Public Summary of Sector Security and Resilience Plans
Transcript Of Public Summary of Sector Security and Resilience Plans
Public Summary of Sector Security and Resilience Plans
2018
1
Produced by: Cabinet Office 35 Great Smith Street LONDON SW1P 3BQ www.gov.uk/government/organisations/cabinet-office Contact: Civil Contingencies Secretariat [email protected] Publication date: February 2019 © Crown copyright 2019 The text in this document may be reproduced free of charge in any format or media without requiring specific permission. This is subject to it not being used in a derogatory manner or in a misleading context. The source of the material must be acknowledged as Crown copyright and the title of the document must be included when reproduced as part of another publication or service.
2
Contents
Introduction ....................................................................................................................... 4 Critical National Infrastructure.......................................................................................5 Threats and Hazards ......................................................................................................6 Our Security and Resilience Approach ...........................................................................7 Roles and Responsibilities .............................................................................................. 8 Public Summaries .............................................................................................................. 9 Chemicals – Department for Business, Energy and Industrial Strategy ....................... 10 Civil Nuclear – Department for Business, Energy and Industrial Strategy.................... 11 Communications - Department for Digital, Culture Media and Sport / Department for Business, Energy and Industrial Strategy ................................................................. 12 Defence – Ministry of Defence ....................................................................................... 13 Emergency Services – Home Office / Department for Transport / Department of Health and Social Care .................................................................................................... 14 Energy – Department for Business, Energy and Industrial Strategy............................. 15 Finance – Her Majesty’s Treasury .................................................................................. 16 Food – Department for Environment Food and Rural Affairs ....................................... 17 Government – Cabinet Office ......................................................................................... 18 Health – Department of Health and Social Care............................................................ 19 Space – Department for Business, Energy and Industrial Strategy............................... 20 Transport – Department for Transport .......................................................................... 21 Water – Department for Environment Food and Rural Affairs ..................................... 22 Further Information......................................................................................................... 23
3
Introduction
Securing the UK’s most essential public and private sector services against wide-ranging threats and hazards form an integral part of HMG’s National Security Strategy.1
The Cabinet Office commissions Lead Government Departments (LGDs) responsible for the UK’s 13 critical sectors to produce annual Sector Security and Resilience Plans (SSRPs), which describe: • LGDs’ approaches to critical sector security and resilience; • their assessments of significant risks to their sectors; • their approach to security and resilience in the UK; and • activities they plan to undertake to mitigate and respond to those risks.
The SSRPs are produced by officials in the LGDs, in consultation with infrastructure owners and operators, regulators and government agencies, before being signed-off by ministers.
The genesis of the SSRPs can be found in a report produced by Sir Michael Pitt, ‘Learning Lessons from the 2007 Floods’.2
The Sector Resilience Plans (SRPs) were originally intended to focus on resilience to flooding. In 2015 the scope of the Plans was expanded to cover all hazards and security threats relevant to each sector and they were renamed ‘Sector Security and Resilience Plans (SSRPs)’. Henceforth, the SSRPs have included information on physical, personnel and cyber security as well resilience to hazards.
The full SSRPs are classified documents as they contain sensitive security information. However each year, Government publishes unclassified summaries of the Sector Security and Resilience Plans to provide members of the public with information on activity being undertaken in each sector to improve security and resilience.
This document sets out the public summaries of the 2018-19 SSRPs with the intention of promoting public understanding of the risks to the UK’s critical sectors and measures being taken by HM Government to mitigate those risks.
To provide some context for the reader, this document also describes: • what we mean by ‘Critical National Infrastructure’ and ‘critical sectors’; • significant threats and hazards that can affect our critical sectors; • our approach to security and resilience in the UK; and • responsibilities of different organisations for critical sectors’ security and resilience.
1 https://www.gov.uk/government/uploads/system/uploads/attachment_data/file/61936/national-security-strategy.pdf 2http://webarchive.nationalarchives.gov.uk/20100702222706/http://archive.cabinetoffice.gov.uk/pittreview/_/media/assets/www.cabinetoffice.g ov.uk/flooding_review/pitt_review_full%20pdf.pdf
4
Critical National Infrastructure
National Infrastructure consists of those facilities, systems, sites, information, people, networks and processes necessary for a country to function and upon which daily life depends. It also includes some functions, sites and organisations which are not critical to the maintenance of essential services, but which need protection due to the potential dangers they could pose to the public in the event of an emergency (civil nuclear and chemicals sites, for example). There are some parts of the National Infrastructure system that are judged to be critical to the functioning of the country. This Critical National Infrastructure (CNI) includes buildings, networks and other systems that are needed to keep the UK running and provide the essential services upon which we rely (e.g. energy, finance, telecoms and water services). It also includes infrastructure which, if disrupted, could have a significant impact on our national security, national defence, or the functioning of the state. A significant proportion of our CNI is privately owned.
