade And Interdependency Must Be Addressed. - critical infrastructures are interdependent - a network. - effects spread (cascade) and so need to be modelled and understood. - modelling improves preparedness and testing through exercises. - stakeholders in different infrastructures need to work together for resilience. Open Information Sharing. - works in circumstances where information helps people to help themselves. - use of multiple sources requires good information management capacity...
+ Sara BOUCHON Carmelo DI MAURO RGS Srl Risk Governance Solutions Project Resilience and Public Private Partnerships 3rd Miracle Conference Resilience October 30th, 31st and November 1st, 2013 Kennemerland
Section A: Introduction, Definitions and Principles of Infrastructure Resilience A1. This section introduces infrastructure resilience, sets out the background and provides definitions. Introduction Purpose
Table of Contents Primary Coordinating Agency... 2 Local Supporting Agencies... 2 State, Regional, and Federal Agencies and Organizations... 2 Purpose... 3 Situations and Assumptions... 4 Direction and
Australian Strategic Policy Institute National Security Dinner West Tower Suite, Level 35, Sofitel Hotel 25 Collins Street, Melbourne 21 August 2008 Introduction Thank you Chris it s a great pleasure to
National Cyber Security Policy -2013 Preamble 1. Cyberspace 1 is a complex environment consisting of interactions between people, software and services, supported by worldwide distribution of information
Comprehensive European Security Approaches: EU Security Programmes Robert HAVAS EOS Chairman of the Board INTRODUCTION the EOS Programmes rationale Why implementing EU Security Programmes / ASPIDA approach?
Communications strategy refresh January 2012 1 c:\documents and settings\mhln.snh\objcache\objects\a654473.doc Contents 1. Introduction p 3 a. SNH: corporate aims and objectives b. SNH and communications
Unit 4: NIMS Communications and Information Management This page intentionally left blank. Objectives At the end of this unit, the participants should be able to: Describe the importance of communications
Enhanced resilience for major emergencies Proven capability solutions to deliver the resilience you need 1 The Alliance Value Proposition Alliance Value Proposition The threat posed today Terrorist threats
Security Risk Assessment Tool Version: (Draft) 24 April 2014 This tool was developed by the ACT Safety & Security Community of Practice (SSCP) for use by ACT Alliance members and partners. 1. Purpose of
National Surface Transport Security Strategy September 2013 Transport and Infrastructure Senior Officials Committee Transport Security Committee 1 National Surface Transport Security Strategy (NSTSS) Foreword
Recommended by Emergency Preparedness Committee: January 26, 2011 Recommended by President s Council: February 11, 2011 Approved by Executive Committee: February 14, 2011 NAIT Guidelines CS1.1 Emergency
COMMUNIQUÉ ON PRINCIPLES FOR INTERNET POLICY-MAKING OECD HIGH LEVEL MEETING ON THE INTERNET ECONOMY, 28-29 JUNE 2011 The Seoul Declaration on the Future of the Internet Economy adopted at the 2008 OECD
EMERGENCY PLANNING EXTRACTION FROM: SAFETY MANAGEMENT SYSTEM FOR MAJOR HAZARD FACILITIES - BOOKLET 3: Part 7.17 An extraction from: Safety Management System for Major Hazard page 1 of 14 7.17 Emergency
10. Lifeline utilities Summary Lifeline utilities are entities that provide infrastructure services to the community such as water, wastewater, transport, energy and telecommunications. Lifeline utilities
Unit 4: NIMS Communications and Information Management This page intentionally left blank. Objectives At the end of this unit, you should be able to: Describe the importance of communications and information
INTEGRATED COMMUNICATION AND TRANSPORTATION EFFICIENCY SOME STUDY CASES Melania GAGEA Frequentis AG, Vienna, Melania.Gagea@frequentis.com Keywords: Public Safety, Maritime Rescue Co-ordination Centre (MRCC),
+ Increasing Energy Reliability & Resiliency NGA Policy Institute for Governors' Energy Advisors Denver Colorado, September 11, 2013 Jeffrey R. Pillon, Director, Energy Assurance Programs National Association
