9/11. Katrina. Virginia Tech. The worst disaster you will see is the one that happens to you or your...
-
Upload
kelley-robbins -
Category
Documents
-
view
217 -
download
0
Transcript of 9/11. Katrina. Virginia Tech. The worst disaster you will see is the one that happens to you or your...
These are not the worst disasters you will see
9/11. Katrina. Virginia Tech.
The worst disaster you will see is the one that happens to
you or your business
EVERY CRISIS IS A HUMAN CRISIS
The success of your organization relies on the preparedness of
people
FIVE MOST COMMON FAILURES
CONTROL CRITICAL SUPPLY CHAINSTRAIN EMPLOYEES FOR BOTH WORK & HOME IDENTIFY & MONITOR ALL THREATS & RISKSCONDUCT EXERCISES & UPDATE PLAN DEVELOP CRISIS COMMUNICATIONS PLAN
ACTION ITEMS
PREDICT. PLAN. PERFORM.
Identify & Involve Critical Suppliers Critical Functions Critical Employees
What If Exercises Establish How To:
Monitor Communicate
CONTROL CRITICAL SUPPLY CHAINS
TRAIN EMPLOYEES FOR BOTH WORK & HOME IDENTIFY & MONITOR ALL THREATS & RISKS
CONDUCT EXERCISES AND UPDATE PLAN
DEVELOP CRISIS COMMUNICATIONS PLAN
Almost every disaster, incident of school/workplace violence and act of
terrorism was preceded by warning signals.
“PREDICTABLE SURPRISES”
CRISIS MANAGEMENT: FIRST RESPONSE
Pastoral setting: Physically-intact campus Traumatized community
Media circus 324 Media outlets 140 Satellite trucks $4 million by major network in first week
CRISIS COMMUNICATIONS RESPONSE
Transparency Framing messages Controlled accessibility
Established call center to broker access and provide information
Signage on campus buildings when classes resumed
Metrics Timeline
TIMELINE
Initial shootings in West Amber-Johnston Hall Lovers’ triangle Absence of students to interview
Immediate arrest of ‘suspect’ Boyfriend left “in a hurry” Guns found in truck
Norris Hall response Nine minutes from entry to end of shootings
Time alters our perception of risk It can’t happen here. It can’t happen to me. It won’t be so bad. I’m smarter and better prepared.
WHY WE DISCOUNT RISK
WHY CONTINUITY PLANNING?
Public Law 110-53, Title IX Business environment at greater risk
Natural disasters Pandemic threat Terrorism Economy at risk
Governance requirements Disclosure issues Regulatory guidelines Sarbanes-Oxley Looming litigation
STATISTICS OF FAILURE
OF BUSINESSES WILL LOSE TO OF THEIR SHAREHOLDER VALUE IN 5 YEARS AS A RESULT OF A DISASTER OR CRISIS.
OF CONTINUITY PLANS HAVE NEVER BEEN TESTED.
DISASTERS OCCUR ANNUALLY IN THE U.S.
OF BUSINESSES STRUCK BY A DISASTER NEVER REOPEN, AND OF THOSE THAT REOPEN CLOSE IN TWO YEARS.
83% 20% 30%
80%
70,000+
40%25%
OPPORTUNITY TIMELINE
PREPARE AND PLAN
MONITOR AND TAKE ACTION
RETURN TO ‘NORMAL’
PRE IMMINENT DURING RECOVERY
MANAGE AND
MITIGATE
WHY NOW?
Business environment is less forgiving
Risk management is usually internal, but external risks have not been addressed
Systemic risks have not been a focus – how to survive a major industry-wide event
VULNERABILITIES Extreme Heat Fires Floods Global Warming Hazardous Materials
Hurricanes Landslides Multi-Hazard Nuclear
EarthquakesPandemic
Power Outages Thunderstorms
Wildfires Winter Storms Workplace Violence Dam Safety Earthquakes
Terrorism TsunamisTornadoes
Extreme Heat Floods Global Warming Hazardous Materials
Hurricanes Nuclear Pandemic Terrorism
FiresPower OutagesLandslides
Thunderstorms Tsunamis Volcanoes Winter Storms
Earthquakes Fires Global Warming Landslides
Tornadoes
FloodsWildfires
Pandemic Power Outages ThunderstormsTerrorism
Hurricanes
Nuclear
VULNERABILITY ANALYSIS
WARNINGHIGH IMPACT / LOW
CERTAINTY
DANGER HIGH IMPACT / HIGH
CERTAINTY
NORMAL OPERATIONS
AWARENESS & CONTINGENCY PLANNING
CORPORATE GOVERNANCE & PREACTION PLAN
CERTAINTY
IMPACT
THE DISASTER ENVIRONMENT
YOUR COMPANY/
CLIENTS
Employees
Family & Friends
Work & School
Critical Suppliers
Customers
Stakeholders
DISASTER
DISASTER
IN/OUT/ACROSS ANALYSIS• FINANCIAL • OPERATIONAL
• EXTERNAL• STRATEGIC
PROCESSES WITHIN
EACH ENTITY
PROCESSES THAT
MOVE IN & OUT OF ENTITIES
LIABILITIES
LEGAL
OSHA MEDICAL PRIVACY
HR BENEFITS
DISCRIMINATION
FORCE MAJEUR
E
FAILURE TO PLAN
GOVERNANCE
INSURANCE
NEGLIGENCE
IT’S MORE THAN AN IT ISSUE
Every Crisis is a Human Crisis.
