Professional Documents
Culture Documents
Contingency v18 13
Contingency v18 13
net/publication/230807504
CITATIONS READS
4 37,596
2 authors:
Some of the authors of this publication are also working on these related projects:
All content following this page was uploaded by Leão J Fernandes on 13 June 2014.
a
Fernandes is an Information Systems Manager for CLC, a strategic Portuguese oil and gas
storage and transport company constituted by the energy groups GalpEnergia, British Petroleum
and Repsol. He holds a Masters degree in Operations Research from the University of Lisbon and a
MBA in E-Business from the Lusófona University. Besides having global experience in Portugal,
Netherlands and India, he has specialized in Information systems management and the Oil and Gas
industry.
b
Saldanha da Gama is a Professor at the Department of Statistics and Operations Research,
Faculty of Science, University of Lisbon. He holds a PhD degree in Statistics and Operations
Research from the University of Lisbon. Besides research and planning in the telecom industry, he
has lectured at University courses, oriented Master and Doctoral thesis, written several
publications in international journals, proceedings and technical reports, and also organized the
European Winter Institute in 2007.
Contingency Planning: A literature review
Abstract
In any large organization, it is essential to have mechanisms that ensure
constant operation. This is the reality faced everyday by the large logistics companies operating
worldwide. When there is an unexpected disruption, an appropriate contingency plan can make a
huge difference. The definition of an optimal contingency plan is a complex problem involving
diverse resources of which the following be highlighted: systems, equipment, spare parts, services
and specialized manpower. The contingency solution involves alternative processes and recovery
strategies so that in the case of a contingency, all the necessary resources are available in order to
bring the system back to normal operation using the minimum resources and in the least possible
time.
In this paper we survey the existing literature concerning contingency planning. In
particular we focus on different fields of activity pointing out the corresponding (specific) features.
The extensive literature is organized into various topics including business continuity plans,
contingency planning, project management, millennium bug, terrorism threats, government bodies,
military and space missions, informatics resources, norms, standards and implementation
methodologies. A general guidance model for contingency planning is also reviewed.
Keywords: Information Systems, Contingency Planning, Business Continuity.
Introduction
Frenetic globalization has reorganized the global economy into giant supply chain
networks which are characterized by constant mutation and innovation in their quest for survival. In
these complex structures, fighting new threats or adapting to new oportunities is a constant business
reality. In the face of extreme situations, as in accidents or disasters, the urgency to return to normal
conditions within the shortest time is crucial to the survival of those affected. Faced with the threat
to their own survival, companies rarely accept delays in reestablishment from disruptions even if it
is due to an accident or unexpected fact. Recovery and resumption procedures, best known as
contingency plans have emerged to remedy from post-disaster situations. The ultimate goal in the
event of a disaster is to avail of the appropriate resources to ensure quick restoration to normalcy.
There are different areas of interest for contingency plans. We find good examples in the
areas of planning for health systems, organizing of major events, urban infrastructure emergencies,
systems equipment and automated process failures, terrorism combat plans, military operations and
in natural and environmental disasters like droughts, tsunamis, earthquakes, floods and spills.
A mediatic and current example concerns the health systems, particularly in the context of
combating pandemics and epidemics, which include recent phenomena such as SARS, and avian
flue. The contingency plan for pandemic influenza prepared by the Ministério de Saúde do Brazil
[24] in 2005, involved a network of laboratories, the basic health care services, a network of
specialized assistance, including hospital structures, vaccine acquisition, marketing, distribution and
utilization facilities, besides the surveillance in ports, airports and country borders.
Major events like Olympic Games, cultural exhibitions and international summits, and
concentration of facilities and infrastructures are commonplace and can gather tens of thousands of
people. Various situations such as kidnapping, bomb threatening, disturbances caused by marginal
gangs, fires, explosions, natural disasters and use of weapons require the development of emergency
plans. The plan prepared by Illinois State Police [17] in 1999, contains contingency plan objectives,
security guides, crisis management plans as well as standardized codes of alert.
Known uncertainties such as the Year 2000 challenge, or unexpected ones like the 9/11
attack on the World Trade Center in New York, require very detailed contingency plans. Formiga
[11] in 2006, shows dramatic changes in contingency planning after September 11. While formerly
disaster recovery essentially focussed on Information Technology, the new circumstances changed
its scope even including partner companies and suppliers. In the case of strategic businesses, the
scope covers all businesses in that industry. Contingency planning thus covers failures of critical
systems, equipment, automated processes, energy, communications, suppliers and personnel.
