Operation Yellowhammer is the codename used by the UK Treasury for cross-government civil contingency planning for the possibility of a no-deal Brexit. In the event of exit with no-deal, the UK's unilateral departure from the EU could disrupt, for an unknown duration, many aspects of the relationship between the UK and European Union, including financial transfers, movement of people, trade, customs and other regulations.
Operation Yellowhammer is intended to mitigate, within the UK, the effects of this disruption, and would be expected to run for approximately three months. It has been developed by the Civil Contingencies Secretariat (CCS), a department of the Cabinet Office responsible for emergency planning. When the UK ceases to be a member of the EU in October 2019, all rights and reciprocal arrangements with the EU end.
The attached document is the leaked report referred to in the Guardian article.
Following Breakthrough’s widely-reported policy brief on Existential Climate-related Security Risk, this latest discussion paper provides supporting evidence for the contentious 3°C scenario. A 3°C scenario, developed in 2007 by US national security analysts, is reproduced in this paper highlighting a proven prescient in foreseeing some of the major socio-political events that have emerged in the last decade.
There can be many reasons why your staff won't be able to work from their "normal" place of work ... flooding, power outage, internet disruption, fire and so on .... So, where will they go? Can they work from home? What are their technology needs? Here's a helpful article to get you started.
This article addresses the issues that business continuity professionals should consider when sourcing workplace recovery facilities as part of a business continuity plan. It addresses the needs of a medium sized office (several hundred staff) and that there is one office in the city. We are also assuming that the organisation has removed their IT infrastructure from their office and are now housing their computer systems in a datacentre or in the cloud.
At the recent BCI Summit in Sydney, Ben Scheltus gave a presentation on the impact of risks from climate change on business resilience.
A combination of factors makes climate change a particularly notable risk for Australian businesses. On a global basis, the World Economic Forum’s Global Risk Report has identified climate change as a “High Impact” and “High Likelihood” risk. Australian businesses should treat this serious risk in the same manner as any other business risk.
Australia is particularly exposed because it is already subject to extremes in weather; its distance from other global markets increases the fragility of our supply chains; the age of our power generation infrastructure and our heavy dependence on sea transport (for imports and exports). Recently there was a discussion as to whether climate change risks were becoming too great in Australia for the insurance industry to insure.
‘While disclosure is critical, it is but one aspect of prudent corporate governance practices in connection with the mitigation of legal risks. Directors should be able to demonstrate that they have met their legal obligations in considering, managing and disclosing all material risks that may affect their companies. This includes any risks arising from climate change, be they physical or transitional risks.’ Mr Price said.
Financial credit rating institutions want answers from coastal cities about how they’re preparing for climate-change impacts like sea level rise and whether they can pay for their adaptation plans, the mayor of Honolulu said July 17.
When doing your Risk Assessments, please be mindful of the physical and transition risks presented by climate change. For three years in a row, the World Economic Forum’s Global Risk Report (GRR) has called out the risks we collectively face from climate change. In the 2019 report published in February, climate change and environmental risks dominate the “high likelihood” and “high impact” quadrant of the global risk matrix. Read the article here.
Click here to view the RMIA Risk Magazine April edition. Please note the magazine is for RMIA members only.
AWS has published a guide to assist their clients understand the basic concepts of security incident response within their AWS environment. It presents an overview of the fundamentals of responding to security incidents within a customer’s AWS cloud environment, including an overview of cloud security and incident response concepts, identifies cloud capabilities, services, and mechanisms that are available to customers for responding to security issues.
You can download the white paper here, or click on the link below to view all AWS white papers.
The Max, Boeing’s best-selling model, with more than 5,000 orders, is suddenly a reputational hazard. It could be weeks or months before regulators around the world lift their ban on the plane, after Boeing’s expected software fix was delayed.
“It’s just frustrating to hear the lip service being given to ‘Oh yes, we now believe in climate change and need to do something’ when every effort to do something about it is rubbished.”
APRA has recently announced its priorities for 2019. Please see below excerpts that are relevant to the operational risk management and the business continuity practitioners. See here for the full report.
“Operational risk and related standards
APRA has commenced an important project to update its existing prudential standards and guidance on outsourcing, business continuity and information security, which apply to entities in the banking, insurance and superannuation industries. The objective of this initiative is to align prudential requirements with industry better practice and community expectations for a high degree of resilience to material operational risk incidents.
In conjunction with these more technical standards, APRA’s intention is to issue broad-based expectations for operational risk management and resilience that align to the overarching risk management framework. APRA will take the opportunity to streamline existing requirements where appropriate.
The first stage of this project, involving a new prudential standard on information security was finalised in late 2018, with the new standard to commence on 1 July 2019. APRA will consult on associated guidance on information security in the first half of 2019. Subsequently, requirements for operational risk management and revised standards for business continuity and outsourcing (updated to cover service provision more broadly) will be the focus of consultation over the course of 2019.”
Our reading of the tea leaves is that there could well be considerable changes to the way APRA regulates the Australian finance market in the near term. The outcome of the Hayne Royal Commission and the looming risks from climate change means that it is likely that over the next twelve months our business continuity plans may need to be thoroughly reviewed.
Wells Fargo customers were unable to access their online bank accounts for more than seven hours – after smoke knackered one of its data centres.