Foundations of Emergency Management Class 1 Emergencies Working in conjunction with Communities, Government, Agencies and Business Authorised and published by Emergency Management Victoria, 121 Exhibition
Spanish non paper Public Private Partnership as Industrial Research and Innovation Instruments The way forward The purpose of this document is to capture the view of the Spanish Presidency of the European
Community Emergency Planning Guide Our district has experienced numerous events over past years. Evidence from previous emergencies has shown that communities that plan and manage their own needs before,
EXPLORATORY RESEARCH IN ATM David Bowen Chief ATM 4 th May 2015 1 ATM Research in Europe HORIZON Transport Challenges smart, green and integrated transport FlightPath 2050 five challenges to aviation beyond
Business Continuity Policy Version.0 January 206 Contents Contents Version control Foreword Policy. Scope.2 Aim and objectives.3 Methods and standards.4 Responsibilities.5 Governance.6 Training and exercises
SUFFOLK COASTAL DISTRICT COUNCIL DOMESTIC FLOOD PROTECTION POLICY 1. Introduction 1.1 The Council recognises the threat to local communities from flooding following severe weather events and as a result
DEVELOPING THE EMERGENCY PLAN By: Robert Sheffield INTRODUCTION Overview The Emergency Plan can never be tested until there an emergency occurs. The incident range can extend from a minor or simple impairment
BUSINESS CONTINUITY MANAGEMENT IN THE PUBLIC SECTOR A ROUGH GUIDE Introduction 1. Recently many organisations both public and private have directed much more time, money and effort towards protecting service
Council of the European Union Brussels, 18 November 2014 15585/14 COPS 303 POLMIL 103 CYBER 61 RELEX 934 JAI 880 TELECOM 210 CSC 249 CIS 13 COSI 114 OUTCOME OF PROCEEDINGS From: Council On: 17 18 November
INFORMATION SECURITY: UNDERSTANDING BUSINESS CONTINUITY MANAGEMENT FACTSHEET This factsheet will introduce you to Business Continuity Management (BCM), which is a process developed to counteract systems
Emergency Mgt in Ireland Brigitta O'Doherty, Office Emergency Planning Keith Leonard, National Directorate Fire & Emergency Management Caroline McMullan, DCU Business School The Office of Emergency Planning
INFORMATION RISK MANAGEMENT KPMG Information Risk Management Business Continuity Management Peter McNally, KPMG Asia Pacific Leader for Business Continuity ADVISORY Contents Agenda: Global trends and BCM
BUSINESS CONTINUITY POLICY Last Review Date Approving Body n/a Audit Committee Date of Approval 9 th January 2014 Date of Implementation 1 st February 2014 Next Review Date February 2017 Review Responsibility
TESTIMONY OF DANIEL DUFF VICE PRESIDENT - GOVERNMENT AFFAIRS AMERICAN PUBLIC TRANSPORTATION ASSOCIATION BEFORE THE HOUSE COMMITTEE ON GOVERNMENT REFORM ON THE 9/11 COMMISSION RECOMMENDATIONS ******* August
About us The declaration Cineas For a Risk Culture summarises the Consortium s mission: spread culture and vocational training regarding integrated business risk management be a link between businesses,
THE STRATEGIC POLICING REQUIREMENT July 2012 Contents Foreward by the Home Secretary...3 1. Introduction...5 2. National Threats...8 3. Capacity and contribution...9 4. Capability...11 5. Consistency...12
Microsoft Global Security Operations Centers Customer Profile Microsoft's global security operations centers (GSOCs) monitor the safety and security of the company's facilities and operations around the
13. Lifeline utilities Summary Lifeline utilities are entities that provide infrastructure services to the community such as water, wastewater, transport, energy and telecommunications. Lifeline utilities
Business Continuity Management (BCM) Software 1 Business Continuity Management Software All In One Continuity Management Solution A Single Platform Approach Manage entire lifecycle with comprehensive BC
Simple Tabletop Exercise, Interdependency Natural Disaster Scenario Scenario #8 Facilitator s Guide Scenario Summary Background: It is March in Zenith City and the residents are experiencing a cold spring.
