TERHAD
BRIEFING ON BATCH REPORTING FORM
Process Flow Chart, Fill Guidelines and e-FORM simulation
Socialisation with OSeM staff
By RISE
23 Mar 2021
1
Type of Incidents and Reporting Channel TERHAD
iRAISE E-Mail to: FMCares
Mechanical/Electrical Equipment Failure – High Security Zone/Impact Building and Infrastructure
• Security System - CCTV, PIDS, AACS, BVAS, VMS • Lift or door malfunction
• Security barrier • Collapse of building or structure
• Speed gate • Fire-related system malfunction
• Access card to High Security Area (HAS) • Lighting malfunction
• Firearm and other security equipment • Glass breakage
Physical Security Risk • Water Leakage
• Unauthorised physical entry • Damage/loss of Bank’s assets
• Terrorism e.g. Bomb Threats and attacks • Untrimmed Shrub, Bush and Fall Tree
• Seizure of prohibited/dangerous items
• Civil Unrest E-Mail to: Business Owner
• Public Disturbance e.g. mental illness, threaten to PB
• Vandalism SHE Incident (PERMI - DSO)
Internal Fraud and Corruption • Death, severe injury
• Accidents/General Liability (injury, slips and falls)
Leakage of confidential and secret information to external party e.g. • Health Impairment/Occupational Disease
vendor • Epidemic
• Breach of health and safety law/regulations
iRAISE-Batch Reporting • Negligence on safety at workplace
• Animal Intrusion e.g. snake, monkey
Mechanical/Electrical Equipment Failure – Low/Med. Security Zone/Impact People Risk (JMIS)
• Security System - CCTV, PIDS, AACS, VMS • Breach of CoE or unethical behavior e.g. harassment
• Security barrier Designated Working Person/Group
• Speed gate • Whistleblowing cases
• Access card
2
Reporting Timeline TERHAD
Escalation to Escalation to Escalation to
Director, respective CIO/
Incidents DRO and CSO/ AG/ DG Governor and relevant Report/Upload Verification Approved in IRAISE
RMD RPOs (Risk Policy in IRAISE
Critical, major or moderate in IRAISE Within 3 months
impact** Immediate Owner) (New) Within 7 (or action plans
SHE incidents working days
Immediate Immediate Within next completed)
(Potential breach of risk working day
appetite and tolerance)* from discovery
Minor and insignificant Director’s Batch reporting
Impact** (New) discretion on monthly
basis
*Please refer to Appendix I for the Bank’s Risk Appetite and Tolerance
**Please refer to Appendix II for Impact Parameters Tables
3
OSeM Batch Reporting Flow Chart TERHAD
Procedure Who When
Start
Incident discovered by 1st Reporter i.e Polis Bantuan
contact person i.e. Reporter or OSeM staff
Fill in the ‘Incident Capture’ Refer slide 7 Reporter i.e Polis Bantuan Immediate – within 24hrs.
sheet/tab or OSeM staff Within 7 working days
Fill in the ‘Root Cause’, Refer slide 8,9 Verifier i.e Premise Officer
‘Impact’ and ‘Action Plan’
sheet/tab
Continuous monitoring and B Verifier i.e Premise Officer Daily/Weekly
regularly update Batch Verifier i.e Premise Officer 4
Reporting form on action
taken by vendor
Submit Batch Reporting
form to RISE
A
OSeM Batch Reporting Flow Chart TERHAD
Procedure Who When
A
Consolidate and standardise RISE Officer Every 15th and 30th of the month
Batch Reporting form 1st of the next month
RISE Officer
Delegate Batch Reporting
form to relevant unit Respective unit e.g.
TECHPRO Officer
Batch Reporting details to be
validated or verified B
Yes
Need further clarification?
Respective unit e.g. 4th of the next month
No TECHPRO Officer 5
Return Batch Reporting
form to RISE
C
OSeM Batch Reporting Flow Chart Who TERHAD
Procedure RISE Officer When
RISE Officer
C Deputy Director/Director 5th of the next month
Deputy Director/Director 5th of the next month
Final review Batch B Deputy Director/Director
Reporting form Yes RISE Officer 6th of the next month
7th of the next month
Submit Batch Reporting
form to Approver 6
Approver to review Batch
Reporting Form
Need further clarification?
No
Approve Batch Reporting
form and return to RISE
RISE to upload the Batch Refer slide 10
Reporting Form to iRAISE
D
OSeM Batch Reporting Flow Chart Who TERHAD
Procedure RISE Officer When
All Officers
D 7th of the next month
Circulated approved Batch
Reporting to all OICs and
relevant officers
Filing and continuous
monitoring
END
7
Batch Reporting Form Template TERHAD
Diisi oleh Reporter
Incident capture tab
Incident Loss Event T1 Loss Event T2 Loss Event T3 Incident Description Reporting Date Date of Incident No Tolerance Location Estimated Reporter Department Details of Location Status
Reporting (dropdown list) (dropdown list) (dropdown list) (yyyy.mm.dd) (yyyy.mm.dd) (dropdown list) (dropdown list) (dropdown
Amount Loss (User ID only)
ID list)
(starts with
no. 1)
Contoh Cara Pengisian
Incident Status
(dropdown
Reporting ID Loss Event T1 Loss Event T2 Loss Event T3 Incident Description Reporting Date Date of Incident No Tolerance Location Estimated Reporter Department Details of
(yyyy.mm.dd) (yyyy.mm.dd) (dropdown list) Amount Loss (User ID only) (dropdown list) Location list)
(starts with (dropdown list) (dropdown list) (dropdown list) CCTV intermittent connection at Zone 12
Barrier In Basement Tunas Kijang telah rosak 2021.03.09 BNM HQ 14C Approved
no. 1) 2021.03.09 Tunas Kijang Tunas Kijang Approved
Didapati reader Kad Akses Bilik Kawalan
1 Damage to physical assets and security infrastructures Building and Infrastructure (includi CCTV failure tidak berfungsi. Hubungi MO bertugas untuk 2021.03.09 2021.03.09 No BNM HQ SDAFIF Jabatan Pengurusan Keselamatan Organisasi (JPK)
tindakan. Kerja-kerja baik pulih dijalankan, 2021.03.09 No SDRAS Jabatan Pengurusan Keselamatan Organisasi (JPK)
2 Damage to physical assets and security infrastructures Building and Infrastructure (includi Door access/ security barrier / selesai penggantian dan setelah diuji
berfungsi baik.
