Amtrak uses operational technology (OT) systems to manage equipment that controls train operations, such as communications and dispatching. Disruptions to these systems resulting from a disaster—whether caused by human or technical error, natural disasters, cybersecurity attacks, or physical attacks—could cause train delays and cancellations, revenue losses, and safety risks. Accordingly, our objective was to assess the company’s disaster recovery practices for its OT systems. Given the sensitive nature of the report’s information, we summarized the results in this public version of the report. Our assessment of the company’s disaster recovery practices for its OT systems resulted in three recommendations. Company executives agreed with our recommendations and described ongoing and planned actions to address them.
Open Recommendations
Recommendation Number | Significant Recommendation | Recommended Questioned Costs | Recommended Funds for Better Use | Additional Details | |
---|---|---|---|---|---|
1 | Yes | $0 | $0 | ||
Establish a mechanism to ensure that groups with disaster recovery responsibilities prioritize and enforce the company’s strategy and effectively communicate and coordinate with each other. | |||||
2 | Yes | $0 | $0 | ||
For each OT system, develop, document, and implement a comprehensive disaster recovery plan that includes a process to keep the plan current. | |||||
3 | Yes | $0 | $0 | ||
Develop and begin implementing a technology refresh plan with milestones for replacing outdated OT devices. |