DCAF a centre for security, development and the rule of law On the European experience in critical infrastructure protection Valeri R. RATCHEV firstname.lastname@example.org @ratchevv DCAF/CSDM 1 This presentation
Council of the European Union Brussels, 19 May 2015 (OR. en) 8970/15 NOTE RECH 141 TELECOM 119 COMPET 228 IND 80 From: Permanent Representatives Committee (Part 1) To: Council No. prev. doc.: 8583/15 RECH
UPDATED TO REFLECT NEW FRAMEWORK MAY2011 Local and Community Development Programme A step by step guide to Strategic Planning for LCDP Step One - Reflection on the principles of the programme and the horizontal
NHS Commissioning Board Business Continuity Management Framework (service resilience) 1 P a g e NHS Commissioning Board Business Continuity Management Framework Date 7 January 2013 Audience NHS Commissioning
University of North Carolina Wilmington CONTINUITY OF OPERATIONS PLANNING November 9, 2010 Lumina Theater, Fisher Student Center Development of Continuity Planning University of North Carolina Wilmington
PLAN EXCEL ACT CHECK Setting the PACE! Safety, Health and Environment Management System Overview 1 Nalco Management System Nalco's Safety, Health and Environment Sustainability Principles Nalco Company
Business Continuity Management Factsheet To prepare for change, change the way you prepare In an intensely competitive environment, a permanent market presence is essential in order to satisfy customers
Technology Strategy April 2014 Contents Overview 1 Our environment 1 Why change? 2 Our vision for technology what success looks like 3 Our approach 7 Transformation shifts how will we know we have been
Ninth LACCEI Latin American and Caribbean Conference (LACCEI 2011), Engineering for a Smart Planet, Innovation, Information Technology and Computational Tools for Sustainable Development, August 3-5, 2011,
Cyber Security Build-up of India s National Force 2 Gabi Siboni, 1 Senior Research Fellow and Director, Military and Strategic Affairs and Cyber Security Programs, Institute for National Security Studies,
Request for feedback on the revised Code of Governance for NHS Foundation Trusts Introduction 8 November 2013 One of Monitor s key objectives is to make sure that public providers are well led. To this
www.thalesgroup.com URBAN SECURITY Increasing the city s attractiveness Thales Communications & Security 20-22 rue Grange Dame Rose - 78141 Vélizy-Villacoublay - France - Tel: +33(0)1 73 32 00 00 10/2013
Manifesto for Education Empowering Educators and Schools As the world faces new challenges with the growing threat of violent extremism, schools and educators are confronted with expressions and sentiments
CHAPTER 15 EDUCATION AND TRAINING IN EMERGENCY MANAGEMENT IN AUSTRALIAN SCHOOLS Dudley McArdle Emergency Management Australia Lessons in danger Abstract: In Australia, national and state bodies are responsible
IRM CERTIFICATE AND DIPLOMA OUTLINE SYLLABUS 1 Module 1: Principles of Risk and Risk Management Module aims The aim of this module is to provide an introduction to the principles and concepts of risk and
Published by the National Treasury Private Bag X115 Pretoria 0001 South Africa Tel: +27 12 315 5948 Fax: +27 12 315 5126 The Framework for Strategic Plans and Annual Performance Plans is also available
Assisted Living Facilities & Adult Care Comprehensive Emergency Management Plans STATUTORY REFERENCE GUIDANCE CRITERIA The Henrico County Division of Fire s Office of Emergency Management provides this
Federation of European Union (FEU) Fire Officer Associations www.f-e-u.org Pan A safer Europe for all Contents Context...3 Introduction...5 Who we are...6 Aims...6 Mission...6 Values...6 Vision...7 Objectives...7
Confident in our Future, Risk Management Policy Statement and Strategy Risk Management Policy Statement Introduction Risk management aims to maximise opportunities and minimise exposure to ensure the residents
1. An Introduction This presentation will introduce you to the concepts and terminology related to disaster recovery planning for businesses. This presentation was prepared by the South Central Economic
OVERSIGHT RECOMMENDATIONS ON BUSINESS CONTINUITY BACKGROUND OF THE DOMESTIC SURVEY Unexpected incidents worldwide have focused the attention of the financial sector, including the participants of the domestic
3 2 CONSULTATION AND EMPOWERMENT 4 RISK MANAGEMENT 1 AMBITION, POLICY AND RULES LEADERSHIP, ACCOUNTABILITY AND ORGANISATION PLAN AND COMMIT 5 EMERGENCY PREPAREDNESS 10 AUDIT AND MATURITY PATH 9 LEARN AND
The handouts and presentations attached are copyright and trademark protected and provided for individual use only. READINESS RESOURCES American Bar Association -- www.abanet.org Disaster Recovery: www.abanet.org/lpm/lpt/articles/slc02051.html
Managing educational change in the ICT discipline at the tertiary education level Project authors Project directors University partners Tony Koppi and Fazel Naghdy University of Wollongong Joe Chicharo
QUALITY ASSURANCE COUNCIL AUDIT MANUAL SECOND AUDIT CYCLE Table of Contents Executive Summary 1 1. Introduction 3 2. Aims of audit 10 3. Scope of the second round of QAC audits 12 4. Process for the second
Roads for All The Trunk Road Network Disability Equality Scheme and Action Plan Transport Scotland Glasgow 4 December 2006 Acknowledgements This Trunk Road Network Disability Equality Scheme and Action
Creating Disaster Resiliency: Implementing Regional Coordination and National Disaster Prevention Networks A Whitepaper Based on BCLC s February 2012 Systemic Community Resiliency Workshop Executive Summary
TEXAS HOMELAND SECURITY STRATEGIC PLAN 2015-2020: PRIORITY ACTIONS INTRODUCTION The purpose of this document is to list the aligned with each in the Texas Homeland Security Strategic Plan 2015-2020 (THSSP).
