9

00
t2
Ac
A
IP
G
SW
N
er
nd
e
el
R

GIPA Application 19S-0015 - Page 1

 9
00
t2
Ac
A
IP
G
SW
e rN
nd
U
d
se
ea
el
R

GIPA Application 19S-0015 - Page 2

 9
00
t2
Ac
A
IP
G
SW
e rN
nd
U
d
se
ea
el
R

GIPA Application 19S-0015 - Page 3

 9
00
t2
Ac
A
IP
G
SW
e rN
nd
U
d
se
ea
el
R

GIPA Application 19S-0015 - Page 4

 9
00
t2
Ac
A
IP
G
SW
e rN
nd
U
d
se
ea
el
R

GIPA Application 19S-0015 - Page 5

 9
00
t2
Ac
A
IP
G
SW
e rN
nd
U
d
se
ea
el
R

GIPA Application 19S-0015 - Page 6

 9
00
t2
Ac
A
IP
G
SW
e rN
nd
U
d
se
ea
el
R

GIPA Application 19S-0015 - Page 7

 9
00
t2
Ac
A
IP
G
SW
e rN
nd
U
d
se
ea
el
R

GIPA Application 19S-0015 - Page 8

 9
00
t2
Ac
A
IP
G
SW
e rN
nd
U
d
se
ea
el
R

GIPA Application 19S-0015 - Page 9

 9
00
t2
Ac
A
IP
G
SW
e rN
nd
U
d
se
ea
el
R

GIPA Application 19S-0015 - Page 10

 9
00
t2
Ac
A
IP
G
SW
e rN
nd
U
d
se
ea
el
R

GIPA Application 19S-0015 - Page 11

 9
00
t2
Ac
A
IP
G
SW
e rN
nd
U
d
se
ea
el
R

GIPA Application 19S-0015 - Page 12

 9
00
t2
Ac
A
IP
G
SW
e rN
nd
U
d
se
ea
el
R

GIPA Application 19S-0015 - Page 13

 9
00
t2
Ac
A
IP
G
SW
e rN
nd
U
d
se
ea
el
R

GIPA Application 19S-0015 - Page 14

 9
00
t2
Ac
A
IP
G
SW
e rN
nd
U
d
se
ea
el
R

GIPA Application 19S-0015 - Page 15

 9
00
t2
Ac
A
IP
G
SW
e rN
nd
U
d
se
ea
el
R

GIPA Application 19S-0015 - Page 16

 9
00
t2
Ac
A
IP
G
SW
e rN
nd
U
d
se
ea
el
R

GIPA Application 19S-0015 - Page 17

 9
00
t2
Ac
A
IP
G
SW
e rN
nd
U
d
se
ea
el
R

GIPA Application 19S-0015 - Page 18

 9
00
t2
Ac
A
IP
G
SW
e rN
nd
U
d
se
ea
el
R

GIPA Application 19S-0015 - Page 19

 9
00
t2
Ac
A
IP
G
SW
e rN
nd
U
d
se
ea
el
R

GIPA Application 19S-0015 - Page 20

 9
00
t2
Ac
A
IP
G
SW
e rN
nd
U
d
se
ea
el
R

GIPA Application 19S-0015 - Page 21

 9
00
t2
Ac
A
IP
G
SW
e rN
nd
U
d
se
ea
el
R

GIPA Application 19S-0015 - Page 22

 9
00
t2
Ac
A
IP
G
SW
e rN
nd
U
d
se
ea
el
R

GIPA Application 19S-0015 - Page 23

Operational Incident & Emergency
Preparedness Management
Final

July 2018

Engagement Reference: 2018 - 012

Report Date: 4 July 2018
Issued By: Darani Brown, Director, Internal Audit & Assurance Governance
Distribution: George Stojkovski, Executive Director, Operations Delivery

9
Nev Nichols, Executive Director, Safety Environment & Risk

00
Susannah Le Bron, Executive Director, Customer Service

t2
Matthew Coates, Director, Safety & Standards

Ac
Stuart Middleton, Deputy Executive Director, Network Operations
Michael Croning, Deputy Executive Director, Operations Support
A
IP
Arthur Loucas, Deputy Executive Director, Customer Support
G

Distribution for Howard Collins, Chief Executive

Information:
SW

Executive Management Team

Peter Crimp, Deputy Executive Director, Finance
N

Jamie McDonald, Director, Risk

er

NSW Audit Office

nd

Internal Audit: Vladimir Chugunov, Associate Director, Internal Audit

e
el
R

GIPA Application 19S-0015 - Page 24

Contents
1. Executive Summary ...................................................................................................................... 3
2. Summary of Issues ....................................................................................................................... 6
3. Issues Identified ............................................................................................................................ 8
3.1 Organisational oversight and monitoring of emergency preparedness activities is limited. ..... 8
3.2 The IMF Level 3 incident priorities are not clearly defined. ..................................................... 9
3.3 The IMF documentation does not reflect changes in roles and responsibilities. .................... 10
3.4 The reporting of IMF Level 3 incidents in the Incident Management System (IIMS) is
inconsistent and does not allow for analysis and review. ..................................................... 11
3.5 There is limited regular incident and emergency preparedness training for ST staff. ............ 13
3.6 Emergency preparedness exercises are not systematically conducted across the different
organisational levels of ST................................................................................................... 14
3.7 Post-Incident Debrief (PID) action items do not effectively facilitate a process of continuous
improvement........................................................................................................................ 16

9
3.8 Internal communications procedures are not adhered to during IMF Level 3 incidents. ........ 17

00
Appendix 1: List of Interviewees ..................................................................................................... 18

t2
Appendix 2: Terms of Reference and Alignment to Risks ............................................................... 19

Ac
Appendix 3: Control Rating Definitions ............................................................................................ 20
A
Appendix 4: Issues Rating Definitions ............................................................................................. 21
IP
G
SW
e rN
nd
U
d
se
ea
el
R

Purpose
The Operational Incident & Emergency Preparedness Management review was included in the
Internal Audit Program for the 2017/18 Financial Year approved by the Sydney Trains (ST) Audit
and Risk Committee. The objective of the review is to assess the design effectiveness of the
controls implemented to manage incident and emergency preparedness at ST.
Management Agreement
Management agree with the issues raised in the report and will action the items as agreed. The
actions to be taken to address the issues are detailed against the individual items in the detail of the
report.
Risk Management
Internal Audit recommends that the Management review and update the directorate/division risk
registers as required.

