The National Incident Management System (NIMS) is the consistent emergency management structure that has been adopted by countless companies to create a more effective, coordinated emergency response. According to FEMA, NIMS provides “a consistent nationwide template to enable Federal, State, tribal, and local governments, the private sector, and nongovernmental organizations to work together to prepare for, prevent, respond to, and recover from domestic incidents, regardless of cause, size, or complexity, including acts of catastrophic terrorism.”
With properly trained employees, many emergency situations can be handled on-site without external responders. However, if an emergency has the potential to exceed the scope of employee training, a unified incident management approach enables multiple entities to respond with one accepted management system. Adopting NIMS facilitates the ability for internal and external responders to collaborate through common operating principles, terminology, and organizational processes to improve response interoperability. The goal, and typical result of NIMS, is a coordinated, faster, and more effective resolution.
Company emergency preparedness personnel, as well as any emergency responders or teams (fire brigade/EMS), can adopt NIMS training programs. The Department of Homeland Security has developed Frequently Asked Questions regarding NIMS. Below is a sampling of those questions in quiz form to determine your NIMS proficiency.
1. Which is NOT a component of NIMS?
b. Communications and Information Management
c. Response Plan
d. Command and Management
2. Without ICS in place, which of the following often exists?
a. A lack of accountability
b. Poor communication
c. Neither a nor b
d. Both a and b
3. Which factor encourages jurisdictions to implement NIMS:
a. Federal funding eligibility
b. Pension eligibility
c. Tax exemptions
d. Training exemptions
4. Which of the following is NOT one of the three primary components of national incident response?
5. Which of the following describes NIMS?
a. A set of preparedness concepts and principles for all hazards
b. A response plan
c. Specific to certain emergency management/incident response personnel
d. Reserved for large-scale emergencies
6. Which is NOT one of the three primary implications of the evolving nature of the NIMS, implementation, and compliance?
a. Dedicated resources must for NIMS implementation must be retained on an ongoing basis
b. A new incident commander must be named at the beginning of each fiscal year
c. Compliance demands implementation on prior activities even when new regulations are put forth
d. From year to year, structures and processes that jurisdictions have implemented may change, or even be eliminated
7. Which of the following FEMA directors was the first to have had prior emergency management experience?
a. John Macy
b. Louis Guiffrida
c. General Julius Becton
d. James Lee Witt
8. ICS is designed to
a. Meet the needs of incidents of any kind or size.
b. Provide a site-specific response plan
c. Provide logistical and administrative support to operational staff
d. Both A and C
e. Both A and B
9. True or False - Private industry must comply with NIMS requirements in order to receive federal tax incentives.
10. Which of the following is an ICS concept states that personnel report to only one supervisor, and maintain formal communication relationships only with that supervisor.
a. Unity of Command
b. Unified Command System
c. Singular Command Structure
11. State governments also maintain mutual aid contracts with other states, called:
a. Emergency Management Assistance Compacts (EMACs)
b. Collaborative Support Systems (CSSs)
c. Intrastate Emergency Management Contracts (IEMCs)
d. None of the above
12. According to NIMS, all functions of response and recovery are dependent upon ____________ and ___________.
a. Logistics and budget
b. Public perception and reputation
c. Communication and coordination
d. Stakeholder input and stock valuation
13. Transfer of Command occurs when:
a. A more qualified person assumes command
b. There is normal turnover of personnel on extended incidents
c. The incident response is concluded and responsibility can be transferred to the home agency, company or, facility
d. All of the above
14. The Secretary of Homeland Security, through the ________________, publishes the standards, guidelines, and compliance protocols for determining whether a Federal, State, tribal, or local government has implemented NIMS.
a. National Intelligence Council (NIC)
b. National Integration Center (NIC)
c. Incident Command System (ICS)
d. Implementation Coordination System (ICS)
15. Which is NOT one of the seven strategies for emergency operations
For a free download on how to conduct an effective emergency exercise, click the image below:
Corporate emergency preparedness can be defined as the preemptive activities that establish a state of readiness to effectively respond to events that could affect the health and safety of employees, facilities, the environment, and/or the community. These actions, which ideally consist of planning, training, equipping, exercising, evaluating, and mitigating, are required to sustain operational capabilities, despite a range of incident management scenarios. It is the goal of corporate preparedness to protect individuals, the integrity and functionality of infrastructures, and viability while minimizing the adverse operational impacts of events.
