Our mission is to safeguard people, protect property, minimize business interruption, and protect reputations.

Our vision is to thoroughly understand each client’s business and become a long-term trusted adviser.



Showing posts with label Emergency Management. Show all posts
Showing posts with label Emergency Management. Show all posts

Sunday, February 5, 2017

New Preparedness, LLC Website Launched

We are pleased to announce the launch of the new Preparedness, LLC website. The mobile-friendly site still includes hundreds of links to preparedness resources (all verified or updated) as well as new and revised Preparedness Bulletins to help with the development, implementation, and evaluation of your emergency management, business continuity, and crisis management programs.

Since the organization of the website has changed, may we suggest you update your bookmarks and links to the page.

Please send us your suggestions for new links and subjects for future Preparedness Bulletins.

Monday, October 15, 2012

2013 Edition of NFPA 1600 Close to Publication

The 2013 edition of NFPA 1600, "Standard on Disaster/Emergency Management and Business Continuity Programs" is complete. NFPA did not receive any "Notices of Intent To Make A Motion" (NITMAM), which would have required action at NFPA's annual meeting. Therefore, NFPA 1600-2013 will be approved by NFPA's Standards Council on or about November 27, 2012. The 2013 edition should become available in December or January.

If you would like to preview the 2013 edition, you can review the "Report on Comments" draft that was developed at the technical committee meeting March 20-22, 2012. You can monitor the progress of the technical committee by visiting the NFPA website.

Numerous resources pertaining to NFPA 1600 “Standard on Disaster/Emergency Management and Business Continuity Programs” can be found on the “NFPA 1600” page of the Preparedness, LLC website.

Donald L. Schmidt, ARM, CBCP, CBCLA, CEM® is the chair of NFPA’s Technical Committee on Emergency Management and Business Continuity, which is responsible for NFPA 1600. Mr. Schmidt has been involved in the development of every edition of NFPA 1600. He is the editor of “Implementing NFPA 1600 National Preparedness Standard," and he is also the lead instructor for NFPA’s professional development course on NFPA 1600.

Monday, October 1, 2012

McGraw-Hill 2012 Homeland Security Handbook

The 2012 edition of the McGraw-Hill Homeland Security Handbook is scheduled for publication late in 2012. Donald L Schmidt, CEO of Preparedness, LLC, once again has authored a chapter on Corporate Emergency Management.

This handbook aims to foster an integrated and coordinated approach to homeland security, emergency management, and enterprise resilience. The Handbook has several important features:

  • The 2012 edition of the Handbook provides extensive thematic coverage, offering an opportunity to understand how homeland security challenges are interconnected. As pointed out in the foreword to the 2006 edition, only a team of individuals with genuine crosscutting knowledge and practical experience will be able to understand the complexity of any particular homeland security challenge, devise an efficient and viable strategy for dealing with the problem, and implement this strategy effectively.
  • The contributors include distinguished members of government, industry, and academia, many of whom combine theory with practical experience in homeland security and are active in educating the next generation of national security leaders.
  • As no country has a monopoly on best practices, this edition has an expanded section on international approaches, with perspectives and insights from past disasters.
  • This edition includes management principles, models, concepts, and specific practical guidance. Many chapters present practical steps that security, emergency preparedness, and business continuity professionals can apply immediately to create vigilant, prepared, and resilient communities and business enterprises.
  • The book emphasizes the importance of systems thinking, holistic interoperability, and information sharing protocol development. The need for this emphasis stems from the reality that, since the last edition was published, the world has witnessed numerous occasions when poor information sharing and coordination undermined counterterrorism defenses and crisis consequence management following catastrophic natural disasters.
  • The book covers recent homeland security policy developments, such as Presidential Policy Directive 8 (PPD-8) with National Frameworks for Prevention, Protection, Mitigation, Response, and Recovery.

The website at www.HomelandSecurityBook.com provides valuable resources for further study.

Monday, September 17, 2012

NFPA 1600 Report on Comments Published

The National Fire Protection Association (NFPA) has posted the “Report on Comments” for the 2013 edition of NFPA 1600. This report includes much of the text of the proposed document.
The official NFPA 1600 committee web page provides information on the current edition, the status of the next edition, information on the technical committee, and guidance on how to post questions. You can also view the NFPA 1600 page on the Preparedness, LLC website to obtain information.
If you would like to view and listen to a presentation by NFPA 1600, committee chair Don Schmidt, visit the Emergency Management Forum website.
NFPA 1600 is revised every three years. The technical committee encourages you to submit your thoughts regarding the next edition.