SYSTEMS DO NOT PROTECT PEOPLE
SERVERS CANNOT INITIATE ACTION
NETWORKS WILL NOT BE HELD
ACCOUNTABLE
NO PEOPLE → NO RECOVERYEvery Crisis is a Human Crisis.
RULE 1, 2, 3
2+ backups for • Critical tasks
and business functions
• Software and data exchange
File a written record of each
backup’s contact and access data
Documentation should be updated
every 6 months
Disasters result in high absenteeism: Train 3 employees for each critical task
CRISIS COMMUNICATIONS
PREDICT • Who is the audience?• What are their concerns?
PLAN
• Tailor message, messenger, and media
• Format to the stakeholder
PERFORM • Focus on the 3 key messages
WHAT CONSTITUTES A PANDEMIC?
Highly virulent
organism
Lack of human
immunity
Easily transmitted human to human
MODES OF TRANSMISSION
Contact TransmissionDirect Contact
Indirect Contact
Droplet Transmission
Airborne Transmission
P 1 P 2
P 1 P 3
P 1 P 2
P 1 P 2
45
Index Case
ODYSSEY OF SARS TRANSMISSION
3 hour Flight; Hong Kong to Beijing, March 15, 200318 Cases4 Deaths
Crew Member
Probable Case
UPDATE: WHAT’S CHANGED
Public Law 110-53, Title IX Situation in Mexico Bio-terrorism Workplace Violence
PUBLIC LAW 110-53, TITLE IX
In the “Implementing the Recommendations of the 9/11 Commission Act of 2007” (the 9/11 Act), Congress mandated the Department of Homeland Security (DHS) to provide “voluntary” preparedness certification and “develop guidance or recommendations and identify best practices to assist or foster action by the private sector” across a wide range of business continuity practices.
MEXICO: WILL THE VIOLENCE SPILL OVER TO THE U.S?
U.S. security no match for Mexican drug cartels
The Obama administration announced this week it is sending hundreds of federal agents and crime-fighting equipment to the Mexican border to try to make sure violence from Mexican drug cartels doesn't spill over into the U.S. –CNN, March 27,2009
BIO-TERRORISM
Bio-terrorism – Al Qaida and the Plague
The story began with a Jan. 6 report in the Algerian newspaper Echorouk that a number of terrorists had died of the plague in one of al-Qaida training camps in Tizi Ouzou. Another Algerian newspaper En-Nahar, affirmed that 50
terrorists have been diagnosed with
the plague, 40 of whom have already died.
WORKPLACE VIOLENCE: ON THE RISE?
Businesses are bracing for more crimes committed by both external and internal perpetrators in a rough economy: The worry is that poor market conditions will result in
more burglaries, and Company layoffs could increase cases of
embezzlement, theft and workplace violence by disgruntled workers
Domestic violence is moving to the workplace
Any physical assault, threatening behavior, or verbal abuse occurring the work setting. It includes, but is not limited to: Psychological
Intimidating presence Harassment (being followed, sworn at, or shouted at) Obscene phone calls Threats
Physical Beatings Rapes Shootings Stabbings Suicides
WHAT CONSTITUTES WORKPLACE VIOLENCE?
CURRENT ENVIRONMENT 70% of workplaces have no formal workplace violence
program, despite findings that there are thousands threats of violence every workday
43% of those threatened and 24% of those attacked at work do not report the incident
Workplace violence myth: most incidents come out of the blue.