speed gate/ access card failure
3 Damage to physical assets and security infrastructures Building and Infrastructure (includi Door access/ security barrier / 2021.03.09 No SDRAS Jabatan Pengurusan Keselamatan Organisasi (JPK) Lobby A Approved
speed gate/ access card failure
Pilih dari Drop down list yang disediakan Tarikh diisi Staf User PC ID Pilih Lokasi
Mengikut nombor turutan. Satu insiden satu cell (barisan) mengikut format Dikosongkan Kejadian di
yang ditetapkan; Pilih Premis BNM Premis BNM
(yyyy.mm.dd) i.e.
2021.03.09
(Tahun) (Bulan) (Hari) Pilih ‘No’ Setelah semua butiran
telah diisi lengkap, pilih
Reporter hendaklah memberi maklumat dengan lengkap;
5W1H – What, Who, When, Where, Why and How ‘Approved’
8
Batch Reporting Form Template TERHAD
Root cause tab Diisi oleh Verifier
Incident Reporting Root Cause T1 Root Cause T2 Root Cause T3
ID Root Cause ID (dropdown list) (dropdown list) (dropdown list)
(follows incident (Please leave blank)
reporting ID)
Incident Reporting Root Cause ID Root Cause T1 Root Cause T2 Contoh Cara Pengisian
ID (Please leave (dropdown list) (dropdown list)
Root Cause T3
(follows incident blank) Technology Hardware and software (dropdown list)
reporting ID) Process Poor maintenance
1 Software malfunction (e.g. system bug) and hardware defects
2 Technology Hardware and software Equipment is not sustained or preserved, either by neglect or ignorance
3
Software malfunction (e.g. system bug) and hardware defects
Dikosongkan Pilih dari Drop down list yang disediakan
Mengikut nombor turutan. Satu insiden satu cell (barisan)
Impact tab Contoh Cara Pengisian
Incident Reporting ID Impact ID Impact Type Impact Rating Incident Reporting ID Impact ID Impact Type Impact Rating
(follows incident reporting ID) (Please leave blank) (dropdown list) (dropdown list) (follows incident (Please leave blank) (dropdown list) (dropdown list)
reporting ID)
Business Objective Minor
1 Business Objective Insignificant
2 Business Objective Minor
3
Dikosongkan Pilih dari Drop down list yang disediakan
Mengikut nombor turutan. Satu insiden satu cell (barisan)
9
Batch Reporting Form Template TERHAD
Diisi oleh Verifier
Action plan tab Description Start Date End Date PIC Status
(yyyy.mm.dd) (yyyy.mm.dd) (dropdown list)
Incident Reporting
ID Action Plan ID
(follows incident (Please leave blank)
reporting ID)
Incident Reporting Action Plan ID Description Start Date End Date PIC Status
ID (Please leave (yyyy.mm.dd) (yyyy.mm.dd) (dropdown list)
OSEM
(follows incident blank) 2021.03.10 2021.03.10 OSEM Completed
reporting ID) 2021.03.15 2021.03.15 OSEM Completed
1 Call vendor and issue resolved 2021.03.09 2021.03.09 Completed
New barrier was installed and tested ok
2 Vendor reset the system and tested ok Jika telah
diambil
3 tindakan, pilih
‘Completed’.
Dikosongkan Verifier hendaklah memberi maklumat dengan lengkap, Tarikh diisi mengikut format yang Jika masih
tindakan yang diambil oleh Vendor sehingga masalah telah ditetapkan; (yyyy.mm.dd) i.e. dalam tindakan
2021.03.09 vendor, pilih
diselesaikan (sistem kembali berfungsi baik); ‘In-Progress’
5W1H – What, Who, When, Where, Why and How (Tahun) (Bulan) (Hari)
Mengikut nombor turutan. Satu insiden satu cell (barisan)
10
Uploading Batch Reporting in iRAISE ByTDERORHAD
11
Uploading Batch Reporting in iRAISE ByTDERORHAD
Once uploaded, you will be able to see the data generated as below.
12
Next Forward Action TERHAD
1. Staff to famaliarise themselves on type of incidents and appropriate channel to report the incidents
2. Staff able to distinguish the Security Zoning at each BNM premises such High, Medium and Low Security Zones and
its impact to the Bank/Department
3. Staff to fill the Batch Reporting (online) form correctly, accurately and completely within timeline given
13
Thank You
14