Tag: emergency preparedness

Getting Started on Emergency Preparedness

tomkapostasyLeave a comment

We seem to live in a world filled with unpredictable risks: a banking crisis, potential Greek debt default, H1N1 flu, gulf oil spill, Icelandic volcano ash, terrorist attempts, etc.  Many small and medium-sized businesses defer emergency preparedness planning because they are unable to find the handle to get started or they fear a bottomless pit of cost with no expected benefits.  Doing nothing is a choice, but it is not the best choice.

Any firm can complete the first three steps of an emergency preparedness plan in less than one day: outline the potential risks, prioritize their likely impact and outline the required preparedness measures which would address the risks.  Most potential risks are generic.  The attached checklist can be modified to highlight any other risks.

The identified risks can be prioritized through a simple weighting scheme.  For each risk, rank its probability of occurrence in the next 10 years as 1-5, with 5 being highest.  For each risk, separately evaluate the potential human and property/asset risks from 1-5, with 5 being the highest damage.  Calculate the potential impact as the probability score times the SUM of the human and property impacts.  Sort the risks from high to low.  There will be a natural division of scores that highlights your top 5-15 risks.

 For each risk, determine what emergency preparedness steps are required.  Most will be addressed by a small number of generic recovery steps.

  1. Shelter on-site for 4 hours, including emergency air supply.
  2. Shelter on-site for 16 hours, during threatening weather.
  3. Shelter on-site for 72 hours.
  4. Quickly evacuate building and account for occupants.
  5. Activate emergency communications plan/alternate command authority structure.
  6. Activate emergency business recovery plan
  7. Activate long-term quarantine plan.
  8. Other specialized recovery steps.

 Once these first three steps have been completed, progress can begin on developing the recovery plans, including any immediate action steps that can be taken to reduce the risks or impacts of high potential impact threats.

 Emergency preparedness is a major investment.  Getting started is the most important step.

 Group   No.   Risks 
     
 Brand      1  Key executive or representative incident 
 Brand      2  Product recall – safety, functional problems 
 Brand      3  Public relations crisis, fraud, suppliers, legal, political 
     
 Hazard      4  Biological – plague, insects, animals, malaria, anthrax, terror 
 Hazard      5  Chemical – on-site, storage, warehouse, adjacent, terrorist, gas leak 
 Hazard      6  Communicable disease – long-term impact (Avian flu, H1N1 flu) 
 Hazard      7  Explosion – natural gas, terror, plane, truck, car 
 Hazard      8  Fire – on-site, garage, storage, adjacent, roads, utilities 
 Hazard      9  Local  accident, making buildings inaccessible for 30 days+ 
 Hazard    10  Nuclear accident, truck, terror, bomb, other radiation release 
     
 IT    11  Computer virus or malware infection, major 
 IT    12  Major internet access failure for more than 1 day 
 IT    13  Servers and co-location servers destroyed, restart 
     
 Natural    14  Earthquake – structural damage, fire, water, utility damage 
 Natural    15  Flood – on-site, nearby, preventing access 
 Natural    16  Severe winter storm, ice, heavy snow 
 Natural    17  Tornado, high wind storm, hurricane, hail storm, lightning 
     
 Personal    18  Armed threat, violence, hostage, robbery, escapee – nearby 
 Personal    19  Civil disturb, riot, war, occupation – on-site, nearby, country 
     
 Supply    20  Bank, fin system, invest failure, long-term recession 
 Supply    21  Critical supplier, shipper, facility or resource failure 
 Supply    22  Labor supply disruption 
     
 Transport    23  Major loss of staff due to travel accident 
 Transport    24  Major transportation interruption – road, train, air or ship 
 Transport    25  National travel emergency requiring alternate travel
 Transport    26  Vehicles – collision, liability 
     
 Utility    27  Communications, utility service interruption 
 Utility    28  Long-term electrical power outage 
 Utility    29  Safe drinking water failure 

Goals of an Integrated Planning and Control System

tomkapostasyLeave a comment

The proliferation of planning and control systems has led to a large number of goals.  Fortunately, they can be consolidated and categorized to facilitate the development of an understandable consolidated system.  The essential goals are eternal, but the growing complexities of the business environment and processes have increased the number of goals worth monitoring.  On the planning side, firms need to prioritize, clarify, align, communicate and prepare. 

