Contact

Upcoming Courses & Workshops

Event: Convergent Quantitative Cyber Risk Assessment to Optimize (Mining) Enterprise Reliability
Sponsors:
Date/Time: 21/06/2018 - 12:00 pm - 1:30 pm
Location: CIM MES, 3450 University St, Adams Building, Montreal, canada
Details:

CIM MES invite Franco Oboni to present on Convergent Quantitative Cyber Risk Assessment to Optimize (Mining) Enterprise Reliability

Convergent Quantitative Cyber Risk Assessment to Optimize (Mining) Enterprise Reliability

  • Cyber risks in mining companies are a reality like those generated by storms, quakes and equipment failures.
  • The deployment of an adequate siloes-busting convergent risk analysis methodology eliminates capex squandering and increases overall enterprise reliability.
  • We should seek to maximize mitigative benefits within sustainable and reasonable investments.

Convergent Quantitative Cyber Risk Assessment to Optimize (Mining) Enterprise Reliability

Information technology (IT) , Internet of Things (IoT), and spreading connectivity are bringing very significant benefits to mining, but increase the mining industry’s exposure to cyber criminals and possibly terrorists. This phenomenon is general and occurs in every single industrial, infrastructural and service space, not only in cyber risks in mining.

During the last decade the techniques and tools of cyber attacks have become more sophisticated, the distinctions between actors and threats have become blurred and attack prospects more worrying.

Reportedly at least one major mining company has been the target of a massive hack, but serious infrastructural damages have only seldom been inflicted, and not in mining (as far as we know), but in other industries. Indeed, given the rapid escalation in the number and sophistication of cyber attacks, infrastructural damages are to be expected “any time”. Any infrastructural damage, especially those with environmental consequences or harm to people, will lead to significant crisis potential, reputational damages and legal consequences. Cyber risks in mining oil and gas companies are a reality we cannot ignore.

Wide spectrum of threats and potential consequences

There is a wide spectrum of threats and potential consequences spanning across the various functions of a mining company. From management to production and logistics. It show that:

  • siloed approaches do not work,
  • integrative one are slightly better and finally,
  • convergent approaches offer an optimum to increase reliability while mitigating risks.

Broad spectrum protection investments and particularly poorly prioritized ones are not efficient. Indeed other operational requirements oftentimes limit their scope. So it is simply not possible to protect each property from each threat. The cyberdefense must find its roots in intelligence based on convergent prioritized Risk Management. Not on standardized audits and practice of indolent regulations. Or the biased advice of fear monger solutions sellers.

Encouraging information

Encouraging information reports that, recently and in some cases, two-thirds of the overall capex on the cyber risk mitigation strategies was non-technology driven. The idea that cyber risk is not only an IT issue is finally sinking. This, however, does not necessarily mean the capex is allotted in the most efficient way at all, unless proper prioritization was performed and silo-culture is replaced by a “horizontal” thinking. And all of the above does not necessarily mean the integration of cyber risks in the ERM program.

Closing remarks

Cyber risks in mining oil and gas companies are a reality. The deployment of an adequate siloes-busting convergent analysis methodology will eliminate capex squandering and increase overall enterprise reliability.

Risk Management offers ultimately support for operational decisions and protection (mitigation). That is, provided that we:

  • define the level of acceptable risk reduction/ mitigation. and
  • formulate measurable performance targets to achieve.

 

 

Past Events

Event: A Step by Step Guide to Risk Informed Decision Making for Mining Projects and Operations
Sponsors:
Date/Time: 05/11/2017 - All Day
Location: FAIRMONT BANFF SPRINGS, 405 Spray Avenue , Banff, Alberta
Details:

Tailings and Mine Waste 2017

A step by step guide to Risk Informed Decision Making for mining projects and operations course at TMW2017

November 5th-8th 2017 Banff Springs Hotel,
Banff, Alberta, Canada

By Franco Oboni, Cesar Oboni, Oboni Riskope Associates Inc., Vancouver, B.C.

Riskope will be present and active with two papers and a short course.

Short course: A step by step guide to Risk Informed Decision Making for mining projects and operations.

A step by step guide to Risk Informed Decision Making for mining projects and operations will be a hands-on exercise. We will use the Balangero Asbestos Mine Dumps Environmental Rehabilitation as a basis. That project, a competitive bid, was won by an engineering group supported by what was then called Risk Based Decision Making (RBDM). Thus it was demonstrated that including risk assessment through the design of a project, from cradle to delivery and including risk driven maintenance concepts brought value and a leading edge to the proponents.

