Subscribe Via E-mail

Your email:

Follow TRP

Request a Demonstration of our Web-based Planning Systems

 

 

 

Posts By Category

Current Articles | RSS Feed RSS Feed

Maintaining Regulatory Compliance in an Oil Industry Acquisition

  
  
  

Oil companies are not stagnant entities.  Every year, the industry experiences acquisitions, mergers, and systemic transformations. The dynamic nature of the energy sector requires environmental, health, and safety departments, as well as facility managers, to periodically review and adjust their approach to emergency management and regulatory compliance.

Whether a facility is located in the U.S. or abroad, ensuring compliance, employee safety, and an effective response requires a streamlined, coordinated, and exercised response plan. All response plans, including SPCC's and facility response plans, within the corporate enterprise should address site-specific facility details, applicable and tested response processes, and standardized company-wide best practices while maintaining location-specific regulatory compliance. A customizable response plan template can enable the development of a streamlined, site-specific preparedness program that consistently delivers company-standard guidelines and practices while providing a medium for rapid assimilation of merging or acquired facilities.

Industrial operations are required by law to institute site-specific emergency response plans, and train employees according to their response roles and pertinent response methods. Acquiring one or more new facilities typically presents challenges that generic or static response plan templates do not account for. Failure to incorporate site-specific details may result in incomplete, ineffective, and costly non-compliant plans.  Companies with multi-facility operations should utilize a customizable template with the ability to inject distinct facility information and hazards for each operation, pre-approved company best practices, as well as applicable local, state, and federal requirements.

Integrating response plans under one centralized format enables consolidated preparedness and response objectives. Acquired facilities must be absorbed into the company-wide emergency management program. If response plans exist, companies should perform a gap analysis or audit to identify any procedural, company policy, or compliance deficiencies that may be applicable to the new facilities. It is critical to define preparedness objectives, response roles, and responsibilities in order to eliminate ambiguity and confusion.  Responsible parties must apply new data, site assessments, and validated information into cohesive, compliant, and effective response plans for the new enterprise.

New or outlying facilities may present preparedness and response challenges. Cultural differences, infrastructure challenges, response equipment availability, minimal response knowledge and training, and security priorities may require heighten preparedness priorities and planning efforts. As a result, new locations may be particularly vulnerable to crisis or emergency response situations.

Regulatory compliance - TRP Corp

The following fundamental preparedness and response questions may assist companies in absorbing facilities into an established emergency management program. Determining site-specific information, possible mitigation efforts, and response capabilities can mobilize stakeholders to develop necessary and required response planning objectives. (Note: The questions below are meant to initialize conversations and should not be considered a thorough checklist for preparedness and response planning)

Who will be in charge of the response and how will it be organized?

  • Identify Incident Commander
  • Create Emergency Management Team organizational chart
  • Identify Emergency Management Team activation measures
  • Create Emergency Management Team roles and responsibilities checklists

Does the facility have a current response plan to draw from?

  • Update necessary contact information and notifications
  • Perform a gap analysis of the current plan(s) against new operations, equipment, company policies, industry best practices and applicable regulations
  • Review agency approval and submittal processes and comply as necessary

What threats affect the new facility and its employees?

  • Perform a detailed hazard and risk analysis
  • Verify or create response procedures for each identified threat
  • Identify process for incident documentation
  • Utilize appropriate ICS Forms
  • Identify current and necessary equipment necessary for response

What regulatory requirements apply to this facility?

  • Evaluate operations for compliance
  • Identify required training and confirm documentation
  • Review submitted response plan information
  • Perform a compliance audit

If necessary, what organization will conduct additional response duties?

  • Identify response capabilities and determine if additional resources are necessary
  • Initiate a Memorandum of Understanding or contract specific response needs
  • Confirm contact information, availability, and response times

How will the emergency be reported and response initiated?

  • Create site-specific notification procedures
  • Identify site-specific alarms that signal employee evacuation or shelter in place.
  • Test alarms to confirm they are in proper working condition
  • Ensure employees are trained in alarm procedures and immediate response actions per designated roles and responsibilities
  • Implement company approved emergency classification levels to associated response procedures with emergency conditions to prevent the incident from escalating

What incidents or classification level require evacuation/shelter in place

  • Establish multiple evacuation routes.
  • Does the evacuation go beyond facility borders?
  • Identify the muster point(s) and head count procedures?

How are response actions sustained?

  • Establish command post location
  • Identify internal and external response resources and equipment for a sustained response
  • Share response plan with appropriate responders/stakeholders
For a free Audit Preparedness Guide, click the image below:
Regulatory Compliance with TRP Corp
TRP offers a variety of free resources at http://www.emergency-response-planning.com/downloads/

 

Crude by Rail: Cooperative Preparedness Planning and Training

  
  
  

CSX, a North American leading supplier of rail-based freight transportation, recently hosted a crude-by-rail (CBR) incident response training session at the Security and Emergency Response Training Center (SERTC) in Pueblo, Colorado. The training consisted of 40 first responders representing 12 states.  According to CSX, “The three-day training session focused on preparation for and emergency response to railroad incidents involving crude oil, and included an overview of the history of crude oil extraction, chemical and physical properties of different types of crude oil currently being transported, incident site and damage assessment, and tank car design and construction. Participants also practiced specialized response techniques and incident command scenarios during mock derailments.”

