Your Solution for SMART Response Plans

Risk Mitigation and Corporate Response Planning

Posted on Thu, Aug 24, 2017

“For every action, there is an equal and opposite reaction.” - Sir Issac Newton

In an industrial facility, every action has the ability to become an emergency, incident or disaster. Most “actions” are intended to contribute to the financial bottom line, but others may put your employees, the facility or surrounding environments at risk. These actions can create unsafe conditions, operational risks, or environmental damage. Once recognized and evaluated, these hazards, threats and risks may be eliminated or controlled through mitigation measures and procedural planning.

The Corporate Risk Assessment

In order to identify necessary responses to incidents or emergency situations, a detailed risk assessment should be should conducted for potential emergency scenarios.  As risk assessment may include but is not limited to the following:

  • Identify your site-specific hazards, threats or risks. These may include, but are not limited to:
    • Fire
    • Explosion
    • Natural Hazards
    • Terrorism
    • Hazardous materials spill or release
    • Workplace violence
    • Employee pandemic
    • Utility outage
    • Mechanical breakdown
    • Supply chain failure
    • Cyber attack
  • Based on the hazards, identify if the impact is low, medium or high for each of the following:
    • People
    • Property
    • Operations
    • Environment
    • Financial
    • Regulatory or legal
    • Contractual
    • Reputation
  • Identify your site-specific hazards and consider:
    • High probability/low impact scenarios
    • Low probability/high impact scenarios

The probability and impact severity of a risk should determine the priority level for planning and mitigating the hazard.

Minimize Impacts through Mitigation

Current processes, procedures, and assets can directly minimize the impact or likelihood of unsafe actions or circumstances. These may be unique to each specific industry, company, and site. Some processes, procedures, or assets may simplify or automate reactions, responses or recovery requirements.

It is important to understand that a single asset may be able to mitigate multiple hazards. Examples of assets include, but are not limited to;

  • Local response groups
  • On-site fire brigades
  • Backup generators
  • Response equipment
  • Routine data backups

Continuous Improvement on the Mechanism of Metal Gears..jpeg

As you assess potential impacts, identify any vulnerabilities or weaknesses in your current processes, procedures, and assets that would make them susceptible to loss. When these vulnerabilities are identified, it presents opportunities for hazard prevention through procedures/processes upgrades or risk mitigation.

Your company should review or initiate a risk mitigation budget based on the results of the risk analysis. The probability and impact severity should determine the priority level for correcting the hazard. The higher the probability and impact severity, the higher the emphasis should be on corrective action. With priorities in place, mitigation measures may include:

  • Changing operational processes and procedures
  • Eliminating the cause of a potential threat
  • Addressing regulatory compliance issues resulting from internal or external audits
  • Introducing risk reducing engineering controls, when applicable
  • Implementing proactive administrative controls or work place practices
  • Establishing systematic equipment inspection processes
  • Developing a communication plan that includes a contact verification system
  • Updating or develop applicable response plans

Business Continuity Plans

Business continuity and response plans should address the results from a site-specific risk assessment. When companies utilize systematic methods to identify objectives and implement potential response in conjunction with intuitive formats, the process of recovery, continuity, and sustainability can be streamlined.

At a minimum, a business continuity plans should identify the following:

  • Key operations and critical activities
  • Critical processes and strategies for recovery
  • Resources necessary for recovery
  • Evacuation and relocation information and policies
  • Key response personnel

 

Need information regarding crisis and emergency management industry standards and best practices, click the image below to submit form information: 

Corporate Crisis Management

Tags: Business Risk, Mitigation, corporate preparedness

Business Continuity Planning Strategies to Follow in 2016!

Posted on Thu, Jan 14, 2016

With the new year, every company should assess their business continuity risks, operational vulnerabilities, and recovery time objectives for each critical business function. Companies who understand these threats to financial resilience can become better prepared for and possibly mitigate these business continuity issues.

Mitigation includes recognition, comprehension, communication, and implementation of modifications, procedures, preparations, and/or assets that can directly minimize the impact or likelihood of the threat, simplify/automate recovery requirements, and/or accelerate recovery time. Every company and each facility has its own unique associated risks, however through dedicated risk mitigation analysis and proactive measures, hazards and business disruptions can be minimized.

Threats and vulnerabilities can stem from both external and internal actions. Therefore, companies must analyze potential threats from a variety of potential sources. A localized vulnerability and impact analysis should include, but is not limited to:

  • Weather patterns
  • Geographical influences
  • Security efforts
  • Cyber evaluations
  • Inherent operational hazards
  • Facility design
  • Maintenance issues

A business impact analysis should be used to identify critical business processes, potential recovery strategies, and areas that could benefit from risk mitigation. This resilience assessment tool should identify potential vulnerabilities and initiate proactive changes to minimize impacts if a disaster were to occur. If the level of risk identified is deemed unsafe or unacceptable for operational viability, additional recovery options, safety procedures, or applicable strategies may need to be developed and implemented.