Many aspects of preparedness rely on underlying administrative duties and associated response plans. According to the Department of Homeland Security (DHS), preparedness plans are meant to describe how personnel, equipment, and other governmental and nongovernmental resources will be used to support incident management requirements. These plans represent the operational core of preparedness and provide mechanisms for:
- Establishing priorities
- Implementing response functions
- Integrating multiple entities
- Establishing collaborative relationships
- Ensuring communications systems and procedures support incident management activities
There are a wide range of administrative actions associated with achieving a state of preparedness and attaining response goals. In particular, documents or response plans written prior to the emergency allow for comprehensive review of procedures that may result in improvements in plan and response to actual emergency scenarios. A variety of regulatory authorities govern most aspects of company preparedness administrative procedures and practices. These requirements may be dictated by company policy, local, state, and/or federal governmental agencies.
A typical response planning process requires ample time for the administrative duties. These duties may encompass details associated with hazard identification, review of plan drafts, exercising the plan, integration of mitigation efforts, training evaluations, and plan distribution. In addition to a yearly review, plan modifications may require administrative efforts:
- After each training drill or exercise
- After each emergency
- When personnel or their responsibilities change
- When the layout or design of the facility changes
- When policies or procedures change
Prior to an incident, required corporate preparedness administrative duties and actions may include, but are not limited to, the following:
- Establishing a written emergency management plan
- Maintaining training records
- Mitigation efforts communication and documentation
- Documenting training, exercises, and associated critiques
- Communicating with emergency response organizations during planning activities.
Administrative actions during and after an emergency
- Maintaining telephone logs
- Keeping a detailed record of events
- Maintaining a record of injuries and follow-up actions
- Accounting for personnel
- Coordinating notification of family members
- Issuing press releases
- Maintaining sampling records
- Managing finances
- Coordinating personnel services
- Documenting incident investigations and recovery operations
- Response plan maintenance
- Regulatory submittals
Preparedness administrative duties are often the responsibility of an environmental, health and safety (EHS) department. The size of the planning or incident management team will depend on a facility's operations, requirements, and resources. However, each position within the team has unique planning administrative duties specific to the nature of their responsibility. The responsibilities of the logistics section chief, as well as the planning section chief, rely heavily on organized administrative efforts. The potential complexity of site emergency response logistics should be analyzed, optimized, and communicated within the response plan. Logistical documentation of the expected and actual resource flow of an incident can minimize response time and maximize efficiency.
Before an emergency, logistical duties may include the following:
- Identify and acquire service and support requirements for planned and expected operations
- Supply allocation details
- Designating emergency facilities
- Establishing training facilities
- Establishing mutual aid agreements
- Preparing a resource inventory
- Provide input to and review the response plan(s)
During an emergency, logistics may entail:
- Participating in preparation of the Incident Action Plan (IAP)
- Providing utility maps to emergency responders
- Providing material safety data sheets to employees
- Coordinating and processing requests for additional resources
- Repairing equipment
- Arranging for medical support, food and transportation
- Arranging for shelter facilities
- Providing for backup power
- Providing for backup communications
- Recommend release of resources in conformity with Incident Demobilization Plan
For a free fire pre planning download, click the image below:
Historically, emergency management and preparedness has been a reactive science. The industry’s evolution has been the result of catastrophes, calamities, heightened risks, and newly identified threats that affect the population, economic stability, infrastructure, and national resilience. In recent history, disaster awareness through the 24/7-news cycle has intensified the concept of emergency management integration into our daily lives. Through continued awareness and dedicated mitigation advancements, the effects of future disasters can be limited.
Below is a sampling of key events that advanced emergency management and/or disaster response efforts:
Union Fire Company (1736): On a quest to improve fire fighting techniques, Benjamin Franklin organized and led this volunteer fire department to be a city-wide model of fire fighting best practices. Numerous Philadelphia fire companies modeled their operations after the Union Fire Company.
Congressional Act of 1803: One of the first examples of the United States Federal government proactively addressing a local disaster. The Act enabled the government to provide assistance to a New Hampshire town after an extensive fire.
