330 likes | 470 Views
Resilience and Continuity Planning in Global Business Systems. For the QLD Chapter Council of the Institute of Internal Auditors April 9, 2008. Dr Paul Barnes School of Management, Queensland University of Technology. Overview of Presentation. Homo urbanis : A vulnerable networked world
E N D
Resilience and Continuity Planning in Global Business Systems For the QLD Chapter Council of the Institute of Internal Auditors April 9, 2008 Dr Paul Barnes School of Management, Queensland University of Technology
Overview of Presentation • Homo urbanis: A vulnerable networked world • Why do Institutions fail? - Why it is important • Resilience & Emergency readiness - a complex and inter-connected world • Issues of governance - Vertical scales and linked geographies • Future Steps:Foresight and EnhancedResilience
Urbanisation and Infrastructure • Complex dynamic processes (over multiple scales of space and time) • Social phenomena and physical transformations of landscapes • Key Infrastructure disturbances might include: • Loss of interconnectivity & Telecommunications (data, networks) • Damaged Housing Stock & Commercial Premises • Power supply (Generation & transmission) • Transport systems (Road, rail, air, water)
Infrastructure dependencies. • With the treat of impacts from extreme natural hazards all Infrastructure and networks of infrastructure become critical: Rinaldi, S.M., Peerenboom, J. P. & Kelly, T.K. (2001) “Identifying, Understanding, and Analyzing Critical Infrastructure dependencies,” in IEEE Control Systems Magazine, December
Infrastructure Inter-dependencies. Rinaldi, S.M., Peerenboom, J. P. & Kelly, T.K. (2001) “Identifying, Understanding, and Analyzing Critical Infrastructure dependencies,” in IEEE Control Systems Magazine, December
Why Do Institutions Fail.1 • On Friday night, March 17, 2000, a line of thunderstorms rolled through the desert city of Albuquerque, New Mexico. • When lightning lit up the desert sky, one bolt struck an industrial building that housed a distant outpost of Philips NV, the Dutch electronics conglomerate. The furnace in Fabricator No. 22 caught fire. • Immediately, alarms sounded inside the Philips plant and at the local fire station. Sprinklers went off and Philips-trained staffers rushed into action. In less than 10 minutes, the fire was out. • However, Nokia and LM Ericsson AB accounted for 40 percent of the affected orders at the Albuquerque plant.
Why Do Institutions Fail.2 What did Nokia do? • Nokia made daily calls to Philips to check the status of the evolving situation initiated a process of collaborating with Philips on recovery efforts. • A 1 month projected recovery time soon expanded to months - Nokia did not want to wait – procurement executives sought alternative supplies • Of the 5 key parts impacted by the fire 3 could be purchased from Japanese and American suppliers - Because Nokia was already an important customer of these two suppliers, the suppliers agreed to the additional orders with only five days’ lead time. • Expedited deliveries would help Nokia maintain production in a very strong demand market - The other 2 parts had to come from Philips – and strong corporate pressure was exerted by Nokia too access supplies. • For a little period of time, Philips and Nokia would operate as one company regarding these components.
Why Do Institutions Fail.3 What did Ericsson do? • They received the same phone call from Philips – as Nokia - on recovery efforts. • Ericsson was content to allow the one-week delay to take its course. The company assumed that Philips would ship the chips after a short delay, that the fire was minor, and that everything would work outprojected recovery time soon expanded to months. • Upper to Mid-level staff neither bothered their bosses with news of this minor glitch nor delved further into the magnitude of the disruption. Even when it was clear that the much-needed chips were significantly delayed. • The head of the consumer electronics division (which oversaw mobile phone production), did not learn of the problem until several weeks after the fire.
Why is attention to such issues important? • Criseshave becomeNormal • Often with a sudden emergence • Causing major consequences Why does it matter? • Could the crises or their triggers have been attenuated? • Could their consequences have been mitigated? • Could they have been anticipated and resilience enhanced?
Natural Threats Social Threats Hybrid Crisis Hybrid Crisis Hybrid Crisis Hybrid Crisis Hybrid Crisis Hybrid Crisis Hybrid Crisis Technological Threats Biological Threats Hybrid Crisis Complex Crisis The Interactivity in Crises (After Parker (1995:314)
Failure Fractals Pre-Crisis Trigger Crisis Learning Consequence(s) Post-Consequence
Empirical Findings – various classes of failure Crisis Prone organisations & groups • Cultural beliefs about invulnerability • Inflexibility in considering alternative options & choices for mitigation • Non-existent or ineffective internal control mechanisms • Senior staff not trained in decision making under crisis situations • Information Distortion: Attenuation and filtering of information to key decision makers • Contingency planning inadequate or non-existent Incidents can: • ‘Cook’ slowly • Emerge suddenly • Often Warning signs existed
Contextual Potentially Innovation Surprise Free IMPACT of a TECHNOLOGY Technological Techno-Contextual Surprise Surprise Complexity and Emergence. CONTEXT Limited Dispersed Planned • Parasitic Vaccines • DNA fingerprinting 2 1 • Pesticides residues in food • Algal blooms • Unexpected behaviour of novel GMO’s • Global warming • Ozone depletion • BSE • nvCJD Unexpected 4 3
A Resilient Organisation? • Merrill Lynch • Number of employees lost : 3 • Amount of office space lost: 2,083,555 • Physical location affected: 4 World Financial Center, Whole Building • 2002 revenue: $28.5billion • Headquarters: 4 World Financial Center, New York, NY 10080 • Returned back to work within 24hours • Transferring trading operations to London, Tokyo and Hong Kong • Used their web site to communicate relocation and emergency transportation information to employees
Functionality Systems State Loss of Resilience A Threshold Transition – loss of functionality Non-function
Non-function ControlledFunctional Loss … as an in-built adaptive (resilient) capacity in complex systems management Functionality 1 2 3 Systems State
Issues of Importance • How should the public & private sectors collaborate in implementing emergency response and systems continuity planning for Global systems? • How might the capacity for governance be enhanced by aligning the skill sets and coordination of planning & response personnel (the requisite variety) needed for response, continuity and recovery? • Can infrastructure be re-designed / designed to enhance resilience in face of disturbances and critical incidents (either by intention or as normal accidents)?