Risk recognition can occur through many paths including inspections, audits, and job hazard analyses. However, a detailed risk analysis should include, but is not limited to the following:

  • Identify site specific assets that are unique to a specific location, facility, and operation
  • List hazards that corresponds with each asset: Multiple hazards may be applicable to a singular asset.
  • For each hazard, consider both high probability/low impact scenarios and low probability/high impact scenarios.
  • Mitigation opportunities: As you assess potential impacts, identify any asset vulnerabilities or weaknesses that would make it susceptible to loss. These vulnerabilities are opportunities for hazard prevention through procedures/processes upgrades or risk mitigation.
  • Identify threat scenario probability as low, medium or high.
  • Identify impact potential as low, medium or high for each of the following:
    • People
    • Property
    • Operations
    • Environment
    • Financial
    • Regulatory or legal
    • Contractual
    • Brand image or reputation
    • Determine priority level for planning and mitigation

The probability and impact severity should determine the priority level for correcting the vulnerability. The higher the probability and impact severity, the higher the emphasis should be on corrective actions. With priorities in place, mitigation measures may include:

  • Changes in daily processes and procedures
  • Isolation and elimination of the root cause of a potential threat
  • Addressing non-compliance issues
  • Implementing risk reducing engineering controls, when applicable
  • Implementing proactive administrative controls or work place practices
  • Establishing a process to identify inoperable or malfunctioning equipment and machinery through systematic inspections
  • Developing or amending site specific Business Continuity Plans (BCP) to reflect vulnerabilities

An effective BCP is able to capture and maintain essential information for responding to unplanned incidents that cause business interruption. Being able to conduct business, despite uncontrollable circumstances, can ensure a company viability in the shadow of adversity.

The cycle of the business continuity planning should be incorporated into every business process. By instituting the following cycle, business interrupting events can be planned for and procedures can be implemented to maintain critical business processes.

  1. PLAN: Identify potential risks/threats, specialized trigger events, impacted business processes/activities, incident response structure, warning and communication process.
  2. ESTABLISH: Define parameters of business continuity strategy, communication and documentation processes, training requirements, detailed employee/ vendor contact information, and key vendor and/or supplier dependencies.
  3. IMPLEMENT: Initiate response checklists and potential relocation strategies in the event of business disruption.
  4. TRAIN: Train employees on continuity roles, responsibilities, and procedures.
  5. MONITOR: Verify equipment requirements, primary and alternate facility details, and application and software requirements.
  6. REVIEW: Analyze processes of the BCP to ensure critical business processes can be maintained.
  7. EXERCISE: Perform simulations to verify comprehension of the BCP.
  8. MAINTAIN: Update key details and processes if deficiencies and inaccuracies are identified
  9. OPERATE: Engage critical processes and Recovery Time Objectives, as necessary.
  10. IMPROVE: Incorporate the cyclical process in an overall business continuity program to continuously align a response to critical business processes and their associated risks.

 

TRP Corp - Emergency Response Planning Crisis Management

Tags: Business Continuity, Business Risk

How to Maximize Corporate Emergency Preparedness for the Unpredictable

Posted on Thu, Oct 02, 2014

Planning for the unpredictable is part of emergency preparedness. Whether preparedness is mandated by corporate policy or regulatory agencies, risk management in cooperation with widely accessible emergency response plans can maximize efficiency and minimize the impacts on employees, the environment, and infrastructure. However, efforts to prepare for, manage, or mitigate risks are often unexecuted, shelved by constrained resources, profit margins, politics, or alternative goals.

In an effort to maximize preparedness and minimize inherent risks, corporate emergency management should provide:

  • A system for assessing and prioritizing incidents
  • Streamlined and standardized response methods
  • Communication and notification procedures
  • Roles and responsibilities for corporate and incident level response teams
  • Optimized training, drills and exercises
  • A demonstrated commitment to safety

By prioritizing an emergency management program, a company demonstrates the foresight to address emergency situations and associated challenges, and proactively affirms its efforts to ensure the safety of employees, the environment, and the surrounding communities. However, in order to maximize safety and plan for inherent emergency situations, site-specific threats and risks must be identified, assessed, mitigated, and planned for.

To manage workplace risks, each facility should be analyzed for potential hazards. These threats to operational status quo may be present in the form of unsafe acts and/or unsafe conditions. Once risks are recognized and evaluated, they should be eliminated if possible, or controlled through procedural planning. A risk management program should include, but not be limited to the following processes and prevention program.

RISK RECOGNITION:

  • Risk recognition can occur through inspections, audits, and job hazard analysis
  • All levels of management should take interest in their company’s risk management program
  • Each manager should establish realistic goals for risk reduction and prevention within their area of responsibility
  • Consult with local or online sources that have pre-identified risks based on site operations and location.