American Red Cross (1881): Clarissa Harlowe Barton founded the volunteer organization, which has grown into one of the world’s largest volunteer networks. The organization promotes a cooperative effort to protect and enhance lives of individuals in the wake of personal and large scale disasters.
Flood Control Act (1917): Floods on the Mississippi, Ohio, and other rivers in the northeast led to the Flood Control Act of 1917, the first act aimed exclusively at controlling floods. In 1934, a version of the legislation increased the authority of the Army Corps of Engineers to design and build flood control projects.
Reconstruction Finance Corporation (RFC): On January 22, 1932, the US Congress established and authorized the agency to originate disaster loans for repair and reconstruction of certain public facilities following an earthquake, and later, other types of disasters. The 1953 RFC Liquidation Act terminated its lending powers in an effort to fulfill President Dwight Eisenhower’s vision of limiting government’s involvement in the economy. By 1957, its remaining functions had been transferred to other agencies.
Bureau of Public Road: In 1934, the agency was given the authority to provide funding for highways and bridges damaged by natural disasters.
Disaster Relief Act of 1950: Authorized the President of the United States to issue disaster declarations. As a result, the declaration permitted federal agencies to provide direct assistance to state and local governments in the wake of a disaster.
Federal Civil Defense Act of 1950: The threat of nuclear war and its subsequent radioactive fallout precipitated numerous defense legislations. The Act provided the basic preparedness framework to minimize the effects of an attack on the civilian population and a plan to respond to the immediate emergency conditions created by the attack.2
Office of Emergency Preparedness (1960): As a result of a series of disasters (Hurricane Donna, Hurricane Carla, and a 7.3 Montana earthquake) the Kennedy administration established this agency to oversee the seemingly growing risk of natural disasters.
National Flood Insurance Act of 1968: The legislation was prompted by the unavailability or prohibitively expensive flood insurance coverage. The Act resulted in the National Flood Insurance Program (NFIP).
Federal Emergency Management Agency( FEMA): By 1970, over 100 federal agencies and thousands of state and local entities were involved in risk management and disaster response efforts. The scattered, fragmented, and decentralized concept led to duplicated efforts, confusion, and political power struggles. FEMA was created to centralize efforts and minimize disorder.
Oil Pollution Act of 1990 (OPA90): In the wake of the Exxon Valdez oil spill, the law created comprehensive prevention, response, liability, and compensation policies for vessel and facilities that could cause oil pollution to U.S. navigable waters.
Federal Response Plan (1992):The plan aimed to provide a systematic process and structure for coordinated delivery of Federal assistance to address the effects of any major disaster or emergency declared under the Robert T. Stafford Disaster Relief and Emergency Assistance Act.3
September 11, 2001: FEMA activates the Federal Response Plan as a response to the worst terrorist attack on the United States. The attacks can be identified as one of history’s turning points for the rapid advancement and coordination of emergency management.
Homeland Security Act of 2002: Was established as a result of the September 11, 2001 attacks in effort to protect the United States from further terrorist attacks, reduce the nation’s vulnerability to terrorism, and minimize the damage from potential terrorist attacks and natural disasters.
National Response Plan (2004): Developed out of the need to implement common incident management and response principles. The NRP replaced the Federal Response Plan.
National Response Framework (2008): Through stakeholder feedback, a series of disasters, and subsequent lessons learned, the framework was developed to enhance the principles of the National Response Plan. The changes incorporated the concept that an effective incident response is a shared responsibility of all level of governments, the private sector and NGOs, and individual citizens.4
The above timeline is just a sampling of the historical events that precipitated change in emergency management industry. Lesson learned from recent events like Hurricane Katrina and Sandy, massive wildfires, and the earthquake and subsequent tsunami and nuclear accident in Japan will continue to mold response protocols. As history can predict, the 21st century will provide a backdrop for additional improvements to emergency management policies, response efforts, and preparedness. Emergency-management-degree.org provides an informative infographic detailing various events of the past that have shaped our present, and a nod to anticipated potential threats that create the need for additional preparedness efforts.
1. Reconstruction Finance Corporation (RFC)2 Federal Civil Defense Act of 19503. Federal Response Plan4. National Response Framework
For a free download on the specifics of fire pre-planning, click the image below:
Happy Thanksgiving from the TRP Corp Family!