The Institute of Risk International Diploma in Risk Building excellence in risk management For nearly 30 years, IRM s International Diploma in Risk has been the global choice of qualification with risk
Data Sheet Cisco Optimization s Optimize Your Solution using Cisco Expertise and Leading Practices Optimizing Your Business Architecture Today, enabling business innovation and agility is about being able
STATEMENT OF SHAYNE ADAMSKI SENIOR MANAGER OF DIGITAL ENGAGEMENT FEDERAL EMERGENCY MANAGEMENT AGENCY U.S. DEPARTMENT OF HOMELAND SECURITY BEFORE THE COMMITTEE ON HOMELAND SECURITY SUBCOMMITTEE ON EMERGENCY
International Diploma in Risk Management Syllabus Module 1: Principles of Risk and Risk Management The aim of this module is to provide an introduction to the principles and concepts of risk and risk management.
Formulation of Area Business Continuity and Recovery Programs in Partnership of Public and Private Sector Dr. Hitoshi BABA Ph.D. Environment and Resource Engineering Senior Advisor, email: Baba.Hitoshi@jica.go.jp
Version 2 IET Sector Insights Intelligent Buildings: Understanding and managing the security risks More efficient and cost-effective use of the built environment is increasingly being driven by economic
International Journal of Control and Automation 17 Common Threats and Vulnerabilities of Critical Infrastructures Rosslin John Robles 1, Min-kyu Choi 1, Eun-suk Cho 1, Seok-soo Kim 1, Gil-cheol Park 1,
Business Continuity Is your Business Prepared for the worse? Major emergencies can develop suddenly without warning. Situations can threaten and disrupt your business and impact upon you and your staff.
ADVANCED DISTRIBUTION MANAGEMENT SYSTEMS OFFICE OF ELECTRICITY DELIVERY & ENERGY RELIABILITY SMART GRID R&D Eric Lightner Director Federal Smart Grid Task Force July 2015 2 OE Mission The Office of Electricity
The Role of Elected Officials During Disasters The Florida Division of Emergency Management Bryan W. Koon Director Florida Division of Emergency Management Introduction Florida s elected officials play
BRIEFING Integrated data and information management in social protection Key messages > Integrating data and information management of social protection programs through a Single Registry and associated
BUSINESS CONTINUITY MANAGEMENT FRAMEWORK Document Author: Civil Contingencies Service - Authorised by the CCS Joint Management Board - Version 1.0. Issued December 2012 Page 1 FRAMEWORK STATEMENT Business
Gloucestershire County Council Communications Strategy 2013 to 2015 Introduction This strategy sets a framework for council communications. It gives direction to all media, online, internal, marketing,
100 Resilient Cities Challenge Apply by September 10, 2014 www.100resilientcities.org/challenge 2014 Q&A Teleconference Transcription Max Young: Hello everyone, this is Max Young of 100 Resilient Cities.
Critical success factors of effective security management: a survey of Vietnamese maritime transport service providers VINH Thai-Van, Devinder GREWAL School of Maritime Management & Logistics, Australian
FIRST ANNOUNCEMENT AND CALL FOR ABSTRACTS 7th International Conference on Energy Efficiency in Domestic Appliances and Lighting (EEDAL 13) 11-13 September 2013 Coimbra, Portugal Introduction Citizens and