RISK EVALUATION:

  • Evaluate accident probability for each process, procedure, and handled material and resulting level of potential severity if an accident were to occur
  • Evaluation should take into account the time, place, and conditions in which threats or hazards might occur
  • The probability and severity of a risk should determine the priority level for correcting the hazard. The higher the probability and severity of risk, the higher the emphasis should be on corrective action

Business_Continuity_Plan_TRP.jpg

RISK ELIMINATION or RISK CONTROL

  • Targeted effort should be made to isolate and eliminate the root cause
  • Realized mitigation opportunities may reduce the amount of response resources required in the event of an incident
  • If root cause cannot be eliminated, changes in process and procedure should be made in order to reduce risk:
    • Implement risk reducing engineering controls, when applicable
    • Implement proactive administrative controls or work place practices
    • Establish process to identify inoperable or malfunctioning equipment and machinery through systematic inspections
    • Establish processes to minimize the effects of naturally occurring hazards
    • Ensure control does not hinder regulatory compliance

RISK COMMUNICATION:

  • Apply the results of analysis through planning and exercises. Employees should be made aware of hazards associated with any workplace process, materials, or location.
  • Accident prevention signs should be posted to remind occupants of the presence of hazards
  • Establish and communicate emergency response plans to employees and appropriate emergency response teams. This includes up to date contact information and notification procedures
  • Calculate, specify, and communicate resource requirements and operational capacities for each targeted scenario to internal and external responders
  • Counteract onsite response deficiencies for each scenario by implementing coordinated interoperability communication

Understanding your company’s risks, from the facility to the corporate level, is essential to preparedness and sustainability. Companies that prioritize risk management and integrate preparedness goals are better prepared to educate employees on potential incidents, and their role in protection, prevention, mitigation, response, and recovery.

Auditing your current program is crucial. Click here, or the image below, to download a free Audit Preparedness Guide:

Regulatory Compliance with TRP Corp

Tags: BCM Standards, Emergency Management, Emergency Preparedness, Business Risk, Emergency Management Program, Hazard Identification

The Business Impact Analysis: A Step Towards Business Continuity

Posted on Thu, Sep 18, 2014

Companies may not consider the interdependencies between critical operations, departments, personnel, and services until an event disrupts normal operations. A Business Impact Analysis (BIA), a key component in business continuity planning, presents the ability to identify and quantify which business unit that, when absent, would significantly impact a company. While the size and complexity of essential business elements required for sustainability varies among industries, companies, and specific facilities, the ability to quantify and prioritize critical workflow components is a key business continuity element.

Critical business units, associated functions, and a trained workforce provide the greatest financial value to companies. Companies that prioritize process sustainability initiatives that can meet recovery time objectives have a better chance of minimizing impacts of impeding disruptions.

Within each key business unit, additional business functions should be considered and evaluated. By identifying cross business unit dependencies, the need for integrated risk mitigation solutions can be highlighted and proactive measures can be taken. A workflow analysis may prioritize those business functions and processes that must be recovered in order for business continuity plans to be effective. Functions within each business unit may include, but are not limited to:

  •  Finance 
  • Contracts 
  • Supply and trading 
  • Personnel and payroll 
  • Benefits 
  • Accounts payable
  • Environmental health and safety 
  • Information technology

Once critical business functions and workflows are assessed and prioritized, a BIA should be performed.  The goal of the analysis should be to identify the potential impacts of identified risks, uncontrolled threats, and potential non-specific events on these business functions and dynamic processes. Any potential resilience capabilities should be prioritized and mitigation opportunities should be examined.  Operational and process managers should explore and quantify the following aspects to initiate the BIA process:

Timing:

  • Identify critical operational time periods when an interruption would have greater impacts (seasonal, end of quarter, specific month, etc.).
  • Priorities should be determined if an interruption during high-output timeframes creates amplified operational and financial impacts.

Likelihood Level:

  • Indicate how likely each specific threat could occur, considering existing capabilities, mitigation measures, and history.

Duration:

  • Identify the duration and point in time when an interruption would impair operational processes and have financial impact.
  • Estimate the maximum allowable downtime for each specific business function
  • Consider downtime impacts from less than 1 hour to greater than one month

BCP duration: TRP CORP

Staffing minimums:

  • Identify staffing level requirements (including contractors or suppliers) to meet typical daily productivity goals, as well as recovery time objectives.

Operational Impacts:

  • Identify the effects associated with a business unit interruption, considering existing mitigation measures. These may include, but are not limited to:
    • Lost sales and income
    • Negative cash flow resulting from delayed sales or income
    • Increased expenses due to overtime, outsourcing or other operations that increase costs
    • Regulatory fines and legal implications
    • Contractual penalties or loss of contractual bonuses
    • Customer dissatisfaction or withdrawal
    • Delay of business plan execution or strategic initiatives

Recovery Time:

  • Identify the time frame necessary to recover specific critical processes under existing capabilities and, if possible, potentially altered conditions.