We are thankful for all those that prioritize emergency response in an effort to:
- protect lives, infrastructure, and the environment
- help those in need
- recover familiarity in the aftermath
We sincerely thank our everyday heroes....especially those, who either through misfortune, distance, or civil service are unable to be with family.
The purpose of a Stormwater Pollution Prevention Plan (SWPPP) is to identify potential stormwater pollution sources and guide facilities to reduce the potential for pollutants reaching nearby waterways. Establishing procedures and controls is necessary to accomplish the following SWPPP objectives:
- Identify pollutants that may come in contact with stormwater.
- Establish measures to prevent pollutants from interacting with stormwater
- Establish controls to reduce or eliminate the potential for contaminated storm water being released to the environment.
The Environmental Protection Agency (EPA) defines control measures as “any Best Management Practice (BMP) or other method used to prevent or reduce the discharge of pollutants.” The SWPPP requires that companies identify and document which BMPs will be installed at the facilities. BMPs may include:
- Schedules of implementation activities
- Prohibited practices
- Other management practices
- Treatment requirements
- Operating procedures
- Practices to control industrial stormwater runoff, spillage or leaks, sludge, waste disposal or drainage from raw material storage.
Facilities are not required to have structural best management practices implemented prior to a permit application for permit coverage. According to the requirements, a facility has one year from the time of submitting a permit application to implement structural best practices. However, the EPA recommends installing structural best management practices as soon as possible.
There are 3 main categories of BMPs. These include:
- Non-structural BMPs: examples include, but are not limited to:
- Optimize maintenance practices
- Control spills and leaks
- Manage wastes
- Employee training programs
- Optimize procedures and operations
- Simple structural BMPs: examples include, but are not limited to:
- Move significant materials and activities under cover
- Store materials in weatherproof containers, shelters, or dumpsters
- Use temporary shelters, like tarps, on a short-term basis only until permanent structures can be installed
- Complex structural BMPs: examples include, but are not limited to:
- Cover materials or operations with canopy or awning type structures
- Provide curb or slopes designed to prevent stormwater run-on or runoff
- Create stormwater ponds, sedimentary or wetland treatment systems
The following questions can assist in the evaluation of potential BMPs and implementation:
- Are the BMPs appropriate for my facility size/industrial activity/significant material?
- Are the BMPs the most cost effective to install?
- Is there another BMP that is simpler/more cost-effective that achieves SWPPP goals?
- Does the BMP require maintenance and is there adequate staffing for required activities?
- Can BMPs prevent precipitation from coming in contact with operations and/or significant material?
- Does the facility meet the criteria for ”No Exposure Exclusion”?
The content of the SWPPP will vary depending on site-specific conditions. According to The State of Washington’s Department of Ecology, the following BMPs common in SWPPPs:
Covered Storage: Chemicals stored outside should be covered so that rainfall does not become contaminated by contact with the chemical containers. The SWPPP should include this as a standard practice at the facility and a map should identify the covered storage areas.
Equipment Maintenance: The SWPPP should identify equipment that can spill or leak contaminants, such as petroleum products. Provide an inspection and maintenance schedule for each piece of equipment that is identified.
Employee Training: The first line of defense will often be an onsite employee. With proper training, facility personnel can properly manage stormwater and protect it from contamination.
Site Maintenance: Grading the site to provide even infiltration of rain and eliminating site debris will minimize contamination of stormwater.
Infiltration: Infiltration of all or part of the stormwater is preferred. A grassy swale, infiltration trench, or a constructed wetland may provide adequate infiltration for all or most stormwater events. However, when stormwater has become contaminated with pollutants such as oil and grease, treatment may be required before infiltration.
Detention Pond: At sites that discharge stormwater to surface water, a detention pond will typically be required to control turbidity. Careful attention to pond dimensions and design is necessary to accommodate major storms and provide adequate settling.
For a free download of Best Practices for Designing a Crisis Management Program, click the image below:
The 2013 Global Risk Report ranks cyber attacks in the “Top Five” of highly probability occurring incidents within the next ten years. According to the report, cyber attacks and critical system failures are considerable technological risks to companies and organizations across the globe.
