Terrorism, cyber-attacks, and natural disasters continue to impact companies around the globe at seemingly extraordinary rates. As these threats become increasingly complex and company profiles include intricate networks of technology, human resources, and global influences, corporate preparedness programs and applicable response plans need to be reviewed and tested for effectiveness and accuracy.
A thorough review should include information gathering regarding potential risks and threats to operations, as well as the status of current response plans, response competencies, and applicable regulatory requirements. It is critical to analyze various risks, threats, and on-site emergency response capabilities, as they are essential for responsible preparedness and core components of response plans.
While each facility has unique response planning needs and capabilities, the following general preparedness documentation, if applicable, should be reviewed and tested in relation to the identified site-specific threats:
- Safety and health procedures
- Environmental policies
- Security procedures
- Finance and purchasing procedures
- Mutual aid agreements
- Communication policy
- Employee training manuals
- Hazardous materials information
- Business Continuity Plan
- Risk management Plan
- Hurricane/Tornado/Flood Plans
- Evacuation Plan
- Fire Pre-Plan
The review of company response plans should include debriefings with collaborative response entities. Meetings with these outside responders should confirm specific plan and response procedures details that can be carried out in accordance with collective best practices and company protocols. Groups to consider in planning reviews include, but are not limited to:
- Local responders (fire, police, emergency medical services, etc.)
- Government agencies (LEPC, Emergency Management Offices, etc.)
- Community organizations (Red Cross, weather services, etc.)
- Utility Company(s) (gas, electric, public works, telephone, etc.)
- Contracted Emergency Responders
- Neighboring Businesses
Response plans must serve site-specific preparedness measures and meet precise planning objectives in order to be relevant and effective. Below is a list of basic response planning components that should be included in the preparedness review. These planning components should must be reviewed, confirmed, and updated as necessary in order for each facility to meet response objectives associated with each potential threat, risk or emergency scenario:
- Site-specific response procedures
- Response team frameworks and assigned personnel to fill primary and alternate roles
- Effectiveness of notification and emergency response team activation procedures.
- Communication procedures
- Primary and alternate Emergency Operations Center location
- Necessary response equipment
- Response team and personnel response training
- Mitigation procedures and protective actions to safeguard the health and safety of on-site personnel and nearby communities
- Availability of responders and supply chain resources
- Regulatory compliance with all applicable local, state, and federal requirements for environmental hazards, response plans, and training
- Best practices and lessons learned integration from past training and exercises, actual emergencies, and incident reviews
As new vulnerabilities evolve and risk potentials unfold, every effort should be made to include crisis management response processes and procedures to the most likely emergency scenarios relevant to your site. A Crisis Management Plan (CMP) can minimize the escalation effect; such as a company’s short and long-term reputation, adverse financial performance, and overall impingement of company longevity. The associated level of preparedness may mean the difference between a crisis averted and an exhaustive corporate disaster.
The following concepts should be utilized when developing CMP:
PREDICT: Identify all potential threats to “business as usual” operations.
PREVENT: Take preventive measures to avert emergency situations and establish necessary communications platforms. This also includes generating effective response procedures and recovery processes for a variety of potential threats in order to minimize the extent of impacts.
PLAN: Prepare a plan for responding to all internal and external aspects of the crisis. This may include identifying and communicating with media and all audiences that may be affected by each crisis situation.
PERSEVERE: Follow your tested plan and be flexible if circumstances require additional support. Be sure to communicate ongoing activities to inform employees, stakeholders, and the public. Proactive efforts, honesty, empathy, and preparedness will assist in maintaining company viability and reputation.