Thursday, June 30, 2011

NFPA 1600-2010 edition for iPhone

The iPhone app for the 2010 edition of NFPA 1600 “Standard on Disaster/Emergency Management and Business Continuity Programs” is now available in the iTunes App Store

Please note there is a $4.99 fee for this app.

If you want details on NFPA 1600 from the committee chair, go to the NFPA 1600 resource page on the Preparedness, LLC website.

Friday, June 24, 2011

NFPA awarded contract to update FEMA’s Ready Business web content

June 23, 2011 – The National Fire Protection Association (NFPA) has been awarded a contract by FEMA (Federal Emergency Management Agency) to update the web-based content of Ready Business, part of the Ready.gov website. This effort will bring the content of Ready Business into alignment with the current (2010) edition of NFPA 1600, Standard on Disaster/ Emergency Management and Business Continuity Programs.

The Ready Business website is designed to assist small and mid-size businesses in preparing for emergencies such as natural occurrences, technology failures, and accidental or intentional human-caused incidents. It addresses the concepts of business continuity and crisis management. The current Ready Business content was designed around the requirements of an earlier edition of NFPA 1600.

NFPA president James Shannon said: “We are pleased that FEMA has again chosen to use NFPA 1600 as the basis for the content in Ready Business. It is a unique preparedness standard as it addresses both business continuity and protection of employees – businesses’ and communities’ most valuable resource.”

NFPA 1600 has been recognized in the 9/11 Commission Report as well as the Homeland Security Act and its subsequent amendments, as a national standard for preparedness programs to protect enterprises and people. The FEMA Private Sector Preparedness Program, PS Prep, recognizes NFPA 1600 as a standard to which preparedness plans should be structured and measured. NFPA 1600 is available as a free PDF download or as a mobile app.

Friday, April 29, 2011

Update on NFPA 1600 2013 Edition

Here is an update on the 2013 edition of NFPA 1600 that I wrote for the "Meet the Experts" column in the April 27th issue of Continuity e-Guide, Disaster Resource Guide.

Work on the 2013 edition of NFPA 1600 "Standard on Disaster/Emergency Management and Business Continuity Programs" is well underway. The technical committee met in Orlando in late March to continue the research and development of what will become the sixth edition of the standard. The technical committee is also asking for public input for new content or revisions to existing text.

Technical Committee

The technical committee that writes NFPA 1600 was formed in 1991 by the National Fire Protection Association, a 115 year old non-profit organization dedicated to reducing the worldwide burden of fire and other hazards on the quality of life. It includes up to 36 principal, voting members plus alternates representing a broad spectrum of private sector companies, and federal, state, and local government. In addition to the principal and alternate committee members, the committee has formed numerous task groups comprised of non-member, subject matter experts to research and develop content for the standard. The standard is written in accordance with NFPA's ANSI accredited standards development process ensuring there is wide participation and consensus.

The committee is sensitive to the balance between writing prescriptive requirements and writing a standard that is widely applicable and not overly burdensome. Achieving this balance has resulted in just over six pages of concise requirements in chapters 1 through 8 and numerous annexes, which provide explanatory and supporting information. This approach continues with the 2013 edition.

Changes for the 2013 Edition

The technical committee has organized 14 task groups to research new content and revisions for the 2013 edition. Task groups are developing new and revised language on family preparedness, information technology, measurement, partnerships, and requirements for small “entities.” In addition, other task groups are working to expand the annexes, which provide nonmandatory guidance for users.

Recognizing that the availability of members of emergency management and business continuity teams is dependent on the preparedness of these employees, their families, and their homes, a task group on family preparedness was organized. The task group has drafted text to address the need for family preparedness (which will probably appear in the body of the standard) and additional explanatory text that will be included in the non-mandatory annexes.

Information technology is essential to every organization, so a task group of IT professionals was organized to review existing text on risk assessment, business impact analysis, recovery strategies, and the annexes to ensure that text adequately and appropriately addresses current and emerging technologies. The task group has submitted recommendations for additional text to be added to the body of the standard and additional supporting guidance in the annexes.