As technology dependencies become more ingrained in company operations, it is essential to institute company-wide best practices for risk analysis, computer security, downloads, and backups in order to secure necessary integrated technologies. A recent report by The European Union Agency for Network and Information Security (ENISA) highlighted security concerns over Industrial Control Systems (ICS), including the widely utilized Supervisory Control and Data Acquisition (SCADA) systems, distributed control systems (DSC), and programmable logic controllers (PLC). These concerns are echoed in recent publications by the Department of Homeland Security’s Industrial Control System Cyber Emergency Response Team (ICS-CERT).
ICS are often used to control industrial processes, such as manufacturing, product handling, production, and distribution, and is a necessary element to promote business continuity. The main concern expressed by ENISA and ICS-CERT is that prevalent industrial control systems are riddled with varying outdated and un-patched software, leaving them exposed and vulnerable to hackers and cyber attacks. Mitigating this high risk is critical for maintaining continuity of operations.
Recent SCADA and ICS security incidents greatly emphasize the importance of vigilant observation, analysis, and control of SCADA infrastructures. The ICS-CERT quarterly newsletter entitled Monitor, stated that the response team responded to 198 incidents across all critical infrastructures in 2012. That number was surpassed by May 2013 with energy infrastructures comprising 53 percent of the targeted attacks. That percentage was up from 41 percent in 2012.
ICS-CERT urges operators to embrace coordination by sharing attack data, specifically indicators of system compromises, and established a secure portal to allow companies to actively engage in protecting critical infrastructure. Through the portal, ICS-CERT was able to identify 10 IP addresses that participated in a recent attack against a gas compressor station. The alert prompted other station owners to investigate their own networks and they eventually reported another 39 IP addresses associated with attacks.
According to ENISA, critical infrastructure companies should employ continual risk-based assessments of cyber security policies to prioritize and tailor recommended guidelines and solutions to fit specific security, business, and operational requirements. ICS-CERT offers recommended practices, vetted by subject-matter experts, to bolster technology security. In addition to these recommended practices, identifying procedural details of computer backups, data restoration methods, and minimum software requirements are crucial to re-establishing technology and business continuity of critical business processes, in the event of an attack.
There must be a mutual understanding between IT personnel and crisis managers regarding their respective roles, available resources, security efforts, and response measure during cyber disruption events. The ability to respond to critical incidents and identify root causes are key aspects in the ability to mitigate potential threats. With technology-based incidents, analyzing the deficiencies that led to IT downtime enables countermeasures to be implemented. ENISA offers four key areas that promote investigative capabilities that allow mitigative efforts: These key areas include:
- Facilitate integration with existing structures
- Determine source of evidence of security breach
- Clarify data retention impact on systems
- Streamline operational and IT interfaces
- Safeguard systems and configurations
- Deploy security controls
- Ensure logging controls
- Review key roles and responsibilities
- Embrace partnership coordination and cooperation
For a free sample of an emergency procedures flow chart, click the image below:
“Our greatest glory is NOT in never failing, but in rising up every time we fail." -Ralph Waldo Emerson
Corporate culture and associated public perceptions do not embrace the ideology of growth through failure. A recent LinkedIn discussion highlighted the issue of exercises being designed entirely for success. The exercises in questions were ones that were specifically designed to match response capabilities, not necessarily challenge participants and established preparedness efforts.
The discussion brings to light the multifaceted purpose of an exercise. While the action of conducting an exercise may validate regulatory requirements, exercises should be designed to test response plans and training effectiveness. The unique paradox of success through failures is the key to overall response plan improvement, especially within exercises.
Real world exercise scenarios can often highlight potential deficiencies (meaning failures) in response plans and procedures, comprehension of individual roles and responsibilities, and partnership coordination. However, it is through identified deficiencies that mitigation opportunities are revealed and valuable response knowledge and experiences can be attained.
The discussion emphasized that designing exercises strictly to create stressful, non-attainable objectives, is counter-productive. It is imperative to balance current capabilities with realistic scenarios in an effort to strengthen the overall resolve of the emergency preparedness program. An exercise should present challenging situations in an effort to improve capabilities. A demanding exercise can clearly identify deficiencies. However, creating a bottom line, no-win exercise situation can negatively affect the overall preparedness program by diminishing and detracting from the goal of improved response. An exercise should support a positive response team synergy by validating successes, yet create a path to increased response capabilities and improve targeted training efforts.