A Step by Step Guide to Risk Informed Decision Making for Mining Projects and Operations

Together we will work through all the phases of the approach (based on the ORE methodology -Optimum Risk Estimates- ©Oboni Riskope Associates Inc.), including:

· System definition
· Success/failure criteria. Objectives Hierarchy, constrained objectives.
· Alternatives generation
· Delivered data
· Needed data. Data to be acquired/evaluated
· What methods to use for probabilistic estimates?
· Hazards and multi-dimensional consequences analyses
· Risks
· Risk tolerances
· Dashboards
· Recommendations and Condition of validity.
· Decision-making (alternative selection, mitigation, resilience enhancements, etc.)
· Actions (includes communication)
· Back to the start: monitoring, new data, etc.

Schedule and ToC follow the approach above:

09:00-10:30
· Introductions
· System definition
· Success/failure criteria. Objectives Hierarchy, constrained objectives.
· Alternatives generation
Coffee

11:12:30
· Delivered data
· Needed data. Data to be acquired/evaluated
· What methods to use for probabilistic estimates?

Lunch
13:30-15:00
· Hazards and multi-dimensional consequences analyses
· Risks
· Risk tolerances
· Dashboards
· Recommendations and Condition of validity.
Coffee

15:30-17:00
· Decision-making (alternative selection, mitigation, resilience enhancements, etc.)
· Actions (includes communication)
· Back to the start: monitoring, new data, etc.

Event: CIM MES Vancouver NI 43-101 and Risks. What Risks?
Sponsors:
Date/Time: 12/10/2017 - 4:15 pm
Location: Room 2800, Segal Graduate School of Business – Simon Fraser University, 500 Granville Street, Vancouver, BC
Details:

CIM MES Vancouver NI 43-101 and Risks. What Risks? shows how the definition of the “viewing angle” (corporate, investor, regulators, public, etc.), the success/ failure criteria, the resulting multi-dimensional consequences are of paramount importance when attempting to perform a Risk Assessment (RA). If any of those is missing or unclear for example due to fuzzy glossary  any RA will be meaningless or at least misleading.

This is particularly important when looking at the relationship between the disclosure requirements intended for investors following, for example, NI43-101.

CIM MES Vancouver NI 43-101 and Risks. What Risks?

NI43-101 reports should provide information about a mine to prospective investors. However, in our experience, numerous factors generally not included in the report can turn a great prospect into a financial disaster, with dire consequences to the investors.

Recent failures of tailings facilities brought back this particular issue with great emphasis.

Johari window application in risk management

Some operational risk may indeed significantly affect share values and ability to conduct business, maintain Social License to Operate (SLO).

The Expert Panel opinion report on the Mt Polley tailings facility failure recommended that all proposed new tailings facilities should include a bankable feasibility study, but “bankable” is not an assurance either.

What should a NI 43-101 include from a risk perspective?

Thus it is reasonable to ask: should an NI43-101 report contain information about critical mine’s facilities (risks) such as tailings, access roads, logistics, etc..? And, if positive, which ones? Should NI43-101 report include holistic convergent scalable and drillable risk assessments? Again, if positive, convergence should cover at least:

  • tailings facilities and dumps
  • ingress/egress (logistic and supplying infrastructures)
  • energy
  • closure …

We will use examples from large spectrum risk assessments for tailings systems, dumps, road and railroad mining logistic, mining wharves, water, energy, cyber, etc.  We will show that risk assessments intended for investors may highlight different conclusions than the ones intended for the corporation or management, although both are based on the same holistic hazard and risk register.

It is ok to read NI43-101 report but don’t think it is enough. If considering investment in a new mine or investment it is time to get the full picture. That includes understanding a few specific points about what risks really matter.

Registration

Please visit CIM MES post to register as early as possible as seating is limited.

 

 

1 2 3 4 5 6 7 8 9 10

Riskope Blog

  • LATEST BLOG POST
  • We just read the Appendix F From 2018 Independent Forensic Team Report Oroville Dam Spillway Analysis. So, we decided to…
  • Read More

More Info

  • Get in Touch
  • Learn more about our services by contacting us today
  • t +1 604-341-4485
  • +39 347-700-7420

Vancouver Digital Creative Agency Ballistic Arts Media Studios.