According to the Association of American Railroads’ October 4, 2014 Weekly Report, petroleum and petroleum products shipped by rail was up 12.8% from the same time frame in 2013 (1). As CBR shipments continue to increase, companies must prioritize response and safety training, as well as coordinated planning and preparedness efforts. Because a single incident can have a significant or catastrophic impact, it is imperative that pre-planning and training be incorporated with coordinated response efforts.

In May 2014, the Department of Transportation (DOT) mandated initial coordination by instituting an emergency order for railroads to communicate specific information to each State Emergency Response Commission (SERC). The notifications must provide information regarding the estimated volumes and frequencies of train traffic implicated. Rail companies that transport 1,000,000 gallons or more of Bakken crude oil must adhere to the emergency order.

Specifically, the emergency order dictated that the notifications must: 

  1. Provide a reasonable estimate of the number of trains expected to travel, per week, through each county within the state
  2. Identify and describe the petroleum crude oil expected to be transported in accordance with 49 CFR part 172, subpart C
  3. Provide all applicable emergency response information required by 49 CFR part 172, subpart G
  4. Identify the routes over which the material will be transported.

Communication and cooperative pre-incident planning provides a tool for railroad companies and response agencies to begin the collaborative process of preparedness. This endeavor should be a coordination of overall response strategies that are made part of CBR response plans, training, drills, and exercises. A derailment that includes crude may require mutual aid efforts and a clear, yet robust Incident Management System.

crude by rail prearedness

In order for an incident management system to be effective, specific situational checklists should be created.  Rail employees, and local incident responders must be trained in applicable emergency procedures, communications cycles, and documentation requirements.  Rail incidents should be managed through clearly identified and communicated objectives. These objectives may include, but are not limited to:

  • Establishing specific and step-by-step incident objectives
  • Developing strategies based on incident objectives
  • Developing and issuing assignments, plans, procedures, and protocols
  • Establishing specific, measurable tactics or tasks for various incident management functional activities, and directing efforts to accomplish them, in support of defined strategies
  • Documenting results to measure performance and facilitate corrective actions

Maintaining an accurate and up-to-date picture of resource utilization is a critical component of incident management and emergency response. This may be especially challenging on select high or low density rail routes.  Each real-time incident management status update should include the following information in order to clarify response status:

  • Time of update (timestamp)
  • Incident or event name
  • Elapsed time of incident from initiation
  • Name/position of responder making status updates
  • Current planning phase and/or specific status update
  • Tasks assigned, both internally and externally, and resources used or required
  • Emergency Operations Center location and contact information

Improving rail car emergency response training, reactive decision management, timeliness of an ongoing response, and swift implementation of recovery strategies can limit resulting effects of any CBR emergency situation. As the shipments of CBRl continue to increase, it is imperative that companies, in conjunction with local responders prioritize well-coordinated preparedness initiatives.

NOTE: SERTC was established in 1985 to train railroad officials to safely handle accidents involving tank cars carrying hazardous materials. Because the initial endeavors were so successful, hands-on training courses were extended to serves the public sector emergency response community, the chemical industry, government agencies, and emergency response contractors from all over the world.  

(1)   Association of American Rail Traffic Weekly Rail Traffic Report, Oct. 9, 2014.

For enterprise-wide response planning guidance, click here or the image below:

Response Planning For Large Organizations with Multi-Facility Operations DOWNLOAD

 

 

SPCC Planning and Regulatory Compliance Inspections

  
  
  

The challenge of managing and ensuring compliance of Spill Prevention, Control and Countermeasure (SPCC) plans for multiple facilities can be complex. Detailed government inspections, enforcement mandates, costly non-compliance fines, and negative publicity may result from the lack of implemented, site-specific, and up-to-date plans. By utilizing available technology to manage multiple SPCC plans, companies can verify compliance through a cohesive, yet site-specific, standardization of best practices.

For facilities with aboveground storage tank capacities exceeding 1,320 gallons or underground tanks with capacities above 42,000 gallons, Environmental Protection Agency (EPA) compliance requires accurate and up-to-date SPCC plans. A professional engineer must certify SPCC plans if your facilities have more than 10,000 gallons of aboveground oil storage capacity.

Maintaining SPCC compliance requires preparing plans that outline facility-specific spill prevention procedures, associated equipment to prevent spills from occurring, and countermeasures to address the effects of potential oil spills on sensitive environments. For organizations that have many facilities, web-based response planning provides seamless integration of approved enterprise-wide procedures and policies with site-specific, SPCC required information. This optimizes the potential for every location to remain in compliance with SPCC regulations.