Conducting a challenging exercise outside the scope of response capabilities can also create a flawed negative reputation and unwarranted fallouts from the failed endeavor. Companies may suppress some negative impressions, feeling that a “failed” attempt at exercises may lead to internal and/or external perception that a company is poorly prepared for responding to an emergency. Pre-emptive crisis management efforts can alleviate possible unfavorable judgments. Companies sometimes promote their exercises results through public relations campaigns that highlight their dedication to overall preparedness advancements and a commitment to safety.
Whether a full scale or tabletop exercise, participants should understand and demonstrate the following:
1. A proficiency in utilizing the forms, processes, and common terminology to respond to the scenario in association with:
- National Incident Management System (NIMS)
- Incident Command System (ICS)
2. A comprehension of the specific roles and responsibilities within the following teams:
- Emergency Response Team
- Incident or Emergency Management Team organizations
Gaps in response plans or training should be identified and follow-up action taken to ensure that these gaps are addressed.
3. An understanding of external responding organization(s), and general internal responsibilities and expectations of the company: The following should be identified and confirmed for the applicable scenario:
- Communication processes
- Response methods
- Response times
- Roles and responsibilities
- Available equipment
4. The ability to document and communicate actions, management decision, and track resources, using standardized ICS forms and the Emergency response Plan: Participants should record processes and implement procedures per regulatory requirement(s) and company standards. Documentation can be used for:
- Response assessments
- Legal inquiries
- Team reviews
- Training efforts
- Identification of action items and lessons learned
- Improving emergency response plans
Exercises provide a setting for operational response procedures to be tested. In preparation for these exercises, companies should develop exercise-planning documents, including participant and controller’s packages that contain exercise objectives, scenarios, ground rules, and simulation scripts. These guidelines, at a minimum, should be provided to all participants prior to the exercise to allow for an understanding of expectations.
Threats, hazard vulnerabilities, staffing and organizational structure, facilities, and equipment are continually changing. A response exercise should be a tool utilized to identify effective efforts and inefficiencies in response to these changes. Through honest evaluations of response efforts to simulated “real-world” scenarios, emergency preparedness programs can continually improve, strengthen, and succeed... until the next change!
For a free download on "Conducting Effective Exercises", click the image below:
According to a report released by the National Climate Data Center (NCDC), national weather and climate-related disaster damages totaled nearly $110 billion in 2012, the second-costliest year for natural disasters since 1980. At least $1 billion in damages resulted from each of the eleven 2012 natural disasters, including spring tornado outbreaks, a derecho (a long-lived wind storm), a year-long drought, associated heat waves, and wildfires.
“What we are seeing this year (2012), is not just an anomalous year, but a harbinger of things to come", said Jane Lubchenco, National Oceanic and Atmospheric Administration administrator. Globally, the cost of disasters is also rising. The World Bank's Independent Evaluation Group (IEG) has revealed that disaster’s costs are 15 times higher than they were in the1950s.
According to statistics, the volatility and cost implications of disasters continue to rise. Natural disaster experts suggest a two-prong approach to combat natural disaster-related circumstances: adaptation and mitigation. In the corporate world, the two concepts must be intertwined. Adaptation refers to the necessary modifications that account for a changing environment. Adaptation is necessary for the survival of a species, as well as a business.
Increasing disaster costs require changes in overall preparedness perceptions and tangible actions. Corporate leadership teams must set the tone for preparedness by financially supporting, authorizing, and directing senior management to institute dedicated and sustaining emergency preparedness measures. Through these efforts, businesses can proactively respond to identified threats, potential risks, and potential disaster expenditures.
Initialization of corporate preparedness and prioritizing response planning is the foundation of private sector disaster adaptation. However, pre-emptive mitigation efforts are crucial to preventing incidents and minimizing costly impacts. Hazard mitigation is the effort to reduce loss of life and property by lessening the potential occurrence and overall impact of an incident. The mitigation process ideally requires the implementation of preventative measure before the next disaster, crisis situation, or even regulatory inspection. There are costs associated with analyzing threats, reducing risks, and implementing mitigation measures. However, an investment in the long-term well being of a facility and/or company through planned mitigation actions can increase overall site safety, operational sustainability, and financial security.
