THE BRITISH LIBRARY BOARD BLB 12/35

Transcription

1 IN CONFIDENCE THE BRITISH LIBRARY BOARD BLB 12/35 OLYMPICS BUSINESS CONTINUITY PLANNING: PROGRESS UPDATE 1. PURPOSE OF PAPER The purpose of the paper is to report to the Board on the progress of the Library s Business Continuity Planning arrangements for the Olympics period. 2. SUMMARY The paper provides a review of the Library s Business Continuity Planning arrangements for the Olympics period. It focuses on the development of the associated programme of work, its scope and objectives, and details the progress to date. The Board Audit Committee reviewed an earlier version of this paper at its meeting on 3 May. 3. ACTIONS REQUESTED OF BOARD The Board is invited to note the report. Director of Human Resources May

2 IN CONFIDENCE THE BRITISH LIBRARY BOARD BLB 12/35 OLYMPIC GAMES: BUSINESS CONTINUITY PLANNING 1 INTRODUCTION 1.1 The Olympic Games (27 July to 12 August) and Paralympics (29 August to 9 September) come to London in less than three months and this is being viewed by the Library as an opportunity to showcase the Library and to utilise the estate as a venue for exhibitions and events. However, it is essential that there is confidence in our ability to secure and protect the Library, its personnel, reputation and brand. St Pancras is the focal point of this work as it is believed there will be no major impact on Boston Spa or Colindale. In common with other businesses and organisations within London, the Library will face many challenges which may include heightened levels of security, increased travel difficulties for staff and visitors, increased visitor numbers and problems with supplier deliveries. In addition, the close proximity of St Pancras railway station, and its use as a busy Olympic Games travel hub, may serve to exacerbate problems. 1.2 Planning is well under way and progress papers have been presented to the Executive Team in November 2011 and February At the February Board meeting a paper was presented which outlined the Library s approach to planning for the Games. This current paper provides an update to Board Audit Committee on our Business Continuity Planning activity with the intention of providing assurance that the challenges of the period are being addressed. This paper is being presented at this time in order to provide the Board opportunity to comment on a timely basis, as this will be the last substantive opportunity to do so before the Games commence. The Board Audit Committee reviewed an earlier version of this paper at its meeting on 3 May. 2 RISKS 2.1 The Games will bring not only opportunities but also risks to Library operations. Major risk themes identified include: Failure to maintain services at St Pancras Failure to ensure that contracted and outsourced services are maintained Failure to secure the Library and its visitors and readers in a period of heightened security risk Failure to ensure that the Library capitalises on opportunities presented by the Games Failure to protect the Library s reputation and brand Failure to respond to DCMS call to shift usage of tube and train travel 2

3 3 BRITISH LIBRARY RESPONSE PLANNING 3.1 As part of the response to these risks, the British Library Executive Team heeded the advice for early planning, establishing a working group entitled the Olympic Business Continuity and Risk Management Group. This group comprised representatives from the directorates, chaired by Mary Canavan, and working to the following Terms of Reference: Consider the impact on services and whether the existing service levels can be maintained during the Games. Determine those activities which are deemed as critical. Consider the Games security implications on the Library s Security. Consider the impact on the Library s Health and Safety framework including the fire evacuation procedures. This to include any new risks posed by the rental of land to the north of the site during the games. Consider the transport issues for staff and Readers. In particular, it will consider to what extent staff can work at home, work alternative working patterns during the period, or be allowed to take leave. Ensure that appropriate Business Continuity plans are in place especially concerning staffing levels and access to the building. Ensure that appropriate emergency plans are in place and that existing plans are not compromised by the Games. These plans to be tested as a table top exercise as appropriate. The group will ensure that appropriate information is provided to staff, readers and visitors. The group will ensure that appropriate liaison takes place with the London Transport Police, The Metropolitan Police, Camden Emergency Management Group, St Pancras Station Security, The Olympics 2012 contacts and any other group deemed appropriate. 3.2 Since its inaugural meeting in July 2011, the group has met monthly with the frequency of meetings rising to fortnightly from May 2012 onwards. A Risk Register is maintained specifically for risks associated with achieving the Library s objectives during the Games and progress is regularly reported to the Executive Team (ET). At the request of the Board, following its February meeting, a strategic risk has also been added to the Strategic Risk Register. 4 ACTIVITIES UNDER WAY 4.1 The group explored and developed a number of work streams, identifying and agreeing the following actions which are being implemented. These can be grouped into the following main topics Customers and visitors It is difficult to gauge how busy the reading rooms will be during the Olympic Period. Summer is traditionally a peak time but it may be that readers will stay away because of the transport challenges. However, based on information about peak transport congestion times, it is proposed that the St Pancras Reading Rooms open 3

