Producation and technology
If the production quality of passenger transport services suffers, this has an impact on service quality and can lead to the loss of customers. Postponed deliveries of new vehicles may result in revenue losses and additional expenses, for example due to substitute transport services or penalty payments.
The availability and the condition of the track infrastructure are significant prerequisites for competitive rail transport. In order to maintain the future viability of rail in the long term, it is also necessary to modernize the infrastructure through digitalization and automation.
Intense construction work on the network affects schedules and the production quality of carriers to a different extent, depending on the region, some of which cannot be compensated for.
The range and quality of our services depend to a significant extent on the availability and reliability of the production resources used, intermediate services procured and the quality of our partners’ services. We therefore keep up an intense dialog with our suppliers and business partners on the subject of quality. This is of particular importance in the vehicle industry.
Sufficient availability of our vehicle fleet is particularly critical. Significant restrictions endanger operating sched-
ules. In regional transport, there is the additional risk of penalties if trains are canceled or punctuality is insufficient. We try to minimize this risk by taking preventative actions and also by minimizing the consequences should it happen, such as by providing replacement vehicles or by organizing substitute transport.
The technical production resources used in rail transport must comply with applicable standards and requirements, which are subject to change. As a result, we may receive technical complaints concerning our vehicles. This leads to the risk that we may not be permitted or only under certain conditions, such as limited speeds, shorter intervals between maintenance or reduced wheel set loads to use individual series or rail car types. In addition, we cannot accept new vehicles that have flaws or for which the necessary vehicle certification has not been granted.
As a result of technical defects or conditions, there may be the need to refit vehicles that could lead to significant restrictions on availability or even temporary prohibition of use.
In regional transport, a risk can arise from the redundancy of vehicles following the expiry or re-tendering of a transport contract. As a countermeasure, alternative possible uses are checked.
Increasing digitalization means that dependence on secure IT that is available around the clock is increasing. This results in IT, telecommunication and cyber risks such as the interruption of the availability of IT systems, which can lead to serious business interruptions, or the unauthorized access of third parties to customer data.
We combat these risks through forward-thinking IT security management, which provides the necessary security for our IT-based business processes. A key instrument here is information, IT applications and IT infrastructure and services risk management. The relevant risks are identified, analyzed, evaluated and reduced. The remaining risks are documented and, if necessary, reported to and monitored by suitable bodies. Our information security management system follows in-
ternational standards in accordance with ISO 27001/27002:2013 and the NIST Cybersecurity framework.
A holistic understanding of threats at the technical and human resources level is crucial for the appropriate handling of security risks. Weaknesses in processes and adherence to security rules often provide opportunities for hackers. Sustainable security awareness-raising therefore helps to identify unusual occurrences (e.g. phishing e-mails) at an early stage, thus offering fewer openings for attack.
In order to minimize critical technical vulnerabilities, a range of countermeasures (such as firewalls, encryption and compartmentalized server areas, and prompt software updates) have been implemented. Appropriate redundancy of the IT systems (including across several locations) increases the overall resilience of critical business processes, applications and infrastructures. The network infrastructure is also designed redundantly wherever IT security and business continuity require it.
For the most important processes and IT applications, systematic and regular penetration tests and red-team stress tests are carried out in order to detect and eliminate weak points at an early stage.
Overall, these measures reduce the risk of attacks, the resulting outages of IT systems, the disruption of communication or the theft of confidential information, thereby avoiding damage to DB Group.
Punctuality is a key factor for our rail freight transport customers when selecting a mode of transport. In addition to this, irregularities can occur, such as customs offenses and theft. We combat these risks with measures such as engaging qualified customs coordinators and using an immediate reporting system for tax assessment notices.