Effective mitigation requires a thorough understanding of the potential risks, regulatory compliance, lessons learned, and operational goals. For optimal financial benefit, mitigation efforts should meet certain key operational and response objectives. Mitigation efforts should lessen the strategic cost of an incident, and reduce the tactical effort of regulatory compliance. Mitigation efforts may:
- Reduce incidents
- Improve the ability to respond to safety incidents
- Improve the casualty and harm conditions through faster rescues and accident avoidance
- Strengthen infrastructure against failure
- Improve corporate reputation through intent and safety investment
- Reduce downtime
- Improve asset utilization
- Solidify supply chain availability
Mitigation measures can also be incorporated into corporate and site-specific response planning. Ensuring that response plans incorporate current communication methods, technologies, and lessons learned can improve over functionality of the response plan. Mitigation measures may include, but are not limited to:
- Automating response planning through tracking, updating, and management
- Facilitating universal ability to update response plans across all locations through cloud technology
- Automating core compliance and response planning activities
- Reducing resources associated with compliance and safety
- Enabling EHS personnel to spend more time planning and less time complying and reporting
- Automating governance and controls
- Optimizing and coordinating drills and actual emergency responses
To encourage continual adaptation and mitigation, preparedness programs should be reviewed at least annually. Response plans may require adjustments to incorporate operational changes, employee turnover, and/or new company policies, as well as changes in threat levels and associated risks. Through corporate preparedness adaptation and proactive mitigation efforts, safety and planning shortcomings, response coordination opportunities, resource capabilities, and effective response processes can be identified, improving overall site safety, financial security, and operational self- reliance.
For a free download on Crisis Management Best Pratices, click the image below:
Business continuity planning is an ongoing process. Unfortunately, once a business continuity plan (BCP) has been developed, some companies check it off the list as “completed” project. However, if BCP is to be successfully deployed, it must be periodically reviewed, assessed, and updated according to ebb and flow of its designated operations. Plan development and maintenance efforts are typically aligned with the size, complexity, and volatility of a company, or facility.
The BCP should be able to systematically guide employees to restore operations that are affected by abnormal conditions. Not all business continuity events are instantaneous. According to a recent report by the EU Agency for Network and Information Security, the average power outage duration from cyber-attacks was four hours, while significant weather-related power outages can last more than 36 hours. Although network disruptions and many emergencies are unforeseeable, instances such as significant weather and other events are often predictable, allowing companies to sequentially initiate business continuity plans, if necessary.
Below is a general timeline for business continuity implementation. This timeline is inclusive of predicted events, however, it can be accelerated to account for emergency situations and/or timing disparities.
Weeks leading up to identified events:
- Execute a business impact analysis (BIA) and review
- Submit BCP updates for each department, as necessary per the BIA
- Ensure required information/contact list is accurate
- Train employees on BCP implementation and restorative operations
- Make specific recommendations for the yearly training program
- Identify and coordinate all logistical and administrative resources
- Identify any additional BCP preparation actions
4 Days from identified event
- Ensure that all actions required for BCP accuracy are complete
- Advise the BCP management team regarding the developing situation
- Establish BCP meeting schedule
- Set incremental time frame for situational updates
- Evaluate the need and timetable for BCP implementation
- Advise department heads/coordinators of BCP intentions regarding the situation
- If relocating operations, coordinate specifics of the move after initial BCP activation
- Obtain hotels reservation in alternate location, if applicable
- Execute the final review of the BCP
2 Days (48 hours) from identified event
- Ensure that all BCP actions required up to this point have been completed
- If BCP is being implemented, move forward and coordinate implementation procedures
- If applicable, move operations to alternate site
- If relocating, review the lodging requirements/assignments with BC staff
- Review the Communication Plan with staff
- If evacuation is necessary, communicate expectations to staff
During the event
- If the event occurs without time for added preparation, immediately implement current BCP procedures
- Confirm all preparedness activities and required actions for implementation are complete
- Coordinate operations from alternate site
- Communicate with Department Heads/Coordinators regarding BCP level/status
- Produce status reports and distribute to BC management team
- Produce status reports/press releases for stakeholders, clients, and media
- Generate information bulletins for employees and contractors
- Ensure all departments are able to implement a full recovery
- Receive completed status reports and updates from department coordinators
- If necessary, mitigate any requirements from critical business units to ensure full recovery
- If applicable and safe, relocate to original operational site
- If necessary, continue to coordinate recovery operations from alternate site
- Organize documentation of all executed actions for review and historical record
- Communicate current BCP level, or deactivation readiness
- Review expenditures and submit expense reports
- Prepare the final report, and send to corporate BCP coordinator
- Review reports and conduct debrief meetings to identify lessons learned
- Update BCP with lessons learned
- Schedule BCP training to review updated BCP procedures
For a free download on how to conduct an effective emergency exercise, click the image below:
The Hazard Communication Standard (HCS) is now aligned with the Globally Harmonized System of Classification and Labeling of Chemicals (GHS). The first phase for compliance begins on December 1, 2013. At that time, the HCS will require employees to be trained on the new label elements and the updated Safety Data Sheets (SDS) format.
