article

Interview: CGE reveal how incident data can prevent future threats

Posted: 15 October 2018 | | No comments yet

CGE, a market leader in barrier-based risk management, helps companies across the globe to improve their operations by applying BowTieXP and BowTieServer to visually communicate and manage enterprise and operational risks.

Why is it so important to be able to analyse multiple data sources? i.e. to identify trends/to provide a more qualitative analysis/etc.

In order to be able to create the bow tie picture and analyse risks, reliable data sources are required. The strength of looking at multiple data sources is that it guides and turns the bowtie into a more complete and dynamic picture. An airport, for example, can look at which incidents occurred at their airport in the past, related to airport security, but why not also look at incidents that happened at similar airports? Not only historical data is of great value as input to the bow tie, but also predictive data sources such as maintenance planning or human resources. Airports can also proactively gain more data about their barriers by means audits. Questions can be made per barrier and people can answers these questions per survey.

Can you run us through CGE’s BowTieXP software and what makes it unique?

Let’s run through a number of our software packages, strong as separately functioning tools but adding real value by combining and linking the entire product suite. BowTieXP is the most commonly used risk assessment software that is based on the bow tie methodology. The software enables you to easily create bow tie diagrams to assess risk. Once a bow tie diagram is created the software makes it possible to link your management system information to your barriers, such as training, maintenance and certificates.

Want to learn more?

CGE Risk Management Solutions are sponsoring our Airport IT & Security 2018 – click here to book your place!

In addition to the BowTieXP software, we have developed add-on modules to transform the bow tie risk management diagram into a dynamic picture. IncidentXP is one of the add-ons which allows you to analyse incidents with various barrier-based and non-barrier based methods. The powerful combination of IncidentXP and BowTieXP allows viewing of incident data on your bow tie.

Of course you don’t want to wait until an incident happens before you can gain more insight into our barriers, therefore we have built AuditXP. This allows you to proactively enquire after the performance of your barriers.

In order to manage the barriers on different levels across the organisations, BowTieServer was created. This is a central bow tie repository including an action tracking system, incident reporting system, audit module, and Task Risk Analysis module (Work bow ties). Currently there are organisations who also only use it to communicate risks across the industry or among all stakeholders.

The uniqueness of the complete product suite is that it allows you to apply a continuous cycle of barrier based risk management. A bow tie should be a dynamic picture, since environments, knowledge and systems change continuously.

How can airports deal with the threats of cyber security?

The strength lies in the ability of a bow tie to map barriers that deal with threats leading to a cyber-attack. But more importantly, what are the barriers an airport has in place once a cyber-attack takes place? Of course you want to prevent a cyber-attack in the first place, but airports should also ask themselves whether they are able to stop it once it happens. The bow tie helps organisations to understand what barriers they have to prevent an unwanted event like a cyber-attack, and what barriers they have to minimise the impacts on people, financial loss and reputational damage. We have drawn an example bow tie below. We can still recover from the moment we have unauthorised access to a control system.

How do you believe the airport security industry will change in the future?

If we look at how risk management is done in the airport security industry, we believe it changes in the way risk is communicated. Airport security threats are becoming bigger for many airports across the globe. If the industry would work together even more and share best practices, organisations get more insights in airport security and can learn from each other’s approaches. Maybe even sharing data sources to create a more dynamic risk picture. The bow tie methodology will be a great tool to communicate risk management in one common language across all stakeholders of airport security and airports around the world.

Biography 

Emma Verschoor has a degree in Aviation Logistics from the University of Applied Sciences, Amsterdam. This university closely works with industry professionals, such as Amsterdam Airport Schiphol and KLM Royal Dutch Airlines. The aviation department focuses on the logistical streams within the aviation system. After her graduation, CGE Risk Management Solutions invited Emma to be part of the safety specialists and product management team, where she provides training and implementation support in barrier-based risk management using. 

 

The rest of this article is restricted - login or subscribe free to access

IAR Issue 4 2024 - Mini MagThank you for visiting our website. To access this content in full you'll need to login. It's completely free to subscribe, and in less than a minute you can continue reading. If you've already subscribed, great - just login.

Why subscribe? Join our growing community of thousands of industry professionals and gain access to:

  • bi-monthly issues in print and/or digital format
  • case studies, whitepapers, webinars and industry-leading content
  • breaking news and features
  • our extensive online archive of thousands of articles and years of past issues
  • ...And it's all free!

Click here to Subscribe today Login here

 


Send this to a friend