The 2010 edition of NFPA 1600 was reordered to follow a program development and continuous improvement process. A crosswalk between the program elements of NFPA 1600 and the ordering of a management system standard was introduced with the 2010 edition. The committee is taking this effort to the next level by rewriting Annex C to become a standalone management system standard that can be adopted by the entity in place of chapters 1 – 8.

Standards alone do not achieve preparedness. NFPA 1600 calls for the creation of a program committee of persons to develop the program and keep it current. For the 2013 edition, a task group has been researching how to define competencies for persons involved in the program. Another task group is addressing the subject of “measurement,” which is central to the need of determining whether the emergency management and business continuity program meets the needs of the entity. At this point in time it remains to be seen whether the committee will vote to accept substantial changes to the requirements of the standard in these two areas. It’s likely that supporting and explanatory text will be added to one or more annexes to assist the user of the standard.

The need for a “scalable” standard for smaller organizations was identified following the passage of Title IX of Public Law 110-53 and its language regarding small business preparedness. In response, another task group is writing a draft standard for small entities.

Continuing the evolution of the standard, the committee is looking for requirements that are unclear or incomplete, and this is always an area where users can provide input. Terminology is a challenge within the practice of emergency management and business continuity. A definitions task group continues to look at the use of terms within the standard and the need to include additional definitions—even though the committee has generally resisted defining words that are adequately defined in the dictionary. Another area of focus is the definition of planning requirements for all phases of the program. Are requirements for plans and procedures clear? If you don’t think so, let the committee know.

Public Proposals and Comments Requested

Since its first edition, the technical committee has received hundreds of proposals and comments from professionals that use the standard. The committee is soliciting your input on the 2013 edition. The 2010 edition is available for free download. You can submit your proposals and comments by downloading, completing, and return a Document Proposal Form (Microsoft Word format). Instructions for submitting the form via mail, fax, or email are included at the bottom of the form. The deadline for submissions is May 23, 2011.

The first draft of the 2013 edition will be published for public review by December 23. Once published, public comments on the draft will be accepted until March 2, 2012. Following the second round of public comments the committee will meet to finalize and vote on the draft prior to issuance by NFPA as early as November 2012.

Monday, April 25, 2011

New National Terrorism Advisory System

April 20, 2011

The Secretary of Homeland Security has announced the implementation of the Department of Homeland Security’s (DHS) National Terrorism Advisory System (NTAS)— that will provide timely information to the public about credible terrorist threats. This system replaces the former five color-coded alert system.

Under NTAS, DHS will coordinate with other federal entities to issue detailed alerts to the public when the federal government receives information about a credible terrorist threat. NTAS alerts provide a concise summary of the potential threat including geographic region, mode of transportation, or critical infrastructure potentially affected by the threat, actions being taken to ensure public safety, as well as recommended steps that individuals, communities, business and governments can take to help prevent, mitigate or respond to a threat. NTAS Alerts will include a clear statement on the nature of the threat, which will be defined in one of two ways:

  • “Elevated Threat”: Warns of a credible terrorist threat against the United States
  • “Imminent Threat”: Warns of a credible, specific, and impending terrorist threat against the United States

Depending on the nature of the threat, alerts may be sent to law enforcement, distributed to affected areas of the private sector, or issued more broadly to the public through both official and social media channels—including a designated DHS webpage (www.dhs.gov/alerts), Facebook, and via Twitter @NTASAlerts. NTAS alerts and posters will also be displayed in places such as transit hubs, airports and government buildings.

NTAS threat alerts will be issued for a specific time period and will automatically expire. Alerts may be extended if new information becomes available or as a specific threat evolves.

Our National Preparedness Standard, NFPA 1600 “Standard on Disaster/Emergency Management and Business Continuity Programs” calls for conducting a risk assessment to “identify hazards and monitor those hazards and the likelihood of their occurrence.” It also calls for “a process to monitor the identified hazards and adjust the level of preventive measures to be commensurate with the risk.” The National Terrorism Advisory System is an example of monitoring terrorism and the likelihood of occurrence. Each organization’s emergency management and business continuity program should identify actions that will be taken to enhance security and protect personnel, facilities, and business operations when advisories are issued. Guidance can be found on the "Resources Page" of the Preparedness, LLC website. We have developed customized action plans for many of our clients.

Monday, March 28, 2011

Submit Proposals for 2013 Edition of NFPA 1600

The National Fire Protection Association is in the process of developing the 2013 edition of NFPA 1600 “Standard on Disaster/Emergency Management and Business Continuity Programs.” Originally published in 1995, development of the 2013 edition (its 6th edition) is well underway.

