The goal of performing gap analyses, audits, and regulatory inspections is to minimize the potential for emergency incidents, ensure regulatory compliance, and streamline response actions. Maximizing safety standards and processes, and implementing “best practices” should be part of a company’s core ethical principles, even when law does not mandate them.
In order to simplify future audits, companies should become familiar with the following two key concepts:
- Industry Best Practices
- Regulatory Recognition
Companies should not rely on the prospect of a regulatory agency inspection to ensure preparedness programs are sufficient. Your facility’s innate problems are most likely shared with others within your industry. Companies can be guided on how to approach a problem or implement a solution by researching applicable best practices. Often, the expertise and knowledge that drove the best practices into existence stems from the emergency response experiences of others and their motivated efforts to address the inherent problem(s).
While companies may not need to “reinvent the wheel” when it comes to safety and response procedures, facilities need to confirm that the best practices apply to their site-specific situation. There are numerous industry-specific best practices within safety, preparedness, and response planning. Additionally, each facet of a company’s operations can be broken down to examine specific best practices for a particular action, material, scenario, or site circumstance. For example, best practices exist in the following areas:
- Pre-incident planning
- National Incident Management System
- Fire brigades
- Hazardous materials handling/response
- Fire loss prevention
- And more
To identify applicable best practices, companies must identify site and operational risks and associated necessary responses. Each facility should be analyzed for potential risks and/or hazards. Once hazards are recognized and evaluated, they should be eliminated or controlled through mitigation and/or procedural planning. Identified site characteristics, countermeasures, and response efforts should be included in required regulatory plans.
In order to attain compliance, applicable regulations must be recognized. Regulations must be recognized in order for a gap on processes, procedures, or responses to be identified. Regulatory recognition can occur through routine inspections, job hazard analyses, and audits. Facility managers, and company health, safety, and environmental managers should become familiar with regulations applicable to their area of responsibility . These individuals, or a consultant with specialized industry and regulatory experience, should identify all applicable regulations based on location, industry, operations, hazards, and response specifics. According to FEMA, companies should review applicable regulations relating to the following areas:
- Employee Safety & Health: Emergency action plans are one of the OSHA standards that apply to many employers with 10 or more employees. Other regulations pertain to means of egress (exits), medical services, hazardous waste, confined spaces, fire protection, firefighting and more.
- Environmental Regulations: Businesses that manufacture, treat, store, or dispose of hazardous chemicals that exceed threshold quantities may be required to comply with multiple environmental regulations.
- Business Continuity and Information Technology: Businesses that store customer contacts and financial information, such as credit card data, may have to comply with information security regulations. Companies should remain in communication with their specific industry trade group or state office of economic development for applicable regulations.
- Life Safety and Fire Codes: Life Safety codes are designed to ensure that building occupants can be safely evacuated if there is a fire or other emergency within a building. Fire prevention codes specify requirements for fire safety.
Audits, whether done by in-house professionals or specialized contractors, can often reveal the same inadequacies and mitigation opportunities as regulatory inspections, without the potential reputational and financial consequences of non-compliance. . With an objective eye, an audit can bolster an overall emergency management program and minimize the chance of impeding incidents or regulatory fines.