What 2017 taught businesses about disaster management
As governments, businesses, insurers and others tally the economic losses from this year's natural catastrophes, some are already planning ahead for what’s next.
About one-third of organizations see Hurricanes Harvey and Irma, Typhoon Hato, the earthquakes in Mexico and other disasters as catalysts to re-evaluate their emergency planning, according to a poll taken during a recent Marsh webcast.
A somewhat surprising number, however, said they were not sure if this year's series of disasters would be enough to spur such measures, with almost another third saying they would not be. Contrast that to government authorities in California, who wasted little time after the Sept. 19 earthquake that rocked Mexico City, urging communities and individuals in their state to prepare for the inevitable "big one."
One thing that was clear from polling during our webcast: The top issue on companies' catastrophe planning agenda is how to protect people and property during a disaster and get them quickly functioning again. The focus on business interruption from our survey respondents aligns with other industry studies (PDF).
Business continuity planning — seen as most beneficial by far in our survey — is a cornerstone of an overall resilience program. Plans that are developed — and practiced — ahead of a disaster should help those responsible understand the potential impacts to people, property and operations, and make policy or strategy decisions to address and manage those impacts. To achieve this, organizations should conduct a business impact analysis to determine critical processes, functions and resources. This also will help identify critical networks, applications and data to be recovered.
During an event, emergency response measures are critical to recovery. Life safety, event mitigation and the protection of physical assets are imperative, so it’s key to prioritize response actions such as the need to evacuate, account for all employees and protect property and assets. And after a catastrophe, the importance of humanitarian assistance cannot be understated. Support for employees and their families during an event should include physical, social, emotional and financial help, as needed.
Once life-safety issues have been addressed, business continuity plans then account for the management and logistical processes for continuing or resuming operations and restoring critical business functions.
Keep in mind that crisis communications also play a key role before, during and after an event. During a disaster, core messages and communications to employees, customers, investors and the media should reinforce strategies and decisions. Stay in touch with your employees as much as possible throughout an event. Facilitate two-way communication to determine when your people can return to work and regularly update your employees on your plans. And when you re-open, consider returning in prioritized shifts.
Supply chains should not be overlooked
One surprise from the survey is that only 22 percent saw supply chain resiliency as one of their top two risks, especially as it is so tied in to the No. 1 choice, business continuity. This year’s hurricanes have shown supply chain impacts in the agriculture, chemical, construction, oil, pharmaceutical and transportation industries, to name a few.
Quantifying the long-term impacts of these storms will take time to sort through. But the companies most likely to minimize the damage to their own operations and bottom line will be those that previously had thought through scenarios such as Harvey or Irma.
We’ve asked risk professionals at other times to tell us about their thoughts on where critical risks for their organizations likely would emerge. When we last did so (PDF), natural disasters were topped by six other risk areas.
After the run of disasters in 2017, it will be interesting to see if priorities change. That said — regardless of the risks encountered — a strong resiliency program that encompasses business continuity, emergency response, crisis management and IT or disaster recovery elements will help ensure an effective response and recovery.