Turbulence characterizes today’s business environment that is subject to fierce competition
and requires rapid response to crises. As the size and number of companies depending on a critical
structure increases, the impact of a crisis also upshoots, leveraging the value of contingency plans to
combat disruptions. The cost to implement and trigger a contingency plan can be high, but the
impact of its absence is prohibitive. Furthermore, the contingency plan total costs grow considerably
as we move from a small contingency, company, industry, national and up to an international
contingency. Not all the contingencies are necessarily linked but when that happens, a small
contingency if not curtailed in time, can create a snowball effect and rapidly trigger a greater crisis.
We will briefly review contingency planning in specific areas of traditional business where
these concepts are more developed before switching to its application in supply chain networks.
Known Unknowns
Towards the end of the 20th century, the computer industry made the biggest impact in
raising awareness of the organizations to the importance of contingency plans. The problem at hand
was the Millennium Bug (Y2K). In 1999, Day [6] identified millions of software, computers,
communication systems and electronic equipment with 2-digit real time clock (RTC) that could
have this problem. Given the short time that organizations in general had, and given the limited
human resources in the area of information technology that the consultancy firms had to develop its
consistency, companies had to create contingency plans, identifying all vulnerable systems, giving
priority to the most critical systems.
Many industrial companies analyze failures of processes to identify vulnerabilities in the
manufacturing process. The control systems in many factories are highly integrated. The states of a
system in many points can be used to calculate the optimal operating conditions. Indeed, the
complexity of a system can cause problems because a failure in one part of the system can quickly
spread to other areas. To prevent potential problems in contingency scenarios of the managers might
consider lowering the level of automation, moving from an integrated manner to the way automated
and, finally, for the control manual. The scenarios of contingency depend on the seriousness of the
problem and the appropriateness of measures of recovery. The worst scenario arises in the case of a
serious problem in that the measure of recovery is inadequate. In this case, the strategy will be more
secure switch to manual operation and use of low-tech means.
Following the attacks of September 11, 2001, contingency planning have a high priority for
organizations after the attacks affected thousands of major companies. According to Arnold [1], the
impacts and economic losses of these terrorist attacks were immense. As a direct result, only in
aviation 100000 people lost their jobs. The Comdisco, company for recovery of data, received 91
disaster declarations 76 of which simultaneously involving major banks and insurance companies,
that resulted in its own bankruptancy in the same year. Companies with destroyed infrastructure,
required to restore and rebuild their operations in order to continue their business. Many companies
had to change their location to vicinities of New York and implement their operations from scratch.
Information Systems
In 2004, Microsoft [23] in its approach to risk management and contingency plans uses the
concept of the Declaration of risk, condition and consequence to safety. If (condition) Threat of an
agent using a tool, a technique or a method to exploit a vulnerability, then (consequence) loss of
confidentiality, integrity or availability of an asset may result in an Impact. The condition provides a
description of an existing state or a possible threat that is considered harmful. The consequence
describes the undesirable loss of confidentiality, integrity or availability of an asset.
In 2002 IBM Global Services [16], strengthened its offer of Disaster Recovery and
Business Continuity. With 120 rehabilitation centres around the world, the company warns that
panic is the immediate reaction to disaster: "If there is no plan, people are lost." The prolongation of
a situation could mean the closure of the unit or the company. Hence, today businesses consider
contingency planning as an important business process, accepting it as an investment in safety.
More recently, White [28] 2005 relating to risk management, addresses the duality between
opportunities and risks. This gives rise to the concept of Enterprise Systems Engineering (ESE),
which recommends aggressiveness towards acceptance of opportunities and risks, as the highest risk
is in not seeking opportunities. Kuras and White [22], 2005, relativize the different types of
uncertainty in the following order: risk, opportunity, inaccessibility and unknown. The article refers
to Garvey’s [12], 2005 interpretation of risk, which believes that: There is no risk if the risk never
happens regardless of its result or the risk occurs without consequences or the risk happens for sure.
In the latter case the risk becomes an Issue, hence it must be eliminated.