Since 1973, the EPA has conducted scheduled or unannounced facility inspections to ensure that facilities identify site-specific practices related to the storage and management of oil and oil tanks, and response procedures in the event of an oil spill. According to the EPA, the SPCC Inspections serve two primary functions:

  1. To ensure that oil storage facilities, refineries, electrical utilities and oil production fields, among other subject industries, are in compliance with 40 Code of Federal Regulations (CFR) part 112.
  2. To give U.S. Environmental Protection Agency representatives the opportunity to educate owners and operators about the regulations and ways to ensure compliance.

SPCC TRP Corp

In order to meet SPCC regulatory requirements, every applicable facility in your organization is required to regularly update and maintain SPCC plans per EPA regulation 40 CFR 112.20. The following is an abbreviated checklist of SPCC associated planning elements that EPA representatives may evaluate during facility inspections:

  • Storage tanks and other equipment containing oil
  • Storage tank integrity testing requirements
  • Truck loading/unloading areas
  • Transfer procedures and equipment (including piping)
  • Facility layout and diagram
  • Drainage patterns and oil discharge predictions
  • Secondary containment or diversionary structures and their ability to contain a release of oil
  • Site security measures
  • Operating procedures
  • Personnel training and oil discharge prevention briefings
  • Plan certification (by a Professional Engineer (PE) or in certain cases by the facility owner/operator)
  • Recordkeeping

Since the prevention and countermeasures identified in SPCC plans must be implemented throughout the facility in order to be in compliance with regulations, a copy of your SPCC plans must be available to inspectors for reference at all times. In addition, it is essential to provide inspectors with relevant documentation of all operating and inspection procedures, spill prevention measures, training records and other compliance verification information.

With a comprehensive, web-based, database-driven SPCC plan management system, emergency managers and health, environmental, and safety departments can:

  1. Simplify audits
  2. Easily identify required information
  3. Verify accuracy of plan contents through secured access
  4. Revise information in real-time, as necessary
  5. Identify regulatory compliance gaps
  6. Account for necessary mitigation endeavors
  7. Ease maintenance and administrative efforts
  8. Provide electronic copies of plans to government agencies

Proactive responsive, procedural, and preparedness measures, in conjunction with innovative planning system technologies can maximize compliance efforts and minimize accidents and catastrophes. Transitioning to a web-based system to maintain SPCC plans can enhance accessibility, portability, and redundancy, potentially easing communication barriers with responders and regulatory audits.

For a free download entitled, "The Facility Response Plan and the Spill Prevention, Control, and Countermeasure Plan", click here or the image below:

TRP - SPCC and FRP

 

Global Response Planning Extends Beyond Operational Hazards

  
  
  

Current world events, such as the Ebola outbreak, ISIS threats, and Super Typhoon Vongfong continue to alter the focus of emergency management. With each pandemic, security crisis, natural disaster, or emergency incident, a renewed emphasis on specific preparedness initiatives and associated countermeasures evolves. Despite site-specific operation hazards, a well-developed response plan should examine all risks and vulnerability factors in order to provide employees with the knowledge, procedures, and resources necessary to respond appropriately to any situation.

When companies expand globally, identifying, evaluating, mitigating, and planning for continually evolving location-specific risks and vulnerabilities is challenging. Those with the responsibility of global preparedness and planning must address site-specific regulatory compliance measures, inherent risks (including operational and location-specific), technological and physical security needs, and each operational response plan component. Cultural disparities, infrastructure challenges, or security provocations may leave sites vulnerable to particular events and heighten the urgency of preparedness initiatives and planning efforts.

Preparedness, operational sustainability, and employee safety requires a streamlined, coordinated, and exercised response plan. Response plans must be developed to account for each potential emergency and non-emergency scenario that could impact or cause damage to a particular facility or its operations.  Aside from innate operational hazards, both physical site security and electronic security must be considered in preparedness measures. (Note: A security breach is just as likely to come in the form of a computer hacker or virus as it is from an actual intrusion, uprising, or physical attack.)

While emergency scenarios may affect the safety and health of employees, operations, and/or the facility infrastructure, non-emergency situations can arise that potentially impact company reputation and operational longevity.  A poorly managed situation can negatively affect a company’s reputation, business interests, and relationship with key regulators and partners.

Response Plan- TRP CORP

Below are some crisis management situations that could affect business continuity for companies with multinational facilities. Business continuity and crisis management plans should be developed for each of these scenarios that could likely cause significant damage to the business.

Environmental Stewardship: Disparity in international, country, state, county and corporate environmental standards.  Environmental regulations may vary regarding:

  • Facility or site requirements
  • Transportation
  • Hazardous spills
  • Equipment safety
  • Fire fighting methods
  • Gas releases

Natural Disasters: Each geographic location has specific historical and potential natural threats.