Assuring Continuity of process involves ….. • Understanding the environment, vulnerabilities and criticalities of a system (or system of organisations). • Identifying the nature and source of potential disruptive events that pose business continuity risk, both positive and negative. • Understanding the consequences of these events in terms of their impact on the business. (community or industry). • Implementing strategies to mitigate, or benefit from, the recognition of risk. • Recognizing that disruptive events may occur that have not been considered through formal risk assessment - requiring that business continuity plans maintain a high degree of flexibility.
Dealing with Complexity ... Governance & BCM A robust contingency planning capability and capacity should include: • Environmental Scanning (Weak signals) • Escalation Triggers (Incident/Issue recognition) • Consequence Analysis (supporting the development of impact frames in the context of high uncertainty) • Crisis Management Decision-making Capacity(separate to routine business decision making structures) • Clearly stated, understood and tested Communication Mechanisms for reporting emergent incident/issues to the CEO & Senior Managers.
Crisis-ready Institutions ... have or are developing • Processes for continual and adaptive vulnerability analyses within and between complex and critical systems and the way people use them; • Abilities to anticipate counter-intuitive triggers of loss-causing incidents (tipping points) along with secondary and tertiary impacts; • Continuity planning methodologies for effectively integrating the functioning of complex systems(including System of System issues); • Greater understanding and training to anticipate emergent threats that exploit systemic vulnerabilities.
System of cities Cities as systems - cities as nodes in systems Resilience: The ability of a system to maintain its structure and patterns of behaviour in the face of disturbance a
Emergency response a city governance perspective.1 • A number of analytical questions seem pertinent: • Is the budgetary allocation for crisis & emergency response planning for the city commensurate with threats and consequences of major failure(s)? • How extensive is the role of the city administration in crisis planning response & recovery? • What degree of vertical collaboration exists - in relation to crisis planning, policy development & implementation - across City, Regional, National jurisdictions? • What degree of public confidence in the city administration exists (and/or other levels of govt.) in relation to preparedness and response capacity?
Emergency response a city governance perspective.2 • Are foresight techniques used to anticipate unexpected combinations of threats & emergent crises(Who should carry them out; how should stakeholder participation managed; who should fund the process; How would this knowledge be used)? • Are vulnerability analyses of dependent and interdependent critical infrastructure(s) carried out(How & by whom)? • Are early warning systems and risk communication mechanisms in place(thus allowing a coordinated threat recognition and response escalation capacity)? • What collaborative first, secondary & supporting responder training is carried out (How often, and to what depth are threat scenarios examined)?
Emergency response a city governance perspective.3 • The degree & nature of stakeholder involvement(i.e. NGO’s, Public and/or Private sector) in emergency response & crisis planning - How is crisis prevention marketed to the public & private sector? • What post-crisis recovery, rebuilding and institutional learning strategies are in place? • Who participates in post-incident debriefs - How are these ‘lessons’ applied?
Providing a capacity to analyse, at a strategic level,the consequences of emergencies & crises over short tolonger terms, categorised under a specific impact hierarchy - Individual, Community, RegionalandStatelevels
Anticipation, Foresight and Resilience Pre-Crisis Trigger(s) Crisis Continuity & Recovery Consequence(s) Learning Post-Consequences • Learning must be applied with reference to: • Changes in policy (public, economic & national security) • Variation in the use of infrastructure (via society, related urban development & from updated technology)
Why must our thinking change? • With the threat of impacts from extreme natural hazards or socio-technical threat, all Infrastructure and networks of infrastructure become critical: • Four kinds of failure - before, during & after Crises: • Imagination, • Policy, • Capabilities & • Management. • National Commission on Terrorist Attacks upon the United States (2004): “The 9/11 Commission Report, Final Report,” Authorized Edition, Norton: (p. 339)
After the fall of Singapore in WWII Winston Churchill is noted to have considered four questions in his role as leader: “why didn’t I Know,” “why wasn’t I told,” “why didn’t I ask,” “why didn’t I tell what I knew?” “How will I know,” “How I will ensure I am informed,” “When should I ask,” “when should communication be triggered”