« Back to previous page

01 July 2007

Bruce Mann, Director of Civil Contingencies at the Cabinet Office, says the potential for collaboration between government and the essential services has yet to be fully exploited

Protecting the Critical National Infrastructure has always been a priority for Government.  But national security depends as much on the resilience of national institutions, when things go wrong.  The focus of national resilience planning is as much on business continuity of the CNI as it is on improving the capability of the emergency services to deal with the humanitarian impact of disasters.  And, in that, the potential for collaboration between Government and the essential services has yet to be fully exploited, says Bruce Mann, Director of Civil Contingencies at the Cabinet Office.

There has, since 2001, been a fundamental shift in the purpose and organisation of civil protection in the UK. The Cold War model of civil defence – focused on a single, monolithic threat, managed top-down by central government in secret and restricted to a small community – has gone. In its place has come a model better suited to a modern network society with its increased connections and interdependencies bringing with them greater vulnerability to external shock. The new model addresses a wide range of security risks, from terrorism through accidents to natural disasters. It involves a broad range of organisations, in the public sector and beyond. Work at local level is the building block of preparedness. And there is a premium on inclusiveness and transparency.

The Civil Contingencies Secretariat, set up in 2001, has sought to promote the notion of 'resilience' – the ability to respond to an emergency, minimise and absorb any damage, and recover.  We see this being the responsibility of a 'resilience community' engaging practitioners at all levels – national, regional and local – and involving not just public sector emergency planners and responders, but the private, business, and voluntary sectors as well, in a campaigning partnership to improve preparedness.

The capabilities needed to respond to emergencies are of four kinds:

A general ability to respond to a wide range of emergency situations that are increasingly unpredictable in their impact.   This, 'generic' level of capability is being improved through the work of Government Departments and agencies involved in the resilience capability work streams lead by the CCS.

Specific plans to improve preparedness, in particular at present for pandemic flu which we see as the highest risk to the public in the next five years and, therefore, to the continuity of business in the economy as a whole.  The Department of Health and CCS are leading a partnership here to plan for the health and wider social and economic consequences.

Crisis management capability:  the ability of government, at local, regional and national level, to organise in the face of increasingly complex challenges posed by both natural hazards and unnatural threats to our networked society.

Business Continuity Management, not just of the responder community which is required under legislation to ensure that they can continue to exercise their functions, but also of those institutions providing services without which 'normal' life will be adversely impacted, notably the essential service sectors including health services, food and water, transport, utilities and financial services.

I could add a fifth:  the ability to identify the potential for disaster, and to weigh the risks, in the short term – for contingency planning purposes – and for the longer term, to enable capabilities to be built and adapted to the world as it evolves.

We are expecting all those involved in the critical national infrastructure to ensure that their continued operations are covered by robust business continuity arrangements.  But much of this is not in the hands of Government.  We cannot direct now private businesses and others who have their priorities dictated other than by Government, like the voluntary sector, to invest in business continuity.  Our approach is to enable and to encourage.

In early 2006, we formed the Business Advisory Group on Civil Protection to provide a forum through which business representative groups and the Government can meet to discuss civil protection issues.  The group includes representatives of the British Bankers Association, the British Retail Consortium, the Institute of Directors, and the Federation of Small Business, and many others.  We have asked participants to cascade the outcomes of each meeting to their members.

We use the Business Advisory Group to discuss the Government's view of current risks and threats to the UK, on which CCS leads through its horizon scanning activity.

We have added a great deal of new information this year to the relaunched Preparing for Emergencies (PfE) website, designed specifically to create a single portal for businesses (and others) engaged in risk and business continuity management.  This includes information on generic challenges to business continuity which we will be reviewing in coming months, and will welcome suggestions for improvements. http://www.preparingforemergencies.gov.uk/business/generic

_challenges/index.shtm. 

And perhaps the key development in 2006, we have cooperated with the British Standards Institute (BSI) in the production of the British Standard on Business Continuity Management (BCM) – BS 25999.  Part I, setting out a code of practice for business continuity managers, is already out;  Part II, with the specification, has been out for consultation and should be published shortly.  I invite Contingency Today readers to visit www.bsi-global.com/Risk/BusinessContinuity/bs25999.xalter.

Sharing information is the key to partnership in the resilience community.  It underpins the Civil Contingencies Act (2004), which creates a long term foundation for civil contingencies capable of meeting the challenges we are likely to face at national, regional and local levels, by:

Ensuring consistency of activity across and between tiers of Government, delivering improvements in performance and communication

Setting out clear expectations and responsibilities for front line responders at the local level, to ensure that they can deal with the full range of emergencies

Enhancing civil protection, at the regional level also, that provides a strong bridge between the centre and local areas

Modernising the legislative tools available to Government to deal with the most serious emergencies

The Act, and its accompanying statutory guidance, also provides a basis for information sharing between Category 1 and Category 2 responders in a way that protects the proper concerns of both parties about their security and, in particular, their vulnerability. This is an area in which Cold War habits of secrecy are but gradually being overcome.

As is normal with legislation of this kind, we shall be reviewing the working of the Civil Contingencies Act (2004) over the next year.  We shall be seeking to ensure that it continues to provide a robust, long term, national framework for civil protection fit for the challenges of the 21st Century, and encompassing a true partnership between all elements of the resilience community]

Bruce Mann

Head of the Civil Contingencies Secretariat

The CCS website www.ukresilience.info provides many useful wider links and is a good starting point for finding up to date information on developments in civil protection issues.