A Maturity Model for IT Dependability in Emergency Management

In many organisations a gap exists between IT management and emergency managemement. This paper illustrates how process improvement based on a maturity model can be used to help organisations to evaluate and improve the way they include IT dependability information in their emergency management. This paper presents the IDEM3 (IT Dependability in Emergency Management Maturity Model) process improvement framework which focuses especially on the cooperation between IT personnel, emergency managers, and users, to proactively prevent IT dependability problems when the IT systems are most critical in emergency situations. This paper describes the details of the framework, how the framework was developed and its relation to other maturity models in related fields

Dependability of IT Systems in Emergency Situations – Theory and Practice

As our dependence on IT systems increases, evaluating the dependability of critical IT systems becomes more important. One of the main challenges in software reliability engineering is the sensitivity of software systems to a changing usage. This is especially important for systems that are critical in the aftermath of a crisis and for which reliability is the most important aspect of dependability. The crisis might change the usage of the system, and this could have a negative effect on the reliability. Because crisis situations are typically rare events, both the reliability and the criticality of IT systems after a crisis situation are hard to predict. The first part of this thesis focuses on the analysis of the sensitivity of the reliability of IT systems to changes in their usage. With the help of statistical methods the effects of changing usage profiles, modelled through the use of Markov models, can be examined. After a theoretical derivation of the properties of different models for the usage of software systems, the results were validated by applying the models to the data collected from the logfiles of a webserver. Swedish municipalities also depend more and more on IT systems for their daily work. Because of their important role in the relief coordination after a crisis, the dependability of their IT systems during these emergency situations is especially critical. The evaluation of this dependability requires the combination of two kinds of information: how critically needed the IT systems are in the aftermath of a crisis and how trustworthy the critical systems are. To avoid that a failing IT system disturbs the relief work, risk and vulnerability analyses need to take into account the dependability of critical IT systems. This way, municipalities can make sure that the relief work is not critically dependent on systems that are not sufficiently reliable. The second part of this thesis describes a case study on how two Swedish municipalities deal with these issues. The study focuses especially on the division of responsibilities in the municipalities and on their current methods. The study shows that today there is much room for improvement, especially in the communication between IT personnel and emergency managers. The main goal of these case studies is to form a basis for the development of practical methods that can assist Swedish municipalities in evaluating the dependability of their IT systems and integration of this information in their emergency planning in the near future

The Effects of Computer Crimes on the Management of Disaster Recovery

The effects of a technology disaster on an organization can include a prolonged disruption, loss of reputation, monetary damages, and the inability to remain in business. Although much is known about disaster recovery and business continuance, not much research has been produced on how businesses can leverage other technology frameworks to assist information technology disaster recovery. The problem was the lack of organizational knowledge to recover from computer crime interruptions given the maturity level of existing disaster recovery programs. The purpose of this Delphi study was to understand how disaster recovery controls and processes can be modified to improve response to a computer crime caused business interruption. The overarching research question in this study was to understand what factors emerge relative to the ability of disaster recovery programs to respond to disasters caused by computer crimes. The conceptual framework included a maturity model to look at how programs might be improved to respond to the computer crimes threat. Research data were collected from a 3 round Delphi study of 22 disaster recovery experts in the fields of disaster recovery and information security. Results from the Delphi encompass a consensus by the panel. Key findings included the need for planning for cyber security, aligning disaster recovery with cyber security, providing cyber security training for managers and staff, and applying lessons learned from experience. Implications for positive social change include the ability for organizations to return to an acceptable level of operation and continue their service benefiting employees, customers, and other stakeholders

Towards Identifying and closing Gaps in Assurance of autonomous Road vehicleS - a collection of Technical Notes Part 1

This report provides an introduction and overview of the Technical Topic Notes (TTNs) produced in the Towards Identifying and closing Gaps in Assurance of autonomous Road vehicleS (Tigars) project. These notes aim to support the development and evaluation of autonomous vehicles. Part 1 addresses: Assurance-overview and issues, Resilience and Safety Requirements, Open Systems Perspective and Formal Verification and Static Analysis of ML Systems. Part 2: Simulation and Dynamic Testing, Defence in Depth and Diversity, Security-Informed Safety Analysis, Standards and Guidelines

A Maturity Model for IT Dependability in Emergency Management

In many organisations a gap exists between IT management and emergency managemement. This paper illustrates how process improvement based on a maturity model can be used to help organisations to evaluate and improve the way they include IT dependability information in their emergency management. This paper presents the IDEM3 (IT Dependability in Emergency Management Maturity Model) process improvement framework which focuses especially on the cooperation between IT personnel, emergency managers, and users, to proactively prevent IT dependability problems when the IT systems are most critical in emergency situations. This paper describes the details of the framework, how the framework was developed and its relation to other maturity models in related fields

Why do GPs rarely do video consultations? qualitative study in UK general practice.

BACKGROUND: Fewer than 1% of UK general practice consultations occur by video. AIM: To explain why video consultations are not more widely used in general practice. DESIGN AND SETTING: Analysis of a sub-sample of data from three mixed-method case studies of remote consultation services in various UK settings from 2019-2021. METHOD: The dataset included interviews and focus groups with 121 participants from primary care (33 patients, 55 GPs, 11 other clinicians, nine managers, four support staff, four national policymakers, five technology industry). Data were transcribed, coded thematically, and then analysed using the Planning and Evaluating Remote Consultation Services (PERCS) framework. RESULTS: With few exceptions, video consultations were either never adopted or soon abandoned in general practice despite a strong policy push, short-term removal of regulatory and financial barriers, and advances in functionality, dependability, and usability of video technologies (though some products remained 'fiddly' and unreliable). The relative advantage of video was perceived as minimal for most of the caseload of general practice, since many presenting problems could be sorted adequately and safely by telephone and in-person assessment was considered necessary for the remainder. Some patients found video appointments convenient, appropriate, and reassuring but others found a therapeutic presence was only achieved in person. Video sometimes added value for out-of-hours and nursing home consultations and statutory functions (for example, death certification). CONCLUSION: Efforts to introduce video consultations in general practice should focus on situations where this modality has a clear relative advantage (for example, strong patient or clinician preference, remote localities, out-of-hours services, nursing homes)

Developing a distributed electronic health-record store for India

The DIGHT project is addressing the problem of building a scalable and highly available information store for the Electronic Health Records (EHRs) of the over one billion citizens of India