The UK’s Critical Infrastructure is defined by the Government as: ‘Those critical elements of Infrastructure (facilities, systems, sites, property, information, people,
networks and processes), the loss or compromise of which would result in major detrimental impact on the availability, delivery or integrity of essential services, leading to severe economic or
social consequences or to loss of life.‘
In the UK, there 13 Critical National Infrastructure Sectors: Chemicals, Civil Nuclear, Communications, Defence, Emergency Services, Energy, Finance, Food, Government, Health, Space, Transport and Water. Several sectors also have defined ‘sub-sectors’; Emergency Services for example can be split into Police, Ambulance, Fire and Rescue Services, and Her Majesty’s Coastguard.
5
Threats and Hazards
The Government’s assessment of threats and hazards to CNI is based on a continuous cycle of learning lessons from real world events, drawing on evidence and improving the ways in which we calculate the likelihood and potential impacts (consequences) of threats and hazards.
Understanding the range of threats and hazards facing our CNI is crucial to ensuring security measures and mitigations are proportionate, effective and responsive. The UK’s CNI faces various threats and hazards.
Threats
National Infrastructure could be targeted by hostile states, cyber criminals, terrorists or criminals for the purposes of disruption, espionage and/or financial gain.
For example, the Centre for the Protection of National Infrastructure (CPNI) judges that National Infrastructure sectors represent core strategic interests for foreign intelligence services, whose targeting against the sectors is likely to include espionage for economic, political, military or commercial gain.
While the current terrorist threat to the National Infrastructure can be characterised as generally limited and often aspirational, the transport sector continues to face enduringly high levels of threat from international terrorism. In addition, the Emergency Services and Defence sectors (specifically police and military personnel), also face a high level of threat from both international terrorism and Dissident Republic groups in Northern Ireland. With the continual diversification of the threat, the ambition and capability of terrorist groups to target UK Infrastructure is likely to continue to evolve.3
The National Cyber Security Centre (NCSC) judges there is also a growing cyber threat. There are now more devices connected to the internet than ever before, and with the growth of our dependence on technology comes increased risk. We know there are hostile states and cyber criminals that may seek to exploit UK organisations and Infrastructure to further their own agenda and prosperity. Campaigns can be persistent, including espionage, intellectual property theft or extortion by ransoming data, or through malware. 4
Hazards
There are various natural hazards (e.g. flooding, severe weather and storms) that can also disrupt the day-to-day functioning of the UK’s National Infrastructure. Disruption to National Infrastructure can also be caused by public disorder and societal pressures such as staff absence – due, for example, to widespread influenza or industrial action - leading to temporary closures, reduced services, or services continuing but at reduced capacity.
With the continual diversification and evolution of threats and hazards, it’s important to build the capability of the UK’s Infrastructure to withstand and recover from a range of possible events.
3 https://www.cpni.gov.uk/national-security-threats 4 https://www.ncsc.gov.uk/news/2018-annual-review
6
Our Security & Resilience Approach
Government’s core objective includes reducing CNI’s vulnerability to threats and hazards and improving resilience by strengthening the ability of CNI to withstand and recover from disruption. Its approach to security and resilience focuses on Resistance, Reliability, Redundancy, and Response & Recovery.
Resistance
Reliability
Infrastructure Security and Resilience
Redundancy
Response & Recovery
Figure 1: The components of Infrastructure resilience
• Resistance: Concerns direct physical protection (e.g. the erection of flood defences). Resistance is ensured by preventing damage or disruption through the protection of Infrastructure against threats and hazards. This includes reducing vulnerability through physical, personnel and cyber security measures.
• Reliability: The capability of Infrastructure to maintain operations under a range of conditions to mitigate against damage from an event (e.g. by ensuring that electrical cabling is able to operate in extremes of heat and cold).
• Redundancy: The adaptability of an asset or network to ensure the availability of backup installations, systems or processes or spare capacity (e.g. back-up data centres).
• Response & Recovery: An organisation’s ability to rapidly and effectively respond to, and recover from, disruptive events.
7
Roles and Responsibilities
A wide range of organisations are responsible for critical sectors’ security and resilience, including the owners and operators, emergency services and local and central government.