The Bundesamt fur Sicherheit in der Informationstechnik (BSI [4]), the British Standards
Institute (BS) and International Standards Organization (ISO) have emerged as references for safety
of Information Systems. The Standard BS7799 was published by the British Standards (BS [3]) in
1995 and later replaced in 2000 by ISO 17799 Information Technology Security (ISO [18]), which
implemented the PDCA (Plan, Do, Check, Act) model. Later, British Standards defined BS7799-2
(BS [3]) on Information Security Management Systems in 2002, which was replaced by ISO 27001
Information Security Management System (ISO [19]) in October 2005.
Differentiation
+ Decentralization
Specialization
Integration
+ Formalization
Collaboration
Fernandes [10] in 2007 salients the importance of Contingency Planning in the Petroleum
Supply Chain. In Europe, the Petroleum industry has long begun a supply chain policy that has lead
to of lean strategic structures in order to achieve higher efficiency. In Portugal, the major petroleum
companies, GalpEnergia, BP and Shell (now Repsol), created CLC a strategic Oil & Gas storage
and transportation company. The suppliers, company and clients facilities, systems and processes
are intrinsically interlinked to form an extended Petroleum Supply Chain as shown in figure 2. In
the case of its disruption, it immediately affects the countrywide petroleum supply chain, escalating
to a crisis situation in a matter of hours. A prolongation of the situation can bring various sectors of
the economy to a standstill. Due to the companies strategic positioning, the Administration has
directed efforts of contingency planning in three folds: Operational Contingency Plan; Information
Systems Contingency Plan, Avian Flu related Contingency Plan.
Suppliers
1 2 3 4
Brokers Shipper
1 2
Jetty
Operations Dept.
Refinary Blend
CDU
processes tanks
Operations Dept.
Pipeline
Product Bottle
Logistics Storage tanks filling
Dept.
CLC
Transport
Clients
LEGENDA
Material flow
A Supply Chain Event Management (SCEM) is a related concept that is used to trigger
contingency planning. The thesis presents some real case examples of contingency planning as
presented in table 1.
Table 1. Examples of Contingencies in the Petroleum Supply Chain
Disruption Mode Description Contingency measure
Supply side Product shortage can lead to Use contingency measures including inter-
unmatched orders resulting company exchanges of product. Optimize
lower profits replenishment schedules to prioritize stocking
of the product in shortage. Other strategic
reserve capacity measures.
Supply side Product out of specification Order immediate suspension of receival of
can block upto 25 million contaminated lote. Expediate stock to
storage capacity per tank. industries with lower product specification
needs. Suply demand from alternate facilities.
Meet with suppliers and clients to redesign
contingency plan
Transportation Rupture in Pipeline can lead Suply demand from alternate facilities. Switch
to prolonged inoperation of to alternate mode of transport. Design
the supply chain contingency plan with suppliers and clients
Facilities Safeguard system out of Switch to manual mode operation. Activate
order leading to unsafe strict manual checks. Order immediate repair
operation services. Evaluate potential dangers and
alternative renovation requirements.
Information Failure of information Activation of redundant systems. Identify
Systems systems leading to problem area and action maintenance contract.
indisponibility of customer Gather sourcing information for alternate
order services system in worstcase cenario.
Comunications Comunication infrastructure Activate backup by PSTM lines. Localize
failure failure due to fiber optic interruption and source immediate mantence
interruption team. Activate other alternate measures.
Exceptional Demand over capacity due Optimize replenishment schedules. Optimize
demand to increased air traffic or and increase production shifts. Activate
heating necessity due to alternative supplies.
harsh winter
Contingency planning in supply chains is strongly referred to by Hale et al [13] in 2005.
The paper refers to the efforts made by Organizations in the United States of America, namely those
of the Federal Emergency Management Association (FEMA), Disaster Research Center (DRC) and
Council of Logistics Management (CLM). Since 2001, there have been innumerous references to
disaster planning within supply chains in four of the top journals namely: Journal of Business
Logistics, International Journal of Physical Distribution & Logistics Management, International
Journal of Logistics Management, and Supply Chain Management Review.
Conclusions
The literature reviewed, clearly demonstrates the importance of contingency planning in
Supply Chain Management as well as in traditional business. The documenting standards found in
the literature are not optimal resulting in static, descriptive and non-funtional plans. They could
benefit from a flexible structure thereby permitting constant improval and greater efficiency to the
planning process. This suggests ample scope for research on an optimal structure and considerations
for a broader usage of these plans.