4 at 10.00am Monday Saturday, during the period, 27 th July 12 th August. Normal opening hours will apply for the Paralympics Games period. Non-essential visitors and visiting dignitaries will be discouraged during the Olympic Games period Staffing and Staff Matters Directors have provided assurances as to both the number of staff who can work from home and also those whose role is deemed to be critical to the operation of the Library over the Olympic period. Staff in non-critical areas are being encouraged to take annual leave. Leave in critical areas is being carefully planned to provide a buffer should staff have difficulties travelling to work. In order to facilitate increased working from home both during the Games and going forward, eis is working to enhance the existing VPN (Virtual Private Network) services for Library laptops to improve the service. Moreover, work on new remote access services for staff is progressing. A demonstration of the facilities has been given to ET on 28th March. Test hardware has been allocated and configured, and the software is being built. Two solutions are being tested. The first of these, Direct Access, will be available to those staff with BL laptops running Windows 7. This will provide a transparent connection to the BL network from a remote location and allow the user access to network drives and . Access to corporate applications will also be available via a Virtual Desktop The second route, Access Gateway, will be available for all other users using non-bl devices on the internet - at home, or elsewhere. They will need to log in to a secure VPN session which will then set up a Virtual Desktop to access services. Trials of the working from home arrangements are to take place for as many staff as possible, both to test the arrangements and also to assess the likely impact on the helpdesk service. Additional facilities will also be available for remote video conference sessions, and Desktop Services staff in appropriate numbers will be available to provide support to users whether they are using BL equipment or their own. The decision to move the St Pancras Reading Rooms opening time to 10.00am has been agreed by ET. This will allow staff an additional 30 minutes to get to St Pancras Business travel Staff travel between Boston Spa and St Pancras will be generally embargoed for the peak disruption period and discouraged during the Paralympics. It is also agreed that meetings in, and visitors to, St Pancras should be discouraged during the peak period. International business travel should only be undertaken when absolutely essential, and not able to be moved to outside the Games period Suppliers & Contractors Contact has been made with all third party providers and suppliers to receive assurance regarding their business continuity arrangements. It is clear that the roads around St Pancras will be very congested during the Games and that in order to ensure continuity of supply of consumables, plans to avoid deliveries at peak times need to be put in place. At present, there are no known road closures in the 4

5 immediate area but this is still a possibility. Positive discussions have taken place with the Library s major contractors to ensure that they have appropriate plans in place. Stockpiling of non perishables is being undertaken and arrangements put in place to ensure that deliveries and waste removal can take place at night Business Change Although it was felt that a formal change freeze during the period of the Olympics was unnecessary, many areas including eis will de facto have one. In addition, no new staff will start during the period, no stock moves will take place and routine maintenance will be curtailed Communication An Internal Communications Plan is in place and regularly reviewed. All internal and external communications, with the exception of purely marketing material, will be managed through the Olympic Games Risk Management and Business Continuity Group. An External Communications Plan is also in place and items have already appeared in the February and April issues of the Reader Bulletin outlining the potential transport disruption and possibility of amended reading room opening times. This was reflected on Twitter and other social media. A temporary London Olympics page on has been established entitled Visiting the British Library during the Olympic Games. During the Games, Twitter and Facebook will be used to give live information about transport delays and any other service changes Security threat assessments and mitigation The Government s risk assessment for the Olympic Games highlights the following security risks: o Terrorism o Serious crime o Domestic Extremism and Public Disorder o Major accidents. Assessments of the BL s vulnerability to each risk, together with available mitigation measures are listed below. The measures in place to address the management of incidents, should such risks materialize, is detailed in section 5 below. Terrorism The National Terrorist Threat Level may to rise to Severe during the period of the Games. The BL has operated at this level in the recent past and, with the exception of a likely increase in the frequency of bag searching on the main entrance, no additional measures are considered necessary to protect the Library s buildings, staff, readers, and collections. However, the large number of visitors expected in the St Pancras area will place strain on the Library s facilities, while the iconic status of the Library and the proximity of transport hubs continue to make it a potential terrorist target. To counter this risk and to ensure effective policing of the public areas, four additional guards will be on duty whenever the Library is open. Should visitor numbers become acute and whenever the BL is closed, access to the piazza will be strictly controlled and the option of allowing only readers to enter remains an option. Should security alert levels be increased during this period, the protocol of full bag-searching may be invoked. 5