Infrastructure owners and operators
Day-to-day operating of our National Infrastructure is the responsibility of the owners and operators. They carry out risk assessments at the asset level and make calculated decisions on maintenance, training and investment to improve organisational and asset-level security and resilience.
Regulators
Regulators support Lead Government Departments by ensuring relevant legislation and regulation are observed, for example as part of sites’ licence conditions. To build resilience, some regulators can intervene and require organisations to meet particular security and resilience obligations or standards as conditions for their continued operation.
Local authorities and emergency services
In accordance with the Civil Contingencies Act 2004, local authorities and emergency services are required to identify and assess the likelihood and impact of potential emergencies (including Infrastructure emergencies) that could affect members of the public within their areas of jurisdiction. They are also required to develop emergency response plans to address those risks.
Government Agencies
Several agencies provide central government, regulators and Infrastructure owners and operators with advice on Infrastructure risks and mitigation. For example, the Centre for the Protection of National Infrastructure (CPNI) provides protective security advice to businesses and organisations across the UK’s National Infrastructure. They also provide integrated advice on physical and personnel security, aimed at minimising risk and reducing our vulnerability to terrorism, espionage, and other national security threats.
The National Cyber Security Centre (NCSC) was established in 2016 as part of the Government Communications Headquarters (GCHQ) and brings together cyber expertise from a wide range of previously disparate cyber organisations. The Centre’s main purpose is to reduce the cyber security risk to the UK, working with businesses and individuals to provide authoritative and coherent cyber security advice and cyber incident management, underpinned by world class research and innovation.
Lead Government Departments
Lead Government Departments are responsible for sector-level security and resilience policy development (including legislation). They produce the Sector Security and Resilience Plans (SSRPs), which set out each Department’s understanding of the risks to their sectors and the key activities they will undertake to address those risks during the year ahead. The 2018-19 SSRPs are summarised in the following section of this document.
8
Public Summaries
This section of the document sets out the public summaries of the 2018-19 Sector Security and Resilience Plans (SSRPs). The table below shows which Lead Government Department is responsible for producing each SSRP.
Chemicals Civil Nuclear
Sector
Communications Defence
Emergency Services
Energy Finance Food Government Health Space Transport
Water
Sector Resilience Lead 5 Department for Business, Energy and Industrial Strategy Department for Business, Energy and Industrial Strategy Department for Digital, Culture, Media and Sport Department for Business, Energy and Industrial Strategy Ministry of Defence
Department of Health and Social Care
Department for Transport
Home Office
Department for Business, Energy and Industrial Strategy
HM Treasury Department for Environment, Food and Rural Affairs Cabinet Office
Department of Health and Social Care
UK Space Agency
Department for Transport
Department for Environment, Food and Rural Affairs
5 Where responsibility for the resilience of the sector sits with a Devolved Administration, relevant government departments and the Devolved Administrations worked together to ensure the 2018-19 Sector Security and Resilience Plans covered the entirety of the UK.
9
Chemicals Sector
Department for Business, Energy and Industrial Strategy
The chemicals sector complies with stringent safety and environmental legislation. Internationally agreed conventions promote the resilience of the sector’s infrastructure to the most relevant risks. Work continues to identify and review the resilience of key manufacturing sites to a range of disruptive challenges, in order to complement existing measures to prevent casualties from chemical releases.
Assessment of Existing Resilience
Resilience in the chemical sector is not specifically mandated by regulation, but the requirement for site owners to comply with safety and environmental legislation or conventions promotes a strong safety culture; for example:
Sites subject to COMAH (Control of Major Accident Hazard) regulations must take all necessary measures to prevent major accidents involving dangerous substances and limit the consequences to people and the environment of any major accidents which do occur, e.g. by working with local emergency planners and responders to prepare suitable emergency plans;
To support site protection and incident response at the local level, emergency planning authorities work with infrastructure owners to maintain emergency plans and lists of hazardous substances on site.
The relevant sector trade association requires its members to adopt additional measures, going beyond statutory requirements, which enhance resilience.
Building Resilience
Building resilience in the sector is focused on preventing or minimising casualties following a chemical release. Work continues with stakeholders – site owners, sector organisations and across government – to encourage and promote resilience.
Work will continue to encourage key manufacturing sites to consider their resilience to major risks and to develop mitigating measures so that any impacts on the public will be minimised.
For sites which hold defined quantities of very highly hazardous substances, COMAH safety reports must include details of the measures taken to prevent releases in a variety of scenarios, such as during floods and storms.