Final Report – Operational Incident & Emergency Preparedness Management – July 2018 – Strictly Confidential 2

GIPA Application 19S-0015 - Page 25

1. Executive Summary
Introduction
Sydney Trains’ (ST) emergency preparedness arrangements support its safe, effective, and efficient
recovery from disruptions and emergencies. This is achieved through a combination of the
emergency plans, staff and management training, testing, and exercising.
The scope of this internal audit focused on the incident and emergency preparedness activities for
Level 3 incidents as described in the Incident Management Framework (IMF). Level 3 incidents are
incidents/emergencies resulting in major customer or network impact.
The overarching risk identified from ST planning activities was “Excessive business disruption and
threats to safety due to poor response to a major incident/emergency”.
Network disruptions in January 2018 identified weaknesses in the underlying approach to recover
from unplanned incidents.
The IMF is the foundational document detailing the plan, roles and responsibilities, and
arrangements for incident and emergency training and testing. It is also now being used to manage
network impacts and to return the network to timetable. This has not yet been reflected in the IMF
documentation.

9
Overall, the status of the IMF and related documentation is as follows:

00
t2
Ac
A
IP
G
SW
e rN
nd
U
d
se
ea
el
R

Before 2013, the Emergency Preparedness Division (EPD) was responsible for emergency
preparedness arrangements across the organisation, in particular, leading and embedding the
aspects of emergency preparedness planning, training, and exercising. In 2013, the division was
disbanded, and the responsibilities for training and testing were decentralised, with each Directorate
responsible for training, testing, and exercising their staff.
ST is investing in improving incident response operations, including the new Rail Operations Centre
(ROC), due to be operational in late 2018, and the introduction of the Rail Emergency Management
(REM) system, scheduled for late 2018.
Incident and emergency preparedness and business continuity are integrally linked as part of ST
response and recovery process. Accordingly, several recommendations in this report are aligned
with the recent Business Continuity internal audit findings. ST management have the opportunity to
leverage several actions from the Business Continuity report to also address the recommendations
in this report.

Final Report – Operational Incident & Emergency Preparedness Management – July 2018 – Strictly Confidential 3

GIPA Application 19S-0015 - Page 26

 9
00
t2
Ac
A
IP
G
SW
e rN
nd
U
d
se
ea
el
R

GIPA Application 19S-0015 - Page 27

 9
00
t2
Ac
A
IP
G
SW
e rN
nd
U
d
se
ea
el
R

GIPA Application 19S-0015 - Page 28

 9
00
t2
Ac
A
IP
G
SW
e rN
nd
U
d
se
ea
el
R

GIPA Application 19S-0015 - Page 29

 9
00
t2
Ac
A
IP
G
SW
e rN
nd
U
d
se
ea
el
R

GIPA Application 19S-0015 - Page 30

 9
00
t2
Ac
A
IP
G
SW
e rN
nd
U
d
se
ea
el
R

GIPA Application 19S-0015 - Page 31

 9
00
t2
Ac
A
IP
G
SW
e rN
nd
U
d
se
ea
el
R

GIPA Application 19S-0015 - Page 32

 9
00
t2
Ac
A
IP
G
SW
e rN
nd
U
d
se
ea
el
R

GIPA Application 19S-0015 - Page 33

 9
00
t2
Ac
A
IP
G
SW
e rN
nd
U
d
se
ea
el
R

GIPA Application 19S-0015 - Page 34

 9
00
t2
Ac
A
IP
G
SW
e rN
nd
U
d
se
ea
el
R

GIPA Application 19S-0015 - Page 35

 9
00
t2
Ac
A
IP
G
SW
e rN
nd
U
d
se
ea
el
R

GIPA Application 19S-0015 - Page 36

 9
00
t2
Ac
A
IP
G
SW
e rN
nd
U
d
se
ea
el
R

GIPA Application 19S-0015 - Page 37

 9
00
t2
Ac
A
IP
G
SW
e rN
nd
U
d
se
ea
el
R

GIPA Application 19S-0015 - Page 38

 9
00
t2
Ac
A
IP
G
SW
e rN
nd
U
d
se
ea
el
R

GIPA Application 19S-0015 - Page 39

 9
00
t2
Ac
A
IP
G
SW
e rN
nd
U
d
se
ea
el
R

GIPA Application 19S-0015 - Page 40

 9
00
t2
Ac
A
IP
G
SW
e rN
nd
U
d
se
ea
el
R

GIPA Application 19S-0015 - Page 41

 9
00
t2
Ac
A
IP
G
SW
e rN
nd
U
d
se
ea
el
R

GIPA Application 19S-0015 - Page 42

 9
00
t2
Ac
A
IP
G
SW
e rN
nd
U
d
se
ea
el
R

GIPA Application 19S-0015 - Page 43

 9
00
t2
Ac
A
IP
G
SW
e rN
nd
U
d
se
ea
el
R

GIPA Application 19S-0015 - Page 44