6 Crime The instance of petty crime in the BL remains low and, due to the continued search regime at the main entrance, this is not considered likely to change during the games. However, the expected large increase in the number of visitors on the piazza offers an attractive target for petty criminals. To counter this risk, the external areas of the BL will be heavily patrolled day and night during the Olympic period. Domestic Extremism and Public Disorder The Olympic Games offer domestic extremists and pressure groups an opportunity for publicity. To counter this threat, access to the building will be tightly controlled and additional guarding resources have been booked to ensure that external areas can be patrolled day and night. Notwithstanding these measures, over-crowding is likely to be an issue in the BL during the period of the games and minor disturbances and visitor issues are to be expected. 5 BUSINESS CONTINUITY AND EMERGENCY RESPONSE PLANS 5.1 Two of the key terms of reference focus on business continuity and emergency response plans to ensure they are not compromised by the Games. As part of the ongoing preplanning undertaken by the Olympics Risk Management and Business Continuity Group, consideration was given to the testing and exercising of the Library s response to a major incident. This initiative aligns with the best practice for business continuity planning detailed in British Standard 25999, which calls for organisations to: Develop exercises that are consistent with the scope of the Business Continuity Management System (BCMS). Have a programme approved by top management to ensure exercises are carried out at planned intervals and when significant changes occur. Carry out a range of different exercises that taken together validate the whole of its business continuity arrangements. Define the aims and objectives of every exercise. Carry out a post-exercise review of each exercise that will assess the achievement of the aims and objectives of the exercise. 5.2 In order to ensure a high degree of preparedness for the Olympic period, it is proposed that prior to the start of the period (end of June at the latest) a number of preliminary walk-through and table-top exercises are completed followed by two full scale live exercises. A table-top exercise to rehearse the Strategic Direction Team in crisis management has already been held with future exercises being planned. In order for this to be achieved within the limited timeframe a number of tasks need to be completed. A detailed work programme is shown at Appendix A, which includes progress to date. The key objectives of the exercises are to: Exercise the organisation s ability to safely relocate large numbers of staff and public in the event of an evacuation. Ensure key participants in the incident response are aware of their roles and responsibilities and are confident in their ability to carry them out. Successfully relocate the Major Incident Team to a designated secondary location. 6

7 Ensure that good communication is maintained throughout the incident response. Validate and identify gaps in the response mechanism and recovery plans. Provide participants with practice in managing conflicting dilemmas. 6 CONCLUSION 6.1 A great deal of work is being undertaken to provide assurance that all likely risks associated with the Olympic Games period have been identified and mitigating actions put in place to ensure the Library s resilience and preparedness. Timely progress is continuing against the proposed work programme and satisfactory completion is expected within the scheduled target dates. Director of Human Resources April 2012 Appendices A. Business Continuity and Emergency response Work Programme (As at 20 th May) 7

8 APPENDIX A BUSINESS CONTINUITY AND EMERGENCY RESPONSE WORK PROGRAMME (As at 20 th May) Review and update Business Impact Analyses (BIAs). 01/02/12 Completed 01/02/12 Review and update Business Continuity Plans. 31/05/12 Updates in progress. Develop presentation for Executive Team to review Crisis Management planning and the role of the team in strategic response. 23/03/12 Completed 21/03/12 Deliver Crisis Management presentation to Executive Team meeting. 28/03/12 Completed 28/03/12 Update Executive Team on table top exercise protocol. 28/03/12 Completed 28/03/12 Devise and develop appropriate table top exercise for Executive Team. 18/04/12 Completed 15/03/12 Run table top exercise. 18/04/12 Completed 18/04/12 Complete structured exercise debrief. 18/04/12 Completed 18/04/12 Complete detailed post-exercise report. 25/04/12 Completed 23/04/12 8

9 Amend and update procedures as required 04/05/12 Develop presentation for Tactical Management Team to review Emergency Management planning and the role of the team in tactical response. 01/05/12 Presentation under development. Deliver presentation to Tactical Management Team 08/05/12 Update Tactical Management Team on table top exercise protocol. 08/05/12 Devise and develop appropriate table top exercise for Tactical Management Team. 15/05/12 Scenario identified and agreed. Scenario under development. Injects under development. Exercise staff identified. Run table top exercise. 21/05/12 Complete structured exercise debrief. 21/05/12 Complete detailed post-exercise report. 28/05/12 Amend and update procedures as required 07/06/12 Devise and develop invacuation exercise for operational response staff. 15/05/12 Scenario identified and agreed. Scenario under development. Exercise staff identified. 9

10 Run invacuation exercise. Mid June (date TBC following completion of fire alarm upgrade programme) Complete structured exercise debrief. See above Complete detailed post-exercise report. See above Amend and update procedures as required See above Devise and develop full evacuation exercise for operational response staff, to include relocation of senior management teams to secondary location 15/05/12 Scenario identified and agreed. Scenario under development. Exercise staff identified. Run full evacuation exercise. Mid June (date TBC following completion of fire alarm upgrade programme) Complete structured exercise debrief. See above Complete detailed post-exercise report. See above Amend and update procedures as required See above 10