We encourage our readers to review the 2010 edition of NFPA 1600 and submit suggested revisions to NFPA. You can submit your suggested additions or revisions online via NFPA’s Online Submission System (see links below), or you can download and complete a Document Proposal Form (Microsoft Word format). Instructions for submitting the form via mail, fax, or email are included at the bottom of the form.

The deadline for submissions is May 23, 2011.

The NFPA 1600 technical committee will meet over the summer to review all submissions and issue a first draft of the 2013 edition. Committee action on your suggestions will be published for public review. Following publication of the first draft, there will be a second opportunity to submit commits before the 2013 edition is published around the end of 2012.



If you have questions, please contact Mr. Orlando Hernandez, NFPA’s staff liaison to the NFPA 1600 technical committee. He can be reached at (617) 984-7482 or ohernandez@nfpa.org.

Wednesday, January 26, 2011

Protective Actions for Life Safety

There are many goals for a preparedness program—property protection, business resiliency, environmental protection, and protection of an organization’s brand, image and reputation. The first goal of a preparedness program should be the protection of life safety.

There are many hazards that could jeopardize life safety. Fires, severe weather, a spill or release of hazardous chemicals, an act of terrorism, or an act of violence in the workplace are just a few examples. Development of the preparedness program should include a risk assessment to identify possible hazards, their probabilities of occurrence, and the vulnerability of people, property, the environment, and the entity itself (NFPA 1600: 5.4).

The emergency operations/response plan should include actions to protect life safety from credible hazards identified during the risk assessment. Protective actions for life safety include:

  • Evacuation
  • Shelter-In-Place
  • Lockdown

In this eNewsletter, we will explore the basics for each of these protective actions.

Download the eNewsletter in Adobe PDF format …

Read other Preparedness, LLC eNewsletters ...

Tuesday, February 2, 2010

OSHA proposes $233,500 in fines against Home Goods for exit hazards

OSHA proposed $233,500 in fines against Home Goods for exit access, fire and crushing hazards at its Commack, N.Y., store. Responding to an employee complaint, OSHA found exit routes that were too narrow for passage, blocked by stock and equipment, or hidden by stacks of material. Other hazards included blocked access to fire extinguishers, workers not trained in fire extinguisher use, and boxes stored in unstable 8-foot high tiers. OSHA had cited Home Goods in 2006 and 2007 for similar conditions at the company's Mount Olive, N.J., and Somers, N.Y., locations. “It's been 99 years since the fire at The Triangle Shirtwaist Co. in New York City took the lives of nearly 150 workers and almost 19 years since two workers were killed when they were unable to exit the McCrory’s store in Huntington Station, N.Y., during a fire,” said Assistant Secretary of Labor for OSHA David Michaels. "Blocked fire exits can be deadly. It is that simple." For more information, read the OSHA news release.

Requirements for the number, capacity, marking, illumination, and arrangements for exits (also referred to as “means of egress”) are specified within building codes and the Life Safety Code®. Requirements for maintenance of means of egress and emerency planning are included in fire prevention codes.

OSHA’s 29 CFR 1910 Subpart E – Means of Egress (Exit Routes, Emergency Action Plans, and Fire Prevention Plans) prescribes requirements for exits. Section 1910.35 states:

“An employer who demonstrates compliance with the exit route provisions of NFPA 101-2000, the Life Safety Code®, will be deemed to be in compliance with the corresponding requirements in §§ 1910.34, 1910.36, and 1910.37.”

One of the fundamental aspects of an emergency response plan is the ability to safely evacuate occupants from a building. The ability to detect a threat or hazard, warn occupants, and then take protective action (e.g., evacuation, lockdown or shelter-in-place) is critical.

Review your emergency plan. Can you promptly detect an incident, warn occupants, and move everyone to safety? Take a look at the planning guidance on the “Resources” page of the Preparedness, LLC website for more information.

Tuesday, January 19, 2010

NFPA 1600-2010 Edition Released

The 2010 edition of NFPA 1600 “Standard on Disaster/Emergency Management and Business Continuity Programs” has been published by the National Fire Protection Association. Download the 2010 and 2007 editions from the NFPA website.