10
2018
1
Produced by: Cabinet Office 35 Great Smith Street LONDON SW1P 3BQ www.gov.uk/government/organisations/cabinet-office Contact: Civil Contingencies Secretariat [email protected] Publication date: February 2019 © Crown copyright 2019 The text in this document may be reproduced free of charge in any format or media without requiring specific permission. This is subject to it not being used in a derogatory manner or in a misleading context. The source of the material must be acknowledged as Crown copyright and the title of the document must be included when reproduced as part of another publication or service.
2
Contents
Introduction ....................................................................................................................... 4 Critical National Infrastructure.......................................................................................5 Threats and Hazards ......................................................................................................6 Our Security and Resilience Approach ...........................................................................7 Roles and Responsibilities .............................................................................................. 8 Public Summaries .............................................................................................................. 9 Chemicals – Department for Business, Energy and Industrial Strategy ....................... 10 Civil Nuclear – Department for Business, Energy and Industrial Strategy.................... 11 Communications - Department for Digital, Culture Media and Sport / Department for Business, Energy and Industrial Strategy ................................................................. 12 Defence – Ministry of Defence ....................................................................................... 13 Emergency Services – Home Office / Department for Transport / Department of Health and Social Care .................................................................................................... 14 Energy – Department for Business, Energy and Industrial Strategy............................. 15 Finance – Her Majesty’s Treasury .................................................................................. 16 Food – Department for Environment Food and Rural Affairs ....................................... 17 Government – Cabinet Office ......................................................................................... 18 Health – Department of Health and Social Care............................................................ 19 Space – Department for Business, Energy and Industrial Strategy............................... 20 Transport – Department for Transport .......................................................................... 21 Water – Department for Environment Food and Rural Affairs ..................................... 22 Further Information......................................................................................................... 23
3
Introduction
Securing the UK’s most essential public and private sector services against wide-ranging threats and hazards form an integral part of HMG’s National Security Strategy.1
The Cabinet Office commissions Lead Government Departments (LGDs) responsible for the UK’s 13 critical sectors to produce annual Sector Security and Resilience Plans (SSRPs), which describe: • LGDs’ approaches to critical sector security and resilience; • their assessments of significant risks to their sectors; • their approach to security and resilience in the UK; and • activities they plan to undertake to mitigate and respond to those risks.
The SSRPs are produced by officials in the LGDs, in consultation with infrastructure owners and operators, regulators and government agencies, before being signed-off by ministers.
The genesis of the SSRPs can be found in a report produced by Sir Michael Pitt, ‘Learning Lessons from the 2007 Floods’.2
The Sector Resilience Plans (SRPs) were originally intended to focus on resilience to flooding. In 2015 the scope of the Plans was expanded to cover all hazards and security threats relevant to each sector and they were renamed ‘Sector Security and Resilience Plans (SSRPs)’. Henceforth, the SSRPs have included information on physical, personnel and cyber security as well resilience to hazards.
The full SSRPs are classified documents as they contain sensitive security information. However each year, Government publishes unclassified summaries of the Sector Security and Resilience Plans to provide members of the public with information on activity being undertaken in each sector to improve security and resilience.
This document sets out the public summaries of the 2018-19 SSRPs with the intention of promoting public understanding of the risks to the UK’s critical sectors and measures being taken by HM Government to mitigate those risks.
To provide some context for the reader, this document also describes: • what we mean by ‘Critical National Infrastructure’ and ‘critical sectors’; • significant threats and hazards that can affect our critical sectors; • our approach to security and resilience in the UK; and • responsibilities of different organisations for critical sectors’ security and resilience.
1 https://www.gov.uk/government/uploads/system/uploads/attachment_data/file/61936/national-security-strategy.pdf 2http://webarchive.nationalarchives.gov.uk/20100702222706/http://archive.cabinetoffice.gov.uk/pittreview/_/media/assets/www.cabinetoffice.g ov.uk/flooding_review/pitt_review_full%20pdf.pdf
4
Critical National Infrastructure
National Infrastructure consists of those facilities, systems, sites, information, people, networks and processes necessary for a country to function and upon which daily life depends. It also includes some functions, sites and organisations which are not critical to the maintenance of essential services, but which need protection due to the potential dangers they could pose to the public in the event of an emergency (civil nuclear and chemicals sites, for example). There are some parts of the National Infrastructure system that are judged to be critical to the functioning of the country. This Critical National Infrastructure (CNI) includes buildings, networks and other systems that are needed to keep the UK running and provide the essential services upon which we rely (e.g. energy, finance, telecoms and water services). It also includes infrastructure which, if disrupted, could have a significant impact on our national security, national defence, or the functioning of the state. A significant proportion of our CNI is privately owned.
