[Business Impact Analysis] [Treatment and Control]
Part 2: RAR – Treatment and Control for MBS
Introduction
![[BCM] [GEN] [E3] [RAR] [T2] Treatment and Control](https://blog.bcm-institute.org/hs-fs/hubfs/Generic%20Morepost%20for%20Companies/Updated%20Generic%20BCM%20eBook%20Morepost/BCM%20GEN%20E3/%5BBCM%5D%20%5BGEN%5D%20%5BE3%5D%20%5BRAR%5D%20%5BT2%5D%20Treatment%20and%20Control.png?width=200&height=175&name=%5BBCM%5D%20%5BGEN%5D%20%5BE3%5D%20%5BRAR%5D%20%5BT2%5D%20Treatment%20and%20Control.png)
In business continuity management, risk treatment and control are critical steps in addressing threats that may disrupt operations.
For Marina Bay Sands (MBS), a global integrated resort and iconic destination in Singapore, identifying appropriate treatments and implementing effective controls ensures resilience against both foreseeable and unforeseen incidents.
Risk treatment strategies are aligned with ISO 22301 principles and are applied in four key ways:
- Risk Avoidance – Eliminating activities or exposures that could give rise to threats.
- Risk Reduction – Implementing measures that reduce the likelihood or impact of threats.
- Risk Transference – Shifting the impact of risks to third parties, such as through insurance or outsourcing.
- Risk Acceptance – Acknowledging risks when they are within tolerable levels and preparing for recovery if they occur.
This section presents the threats faced by MBS (as outlined in Part 1: RAR – List of Threats) and maps them against the existing and planned risk treatments and controls that safeguard business continuity.
Table: Treatment and Control for MBS
|
Threat |
Existing Risk Treatment – Risk Avoidance |
Existing Risk Treatment – Risk Reduction |
Existing Risk Treatment – Risk Transference |
Existing Risk Treatment – Risk Acceptance |
Existing Controls |
Additional (Planned) Controls |
|
Denial of Access – Natural Disaster (e.g., Flood, Earthquake, Pandemic Outbreak) |
Avoid building in flood-prone areas; compliance with building codes |
Business continuity planning; structural reinforcement; flood barriers; pandemic protocols |
Insurance for property damage and business interruption |
Acceptance of residual risks of natural hazards |
Elevated infrastructure design; emergency evacuation procedures; stockpiling medical supplies |
Expansion of remote working infrastructure; advanced disease monitoring and health screening |
|
Denial of Access – Man-made Disaster (e.g., Terrorist Attack, Fire, Civil Unrest) |
Avoid unsafe activities; limit high-risk operations |
Enhanced surveillance, fire suppression systems, access control, and crisis management drills |
Liability insurance; security outsourcing |
Residual risks of unforeseen attacks |
24/7 security monitoring; coordination with Singapore Police Force and SCDF; in-house emergency response team |
Deployment of AI-driven surveillance; public-private partnerships for intelligence sharing |
|
Unavailability of People (e.g., Pandemic, Transport Disruptions, Labour Shortage) |
Avoid over-reliance on single staff categories |
Workforce cross-training; staggered shifts; remote working capability |
Outsourcing of certain non-core services |
Acceptance of temporary workforce reduction |
Health and safety protocols; flexible staffing arrangements; employee assistance programs |
Greater investment in automation; strategic partnerships with manpower agencies |
|
Disruption to the Supply Chain (e.g., Food Supply Shortages, Vendor Failure) |
Diversify suppliers geographically |
Strategic stockpiling; just-in-case instead of just-in-time logistics |
Contracts with multiple suppliers; risk-sharing with vendors |
Acceptance of short-term supply disruption |
Vendor risk assessment program; local supply chain partnerships |
Development of regional distribution hubs; increased use of predictive supply chain analytics |
|
Equipment and IT-Related Disruption (e.g., Power Outage, System Failure, Cyberattack) |
Avoid legacy systems with known vulnerabilities |
Redundancy in IT systems; preventive maintenance; cybersecurity measures |
IT disaster recovery insurance; cloud-based service agreements |
Acceptance of minimal downtime during controlled upgrades |
Backup power generators, data recovery sites, and real-time monitoring of IT systems |
Migration to advanced cloud resilience platforms; enhanced AI-driven cybersecurity defense |
Summing Up ...
The effectiveness of Marina Bay Sands’ business continuity strategy depends on the proactive treatment of risks and the implementation of robust controls across operational, technological, and human dimensions.
While existing measures significantly reduce vulnerabilities, planned enhancements such as automation, AI-driven surveillance, advanced disease monitoring, and predictive supply chain analytics will further strengthen resilience.
Through a balanced combination of risk avoidance, reduction, transference, and acceptance, MBS ensures that it can withstand, respond to, and recover from crises while continuing to safeguard its guests, employees, and stakeholders.
More Information About Business Continuity Management Courses
To learn more about the course and schedule, click the buttons below for the BCM-300 Business Continuity Management Implementer [BCM-3] and the BCM-5000 Business Continuity Management Expert Implementer [BCM-5].
![Register [BL-B-3]*](https://no-cache.hubspot.com/cta/default/3893111/ac6cf073-4cdd-4541-91ed-889f731d5076.png)
![FAQ [BL-B-3]](https://no-cache.hubspot.com/cta/default/3893111/b3824ba1-7aa1-4eb6-bef8-94f57121c5ae.png)
![Email to Sales Team [BCM Institute]](https://no-cache.hubspot.com/cta/default/3893111/3c53daeb-2836-4843-b0e0-645baee2ab9e.png)