“These incidents don’t just happen spontaneously. People work through a process—there is a pathway that people will pursue toward ultimately committing violence.“
Source: John Lane, VP of Crisis and Security Consulting Control RisksASIS 54th Seminar, 2008
OSHA & STATE STATUTES
Employer owes a ‘‘general duty’’ to protect employees against ‘‘recognized hazards’’ that are likely to cause serious injury or death. Workplace violence has been identified as one of those hazards, and both federal and state OSHA agencies have issued citations to employers under the Act’s general duty clause for failure to protect employees against workplace violence
Employer’s obligation to maintain a safe place to work also arises from the legal principles that exist in most states under common law. Legal principles most commonly discussed in litigated cases involving workplace violence include:
A collection of negligence theories, including negligent hiring (the failure to properly screen job applicants, particularly for sensitive positions involving a high degree of interaction with the public); negligent supervision (the failure to supervise employees and to discipline violators of anti-violence rules)
Negligent retention (the failure to terminate employees who have engaged in behavior in violation of company policies).
Premises liability (the duty of a property owner to take responsible steps to guard against reasonably foreseeable violence)
Respondeat superior (an employer’s indirect liability for the wrongful acts of an employee committed within the course and scope of employment)
Sexual and other forms of harassment prohibited under discrimination laws (when threats or violence are motivated by a victim’s protected status); and
COMPANY RESPONSIBILITY
OSHA section 5(a)(1) of the OSH Act, often referred to as the General Duty
Clause, requires employers to "furnish to each of their employees employment and a place of employment which are free from recognized hazards that are causing or are likely to cause death or serious physical harm to his employees".
section 5(a)(2) requires employers to "comply with occupational safety and health standards promulgated under this Act".
L
BACKGROUND STATISTICS
1970’s-present: incidents of workplace violence have tripled Major contributors include:
Aggressive employees Domestic violence brought into the workplace Employers not taking recurring threats seriously Ethnic differences among workers
Negligent hiring, supervision, or retention of aggressive employees
Substance abuse
Layoffs and company downsizing
Poor handling of employee termination
Estimated cost to business $120 billion
ACTIONS Recognize behavior What to do/who to call How to deal with potentially violent individuals Individual responsibility in following procedures;
Get to cover Flee Defend yourself Utilize available communications
Procedures training Front desk, reception, panic alarm training
Practice all protocols/procedures
DURING THE EVENT
People need to know how to protect themselves and others
The drive to connect and reconnect is great; plan on families and others coming to the scene
Prepare for communication among crisis responders, develop plan for working with media, etc
AFTER THE CRITICAL EVENT IS RESOLVED
A catastrophic event is often the first of many crises that will be faced
Recovery is a non-linear process that leads to a new normal
Individuals will need to reconcile to a new worldview that accepts the awareness of vulnerability
Connection, communication, and perceived intentions of others become acutely significant
Almost every disaster, incident of school/workplace violence and act of
terrorism was preceded by warning signals.
“PREDICTABLE SURPRISES”
DISASTER READY PEOPLE FOR A DISASTER READY AMERICA
What Me Worry?
I don’t know what to do It will take too much time I can’t afford it What’s the point
THIS COUNTRY’S EMERGENCY MANAGEMENT FOCUS
Tends toward response and recovery during and after a disaster.
Firestorm remains focused on establishing
nation-wide readiness before disaster strikes. Goal: Build strong Disaster Ready People and
Disaster Ready Businesses.
FIRESTORM SOLUTIONS, LLC.
Firestorm’s PREDICT. PLAN. PERFORM.™ model optimizes client outcomes in a disaster:
PREDICT. Vulnerability analysis and threat assessment
PLAN. Business continuity, pandemic, security and crisis communications planning
PERFORM. Crisis management and mitigation
UNIQUE CAPABILITIESUnparalleled Knowledge Base
In-house team of legal, risk management, human resources, technology, engineering, security and research professionals
Expert Council
Planning , Training & Exercises Enterprise Risk Management (ERM), Business Continuity Plan (BCP), Continuity
of Operations Plan (COOP), Emergency Response Plan, Disaster Recovery Plan, Crisis Communications Plan, Crisis Management Plan, Incident Red Flag Plan (identity Protection), Title IX DHS Certification, Security, Workplace Violence, and Pandemic Plan.
Crisis Management Response Services 24/7 crisis response, including onsite deployment of crisis incident response
team Threat assessment
EXPERT COUNCIL
Brings subject matter knowledge and expertise to Firestorm clients
Generates unique insights and develops the best solutions to complex problems
Provides an independent perspective and produces faster, more accurate results
Utilizes specialists from various disciplines, professions and industries
DISASTER DUE DILIGENCE
A recent study of 1200 CFOs in 79 countries indicated:
62% of businesses with over $5 billion in revenue encountered a major risk event
42% of these businesses were not prepared