Although Contingency plans are effectively a sound investment for probable failures, there
appears to be a shift, especially in supply chains to resilient building. Resilient organizations also
use the concepts of contingency planning to identify vulnerabilities throughout the supply chain and
use flexibility to patch existing gaps turning the entire system more robust. This method is
especially more effective in the case of low frequency high impact failures, where supply chains can
have an overall lift in risk management through flexible, standardized and integrated design.
References
[1] Arnold, R.L., Disaster Recovery Journal, October 2001, Attack on America:
recovery from Sept.11 Events is slow process, http://www.drj.com/special/srl.html
[2] Bliss, J., Risk Management and Contingency Planning, Arts and Humanities Data Service,
2005, http://ahds.ac.uk/creating/information-papers/risk-management
[3] BS, British Standards, The BS7799 / BS 7799 Security Standard, 1999,
http://www.thewindow.to/bs7799/
[4] BSI, BSI-Standard 100-3: Risk Analysis based on IT-Grundschutz, 2005,
http://www.bsi.de/english/publications/bsi_standards/standard_1003_e.pdf
[5] Business Continuity Institute, To promote the art and science of business continuity
management, 2007, http://www.thebci.org/
[6] Day, C.W., Are You Ready for Y2K? American School & University 71 (1999), 70-71.
[7] Decker, K., TAEMS: A framework for environment centered analysis & design of
coordination mechanisms, in G. O’Hara and N. Jennings, Foundations of distributed
artificial Intelligence, 1996, Willey Inter-Science, Chapter 16, 429-448.
[9] Felstead, C., The Challenge of IT Fixed End Projects – New Risk Management Strategies,
Project Management Institute Global Congress, Singapore, 21-23, February 2005.
[11] Formiga, A., Estratégia para a Continuidade de Negócio (Business Continuity Plan –
BCP), CESCE SI, Lisboa, 2006,
http://www.idc.pt/resources/PPTs/2006/Business_Continuity/5.CESCE.pdf
[12] Garvey, P., Probability methods for cost uncertainty analysis – A systems engineering
perspective, Marcel Decker, Inc., New York, 2005.
[13] Hale, T., Moberg, C.R., Improving supply chain disaster preparedness, International Journal of
Physical Distribution & Logistics Management, Emerald Group, Vol. 35, No. 3, 2005, 195-207
[14] Horling, B., Lesser, V., Vicent, R., Wagner, T., The Soft Real-Time Agent Control
Architecture, Autonomous Agents and Multi-Agent Systems 12 (2006), 35-91.
[15] Huang, M.Y., Chen, C.S., Lin, C.-H., Innovative service restoration of distributed systems by
considering short-term load forecasting of service zones, International Journal of Electric
Power & Energy Systems 27 (2005), 417-427.
[16] IBM Global Services, Business Continuity & Recovery Services, Integrated Technology
Services Newsletter Special Edition, 2002, http://www-5.ibm.com/services/pt/its/newsletters
[17] Illinois State Police, Safe Schools: Unified Emergency Contingency Plan for Schools, 1999,
http://edres.org/eric/ED433598.htm
[20] JP Morgan Chase Treasury Services, Wake-Up Call: Hurricanes Prompt Financial
Community to Re-think Business Continuity, 2005, http://www.jpmorganchase.com
[21] Kleindorfer, P.R., Saad, G.H., Managing Disruption Risks in Supply Chains, Production and
Operations Management, Vol 14, No. 1, Spring 2005, pp 53-68.
[22] Kuras, M.L., White, B.E., Engineering enterprises using complex-system engineering,
INCOSE 2005 Symposium, 10-15 July 2005, Rochester, New York, EUA.
[25] National Institute of Standards and Technology (USA), Contingency Plan Template,
2002, http://csrc.nist.gov/fasp/FASPDocs/contingency-plan/contingencyplan-template.doc
[26] Raja, A., Lesser, V., Wagner, T., Toward robust agent control in open environments,
Proceedings of the fourth International Conference on Autonomous Agents AGENTS’00,
Barcelona, Spain, 3 Junho, 2000, 84-91.
[27] Stonebraker, P.W., Afifi, R., Towards a contingency theory of supply chains, Management
Decision Journal, Emerald Group, Vol. 42, No. 9, 2004, 1131-1144
[28] White, B.E., Enterprise Opportunity and Risk, Mitre Corporation, Technical paper,
2006, http://www.mitre.org/work/tech_papers/tech_papers_06/05_1262/05_1262.pdf