  • Earthquakes
  • Hurricanes/typhoons
  • Sand/wind storms
  • Tornados
  • Flooding
  • Tsunami

Employee issues: While every facility must prepared for potential employee issues, global companies must pay specific attention to:

  • Cultural differences
  • Language barriers
  • Labor relations challenges
  • Workplace discrimination or harassment
  • Disgruntled workers
  • Health and safety disparagements

Marketing: Global markets and unethical business practices can create non-emergency scenarios resulting in the need for crisis management:

  • Price gouging
  • Supply availability
  • Recalls
  • Deceptive business practices

Security Breach: A security breach can affect multiple aspects of a company, from business continuity to the physical safety of employees.

  • Computer hacking
  • Catastrophic IT failure
  • Facility security measures
  • Civil unrest
  • Personnel/employee security

Corporate Governance:  Corporate changes can initiate unrest, disrupt operations, and company reputation:

  • Mergers
  • Organizational restructuring
  • Downsizing
  • Facility closings
  • Management successions/promotions
  • Financial reporting integrity

Industry/Sector Issues: As industry specific equipment, regulatory advancements, and technologies evolve, preparedness should continually adapt to include safety processes, continuity procedures and best practices.

  • Supply disruptions
  • Punitive regulations

Illegal Activity: Faults in humanity may be intensified by location specific conditions, supply and demand, and/or greed. Preparedness measures should include business continuity and crisis management procedure for the following circumstances:

  • Extortion
  • Bribery
  • Fraud
  • Malfeasance
  • Criminal Investigation

Political/Social issues: As companies strive to be profitable, political and social issues can interfere with daily operations. Situations that may affect productivity include, but are not limited to:

  • Human rights
  • Terrorism
  • War
  • Political or social unrest
  • Economic disparity
  • Discrimination

Have locations across the globe? Download TRP Corp's free guide,"Response Planning for Large Organizations with Multi-Facility Operations".

Response Planning For Large Organizations with Multi-Facility Operations DOWNLOAD

 

Corporate Emergency Preparedness and Risk Management

  
  
  

Planning for the unpredictable is part of emergency preparedness. Whether preparedness is mandated by corporate policy or regulatory agencies, risk management in cooperation with widely accessible emergency response plans can maximize efficiency and minimize the impacts on employees, the environment, and infrastructure. However, efforts to prepare for, manage, or mitigate risks are often unexecuted, shelved by constrained resources, profit margins, politics, or alternative goals.

In an effort to maximize preparedness and minimize inherent risks, corporate emergency management should provide:

  • A system for assessing and prioritizing incidents
  • Streamlined and standardized response methods
  • Communication and notification procedures
  • Roles and responsibilities for corporate and incident level response teams
  • Optimized training, drills and exercises
  • A demonstrated commitment to safety

By prioritizing an emergency management program, a company demonstrates the foresight to address emergency situations and associated challenges, and proactively affirms its efforts to ensure the safety of employees, the environment, and the surrounding communities. However, in order to maximize safety and plan for inherent emergency situations, site-specific threats and risks must be identified, assessed, mitigated, and planned for.

To manage workplace risks, each facility should be analyzed for potential hazards. These threats to operational status quo may be present in the form of unsafe acts and/or unsafe conditions. Once risks are recognized and evaluated, they should be eliminated if possible, or controlled through procedural planning. A risk management program should include, but not be limited to the following processes and prevention program.

RISK RECOGNITION:

  • Risk recognition can occur through inspections, audits, and job hazard analysis
  • All levels of management should take interest in their company’s risk management program
  • Each manager should establish realistic goals for risk reduction and prevention within their area of responsibility
  • Consult with local or online sources that have pre-identified risks based on site operations and location.

RISK EVALUATION:

  • Evaluate accident probability for each process, procedure, and handled material and resulting level of potential severity if an accident were to occur
  • Evaluation should take into account the time, place, and conditions in which threats or hazards might occur
  • The probability and severity of a risk should determine the priority level for correcting the hazard. The higher the probability and severity of risk, the higher the emphasis should be on corrective action

TRP Corp - Risk Management

RISK ELIMINATION or RISK CONTROL

  • Targeted effort should be made to isolate and eliminate the root cause
  • Realized mitigation opportunities may reduce the amount of response resources required in the event of an incident
  • If root cause cannot be eliminated, changes in process and procedure should be made in order to reduce risk:
    • Implement risk reducing engineering controls, when applicable
    • Implement proactive administrative controls or work place practices
    • Establish process to identify inoperable or malfunctioning equipment and machinery through systematic inspections
    • Establish processes to minimize the effects of naturally occurring hazards
    • Ensure control does not hinder regulatory compliance

RISK COMMUNICATION

  • Apply the results of analysis through planning and exercises. Employees should be made aware of hazards associated with any workplace process, materials, or location.
  • Accident prevention signs should be posted to remind occupants of the presence of hazards
  • Establish and communicate emergency response plans to employees and appropriate emergency response teams. This includes up to date contact information and notification procedures
  • Calculate, specify, and communicate resource requirements and operational capacities for each targeted scenario to internal and external responders
  • Counteract onsite response deficiencies for each scenario by implementing coordinated interoperability communication

Understanding your company’s risks, from the facility to the corporate level, is essential to preparedness and sustainability. Companies that prioritize risk management and integrate preparedness goals are better prepared to educate employees on potential incidents, and their role in protection, prevention, mitigation, response, and recovery.