Financial Impact:

  • Determine and quantify financial impacts,  considering existing mitigation measures.
  • Critical functions that have the highest financial impacts should be prioritized in business continuity plans.

If a business continuity incident affects two or more business processes, the incident has a greater potential for impact. Interoperable communication and coordination among departments must be exercised for a swift recovery. The effects of a multi-tiered business continuity event can extend beyond the facility borders to affect personnel, multiple critical business processes, vendors or suppliers, and customers.

Adverse information technology (IT) conditions may affect numerous company departments, units and functions. IT components may include networks, servers, desktop and laptop computers and wireless devices. The ability to utilize both office productivity and enterprise-wide software may be essential to restore normal operations. Therefore, time critical recovery strategies for information technology, such as exercised data backup and restoration procedures, should be developed in order to limit the effects of interruptions across multiple business units.

Once critical business units are identified and the BIA is completed, companies can develop an applicable business continuity plan, ensuring a faster state of recovery.

Click HERE or the image below for a free download on Enterprise-Wide Response Planning.

Multiple Facility Response Planning Company Preparedness Guide DOWNLOAD

Tags: Business Continuity key points, Business Continuity, Resiliency, Business Risk, Redundant Systems, Business Continuity Plan

Preparedness, Planning, and Pandemic Plans

Posted on Thu, Feb 06, 2014

According to historians, the 1918 “Spanish Flu” pandemic, which killed nearly 50 million people worldwide, may have originated from emigrating Chinese laborers. According to a study published in The Lancet, a pandemic similar to the one that occurred in 1918 would kill nearly 62 million people today.

In recent weeks, China has seen a spike in H7N9 cases and experts are worried that infections will continue to rise. The World Health Organization warned the H7N9 virus was one of the most lethal that doctors and medical investigators had faced in recent years. Just as in 1918, the threat of a pandemic is real.

As seen throughout history and most recently with the 2009 H1N1 virus, a pandemic threat can impact all aspects of society and its economy. It creates uncertainty and breeds fear. A pandemic’s geographic target, demographic impacts, rate of occurrence, and number of fatalities vary with each strain. However, proactive measures, such as preparedness, can diminish general uncertainties and allows for an established plan to counteract specific threats. In the event that a health crisis emerges, pandemic and business continuity plans can work in conjunction to maximum the potential of continuity of operations. The World Health Organization (WHO) continues to emphasize the need for preparedness measures in regards to pandemic planning.

In 2012, WHO published an article entitled “Cost–Effectiveness Analysis of Pandemic Influenza Preparedness: What’s Missing?”. The article concluded that impoverished countries, non-pharmaceutical interventions, health system capacity, and pandemic uncertainty are the trigger elements for lack of pandemic preparedness. The paper continues to say “as the control of communicable disease progresses, preparedness measures for epidemic events become increasingly important because the decreased burden of communicable disease increases the number of susceptible individuals and hence the risk outbreaks.” Simply stated, pandemic preparedness is essential for minimizing the spread of viral outbreaks.

Companies can contribute to minimizing the spread of a pandemic. By documenting response plan procedures and methods specific to a pandemic outbreak among the local population and/or the local workforce/contractors, companies can minimize disruption to normal operations and further limit the viral spread.

Specifically, the purpose of a Pandemic Response Plan is to:

  • Identify how additional resources and personnel will be made available to support the organization.
  • Identify how internal and external communications will be maintained.
  • Identify how the reputation impact will be managed during and after the outbreak.
  • Identify how the technical and commercial implications of the outbreak will be managed, and where in the organization this support will be obtained.

When developing a Pandemic Response Plan, it is useful to define impact levels. Example Levels are as follows:

  • Level 1 - Normal Operations, which include contact verification with key stakeholder (both internal and external) and conducting pandemic plan briefings
  • Level 2 - Business as usual with staff directed to work from remote locations, if feasible
  • Level 3 - Business as usual with limited on-site staff.  (Only essential employees who cannot work remotely would report on-site)
  • Level 4 - Emergency Service Level with normal levels of operation with minimum staffing.
  • Level 5 - All non-critical operations are suspended and critical business processes are examined for those that can be suspended.
  • Level 6 - Return to normal operations after situational assessment.

As seen in 1918 and multiple times throughout history, global trade and interconnectivity have social and economic impacts. Despite the advantages of a globally connected world, a preparedness program should address the multiple threats that go hand-in-hand with interconnectivity dependencies, including the potential for a pandemic.