The UK’s Critical Infrastructure is defined by the Government as: ‘Those critical elements of Infrastructure (facilities, systems, sites, property, information, people,
networks and processes), the loss or compromise of which would result in major detrimental impact on the availability, delivery or integrity of essential services, leading to severe economic or
social consequences or to loss of life.‘
In the UK, there 13 Critical National Infrastructure Sectors: Chemicals, Civil Nuclear, Communications, Defence, Emergency Services, Energy, Finance, Food, Government, Health, Space, Transport and Water. Several sectors also have defined ‘sub-sectors’; Emergency Services for example can be split into Police, Ambulance, Fire and Rescue Services, and Her Majesty’s Coastguard.
5
Threats and Hazards
The Government’s assessment of threats and hazards to CNI is based on a continuous cycle of learning lessons from real world events, drawing on evidence and improving the ways in which we calculate the likelihood and potential impacts (consequences) of threats and hazards.
Understanding the range of threats and hazards facing our CNI is crucial to ensuring security measures and mitigations are proportionate, effective and responsive. The UK’s CNI faces various threats and hazards.
Threats
National Infrastructure could be targeted by hostile states, cyber criminals, terrorists or criminals for the purposes of disruption, espionage and/or financial gain.
For example, the Centre for the Protection of National Infrastructure (CPNI) judges that National Infrastructure sectors represent core strategic interests for foreign intelligence services, whose targeting against the sectors is likely to include espionage for economic, political, military or commercial gain.
While the current terrorist threat to the National Infrastructure can be characterised as generally limited and often aspirational, the transport sector continues to face enduringly high levels of threat from international terrorism. In addition, the Emergency Services and Defence sectors (specifically police and military personnel), also face a high level of threat from both international terrorism and Dissident Republic groups in Northern Ireland. With the continual diversification of the threat, the ambition and capability of terrorist groups to target UK Infrastructure is likely to continue to evolve.3
The National Cyber Security Centre (NCSC) judges there is also a growing cyber threat. There are now more devices connected to the internet than ever before, and with the growth of our dependence on technology comes increased risk. We know there are hostile states and cyber criminals that may seek to exploit UK organisations and Infrastructure to further their own agenda and prosperity. Campaigns can be persistent, including espionage, intellectual property theft or extortion by ransoming data, or through malware. 4
Hazards
There are various natural hazards (e.g. flooding, severe weather and storms) that can also disrupt the day-to-day functioning of the UK’s National Infrastructure. Disruption to National Infrastructure can also be caused by public disorder and societal pressures such as staff absence – due, for example, to widespread influenza or industrial action - leading to temporary closures, reduced services, or services continuing but at reduced capacity.
With the continual diversification and evolution of threats and hazards, it’s important to build the capability of the UK’s Infrastructure to withstand and recover from a range of possible events.
3 https://www.cpni.gov.uk/national-security-threats 4 https://www.ncsc.gov.uk/news/2018-annual-review
6
Our Security & Resilience Approach
Government’s core objective includes reducing CNI’s vulnerability to threats and hazards and improving resilience by strengthening the ability of CNI to withstand and recover from disruption. Its approach to security and resilience focuses on Resistance, Reliability, Redundancy, and Response & Recovery.
Resistance
Reliability
Infrastructure Security and Resilience
Redundancy
Response & Recovery
Figure 1: The components of Infrastructure resilience
• Resistance: Concerns direct physical protection (e.g. the erection of flood defences). Resistance is ensured by preventing damage or disruption through the protection of Infrastructure against threats and hazards. This includes reducing vulnerability through physical, personnel and cyber security measures.
• Reliability: The capability of Infrastructure to maintain operations under a range of conditions to mitigate against damage from an event (e.g. by ensuring that electrical cabling is able to operate in extremes of heat and cold).
• Redundancy: The adaptability of an asset or network to ensure the availability of backup installations, systems or processes or spare capacity (e.g. back-up data centres).
• Response & Recovery: An organisation’s ability to rapidly and effectively respond to, and recover from, disruptive events.
7
Roles and Responsibilities
A wide range of organisations are responsible for critical sectors’ security and resilience, including the owners and operators, emergency services and local and central government.