Click here, or the image below, to download a free Audit Preparedness Guide:

Regulatory Compliance with TRP Corp

 

Ten Reasons for Companies to Invest in Incident Management Programs

  
  
  

Incident Management programs shouldn’t be created for IF an incident happens...but for WHEN an incident happens.

Regulatory compliance mandates, a history of incidents, or an awareness of potential crises typically trigger companies to fund preparedness initiatives. At a minimum, preparedness endeavors and response capabilities should be audited, tested, and updated on an annual basis. Budgeting efforts should be aligned with initiatives in an effort to improve incident management and preparedness capabilities.  Below are ten “best practice” reasons why companies should prioritize funding to advance preparedness initiatives and associated response programs:

#10. Streamline and standardize improved response methods:  A consistent company-wide emergency response management system can deliver site-specific details and management endorsed response processes.  Standardization allows employees and responders to conceptualize their roles and responsibilities across an enterprise, creating a common understanding of intended actions. Streamlining response methods can assist responders in assessing, prioritizing, and responding to incidents.

#9. Optimize drills and training: Employee training, emergency response drills, and applicable exercises identify deficiencies in emergency response planning programs. Incorporating appropriate response training and testing response plans with detailed scenarios will improve response capabilities and coordination, as well as reduce response times.

#8 Improve regulatory compliance: Costly non-compliance fines result from the lack of implemented, thorough, and compliant programs. By systematically aligning response plans and their components with corresponding regulations, companies can identify and amend plan deficiencies that may result in fines and potential government mandated shutdowns.

#7. Simplify and automate response plans: Maintaining response plan can be an administratively taxing endeavor. Continual administrative duties associated with personnel contact information, assignments, training records, exercises, and continual plan updates may be inadequate to sustain an optimal program. Maximizing efficiency through advancements in technology can minimize time associated with maintaining incident response plans.

Incident Management - TRP CORP

#6. Improve asset utilization: Companies must utilize employees, responders, equipment, and budgets effectively in order to minimize the effects of a crisis or disaster. Realigning current tangible assets (equipment and/or personnel), mitigating current inefficiencies, and/or budgeting for additional response training or improved equipment will improve the overall effectiveness of an emergency management program.

#5. Demonstrate a commitment to safety:  Companies should proactively affirm the safety of employees and surrounding communities, and protection of the environment, by establishing proven countermeasures to potential threats and associated risks. Prioritizing emergency preparedness initiatives demonstrates a company’s commitment.

#4. Improve conditions:  Harmful conditions pose a risk to occupants, the environment, infrastructures, and/or the surrounding communities. By eliminating or mitigating potentially adverse conditions, unsafe activities, or ineffective responses, companies can reduce the potential for and effect of emergency situations. The risk assessment process can be used to identify potential threats or harmful conditions that can lead to incidents.

#3. Reduce Incidents:  By identifying potential threats and risks, mitigation and preventative measures can be taken to curtail the likelihood of an incident from occurring or reduce its impacts. Mitigation measures may include a variety of tactics including, but not limited to training for employees, updating safety processes and procedures, or securing or purchasing updated equipment.

#2. Reduce downtime:  Operational downtime and production loss reduces revenues. By optimizing and implementing the most effective and functional incident management program possible, incidents can be promptly managed and rapidly demobilized, thereby reducing response-related costs and downtime.  The repercussions from an incident can include detrimental relationships with customers, the surrounding community, and stakeholders.

#1. Cost savings:  Proactive compliance efforts, safety initiatives, training and exercises, and response and resiliency planning are typically less expensive than regulatory fines, sustained response efforts, and overall repercussions resulting from an incident.

Implementing a technologically advanced enterprise-wide emergency management system offers opportunities to increase the effectiveness of planning and preparedness efforts. Gathering lessons learned from various site managers, performing site regulatory gap analyses, and implementing new proven concepts will ensure the best possible functionality and processes within a program.

For a free Response Procedures Flowchart, click here or the image below:

New Call-to-Action

 

The Business Impact Analysis: A Step Towards Business Continuity

  
  
  

Companies may not consider the interdependencies between critical operations, departments, personnel, and services until an event disrupts normal operations. A Business Impact Analysis (BIA), a key component in business continuity planning, presents the ability to identify and quantify which business unit that, when absent, would significantly impact a company. While the size and complexity of essential business elements required for sustainability varies among industries, companies, and specific facilities, the ability to quantify and prioritize critical workflow components is a key business continuity element.

Critical business units, associated functions, and a trained workforce provide the greatest financial value to companies. Companies that prioritize process sustainability initiatives that can meet recovery time objectives have a better chance of minimizing impacts of impeding disruptions.