For a free download on Designing a Crisis Management Program, click the image belowTRP Corp - Emergency Response Planning Crisis Management

Tags: Resiliency, Emergency Preparedness, Business Risk, Response Plans, Pandemic Plan

Disaster Planning for Supply Chain Distruptions

Posted on Thu, Jan 16, 2014

Given the current state of the U.S. infrastructure, an increase in targeted cyber hacking, and the continual occurrence of high-risk scenarios, ensuring supply chain stability should be part of an overall business continuity effort. Profitable operational productivity cannot tolerate unreliable and fleeting supply chains. Companies must continually evaluate Tier 1 suppliers, and establish subsequent tiers for alternate means of necessary resources, materials, and key business components.

The American Productivity & Quality Center (APOC) conducted a survey to examine the concern over supply chain stability involving the following external risk factors:

  • High-impact natural disasters, such as major tsunamis, earthquakes, volcanoes, or floods
  • Extreme weather, such as devastating droughts, wildfires, or cyclones
  • Political turmoil in vitally important world regions

The survey revealed that 83% of organizations surveyed experienced an unexpected supply chain disruption over the previous 24 months.  26% of the organizations revealed that well-managed business continuity plans (BCPs) met their needs. However, 74% of the respondents did not have a business continuity plan that addressed the disruption. Like many others, these organizations were exposed to the disruption of physical assets in their supply chain, whether at a company-owned facility or at a key vendor’s facility.

According to APOC, supply chain disruptions can lead to tenuous operational circumstances. Aside from the straightforward financial impacts attributed to supply chain disjunctions, a break in the supply chain continuity can damage an organization’s reputation and customer relationships. “An organization’s reputation usually demonstrates a certain level of quality, resulting in the ability to command a higher product or service price. If a company’s reputation lessens due to poor risk management, then so does its ability to command a certain price.” (APOC, pg3)

Successful evaluation of supply chain risks in conjunction with an exercised business continuity plan can help improve mitigation and reduce the recovery time from an unforeseen disruption. Emergency managers should pre-identify critical business processes and the resources and equipment necessary for them to be  functional. Through this process, alternatives can be explored and a business continuity plan can be established that reduces the impacts of infrastructure disorder and associated supply chain disruptions.

Site-specific recovery strategies should be developed with the assumption that the supply chain disruption occurred when the services or output are at the highest level and most critical point. By creating continuity plans for the peak business cycle, critical recovery time objectives can be established to minimize impacts, even in the most productive periods of operations.

As a result of the survey, APOC established recommendations to ensure adequate risk mitigation of supply chains:

1. IDENTIFY SUPPLY CHAIN RISK: Identified risks  should be documented and made  visible to company management.

2. ASSESS POTENTIAL IMPACT: Each risk should be assessed for severity and probability.

3. PLAN HOW TO RESPOND TO RISKS: Companies must prioritize planning and establish a business continuity or recovery plan to minimize supply chain downtime. Plans should incorporate attainable recovery time objectives through proven processes and procedures.

4. MONITOR: Monitoring internal and external supply chain risks can allow companies to evaluate new or altered threats, assess potential impacts, and mitigate any potential negative changes. Through continually monitoring, companies can minimize potential impacts, allowing for a competitive advantage over others without a risk management plan.

5. UTILIZE NECESSARY RESOURCES: Support staff should be included in risk management and response planning processes to ensure all available resources are incorporated. An expert consultant can provide an analysis with an external perspective, often identifying risks and potential mitigation measures that were not detected internally.

The APQC is a member-based nonprofit and one of the world’s leading proponents of business benchmarking, best practices, and knowledge management research.

For a free download of Designing a Crisis Management Program, click the image belowTRP Corp - Emergency Response Planning Crisis Management

Tags: Resiliency, Business Risk, Supply Chain, Business Continuity Plan, Disaster Recovery, Business Disruption

Emergency Response Planning for Severe Weather

Posted on Thu, Jul 11, 2013

The topic of severe weather and its devastating impacts continues to dominate the news headlines. Prior to forecasts and potential destructive weather patterns, companies should evaluate scenario-specific response plans in order to be prepared for naturally occurring threats. Severe weather, including derechos (powerful and extended straight line wind storms), flash-flooding, hail, tornadoes, and tropical storms can be destructive for typical business operations. Scenario-specific response plans, in conjunction with a business continuity plan, can ensure the safety of employees and company viability in the aftermath of severe storms.

When assessing risk and activation of a plan, the facility supervisor must be informed of the type of severe weather, forecasted possibilities, and potential timing of impact. If ample time is allotted, implementation of a plan may begin with activation phases. This allows for basic facility preparations to occur prior to being susceptible to weather hazard(s). Facilities should not institute exterior preparations once severe weather is imminent. If thunder is heard or lightning is seen, outdoor activities should be terminated and employees moved to safety immediately. According to The National Weather Service the following terminology is used to describe the potential forecast and/or timeline:

  • Special Weather Statement:  Designed to provide critical short-term hazardous weather information. The time frame of this information is six hours or less.
  • Watch: Significant weather is possible within 48 hours, but not imminent.
  • Advisory: Significant weather event is likely to occur in a specified area, or imminent. An advisory may be the time frame between a watch and a warning.
  • Warnings: Significant weather is occurring, imminent, or likely, and is a potential threat to life and property.

Both large and small businesses can benefit from instituting mitigation measures and training efforts prior to the high-risk months. Possible planning and mitigation efforts include, but are not limited to:

  • Pertinent site-specific policies and procedures should be reviewed for applicability and effectiveness.
  • Obtain materials to secure windows and brace doors, if necessary. (If lumber is necessary, pre-cut wood to size, mark each panel/piece to identify location).
  • Prune tree limbs from hanging over rooftops and clear gutters/downpipes
  • Verify employee contact information, alternate contact information, and list potential evacuation locations.
  • Develop methods for employees to receive pertinent corporate information if evacuation is conducted.
  • Establish recovery contracts with suppliers.
  • Routinely verify contact information and equipment availability with response resources.
  • Assign and train employees on severe storm related preparedness, response, and recovery tasks.

A simple checklist can be incorporated into severe weather plans that minimize the impacts of these events.

  • Monitor news and weather reports on smart phone, television, or battery operated radio
  • Alert employees or others on-site that severe weather is approaching and communicate expectations (i.e. shelter in place, evacuate, facility closure)
  • Review shutdown procedures and evacuation routes
  • Identify structural integrity of building(s) to withstand forecasted winds
  • Be aware of the dangers posed by airborne debris, equipment, and facility structures. Mitigate and secure, if possible
  • Be aware of potential for product release posed by containment failures (I.e. tanks, piping, pipelines, process equipment)
  • Contract tree removal services or obtain the necessary equipment to remove potential debris
  • Ensure that vehicles have a full tank of gas and are functioning properly
  • Obtain emergency equipment, such as generators, battery-operated radios, flashlights, lighting and additional batteries. Be prepared to acquire additional fuel if necessary, and time permits.
  • Monitor tanks, buildings, or other equipment for potential damage or failure
  • Obtain generators, if necessary to re-power facilities
  • Establish and maintain communication with personnel in remote areas
  • Communicate potential severe weather to facility personnel
  • Identify secure shelter location(s) within the facility (i.e. underground shelters, interior room without windows)
  • Conduct drills to ensure employees can locate and mobilize to designated shelter location(s)
  • Consider limiting vehicle traffic
  • Notify supervisors if facility(s) looses power, experiences storm related damage, any injuries, or if operations must be terminated
  • Develop an emergency communication plan to relay specific expectations and responsibilities during the aftermath
  • Identify product release dangers and shutdown procedures
  • Identify data backup procedures
  • Identify essential business records, backup procedures, and recover plans
  • If evacuating the facility, locate and pack critical documentation (e.g. insurance, financial, legal and identification documents) in a portable waterproof container
  • Identify and procure potential alternate location options and necessities for conducting critical business processes off-site.

 Establishing strategies to help cope with natural disasters, such as severe storms, can limit harm, financial losses, maintain business continuity, and enable a timely recovery.

TRP Corp Hurricane Checklist

Tags: Business Risk, Training and Exercises, Business Continuity Plan, Flood Preparedness, Disaster Recovery, Disaster Response, Tornado Preparedness

Global Connectivity Creates Need for Business Continuity Planning

Posted on Thu, Jan 31, 2013

The World Economic Forum recently released Global Risks 2013, Eighth Edition detailing the greatest 50 global risks for 2013. The identified risks were analyzed from a survey of over 1000 experts from industry, government, and academia in terms of impact, likelihood and interconnections. The survey revealed that respondents see increased risks with a higher impact level than in previous years. While the growth of a global interconnected marketplace may be financially beneficial, it also appears to increase a company’s vulnerabilities to business continuity issues.

A sudden loss of critical and supporting business functions and resources can be detrimental to a business. Many of the risks in the latest edition are enhanced by this “hyper connected world”, yet all of the risks fall into one of the following five categories:

  1. Economic
  2. Environmental
  3. Geopolitical
  4. Societal
  5. Technological

Companies need to determine how these categorical risks can impinge on their daily site-specific business operations to determine the best antidote for disruption and/or potential failure.  Detailed and exercised business continuity planning minimizes business disruption and the potential for financial loss. However, identifying risks, examining potential threats, and incorporating the effects on these critical functions require budgeting and staffing.  Preparation for a disaster can maximize optimal business functionality, yet companies still do not budget accordingly.

Interim results of a Business Continuity Insights’ survey regarding business continuity trends for 2013 revealed that 84% of respondents’ businesses intended to change the way it manages business continuity. Many of the changes may come in the form of initial plan implementation, updates, or manner of accessibility (mobile internet connectivity).  The downside is that many of these businesses will not increase budgets allocated for emergency preparedness.

According to the January 2013 edition of ISHN Magazine, only 16% of environmental, health, and safety professionals will see a budget increase in 2013, leaving 84% with the stagnant or decreased budgets. The statistics go on to reveal that staffing will only increase 14% while responsibilities will increase 46%.  Unfortunately, changes are expected without an increased budget while studies reveal global risks and impact levels affecting continuity are increasing.

The Global Risk 2013 study revealed the following risks associated with each threat category (pg 46) and the likelihood of the event occurring over the next ten years. While some risks are a result of the global governmental landscape, the interconnectivity of the worldwide marketplace may result in affecting continuity of operations far from the incident site. This occurred when the Japanese earthquake and subsequent tsunami affected automakers and electronic component production across many continents. Companies should utilize these finding to determine if their operations are at risk of the following:

  • Economic
    • Failure to address government debt
    • Severe income disparities and unemployment
    • Price fluctuations in critical commodities
  • Environmental
    • Governments, businesses and consumers fail to reduce greenhouse gas emissions and expand carbon sinks.
    • Increasing damage linked to greater concentration of property in risk zones, urbanization or increased frequency of extreme weather events.
    • Governments, businesses and consumers fail to reduce greenhouse gas emissions and expand carbon sinks.
  • Geopolitical
    • Weak or inadequate global institutions, agreements or networks, combined with competing national and political interests, impede attempts to cooperate on addressing global risks.
    • Terrorism: Individuals or a non-state group successfully inflict large-scale human or material damage.
    • Corruption: The widespread and deep-rooted abuse of entrusted power for private gain.
  • Societal
    • Water supply crisis: Decline in the quality and quantity of fresh water combine with increased competition among resource-intensive systems, such as food and energy production.
    • Failure to address both the rising costs and social challenges associated with population ageing.
    • Religious fanaticism: Uncompromising sectarian views that polarize societies and exacerbate regional tensions.
  • Technological
    • Cyber-attacks: State-sponsored, state-affiliated, criminal or terrorist cyber- attacks.
    • Data fraud/theft on an unprecedented scale
    • Critical system failures: Single-point system vulnerabilities trigger cascading failure of critical information infrastructure and networks.

For tips and best practices on designing a crisis management program, download Best Practices for Crisis Management.

TRP Download

Tags: Business Risk, Redundant Systems, Emergency Management Program, Event Preparedness, Business Continuity Plan, Business Disruption

Pipeline Companies and the Need for Tactical Response Plans

Posted on Thu, Dec 13, 2012

According to the Pipeline and Hazardous Materials Safety Administration’s (PHMSA) 2009 Annual Report, the United States had approximately 2.5 million miles of pipelines transporting oil, natural gas, and hazardous liquids. However, pipelines continue to be constructed across the U.S. in efforts to secure higher capacities of oil and gas for a growing number of consumers.

In Nov. 2012, Bluestone Gas Corporation of New York Inc., a subsidiary of DTE Energy, began construction of a 44 mile, 20-inch diameter pipeline. Upon completion, the new segment will connect with current lines to carry natural gas from northern Pennsylvania to East Coast markets. The pipeline will have a capacity of 275 million cubic feet of natural gas per day, roughly enough to provide heat to 3,800 homes for a year.

Pipeline segments, whether new or existing, share common acreage with waterways, residential neighborhoods, businesses, schools, and municipalities. Pipelines are a distinct type of risk, since they typically do not utilize secondary containment. If a spill were to occur, the impact could be devastating on multiple fronts. By creating tactical response plans, pipeline companies can identify and plan for key geographical challenges that may delay responding to and managing a pipeline emergency.

The primary objectives of tactical response plans are to:

  • Allow response personnel to prepare for and safely respond to pipeline spill incidents
  • Pre-identify effective response locations downstream of potential spill sources.
  • Identify potential equipment, manpower, and other resources necessary to implement a spill response
  • Outline response procedures and techniques for specific locations
  • Improve regulatory compliance efforts
  • Minimize impact

If a pipeline release could impact waterways, pre planning by developing tactical response plans can lessen spill implications. Determining probable spill flow direction and flow rates from accurate topographical data can serve as a basis for planning. Tactical planning provides site-specific focus to emergency response plans, and applies a response perspective with specific, short-term actions, and provides details that allow responders to best access, assess, and quickly respond to pipeline spills. The identification of critical downstream response locations, necessary equipment suited for the site geography, and other site-specific details can significantly reduce response time with a rapid execution of appropriate response measures.

Tactical spill plans should include, but are not limited to:

  • Various photographs of each segment (including ground and aerial views, if possible)
  • Maps
  • Latitude and Longitude
  • Land/property owner information
  • Driving directions to the site from main roads
  • Description of potential staging area(s)
  • Specific response tactics for the site location
  • Description of site and applicable waterways
  • Site access specifications
  • Necessary security requirements
  • Waterway flow rates and composition
  • Any critical response information that may be informative to responders
  • Recommended equipment and personnel to implement response strategy
  • Other site specific pertinent issues that may hinder a response

Tactical plans are an effective collaborative response tool for companies to share with contracted response groups and local authorities. The planning process should involve detailed site examination and an understanding of the characteristics of the pipeline contents.  When tactical plans are coupled with Geographic Information System (GIS) data, response teams have an invaluable tool for an effective spill response. However, as with all response plans, tactical plans should be periodically reviewed for accuracy, and selectively exercised to test effectiveness.

For an understanding of the necessary elements in creating an effective fire pre plan, download our Fire Pre Planning Guide.

TRP Fire Pre Plan Image

Tags: Pipeline, Crisis Mapping, Business Risk, Oil Spill, Disaster Response

The Top Ten Reasons to Advance Company Emergency Preparedness

Posted on Mon, Nov 12, 2012

Revisions made to emergency response plans during or following an incident are often the results of unforeseen circumstances or inadequate planning. However, continual improvement of an emergency management program is necessary to ensure company preparedness.

Innovative techniques and lessons learned should be continually incorporated into an emergency preparedness program.  Companies should prioritize advancements and emergency management budgets accordingly. But “change for change’s sake” does not typically enhance programs. The evolution process of an emergency management program should aim to perpetuate improved response and operational recovery times, and enhance company viability despite crisis scenarios.

Regardless of regulatory compliance initiatives or history of actual emergencies, companies should budget to advance emergency preparedness.  Below are the Top 10 Reasons companies should advance their emergency preparedness program:

#10. Streamline and standardize improved response methods:  A consistent company-wide emergency response management system that delivers common processes with site specific details for assessing, prioritizing, and responding to incidents allows employees and responders to conceptualize their roles and responsibilities throughout the company. Standardization allows a common understanding, enabling a synchronized response.

#9. Optimize drills and training: Employee training, emergency response drills, and applicable exercises identify deficiencies in emergency response planning programs. Testing emergency plans with detailed scenarios and incorporating appropriate response training will improve response capabilities and coordination, and reduce response times.

#8 Improve regulatory compliance: Costly non-compliance fines result from the lack of  implemented, thorough,  compliance programs. By systematically aligning emergency plans and their components with corresponding regulations, companies can identify and amend plan deficiencies that may result in fines and potential government mandated shutdowns.

#7. Simplify and automate emergency management: Emergency management can be an administratively taxing endeavor. Continual administrative duties associated with personnel contact information, assignments, training records, exercises, and continual plan updates may be inadequate to sustain an optimal program. Maximizing efficiency through advancements in technology can minimize  time associated with maintaining emergency response plans

#6. Improve asset utilization: Companies must utilize employees, responders, equipment, and budgets effectively in order to minimize the effects of a crisis or disaster. Realigning current tangible assets (equipment and/or personnel), mitigating current inefficiencies, and/or budgeting for additional response training or improved equipment will improve the overall effectiveness of an emergency management program.

#5. Proactively demonstrate a commitment to safety:  By prioritizing an emergency management program, a company demonstrates the foresight to address a crisis situation and associated challenges, and proactively affirm efforts to ensure the safety of employees, the environment, and the surrounding communities.

#4. Improve conditions:  Harmful conditions pose a risk to occupants, facilities, the environment, and/or surrounding communities. By eliminating or mitigating potentially adverse conditions, unsafe activities, or ineffective responses, companies can reduce the potential for and effect of emergency situations. The risk assessment process can be used to reduce or eliminate harmful conditions that lead to incidents.

#3. Reduce Incidents:  By identifying potential threats and risks, mitigation and preventative measures can be taken to reduce the potential of an incident from occurring. Mitigation measures may include a variety of tactics including, but not limited to training for employees, updating safety processes and procedures, or securing or purchasing updated equipment.

#2. Help reduce downtime:  Operational downtime and production loss reduces revenues.  By optimizing and implementing the most effective and functional emergency management program possible, incidents can be promptly managed and rapidly demobilized, thereby reducing response-related costs and downtime.  The repercussions from an incident can include detrimental relationships with customers, the surrounding community, and stakeholders.

#1. Cost savings:  Proactive compliance efforts, safety initiatives, training and exercises measures, and response and resiliency planning are typically less expensive than regulatory fines, sustained response efforts, and overall repercussions resulting from an incident. 

Implementing a new enterprise-wide emergency management system offers advantageous opportunities to better the effectiveness of the overall framework of the emergency management program. Gathering lessons learned from various site managers, performing site regulatory gap analyses, and implementing new proven concepts will ensure the best possible functionality and processes within a program.

Emergency preparedness programs shouldn’t be created for “if an emergency happens”, but for “when an emergency happens.” Disaster can and will strike at any time – whether it’s from human error, faulty equipment, or the elements.

For a sample Emergency Response Checklist, download our helpful and informative guide.

Tags: Emergency Management, Resiliency, Business Risk, Emergency Management Program, Safety, Workplace Safety, Business Disruption