Infrastructure owners and operators
Day-to-day operating of our National Infrastructure is the responsibility of the owners and operators. They carry out risk assessments at the asset level and make calculated decisions on maintenance, training and investment to improve organisational and asset-level security and resilience.
Regulators
Regulators support Lead Government Departments by ensuring relevant legislation and regulation are observed, for example as part of sites’ licence conditions. To build resilience, some regulators can intervene and require organisations to meet particular security and resilience obligations or standards as conditions for their continued operation.
Local authorities and emergency services
In accordance with the Civil Contingencies Act 2004, local authorities and emergency services are required to identify and assess the likelihood and impact of potential emergencies (including Infrastructure emergencies) that could affect members of the public within their areas of jurisdiction. They are also required to develop emergency response plans to address those risks.
Government Agencies
Several agencies provide central government, regulators and Infrastructure owners and operators with advice on Infrastructure risks and mitigation. For example, the Centre for the Protection of National Infrastructure (CPNI) provides protective security advice to businesses and organisations across the UK’s National Infrastructure. They also provide integrated advice on physical and personnel security, aimed at minimising risk and reducing our vulnerability to terrorism, espionage, and other national security threats.
The National Cyber Security Centre (NCSC) was established in 2016 as part of the Government Communications Headquarters (GCHQ) and brings together cyber expertise from a wide range of previously disparate cyber organisations. The Centre’s main purpose is to reduce the cyber security risk to the UK, working with businesses and individuals to provide authoritative and coherent cyber security advice and cyber incident management, underpinned by world class research and innovation.
Lead Government Departments
Lead Government Departments are responsible for sector-level security and resilience policy development (including legislation). They produce the Sector Security and Resilience Plans (SSRPs), which set out each Department’s understanding of the risks to their sectors and the key activities they will undertake to address those risks during the year ahead. The 2018-19 SSRPs are summarised in the following section of this document.
8
Public Summaries
This section of the document sets out the public summaries of the 2018-19 Sector Security and Resilience Plans (SSRPs). The table below shows which Lead Government Department is responsible for producing each SSRP.
Chemicals Civil Nuclear
Sector
Communications Defence
Emergency Services
Energy Finance Food Government Health Space Transport
Water
Sector Resilience Lead 5 Department for Business, Energy and Industrial Strategy Department for Business, Energy and Industrial Strategy Department for Digital, Culture, Media and Sport Department for Business, Energy and Industrial Strategy Ministry of Defence
Department of Health and Social Care
Department for Transport
Home Office
Department for Business, Energy and Industrial Strategy
HM Treasury Department for Environment, Food and Rural Affairs Cabinet Office
Department of Health and Social Care
UK Space Agency
Department for Transport
Department for Environment, Food and Rural Affairs
5 Where responsibility for the resilience of the sector sits with a Devolved Administration, relevant government departments and the Devolved Administrations worked together to ensure the 2018-19 Sector Security and Resilience Plans covered the entirety of the UK.
9
Chemicals Sector
Department for Business, Energy and Industrial Strategy
The chemicals sector complies with stringent safety and environmental legislation. Internationally agreed conventions promote the resilience of the sector’s infrastructure to the most relevant risks. Work continues to identify and review the resilience of key manufacturing sites to a range of disruptive challenges, in order to complement existing measures to prevent casualties from chemical releases.
Assessment of Existing Resilience
Resilience in the chemical sector is not specifically mandated by regulation, but the requirement for site owners to comply with safety and environmental legislation or conventions promotes a strong safety culture; for example:
Sites subject to COMAH (Control of Major Accident Hazard) regulations must take all necessary measures to prevent major accidents involving dangerous substances and limit the consequences to people and the environment of any major accidents which do occur, e.g. by working with local emergency planners and responders to prepare suitable emergency plans;
To support site protection and incident response at the local level, emergency planning authorities work with infrastructure owners to maintain emergency plans and lists of hazardous substances on site.
The relevant sector trade association requires its members to adopt additional measures, going beyond statutory requirements, which enhance resilience.
Building Resilience
Building resilience in the sector is focused on preventing or minimising casualties following a chemical release. Work continues with stakeholders – site owners, sector organisations and across government – to encourage and promote resilience.
Work will continue to encourage key manufacturing sites to consider their resilience to major risks and to develop mitigating measures so that any impacts on the public will be minimised.
For sites which hold defined quantities of very highly hazardous substances, COMAH safety reports must include details of the measures taken to prevent releases in a variety of scenarios, such as during floods and storms.
10