Within each key business unit, additional business functions should be considered and evaluated. By identifying cross business unit dependencies, the need for integrated risk mitigation solutions can be highlighted and proactive measures can be taken. A workflow analysis may prioritize those business functions and processes that must be recovered in order for business continuity plans to be effective. Functions within each business unit may include, but are not limited to:

  •  Finance 
  • Contracts 
  • Supply and trading 
  • Personnel and payroll 
  • Benefits 
  • Accounts payable
  • Environmental health and safety 
  • Information technology

Once critical business functions and workflows are assessed and prioritized, a BIA should be performed.  The goal of the analysis should be to identify the potential impacts of identified risks, uncontrolled threats, and potential non-specific events on these business functions and dynamic processes. Any potential resilience capabilities should be prioritized and mitigation opportunities should be examined.  Operational and process managers should explore and quantify the following aspects to initiate the BIA process:

Timing:

  • Identify critical operational time periods when an interruption would have greater impacts (seasonal, end of quarter, specific month, etc.).
  • Priorities should be determined if an interruption during high-output timeframes creates amplified operational and financial impacts.

Likelihood Level:

  • Indicate how likely each specific threat could occur, considering existing capabilities, mitigation measures, and history.

Duration:

  • Identify the duration and point in time when an interruption would impair operational processes and have financial impact.
  • Estimate the maximum allowable downtime for each specific business function
  • Consider downtime impacts from less than 1 hour to greater than one month

BCP duration: TRP CORP

Staffing minimums:

  • Identify staffing level requirements (including contractors or suppliers) to meet typical daily productivity goals, as well as recovery time objectives.

Operational Impacts:

  • Identify the effects associated with a business unit interruption, considering existing mitigation measures. These may include, but are not limited to:
    • Lost sales and income
    • Negative cash flow resulting from delayed sales or income
    • Increased expenses due to overtime, outsourcing or other operations that increase costs
    • Regulatory fines and legal implications
    • Contractual penalties or loss of contractual bonuses
    • Customer dissatisfaction or withdrawal
    • Delay of business plan execution or strategic initiatives

Recovery Time:

  • Identify the time frame necessary to recover specific critical processes under existing capabilities and, if possible, potentially altered conditions.

Financial Impact:

  • Determine and quantify financial impacts,  considering existing mitigation measures.
  • Critical functions that have the highest financial impacts should be prioritized in business continuity plans.

If a business continuity incident affects two or more business processes, the incident has a greater potential for impact. Interoperable communication and coordination among departments must be exercised for a swift recovery. The effects of a multi-tiered business continuity event can extend beyond the facility borders to affect personnel, multiple critical business processes, vendors or suppliers, and customers.

Adverse information technology (IT) conditions may affect numerous company departments, units and functions. IT components may include networks, servers, desktop and laptop computers and wireless devices. The ability to utilize both office productivity and enterprise-wide software may be essential to restore normal operations. Therefore, time critical recovery strategies for information technology, such as exercised data backup and restoration procedures, should be developed in order to limit the effects of interruptions across multiple business units.

Once critical business units are identified and the BIA is completed, companies can develop an applicable business continuity plan, ensuring a faster state of recovery.

Click HERE or the image below for a free download on Enterprise-Wide Response Planning.

Response Planning For Large Organizations with Multi-Facility Operations DOWNLOAD

 

Checklist for Web-Based Business Continuity Plans

  
  
  

In business, every threat can result in the same consequence: the loss or temporary cessation of key business processes. The process that institutes a path to sustainability and recovery is known as business continuity. Because sources and the likelihood of threats continually evolve, business continuity plans (BCPs) must be dynamic to incorporate evolutionary business process countermeasures.

These countermeasures include modern communication techniques. By transitioning from paper-based business continuity plans to a web-based approach, companies have the ability to maximize data and ensure a streamlined approach to business continuity. A web-based plan enables a standardized, enterprise-wide business continuity template, yet allows for site-specific details for each particular site.

A web-based platform, coupled with wireless technology, can speed up the cycle of continuity events. The following core business continuity elements should be included in a BCP, however they must be cyclically assessed for accuracy, potential mitigation opportunities, and lesson-learned insights in order for established processes and communication to be effectively maximized.

1. Plan distribution list and contacts: Business continuity planners must be certain that all current employees listed in the plan, as well as those on the plan distribution list is verified for accuracy.  If maintaining accurate contact information is challenging, consider opting for notification verification system with email or text message capability that enables the contact to verify personal information and automatically update associated response plans.

2. Communication: By aligning mass notification methods with typical daily communication habits (cell phone, emails, texting), planners can ensure key contacts are made aware of any business interruption and BCP activation. Clear and effective communication channels must remain available in order to disseminate information to employees, assess and relay damage, and coordinate recovery strategies. Provide employees training in primary and established secondary communication methods in case of disruption of primary communications.

3. Key Staff Roles and Responsibilities: From business continuity implementation through recovery, job specific checklists and assigned procedures should be incorporated in a BCP. Task teams should be formed, at a minimum, to cover each essential business process. Each site may require unique minimum staffing levels to remain operational.
In the event that primary team members are not available, cross team training should be conducted to provide backups. Planners should make appropriate plan changes as operations and staff evolve.