In spite of the countervailing winds of entrepreneurship and empowerment, in a dynamic world with greater value at stake, firms need to set key priorities at the top for direction, values, strategies, investments, projects, critical success factors and key performance indicators.  Without them, even in the best conditions, managers and staff will ineffectively make decisions “as well as they can”.  Clear priorities and expectations can significantly reduce the zero-sum game of internal politics.  Senior management needs to proactively clarify the priorities, trade-offs and commitments made to all stakeholders, including investors, customers, suppliers and internal departments. 

A well-designed strategic plan and its related structures effectively align the decentralized, specialized, outsourced, matrixed and virtual resources of today’s firm.  Intentions, decisions, opportunities, authorities and best practices are clearly communicated.  The well-defined expected and desired future state allows individual functions to optimize within their frameworks.  Long-term commitments are made and managed, allowing business units and functions to flex within the context and pursue immediate opportunities.  Commitments are made at every level at the right time, with confidence.  Scarce resources are devoted to priority objectives and secondary projects consume no resources.

An effective planning process prepares the firm to face the unknown.  Participants at all levels have devoted time to organization level thinking about direction, situation, gaps and solutions.  If simulations, sensitivity analysis and emergency preparedness work has been done, some level of preplanned formal responses and tools has been defined, providing a base and confidence for managing the challenges that were not expected.

On the controls side, the system needs to deliver results while managing assets and risks.

“What gets measured gets done”.  Objectives that are measured and reported receive priority management and staff attention.  Today’s digital dashboards expand the number of goals to be pursued and more clearly communicate their status to everyone in real-time.  This greatly increases the motivation by staff to improve their real performance (and sometimes beat the system).  The quality revolution attempts to move this feedback loop to a higher level, with staff understanding customer needs, defining their own goals, measuring performance and developing quantum leap improvements to serve easily understood definitions of success.

The accounting staff has always been charged with safeguarding the firm’s assets.  In the analog world, this was straightforward.  Today, it requires a deeper understanding of intangible assets such as patents, supplier relations and brand value.  In spite of the loss of firm loyalty, it is apparent today that employees are the most valuable assets for most firms.  Employees need to feel valued for their skills and contributions, and be given opportunities to build their skills and apply their talents.  The human resources management system (job descriptions, evaluations, compensation) needs to be effectively integrated into the overall planning system.  An effective process system also builds the knowledge management value of the firm by documenting processes, accumulating knowledge and improving the rate of knowledge transfer through training and sharing.

In the post-Enron, Sarbanes-Oxley informed world, risk management has become an important board level topic (because board members have new responsibilities).  Developing basic and advanced internal controls to prevent and detect theft is a classic controller responsibility.  Administrative policies and procedures have long been used in large and small firms to increase the degree of compliance with management’s expectations by managers and staff.  Most firms have been subject to some level of regulatory oversight, audit and compliance.  All firms have reported financial results to external stakeholders within generally accepted accounting practices and tax laws.  Firms have always thought about the risks of natural disasters, but today’s decentralized and electronically supported worlds require much more attention to a variety of 10%, 1% and 0.1% risks.  Firms have used insurance policies for basic risks for centuries, but today they must evaluate and guard against a much wider variety and degree of business risks.  Finally, complex and decentralized firms are subject to Murphy’s Law and the role of the weakest link.  The sheer number and impact of risks has caused them to make openness and transparency a top value.

An integrated planning and control system needs to address all of these goals.  Planning must prioritize, clarify, align, communicate and prepare.  Reporting must deliver results while managing assets and risks.