Advanced Search
Back

Building Resilience through Culture: Protecting Community Water Infrastructure in Regional Australia

Conference
3rd Innovations in Climate Resilience Conference
Session
Part of - B5.: Understanding and Addressing the Water Crisis (Platforms)
Presentation File
Track: B5. Understanding and Addressing the Water Crisis
Background/Objectives

Globally, water infrastructure is exposed to increasingly complex and interconnected hazards. In Australia, this includes particularly long and opaque supply chains, as well as internet-based communications and data storage, exposure to frequent natural disasters and potential sabotage from within and without.

Central Coast Council, in the Australian state of New South Wales, worked with GHD to develop a threat, vulnerability and risk-assessment program aligned to mitigate these threats, aligned to evolving Australian federal legislative requirements set by the Department of Home Affairs – Council's Water and Sewer business has been able to embed the principles of critical infrastructure security into its operational culture, while demonstrating compliance with the Security of Critical Infrastructure (SOCI) Act.

Water and Sewer services more than 345,000 people in more than 135,000 homes and businesses. The system includes three dams, three weirs, three water treatment plants, more than 50 reservoirs, and more than 2,200 km of pipelines. Council partnered with GHD to develop a threat, vulnerability and risk-assessment program aligned to the evolving legislative requirements.

Approach/Activities

The new Australian federal SOCI Act mandates a ‘Critical Infrastructure Risk Management Program’ (CIRMP) be developed encompassing four key hazard vectors: supply chain, cyber, personnel, and physical security and natural hazards. Central Coast Council was aware of this incoming ‘all-hazards’ risk-management obligation prior to legislation and saw the opportunity to align organizational leadership to a clear objective to uplift organizational security and resilience.

Water and Sewer identified a critical infrastructure lead, and an executive sponsor, who then nominated representatives across the business to participate in the project. GHD prepared a detailed set of requirements for Water and Sewer to satisfy Central Coast Council’s obligation as a critical infrastructure owner and operator.

GHD analyzed a large volume of Water and Sewer documentation concerning asset management, business continuity planning and security matters, and conducted extensive physical site visits. The resultant data were developed into a set of initial findings across each of the four hazards.

GHD facilitated two rounds of half-day, large-scale, face-to-face workshops at Central Coast Council in Wyong, for each of the four hazards. The first round of these workshops built a common sense of purpose among leaders and operators within Water and Sewer, and established a foundation of trust on which sensitive matters of security and vulnerability could be openly discussed. GHD then developed a draft risk register, capturing identified threats across the four hazards, and where the hazards intersect, forming the basis of the CIRMP.

The second round of workshops, with a small subset of the initial cohort, augmented and validated the draft risk register, clarified Council’s risk tolerance, and formed the basis for proposed mitigations.

GHD and Water and Sewer then finalized the all-hazards risk register, and a prioritized mitigation plan for the highest-consequence and most readily remediated vulnerabilities. GHD supported Water and Sewer leadership communicate to Central Coast Council leadership the broad value of the work done, with a formal ‘Adoption Paper’, to gain the governing-body endorsement of the CIRMP required by the SOCI Act itself, and to formalize the organisational commitment to a risk-based mindset.

Results/Lessons Learned

Both the spirit of the law and the letter of the law are valuable to water services infrastructure, particularly when leadership recognizes the value of embedding a risk-based mindset within critical water infrastructure operations.

During the desktop analysis, site visits and workshops, GHD and Water and Sewer were able to uncover a great deal more vulnerability than previously identified, across far broader domains than previously thought. Water and Sewer colleagues became comfortable discussing uncomfortable issues and drew strength from the collaborative approach the broader team took to presenting problems and discussing potential solutions.

Ultimately, in the process of achieving legislative compliance, Central Coast Council has been able to embed the principles of critical infrastructure security into its operational culture, including a pathway for collaboration with owners of interdependent critical infrastructure, and with supporting agencies.

Key lessons learned include the following:  

  • Regional water organizations understand their own vulnerabilities best and can benefit from federal guidance on recognizing probable threat scenarios, to prioritize mitigating high-consequence risks.
  • Establishing a common sense of purpose and duty will assist in crossing intra-organizational silos.
  • Creating a security-aware culture, through effective change management, is essential to meaningfully uplifting operational resilience.

Published in: 3rd Innovations in Climate Resilience Conference

Publisher: Battelle
Date of Conference: April 22-24, 2024


Author(s)
Andrew Harris, GHD Advisory
Australia

Presenter
Wayne Francisco, GHD Advisory
United States

Related Research

Operationalizing Water Science to Illuminate Links from Water to Instability


3rd Innovations in Climate Resilience Conference


Published: 2024

How SCV Water Kept the Water Flowing Amidst Extreme Weather and New Water Quality Regulations


3rd Innovations in Climate Resilience Conference


Published: 2024

Financing Water Security through Payments for Ecosystem Services


3rd Innovations in Climate Resilience Conference


Published: 2024