Business Continuity Plan - TRP CORP

4. Off-site Recovery Location: Include address, contact information, available on-site equipment, and any external equipment necessary for effective continuity of operations.

5. Recovery Time Objectives: Incremental processes and procedures should be identified to meet specific critical business process goals.  Recovery goals may include increments of one hour, 24-hours, 48 hours, one week, one month, and long-term recovery.

6. Key Customers’ Data:  Identify effective customer communication methods and necessary contact information required to inform customers of disruptions of deliverables or services. Effective customer relations and communication may be critical in retaining clients and maintaining positive relationships during a business interruption. 

7. Key Supplier Contact List: Identify critical business unit dependencies and interdependencies and key contacts. Transportation delays could affect delivery times. Plan and mitigate accordingly.

8. Alternate Suppliers List: The consequences of a supply chain failure on associated key business components can be crippling.  Alternate suppliers should be included in the BCP to ensure consistent delivery and continued operations in the event primary suppliers are affected by similar business continuity circumstances. As a company’s needs change and new suppliers come online, plans should be updated to include these critical suppliers.

9. Insurance Details: Identify details of insurance coverage and accurate contact information. The burden of proof when making claims typically lies with the policyholder. Accurate and detailed records are imperative.

10. Data Backup Details: Identify the procedural details of computer backups, data restoration methods, and the minimum program needs to re-establish critical business processes.  

11. Technology Requirements: Identify necessary hardware and software, and the associated minimum recovery time requirements for each business unit. Companies should examine current data center outsourcing to ensure continuity and accessibility or research continually advancing alternatives.

12. Equipment Requirements: Detail applicable equipment requirements for each business unit and recovery time goals. To prevent unnecessary downtime and additional recovery efforts, identify and procure necessary equipment and establish processes for continued operations and recovery.

13. Review Log: Incorporate newly identified hazards and vulnerabilities into the business continuity plan. A log can include necessary equipment used (requiring replacement or replenishment), altered processes, and lessons learned.

Is your enterprise still utilizing paper or document style plans? Download the "Top 3 Benefits of a Web-Based Response Planning System" to see how your company can benefit.

Web based response planning - TRP CORP

 

Oil Spill Response Planning, Drones, and Spill Surveillance

  
  
  

Oil spill response planning and preparedness are necessary to satisfy applicable regulatory requirements, protect the environment, and ensure safety for responders and employees. Yet, all plans related to oil spills have one common thread: minimize the impacts!

Effective oil spill response plans can minimize the impacts associated with an oil spill. The objectives of these plans, regardless of type of facility, are to:

  • Allow response personnel to prepare for and safely respond to spills
  • Ensure an effective and efficient response that takes geographical challenges into account
  • Outline spill response procedures and techniques at specific locations
  • Improve regulatory compliance efforts
  • Identify potential equipment, manpower, and other resources necessary to implement a spill response

History has proven that a single oil spill can have significant impacts to the environment and the responsible party. Off-site spill responses and containment efforts present unique challenges compared with spills occurring within the confines of the facility or secondary containment. These migrating spills require a higher level of coordination, communication, and surveillance in an effort to minimize downstream impacts.

It is critical to identify and provide detailed information regarding area socio-economic and natural resources and vulnerabilities that may be damaged if a spill were to occur. This information should guide response personnel to make reasonable, well-informed response actions to protect public health and the environment. Detailed information of downstream vulnerabilities and applicable response procedures should be included in an oil spill or tactical response plan.

Spill surveillance should begin as soon as possible following the discovery of a release to determine the appropriate response tactics. One future option for surveillance is the use of commercial unmanned aircraft systems (UAS), or more commonly known as drones. The push for commercial use of drones is gaining momentum as affordable devices are increasing in popularity.  Currently, commercial use of drones are limited by the Federal Aviation Administration (FAA) authorization and require the operator to have certified aircraft and pilots, as well as FAA operating approval.

TRP- Oil spill surveillance

The FAA is responsible for establishing a plan for “safe integration” of UAS by September 30, 2015. However, some reports have indicated that the integration plan deadline will be delayed due to privacy debates and various industry specific regulations. “The FAA is still developing regulations, policies, and standards that will cover a wide variety of UAS users, and expects to publish a proposed rule for small UAS (under 55 pounds) later this year.”

A few companies have been granted the FAA’s Certificate of Waiver or Authorization for UAS allowing for the limited use of commercial drones. In July 2014, San Diego Gas & Electric (SDG&E) joined the likes of ConocoPhillips and BP with limited permission to use drones.

Until regulations, best practice protocols, and authorizations are established for the commercial use of drones, standardize surveillance guidelines and best practices can continue to enable response personnel to assess spill size, movement, and potential impact locations.  These guidelines should be outlined in an oil spill response plan.

