Emergency Management Ontario :: Critical Infrastructure

Ontario’s Critical Infrastructure Assurance Program (OCIAP) is a province-wide initiative, that identifies and assess Ontario’s key facilities, systems and networks, and their interdependencies, and develop processes to mitigate them from physical and cyber threats and vulnerabilities.

The Program defines critical infrastructure as interdependent, interactive, interconnected networks of institutions, services, systems and processes that meet vital human needs, sustain the economy, protect public safety and security, and maintain continuity of and confidence in government.

The Program goes on to defines critical infrastructure assurance as the application of risk management and business continuity management processes and techniques for the purpose of reducing the vulnerabilities of critical infrastructure in both the physical and cyber realms by decreasing the frequency, duration and scope of disruptions and facilitating response and recovery.

To achieve this level of assurance, the program addresses identified critical infrastructures through nine sectors.

The government is responsible for two sectors:

• Public Safety and Security
• Continuity of Government.

The remaining eight sectors are mainly in the private sector:

• Food and Water
• Telecommunication Systems
• Electrical Power System
• Gas and Oil
• Financial Services
• Health System
• Transportation Networks.

Modelling Project

The need for a modelling tool was identified early in the development of the OCIAP as a means for sectors to better address their dependencies and interdependencies, to plan exercises, and to be used in real time during emergencies to generate options for decision makers review and consideration. To address this need Emergency Management Ontario and Public Safety Canada partnered in a joint venture to create a critical infrastructure (CI) interdependencies modelling tool. This tool was to be based on a previous CI risk- based application used by the Federal Government to plan for Y2K.

The project produced:

• A critical infrastructure interdependencies tool for emergency management programs;
• Procedures to incorporate the tool in an emergency management program;
• Enhanced capability for sector working groups to address dependencies and interdependencies with other sectors;
• A tool that has the capability to be used in real time during emergencies to determine dependencies interdependencies and assist in the evaluation of outcomes;
• A tool capable of assisting in the development of interdependencies exercises for the sector working groups;
• Interest from third party organizations to adapt the tool to other applications such as in the auditing of critical infrastructure and business continuity programs; and
• Interest from other jurisdictions within and outside Canada.

The Project is presently building a data base of inputs from time/threat vector templates that reflect threats to the provinces critical infrastructure systems and networks.