The revised HCS will provide a common and coherent approach to classifying chemicals and communicating hazard information on labels and safety data sheets. The goal is to improve the quality and consistency of hazard information in the workplace, making it safer for workers by providing easily understandable information on appropriate handling and safe use of hazardous chemicals.
Two significant changes contained in the 2012 HCS include the revised labeling elements and the standardized format for SDSs, formerly known as the Material Safety Data Sheets (MSDSs). Employees may have already been exposed to the new labels and SDSs on the chemicals in their workplace during the transition phase. However, to ensure workplaces are compliant with the new regulations, it is critical that employees understand the new label and SDS formats.
OSHA requires the following training criteria to be in place prior to December 1, 2013.
Label training must include:
- Product identifier: The chemical may be identified by the name, code number or batch number. The manufacturer, importer, or distributor can decide the appropriate product identifier. The same product identifier must be both on the label and in Section 1 of the SDS.
- Signal word: DANGER and WARNING are the two classes utilized on the labeling. The word DANGER is used for the more severe hazards and the word WARNING is used for the less severe hazards.
- Pictogram: OSHA has designated eight pictograms to be associated with a hazard category. HCS approved pictograms are illustrated below.
SDS format and information training must cover the following topics:
- Hazard statement: The hazard statements are specific to the hazard classification categories, and chemical users should always see the same statement for the same hazards, no matter what the chemical is or who produces it.
- Precautionary statement: Describes recommended measures that should be taken to minimize or prevent adverse effects resulting from exposure to a hazardous chemical or improper storage or handling.
- Contact information: Name, address and phone number of the chemical manufacturer, distributor, or importer.
- Workplace label use: Describes proper storage requirements and first aid procedures
- Element integration: For chemicals that have multiple hazards, different pictograms are used to identify the various hazards. The employee should expect to see the appropriate pictogram for the corresponding hazard class. When there are similar precautionary statements, the one providing the most protective information will be included on the label.
- Standardized 16-section format including the section numbers, the headings, and associated information:
- Section 1: Identification includes product identifier; manufacturer or distributor name, address, phone number; emergency phone number; recommended use; restrictions on use.
- Section 2: Hazard(s) identification includes all hazards regarding the chemical; required label elements.
- Section 3: Composition/information on ingredients includes information on chemical ingredients; trade secret claims.
- Section 4: First-aid measures includes important symptoms/ effects, acute, delayed; required treatment.
- Section 5: Fire-fighting measures lists suitable extinguishing techniques, equipment; chemical hazards from fire.
- Section 6: Accidental release measures lists emergency procedures; protective equipment; proper methods of containment and cleanup.
- Section 7: Handling and storage lists precautions for safe handling and storage, including incompatibilities.
- Section 8: Exposure controls/personal protection lists OSHA’s Permissible Exposure Limits (PELs); Threshold Limit Values (TLVs); appropriate engineering controls; personal protective equipment (PPE).
- Section 9: Physical and chemical properties lists the chemical’s characteristics.
- Section 10: Stability and reactivity lists chemical stability and possibility of hazardous reactions.
- Section 11: Toxicological information includes routes of exposure; related symptoms, acute and chronic effects; numerical measures of toxicity.
- Section 12: Ecological information*
- Section 13: Disposal considerations*
- Section 14: Transport information*
- Section 15: Regulatory information*
- Section 16: Other information, includes the date of preparation or last revision
*Note: Since other Agencies regulate this information, OSHA will not be enforcing Sections 12 through 15 (29 CFR 1910.1200(g)(2)).
For a free download on the aspects of fire pre-planning, click the image below: