Your Solution for SMART Response Plans

Global Response Planning Extends Beyond Operational Hazards

Posted on Thu, Oct 09, 2014

Current world events, such as the Ebola outbreak, ISIS threats, and Super Typhoon Vongfong continue to alter the focus of emergency management. With each pandemic, security crisis, natural disaster, or emergency incident, a renewed emphasis on specific preparedness initiatives and associated countermeasures evolves. Despite site-specific operation hazards, a well-developed response plan should examine all risks and vulnerability factors in order to provide employees with the knowledge, procedures, and resources necessary to respond appropriately to any situation.

When companies expand globally, identifying, evaluating, mitigating, and planning for continually evolving location-specific risks and vulnerabilities is challenging. Those with the responsibility of global preparedness and planning must address site-specific regulatory compliance measures, inherent risks (including operational and location-specific), technological and physical security needs, and each operational response plan component. Cultural disparities, infrastructure challenges, or security provocations may leave sites vulnerable to particular events and heighten the urgency of preparedness initiatives and planning efforts.

Preparedness, operational sustainability, and employee safety requires a streamlined, coordinated, and exercised response plan. Response plans must be developed to account for each potential emergency and non-emergency scenario that could impact or cause damage to a particular facility or its operations.  Aside from innate operational hazards, both physical site security and electronic security must be considered in preparedness measures. (Note: A security breach is just as likely to come in the form of a computer hacker or virus as it is from an actual intrusion, uprising, or physical attack.)

While emergency scenarios may affect the safety and health of employees, operations, and/or the facility infrastructure, non-emergency situations can arise that potentially impact company reputation and operational longevity.  A poorly managed situation can negatively affect a company’s reputation, business interests, and relationship with key regulators and partners.

Below are some crisis management situations that could affect business continuity for companies with multinational facilities. Business continuity and crisis management plans should be developed for each of these scenarios that could likely cause significant damage to the business.

Environmental Stewardship: Disparity in international, country, state, county and corporate environmental standards.  Environmental regulations may vary regarding:

  • Facility or site requirements
  • Transportation
  • Hazardous spills
  • Equipment safety
  • Fire fighting methods
  • Gas releases

Natural Disasters: Each geographic location has specific historical and potential natural threats.

  • Earthquakes
  • Hurricanes/typhoons
  • Sand/wind storms
  • Tornados
  • Flooding
  • Tsunami

Employee issues: While every facility must prepared for potential employee issues, global companies must pay specific attention to:

  • Cultural differences
  • Language barriers
  • Labor relations challenges
  • Workplace discrimination or harassment
  • Disgruntled workers
  • Health and safety disparagements

Marketing: Global markets and unethical business practices can create non-emergency scenarios resulting in the need for crisis management:

  • Price gouging
  • Supply availability
  • Recalls
  • Deceptive business practices

Security Breach: A security breach can affect multiple aspects of a company, from business continuity to the physical safety of employees.

  • Computer hacking
  • Catastrophic IT failure
  • Facility security measures
  • Civil unrest
  • Personnel/employee security

Corporate Governance:  Corporate changes can initiate unrest, disrupt operations, and company reputation:

  • Mergers
  • Organizational restructuring
  • Downsizing
  • Facility closings
  • Management successions/promotions
  • Financial reporting integrity

Industry/Sector Issues: As industry specific equipment, regulatory advancements, and technologies evolve, preparedness should continually adapt to include safety processes, continuity procedures and best practices.

  • Supply disruptions
  • Punitive regulations

Illegal Activity: Faults in humanity may be intensified by location specific conditions, supply and demand, and/or greed. Preparedness measures should include business continuity and crisis management procedure for the following circumstances:

  • Extortion
  • Bribery
  • Fraud
  • Malfeasance
  • Criminal Investigation

Political/Social issues: As companies strive to be profitable, political and social issues can interfere with daily operations. Situations that may affect productivity include, but are not limited to:

  • Human rights
  • Terrorism
  • War
  • Political or social unrest
  • Economic disparity
  • Discrimination
 

Have locations across the globe? Download TRP Corp's free guide,"Response Planning for Large Organizations with Multi-Facility Operations".

Multiple Facility Response Planning Company Preparedness Guide DOWNLOAD

Tags: Social Unrest, Business Continuity, Resiliency, Crisis Management, Incident Management, Terrorism Threat Management, Workplace Safety

Terrorism, Security Planning, and Emergency Response Plans

Posted on Mon, Aug 19, 2013

In early August, the U.S. government took proactive measures to protect 22 embassies and consulates from terrorist activity by closing those facilities. In response to terrorism intelligence, U.S State Department spokesperson Jen Psaki stated, "This is not an indication of a new threat stream, merely an indication of our commitment to exercise caution and take appropriate steps to protect our employees, including local employees and visitors to our facilities."

The State Department statement highlights the needs for security planning for private, public, government, and industry facilities. Response planning should address applicable threat and risk assessments results and incorporate security measures and appropriate procedures to protect facility employees and visitors. Two key factors that must be considered in security planning include the specific nature of the threats and the available warning time allotted.

The move by the State Department reflected these two prime security response factors. "Once you take targets away, it buys you additional time to try and disrupt, to identify the cell, the operators in country and the region, and work with your partners in the region to try and ... get them in custody or disrupt the plot," she said. "So, some of this operationally is about buying time."

While many facilities may not be targets of a specific terroristic threat, facilities must be prepared to respond to such an event.  Companies should incorporate appropriate, site-specific responses to counteract the four major weapons associated with a terrorist attack. Specific roles and responsibilities of facility personnel, law enforcement, fire officials, and other first responders should be clearly described, reviewed, and updated as necessary.

Below details the FEMA identified four main weapon types most likely to be used by terrorists and associated response actions:

1. Conventional weapons (bombs and other explosive devices): The goal is to place inhabitants in a protected space and/or increase the distance from the potential explosive area. The following actions should be considered:

  • Use basement areas
  • Move to interior hallways away from windows
  • Shut off gas utilities
  • Evacuate personnel
2. Chemical weapons (poisonous gases, liquids, or solids): The following actions should be considered:
  • Secure doors/windows
  • Turn off all ventilation, including furnaces, air conditioners, vents, and fans
  • Seek shelter in an internal room
  • Make decisions based on reliable information from public safety officials on the location of the chemical release and wind speed and direction
  • Develop reunification procedures that minimize the penetration of airborne substances
  • Communicate with medical personnel (intervene as appropriate or instructed)

3. Biological agents These agents are organisms or toxins that have the potential to incapacitate people, livestock, and crops. They can be dispersed as aerosols, airborne particles or by contaminating food and water. These agents may not cause symptoms for days or weeks following an exposure. The following actions should be considered:

  • Mitigate exposure (includes getting everyone into buildings)
  • Secure avenues of penetration to include closing doors/windows and shutting down the heating ventilation, and air conditioning systems
  • Develop reunification procedures that mitigate risks
  • Develop a recovery plan in light of the highly contagious nature of these weapons
  • Communicate with medical personnel

4. Nuclear weapons (potential exposure to radiation) The overarching concern is to get individuals to a protected space or to increase the distance from the blast area. FEMA recommends taking shelter immediately as the three protective factors include distance, shielding, and time. Issues for consideration include, but are not limited to:

  • Potential magnitude
  • Emotional implications
  • Contamination
  • Casualties
  • Unavailability of emergency resources
  • Need for long-term sheltering
  • Hazard analysis (proximity to nuclear power plant, military installation, chemical plants)
  • Identification of at-risk persons or populations
  • Safe evacuation procedures and routes
  • Short-term and long-term recovery
For a free Response Procedures Flowchart, click here:
New Call-to-Action

Tags: Emergency Response Planning, Security plans, Terrorism Threat Management, Chemical Industry

Spike in Cyber Attacks Requires Specific Business Continuity Efforts

Posted on Mon, Jun 03, 2013

“According to recent estimates, this global network of networks encompasses more than two billion people with at least 12 billion computers and devices, including global positioning systems, mobile phones, satellites, data routers, ordinary desktop computers, and industrial control computers that run power plants, water systems, and more. While this increased connectivity has led to significant transformations and advances across our country – and around the world – it also has increased complexity of our shared risk.” - Department of Homeland Security

Based on statistics from the Department of Homeland Security (DHS), it is critical for companies to establish business continuity plans associated with technology, and related applications. As technology dependencies become more ingrained in company operations, it is essential to institute company-wide best practices for computer security, downloads, and backups in order to secure necessary technologies and communications networks.

A company’s business continuity plan (BCP) should include processes related to critical technologies that may be lost or suspended due to an incident or cyber attack. A BCP is a vital tool that companies can use to plan for the restoration of normal operations after a business-disrupting incident. Incidents can create a temporary or permanent loss of infrastructure, critical staff, software, and/or vital records. According to the DHS, the increasing number of cyber attacks elevates the potential for critical data lapses or loss. Recent cyber statistics include:

  • 68% increase in cyber incidents between 2009 and 2011 (Subcommittee on Cyber Security, Infrastructure Protection, and Security Technologies)
  • Confirmation of cyber intrusion campaign targeting oil and pipeline companies (Janet Napolitano, DHS Secretary)
  • Confirmation that the majority of companies in the energy sector had experienced cyber attacks, and approximately 55% of those attacks targeted control systems (Charles Edwards, DHS Deputy Inspector General)
  • In 2012, DHS responded to 177 cyber control systems incidents, up from 9 in 2012

To counteract the increasing threat on critical technology infrastructure, DHS has developed CSET, Cyber Security Evaluation Tool. “CSET is a desktop software tool that guides users through a step-by-step process to assess their control system and information technology network security practices against recognized industry standards.” After a thorough evaluation, CSET then produces a prioritized list of recommendations for improving the cyber security and industrial control cyber systems. Each recommendation is linked to a set of actions that can be applied to enhance cyber security controls.

In 2012, over 1,000 companies utilized CSET to evaluate cyber security measures. Sectors with the highest number of self-assessments include: water and water treatment, energy, transportation, commercial and government facilities, and public health or health care. By leveraging the CSET application and Control System Security Program onsite consultation opportunities, companies can mitigate cyber security issues and increase the potential for business continuity. Some key business continuity benefits of the programs include:

  • Highlighting vulnerabilities in a company’s system(s) and providing recommendations of mitigation efforts
  • Identifying areas of strength and recommended practices being followed in the organization
  • Providing a method to systematically compare and monitor cyber systems improvement
  • Informing a risk management and decision-making process
  • Raising awareness and facilitating discussion on cyber-security within the organization.

According to the Business Continuity Institute online survey conducted in December 2011, the top identified threat from conducting a thorough risk assessment was an unplanned IT or telecommunication outage. However, the top three identified threats were all related to the viability of technology, highlighting the need for technology-associated business continuity efforts.

Here are the top three threats from Business Continuity Insight survey:

1. 74% - Unplanned IT and telecommunications outages
  • Departments or business units should define workaround procedures, or alternate processes, to support critical process recovery until key systems and applications have been restored.
  • Ensure all business documentation, records, and files necessary for resumption and recovery purposes are backed up and stored/located safely away from the primary office facility to minimize data loss.
  • Identify alternate methods of communication: landlines, cell phones, satellite phones.

2. 68% - Data breach (i.e. loss or theft of confidential information):  Organizations need site specific data security solutions that can detect, prevent, and continually audit interactions with sensitive data. Through continual monitoring of file and application access, organizations can minimize theft of confidential information.

3. 65% - Cyber attack (e.g. malware, denial of service): Companies should follow security best practices and implement practical and effective safeguards to mitigate internal and external attacks.

Each department should be responsible for assessing computer and software needs when developing critical process recovery strategies, and obtaining the review and input of the IT Department in support of any identified computer and software recovery time objectives.

TRP Corp - Emergency Response Planning Crisis Management

Tags: Data Recovery, Computer Security, Data Loss, Cyber-Security, Data Backup, Business Continuity Plan, Terrorism Threat Management

Applying FEMA's Mitigation Core Capabilities to Corporate EHS - Part 3

Posted on Thu, May 16, 2013

While all risks cannot not be avoided, companies can minimize the potential of an incident if risk mitigation measures are identified and implemented. FEMA has identified 31 core capabilities that should be incorporated into emergency management programs. Four of these core capabilities fall under the mission area of mitigation.

In Part 3 of this series on core capabilities, we will explore the concepts relating to FEMA’s mission area of mitigation. Although the FEMA concepts of the core capabilities are aimed at the public sector and governmental jurisdictions, companies should evaluate these mitigation elements for site specific applicability. Implementation of identified mitigation measures can minimize risks and advance corporate strategic and tactical environmental, health, and safety (EHS) goals.

MITIGATION

According to FEMA, the concept of mitigation includes the core capabilities necessary to reduce the potential for loss of life, property damage, and environmental impacts. By reducing the potential, consequences and impacts, the duration, and the financial and human costs related to response and recovery, a company becomes more resilient.

Risk mitigation includes recognizing, understanding, communicating, and planning for possible arrangements, procedures, and/or assets that can directly minimize the impact or likelihood of the threat, or simplify or automate recovery requirements. Each facility has its own unique associated risks, however, through dedicated risk mitigation analysis and proactive measures, hazards and business disruptions can be minimized.

Community Resilience: “Lead the integrated effort to recognize, understand, communicate, plan, and address risks so that the community can develop a set of actions to accomplish Mitigation and improve resilience.”

It is critical to gain corporate support to ensure reliance and the financial backing for necessary mitigation efforts. EHS programs should include training efforts that highlight potential threats/hazards and instruct individuals on procedures and processes that minimize those risks. An enterprise-wide program that prioritizes safety reinforces its commitment to individuals and the surrounding environment.

Long-term Vulnerability Reduction: “Build and sustain resilient systems, communities, and critical infrastructure and key resources lifelines so as to reduce their vulnerability to natural, technological, and human-caused incidents by lessening the likelihood, severity, and duration of the adverse consequences related to these incidents.”

A continual effort to improve safety measures, mitigate risks, and apply lessons learned bolsters the long-term viability of a company. Quantifying measurable safety statistics with baseline information allows companies to determine if mitigation efforts and safety measures are successful. By analyzing preparedness measures, companies can determine which priorities to implement to reduce long-term vulnerabilities. As companies grow and infrastructure expands, proven safety measures can be incorporated into site specific preparedness and operational activities.

Risk and Disaster Resilience Assessment: “Assess risk and disaster resilience so that decision makers, responders, and community members can take informed action to reduce their entity's risk and increase their resilience.”

A business impact analysis should be used to identify critical business processes, potential recovery strategies, and areas that could benefit from risk mitigation. This resilience assessment should be used as a tool for EHS management to identify potential vulnerabilities and initiate proactive changes to minimize impacts if a disaster were to occur. If the level of risk identified is deemed unsafe or unacceptable for operational viability, additional recovery options, safety procedures, or applicable strategies may need to be developed and implemented.

Threats and Hazard Identification: “Identify the threats and hazards that occur in the geographic area; determine the frequency and magnitude; and incorporate this into analysis and planning processes so as to clearly understand the needs of a community or entity.”

Threats and vulnerabilities can stem from both external and internal actions. Therefore, companies must analyze potential threats from a variety of potential sources. A localized vulnerability and impact analysis should include typical weather patterns, geographical influences, security efforts, cyber evaluations, inherent operational hazards, as well as facility design and potential maintenance issues. Companies who understand associated risks can better prepare for and possibly mitigate vulnerabilities.

The next blog, Part 4 of this series, will address the core capabilities related to response. To begin reading Part 1 of this series, click here.

TRP Corp Emergency Response Planning Exercises

Tags: Business Continuity, Facility Management, Terrorism Threat Management, Workplace Safety, Business Disruption

Applying FEMA's Core Capabilites to Corporate EHS Programs: Part 2

Posted on Mon, May 13, 2013

FEMA has identified 31 core capabilities that should be incorporated into emergency management programs. Although the concepts are aimed at the public sector and governmental jurisdictions, companies can evaluate these elements for site specific applicability and implement appropriate elements to actualize corporate strategic and tactical environmental, health, and safety (EHS) goals.

In Part 2 of this series on core capabilities, we will explore the concepts relating to FEMA’s mission areas of prevention and protection, and the core concepts that fall under these areas.

PREVENTION

Preventionincludes those capabilities necessary to avoid, prevent, or stop a threatened or actual act of terrorism. It is focused on ensuring we are optimally prepared to prevent an imminent terrorist attack within the United States.”

Forensics and Attribution: “Conduct forensic analysis and attribute terrorist acts (including the means and methods of terrorism) to their source, to include forensic analysis as well as attribution for an attack and for the preparation for an attack in an effort to prevent initial or follow-on acts and/or swiftly develop counter-options.”

Companies must remain vigilant in preventing  terrorism. By prioritizing the analysis of on-site sources, such as chemical, biological, radiological, nuclear, and explosive material, companies can help to prevent initial or follow-on terrorist acts. Site-specific awareness training can broaden the scope of prevention by identifying potential sources and/or attributes associated with a terrorist attack.

PROTECTION

The following capabilities protect individual and critical corporate assets, systems, and networks against threats. EHS programs must institute these critical protective measures to promote business continuity. The ability to identify, quantify, and secure critical business processes that, when not functional, may damage a company’s reputation or ability to operate, is a critical stage in the business continuity planning process.

Access Control and Identity Verification: “Apply a broad range of physical, technological, and cyber measures to control admittance to critical locations and systems, limiting access to authorized individuals to carry out legitimate activities.”

Cybersecurity: “Protect against damage to, the unauthorized use of, and/or the exploitation of (and, if needed, the restoration of) electronic communications systems and services (and the information contained therein).”

Physical Protective Measures: “Reduce or mitigate risks, including actions targeted at threats, vulnerabilities, and/or consequences, by controlling movement and protecting borders, critical infrastructure, and the homeland.”

Risk Management for Protection Programs and Activities: “Identify, assess, and prioritize risks to inform Protection activities and investments.”

Supply Chain Integrity and Security: “Strengthen the security and resilience of the supply chain.”

PREVENTION/PROTECTION

Intelligence and Information Sharing: “Provide timely, accurate, and actionable information resulting from the planning, direction, collection, exploitation, processing, analysis, production, dissemination, evaluation, and feedback of available information concerning threats to the United States, its people, property, or interests; the development, proliferation, or use of WMDs; or any other matter bearing on U.S. national or homeland security by Federal, state, local, and other stakeholders. Information sharing is the ability to exchange intelligence, information, data, or knowledge among Federal, state, local, or private sector entities, as appropriate.”

Intelligence and information sharing are important components of the Incident Command System. Capitalizing on lessons learned enables companies to improve methodology based on actual experiences. To advance an EHS program, managers should include cyclical plan reviews to allow lessons learned to be implemented into preparedness, training and exercises.

Interdiction and Disruption: “Delay, divert, intercept, halt, apprehend, or secure threats and/or hazards.”

Companies  must  establish consistent protocols and regulatory compliance measures to maintain safe operations and minimize exposures. This includes proper and secure handling and disposal of hazardous materials capable of bringing harm to individuals, assets, or the environment. The objective is to remain vigilant in order to prevent potential threats, including terrorism.

Screening, Search, and Detection: “Identify, discover, or locate threats and/or hazards through active and passive surveillance and search procedures. This may include the use of systematic examinations and assessments, sensor technologies, or physical investigation and intelligence.”

Companies must be keenly aware of any operations that can potentially targeted or used in a terroristic manner. Proper identifications of materials and individuals, as well as security protocols must be reviewed to guard against potential harm.

The next blog, Part 3 of the series, will address the core capabilities related to mitigation.  To begin reading Part 1 of this series, click here.

For an understanding of the necessary elements in creating an effective fire pre plan, download our Fire Pre Planning Guide.

TRP Fire Pre Plan Image

Tags: Resiliency, Security plans, Cyber-Security, Terrorism Threat Management, Safety, Political Instability, Insider Threat

USCG Requirements and Responsibilities of Facility Security Officer

Posted on Mon, Sep 17, 2012

This summer, 22 nations, more than 40 ships and submarines, over 200 aircraft and 25,000 personnel participated in the Rim of the Pacific (RIMPAC) exercise in and around the Hawaiian Islands. The biennial exercise is designed to establish and sustain cooperative relationships to ensure the safety of sea-lanes and security on the world's oceans. This exercise emphasizes the importance of the US Coast Guard’s Maritime Transportation Security Act of 2002 (MTSA) for U.S based marine-transportation related facilities by prioritizing safety and security.

The MTSA requires marine-transportation related facility owners to be responsible for facility security. The Act requires vulnerability assessments and security plan approvals.  The marine transportation security aspects regulated by the USCG covers the entire facility, not just the transfer or “dock” area.

However, not all port located facilities are affected by the MTSA regulations. The MTSA requires that those facilities deemed “high risk” for transportation related security incidents must comply with regulations in order to continue operations. “High risk” facilities that mandate compliance with MTSA requirements are those that perform the following:

  • Handle explosives, liquefied natural or hazardous gas, or other Certain Dangerous Cargoes (CDC)
  • Transfer oil or hazardous materials
  • Handle vessels covered by Chapter XI of the International Convention for the Safety of Life at Sea (SOLAS)
  • Handle passenger vessels certified to carry more than 150 passengers (if vessels actually embark or disembark passengers there)
  • Handle cargo vessels greater than 100 gross registered tons
  • Handle barges that carry cargoes regulated by 46 CFR, chapter I, subchapter D or O, or CDCs.

A facility that is deemed high risk must assign a Facility Security Officer (FSO). According to CFR 33 part 105, maritime security for facilities, a single employee may serve as the FSO for more than one facility, as long as the facilities are in the same Captain Of The Port (COTP) zone and are within 50 miles of each other. The FSO may also perform other duties within the company, but they must be able to perform the duties and responsibilities required of the FSO. The FSO must ensure and oversee the following duties:

  • Facility Security Assessment (FSA)
  • Facility Security Plan (FSP) is developed and implemented
  • Annual audit, and if necessary, update the FSA and FSP
  • The FSP is exercised per §105.220
  • Regular security inspections
  • Security awareness and vigilance of the facility personnel
  • Adequate training to personnel performing facility security duties
  • Security incidents are recorded and reported to the owner or operator
  • Documentation of maintenance
  • Preparation and the submission of any reports
  • Any required Declarations of Security with Masters, Vessel Security Officers or their designated representatives
  • The coordination of security services in accordance with the approved FSP
  • Security equipment is properly operated, tested, calibrated, and maintained
  • The recording and reporting of attainment changes in MARSEC Levels to the owner or operator and the cognizant COTP
  • When requested, provide assistance to the Vessel Security Officers in confirming the identity of visitors and service providers seeking to board the vessel through the facility
  • Timely notification to law enforcement personnel and other emergency responders of any transportation security incident
  • The FSP submittal to the cognizant COTP for approval, as well as any plans to change the facility or facility infrastructure prior to amending the FSP
  • Facility personnel are briefed of changes in security conditions
  • Proper implementation of the Transportation Worker Identification Credential (TWIC) program, if necessary.

For tips and best practices on designing a crisis management program, download Best Practices for Crisis Management.

TRP Download

Tags: USCG, MTSA, Security plans, Department of Homeland Security, Terrorism Threat Management, Chemical Industry

Material Safety Data Requirements for Emergency Planning

Posted on Thu, Feb 02, 2012

Accurate Material Safety Data Sheets (MSDS) need to be available to employees and  potential  responders. There is the potential that the MSDSs will not be useful to local response groups unless they are familiar with the presented information.  Understanding this information will assist responders in assessing hazards assessment for pre-emergency planning or actual response to an emergency.

According to Department of Labor’s Occupational Safety and Health Administration (OSHA)

  • The Chemical Sampling Information (CSI) file contains listings for approximately 1500 substances
  • The Environmental Protection Agency's (EPA's) Toxic Substance Control Act (TSCA) Chemical Substances Inventory lists information on more than 62,000 chemicals or chemical substances
  • Some chemical libraries maintain files of material safety data sheets (MSDS) for more than 100,000 substances.

The number of chemicals is growing on a daily basis. The Chemical Abstract Service (CAS), a division of the American Chemical Society has registered more than 62 million substances. According CAS’s website, “The CAS registry is a collection of disclosed unique organic and inorganic substances, such as alloys, coordination compounds, minerals, mixtures, polymers, and salts, and more than 62 million sequences.”

The Beginning the Hazard Analysis Process, which was originally published as part of the Hazardous Materials Response Handbook (third edition) states, “a first responder might
reasonably be expected to encounter any of 1.5 million of these chemicals in an emergency, with 33,000 to 63,000 of them considered hazardous. To complicate matters, these hazardous chemicals are known by 183,000 different names. Fortunately, not all of these chemicals are equally common.”

OSHA's Hazard Communication Standard (HCS) specifies required information that must be included on MSDSs. The standard states that “chemical manufacturers and importers shall obtain or develop a material safety data sheet for each hazardous chemical they produce or import. Employers shall have a material safety data sheet in the workplace for each hazardous chemical which they use.”

OSHA requires that each MSDS must contain the following sections, written in English:

  1. Manufacturer's Name and Contact Information, including emergency numbers and addresses.
  2. Hazardous Ingredients/Identity Information, including chemical name, formula, common name, chemical family and associated synonyms. 
  3. Physical/Chemical Characteristics, including detailed chemical properties
  4. Fire and Explosion Hazard Data
  5. Reactivity Data
  6. Health Hazard Data
  7. Precautions for Safe Handling and Use,  including spill and leak procedures
  8. Control Measures, includng special protection information and  precautions

The American National Standards Institute (ANSI) approved an alternative format and published a standard Z400.1-1993, "American National Standard for Hazardous Industrial Chemicals-Material Safety Data Sheets-Preparation."

The following are standards set forth by ANSI. However, OSHA requirements must be included in the MSDS in order to meet compliance requirements.

Section 1. Chemical Product & Company Information
Section. 2. Composition/Information on Ingredients
Section. 3. Hazards Identification
Section. 4. First Aid Measures
Section. 5. Fire Fighting Measures
Section. 6. Accidental Release Measures
Section. 7. Handling and Storage
Section. 8. Exposure Controls/Personal Protection
Section. 9. Physical and Chemical Properties
Section. 10. Stability and Reactivity
Section. 11. Toxicological Information
Section. 12. Ecological Information
Section. 13. Disposal Considerations
Section. 14. Transport Information
Section. 15. Regulatory Information
Section. 16. Other Information

For an understanding of the necessary elements in creating an effective fire pre plan, download our Fire Pre Planning Guide.

TRP Fire Pre Plan Image

Tags: Radiation, OSHA HAZWOPER, OSHA, Emergency Preparedness, Emergency Management Program, Terrorism Threat Management, HAZWOPER, Chemical Industry

Emergency Response Plan - Annexes for Added Incident Management

Posted on Mon, Aug 08, 2011

According to FEMA, the basic emergency operations plan should provide a broad scope of responses for potential emergency and crisis situations. Additional emergency response annexes that focus on hazard, threat, or incident-specific response needs can be added to broaden a site-specific basic plan to encompass the full range of hazards associated with a facility. These annexes contain unique and regulatory response details that apply to a single hazard, such as a pandemic response or hurricane plan. Depending upon the emergency operation plan’s structure and content amount, hazard-specific information may be included as either separate functional annexes or stand-alone hazard-specific annexes.

Hazard or incident-specific annexes should include many of the same details of the basic operations plan including, but not limited to:

  • Details of hazard-specific location(s)
  • Evacuation routes
  • Plot Plans
  • Specific provisions and protocols for warning employees, the public and disseminating emergency  information
  • Personal protective equipment and detection devices
  • Policies and processes for each specific hazard
  • Roles and responsibilities

Just as in the basic emergency operations plan, a planning team may use supporting documents as needed to clarify the contents of the incident specific plan. These supporting documents can include hazard specific aerial and facility maps, charts, tables, checklists, resource inventories, and summaries of critical information. For example, the hurricane plan may be made clearer by attaching maps marked with evacuation routes or shelter in place areas. Evacuation routes may change depending on the location or scale of the hazard.

Hazard-specific operational information usually includes, but is not limited to:

  • Assessment and control of the hazard information
  • Identification of unique prevention and preparedness of critical infrastructure/key resources
  • Protective actions
  • Communications procedures and warning systems
  • Implementation of protective actions
  • Identification of short-term stabilization actions
  • Implementation of recovery actions.

It is crucial to identify the critical functions necessary for a successful emergency response to a specific hazard in the planning development stage.  This may include identifying alternate communications methods in the event of a hurricane or pinpointing essential personnel to implement a pandemic plan. Hazard-specific annexes should follow the same layout and organizational format as the main operational plan to ensure consistency.

For tips and best practices on designing a crisis management program, download Best Practices for Crisis Management.

TRP Download

Tags: Pandemic Planning, Fire Pre Plans, Emergency Preparedness, Crisis Management, Facility Management, Emergency Management Program, Security plans, Terrorism Threat Management, FEMA, Hurricane Preparedness, Flood Preparedness

School Safety Plans Must Include Terrorism Response Procedures

Posted on Thu, Jul 28, 2011

The process of developing a campus emergency plan to adddress terrorism can be overwhelming for school administrations. However, the potential for terrorist attacks makes it imperative that emergency plans include strategies to protect campuses, students, and staff. All schools should build on existing plans, work closely with local emergency agencies, and rehearse their plans accordingly.

Two key factors that must be considered in planning include the nature of terrorist threats and the available warning time allotted. According to FEMA, the weapons most likely to be used by terrorists fall into the following categories:

Conventional weapons include bombs and other explosive devices. The goal is to place inhabitants in a protected space and/or increase the distance from the potential explosive area. The following actions should be considered:

  • Use basement areas
  • Move to interior hallways away from windows
  • Practice ‘duck and cover’ drill
  • Shut off gas utilities
  • Evacuate students and staff
  • Release students to parents/guardians

Chemical weapons may be poisonous gases, liquids, or solids. The following actions should be considered:

  • Secure doors/windows
  • Turn off all ventilation, including furnaces, air conditioners, vents, and fans
  • Seek shelter in an internal room
  • Make decisions based on reliable information from public safety officials on the location of the chemical release and wind speed and direction
  • Develop reunification procedures that minimize the penetration of airborne substances
  • Communicate with medical personnel (intervene as appropriate or instructed)

Chemical_TRP.jpg

Biological agents are organisms or toxins that have the potential to incapacitate people, livestock, and crops. They can be dispersed as aerosols, airborne particles or by contaminating food and water. These agents may not cause symptoms for days or weeks following an exposure. The following actions should be considered:

  • Mitigate exposure (includes getting everyone into buildings)
  • Secure avenues of penetration to include closing doors/windows and shutting down the heating ventilation, and air conditioning systems
  • Develop reunification procedures that mitigate risks
  • Develop a recovery plan in light of the highly contagious nature of these weapons
  • Communicate with medical personnel

Nuclear weapons have special considerations, given the potential exposure to radiation. The overarching concern is to get individuals to a protected space or to increase the distance from the blast area. FEMA recommends taking shelter immediately as the three protective factors include distance, shielding, and time. Issues for consideration include, but are not limited to:

  • Potential magnitude
  • Emotional implications
  • Contamination
  • Casualties
  • Unavailability of emergency resources
  • Need for long-term sheltering
  • Hazard analysis (proximity to nuclear power plant, military installation, chemical plants)
  • Identification of at-risk persons or populations
  • Safe evacuation procedures and routes
  • Short-term and long-term recovery

It is essential that the roles and responsibilities of educators, law enforcement, fire officials, and other first responders are clearly described, reviewed, and updated. Communication procedures should detail methods of information distribution, including social media tools, between those on and off the site, parents, emergency responders, the community, and the media. 

Receive your FREE Incident Preparedness Guide:

Preparedness and Emergency Management - TRP Corp

Tags: Emergency Preparedness, Crisis Management, Facility Management, Emergency Management Program, Terrorism Threat Management, School Emergency Planning

Emergency Management and Initial Response Actions for Communicated Threats

Posted on Thu, Jul 07, 2011

In 2011, the Department of Homeland Security released information regarding specific terrorist targets that they derived from terrorists' communications data. Included in these threats were highly combustible oil tankers and refineries.  Facilities that produce, store, or supply hazardous material should ensure their emergency management program contains a security plan that contains initial response actions in the event that they are targeted.

An example of initial response actions are as follows:

Person Receiving Threat

  • Document as much information as possible utilizing a Threat Report Form
  • Immediately notify the Facility Manager and remain available for additional questions.

On-Scene Commander

  • Activate and consult with EMT advisers and law enforcement and determine details of the threat. Consolidate evidence and evaluate facts.
  • Notify and consult with Facility Management. The following factors should be considered:
    • Method of threat delivery (in person, telephone, radio, written/letter, email, other, etc.).
    • Principal persons, groups, and/or facilities targeted.
    • Specific action(s) threatened.
    • Timetable of threatened action(s).
    • Persons or groups claiming responsibility (if any).
    • Number of similar threats to other facilities/installations in the area (if any) or any other event or condition which might provoke a threat.
    • Employee disturbance or contract labor unrest.
    • National or international politics, radical local activity, specific groups, etc.
    • Indication of juvenile hoax (if any).initial_Response_actions_TRP.jpg
  • Notify Corporate Management as appropriate
  • Contact Corporate Security.
  • Maintain low profile - no publicity if possible.
  • Coordinate further specific response actions with Corporate Management.
  • Identify/verify all potential victims.
  • Debrief employees/victims as to details of the threat.
  • Evaluate need for evacuation.
  • Facilitate emergency shutdowns if appropriate.
  • Develop Bomb Search Plan, if appropriate.
  • Review security and evacuation plans.
  • Implement personnel protection plan for targeted victim(s) and family members, if appropriate.
  • Implement employee and family assistance/counseling, as necessary.
  • Prepare for possible Search and Rescue with assistance of local authorities
  • Consult with corporate legal counsel.

Post-Incident Actions

  • Review and update emergency plan procedures.
  • Review and update evacuation plans.
  • Conduct post-incident investigation.
  • Conduct team debriefings.
  • Perform response/cleanup operations as directed or coordinated by the On-Scene Commander.

 

Corporate Crisis Management

Tags: Emergency Preparedness, Emergency Management Program, Security plans, Terrorism Threat Management