Below are guidelines that are routinely included in spill surveillance procedures:

  • Dispatch observers to crossings downstream or down gradient to determine the spill’s maximum reach potential.
  • During surveillance, travel beyond known impacted areas to check for additional oil spill sites.
  • Clearly describe the locations where oil is observed and the areas where no oil has been seen.
  • Educate personnel that clouds, shadows, sediment, floating organic matter, submerged sandbanks, or wind-induced patterns on the water may resemble an oil slick if viewed from a distance.
  • Use surface vessels to confirm the presence of any suspected oil slicks (if safe to do so); consider directing the vessels and photographing the vessels from the air, the latter to show their position and size relative to the slick. It may be difficult to adequately observe oil on the water surface from a boat, dock, or shoreline.
  • Spill surveillance is best accomplished through the use of helicopters or small planes; helicopters are preferred due to their superior visibility and maneuverability.
  • If fixed-wing planes are to be used, high-wing types provide better visibility than low-wing types.
  • All observations should be documented in writing and with photographs and/or videotapes; include the name and phone number of the person making the observations.
  • Describe the approximate dimensions of the oil slick based on available reference points (i.e. vessel, shoreline features, facilities); use the aircraft or vessel to traverse the length and width of the slick while timing each pass; calculate the approximate size and area of the slick by multiplying speed and time.
  • Record aerial observations on detailed maps, such as topographic maps.
  • In the event of reduced visibility, such as dense fog or cloud cover, boats may have to be used to patrol the area and document the location and movements of the spill; however, this method may not be safe if the spill involves a highly flammable product.
  • Surveillance is also required during spill response operations to gauge the effectiveness of response operations; to assist in locating skimmers; and assess the spill's size, movement, and impact.
For a free white paper on Conducting Effective Exercises, click here, or on the image below.
TRP Corp Emergency Response Planning Exercises

 

Renovating the Framework of Emergency Management and Incident Response

  
  
  

The modernization of communication technologies has trickled down to the frameworks of emergency management. On July 29, 2014, the 'White House Innovation for Disaster Response and Recovery Demo Day” brought together the disaster response community and innovative entrepreneurs from across the country in the hopes of integrating technological advances with preparedness and disaster response efforts.

As the connectivity of the world increases, EHS programs and emergency managers are embracing collaborative and innovative preparedness and response initiatives. However, in order to germinate or sustain an ongoing culture of preparedness, companies must prioritize funding to incorporate new and relevant systems, training, and/or equipment. Unless mandated by regulatory authorities, many companies delay best practice and technological initiatives until an incident propels response planning to the forefront.

According to the Disaster Recovery Planning Benchmark Survey: 2014 Annual Report, “more than 60% of those who took the survey do not have a fully documented disaster recovery (DR) plan and another 40% admitted that the DR plan they currently have did not prove very useful when it was called on to respond to their worst disaster recovery event or scenario.

As the “Y” or the “Millennial” generation” (those born between 1980’s and 2000) continues to enter the workforce, emerging technologies will become more ingrained into society and the workplace. These educated and tech savvy individuals accustomed to fast-paced technological advancements consider technology as an essential aspect in their lives. Based on current trends, upcoming generations will be acclimated to instantaneous communication and data extraction from any location. Text, social media, and web-based technologies will be expected as commonplace emergency management frameworks, rather than the traditional means that most companies still utilize today. In order to integrate societal norms and stay relevant with upcoming generations of employees, emergency management and disaster response framework must be aligned with currently available utilized tools.

renovate incident response-TRP CORP

Statistics suggest that every dollar invested in disaster preparedness yields savings of $4–$11 in disaster response, relief, and recovery.” The Harvard Humanitarian Initiative

Just as computers replaced typewriters to expand productivity, web-based response systems are replacing one-dimensional paper-based plans. Web-based response systems offer a greater streamlined functionality, renovated efficiency, and varied accessibility when compared with traditional paper-based plans.  Web-based planning system software offers every option of instant accessibility: viewed via the Internet from any location, downloaded, or printed. Increasing accessibility options while improving efficiency, functionality, and effectiveness can bolster an entire emergency management program.

In order for new functionalities to be introduced to the workplace, emergency managers often are required to justify the initial investment. A cost-benefit analysis of a renovated emergency management program can highlight the potential cost savings of an effective program. Any prevention, mitigation, or plan maintenance costs should be compared with the financial impact of situational recovery processes and the overall costs of an incident. These costs may include, but are not limited to:

  • Human life
  • Short term or long term business interruption
  • Lawsuit(s)
  • Infrastructure damage
  • Equipment failure
  • Inventory/stock losses
  • Fines
  • Reputation
  • Environmental destruction

The relevance of innovative techniques and lessons learned should be continually evaluated and incorporated into an emergency preparedness program if appropriate.  While often suppressed in favor of short-term profits, budgets for pertinent emergency management initiatives should be prioritized for long-term corporate sustainability. But “change for change’s sake” does not typically enhance programs. The evolution process of an emergency management program should aim to perpetuate improved responses and operational recovery times, and enhance company viability despite crisis scenarios.

For a free download on essential preparedness measures, click here or on the image below.

Preparedness and Emergency Management - TRP Corp

 

All Posts