The 2010 edition has undergone significant revisions as a result of the record number of public proposals and comments and committee activity. Changes include:

  • The standard has been reordered following a program development process. Chapter 4: Program Management, Chapter 5: Planning, Chapter 6: Implementation, Chapter 7: Testing & Exercises, and Chapter 8: Program Improvement.
  • Many new definitions have been added
  • Program management has been expanded to address Leadership and Commitment, Performance Objectives, and Records Management.
  • Planning now includes a separate section on Business Impact Analysis.
  • Chapter 6, Implementation, has been expanded to include a new section on Employee Assistance and Support. Existing sections of this chapter have been expanded.
  • New Chapter 7, Testing & Exercises, expands significantly on the requirements for exercises.
  • New Chapter 8, Program Improvement, expands on the requirements for program reviews and corrective action.
  • The annexes now include a self-assessment checklist and a crosswalk to management system guidelines.

Additional information on the latest edition of NFPA 1600 can be found in our eNewsletter. Also, check out the "NFPA 1600" page on the Preparedness, LLC website. Resources to help with the development of your emergency management and business continuity program can be found on the “Resources” page.

Friday, November 20, 2009

NFPA 1600 and 14 NFPA first responder codes and standards receive DHS designation as “Qualified Anti-Terrorism Technology”

November 20, 2009 – NFPA 1600, Standard on Disaster/Emergency Management and Business Continuity Programs and 14 other NFPA codes and standards have been designated by the U.S. Department of Homeland Security (DHS) as “Qualified Anti-Terrorism Technology” (QATT) under the Support Anti-terrorism by Fostering Effective Technologies Act of 2002 (SAFETY Act). This is the first block of standards to receive this designation by DHS. Under the provisions of the SAFETY Act, these standards were also certified as “Approved Product(s) for Homeland Security.”

In September of 2008, NFPA was the first standards development organization to receive this designation for its codes and standards development process.

According to DHS, the SAFETY Act encourages the development and deployment of new and innovative anti-terrorism products and services by providing liability protections. Designation as a QATT and certification as an approved product for homeland security under the SAFETY Act provides legal protections for the NFPA codes and standards development process and now these 15 individual codes and standards as applied to anti-terrorism.

The 15 standards are listed in the NFPA press release linked to the title of this blog. They address emergency preparedness, first responder competencies and professional qualifications, personal protective equipment and specialized tools. NFPA 1600 is also one of three standards that DHS has announced it intends to adopt for application to the PS-Prep Program, a voluntary private sector preparedness program designed to improve the ability of private sector entities to withstand and recover from disasters including terrorism.

NFPA is pleased to have these standards recognized as anti-terrorism technologies which are important in protecting first responders to terrorist events and also in improving the ability of our infrastructure to mitigate and recover from such events while protecting people and property,” said James M. Shannon, NFPA president.

Federal protections under the DHS designation and certification are retroactive and recognize NFPA’s technologies “earliest date of sale” as September 11, 2001.

All NFPA safety codes and standards are developed through a process accredited by the American National Standards Institute (ANSI). The more than 250 technical committees responsible for developing and updating all 300 codes and standards include approximately 4,000 volunteers, representing enforcing authorities, installers and maintainers, labor, research and testing laboratories, insurers, special experts, consumers and other users.

NFPA has been a worldwide leader in providing fire, electrical, building, and life safety to the public since 1896. The mission of the international nonprofit organization is to reduce the worldwide burden of fire and other hazards on the quality of life by providing and advocating consensus codes and standards, research, training, and education.

Wednesday, October 28, 2009

DHS announces intent to adopt NFPA 1600 standard for the Voluntary Private Sector Preparedness Accreditation and Certification Program

"October 28, 2009 – NFPA 1600, Standard on Disaster/Emergency Management and Business Continuity Programs has been designated for adoption under the Department of Homeland Security’s (DHS) Voluntary Private Sector Preparedness Accreditation and Certification Program (PS-Prep).

DHS/Federal Emergency Management Agency (FEMA) has published a request for comments in the Federal Register seeking public input on NFPA 1600 and two other standards that it intends to use as the criteria for certification of private sector preparedness programs as mandated by Congress in legislation that implemented the 9/11 Commission’s recommendations. The agency considered 25 standards and selected three based on scalability, balance of interest, and relevance to the PS-Prep program. NFPA encourages all interested parties to provide input to DHS/FEMA concerning the selection of standards for the PS Prep Program and to support the use of NFPA 1600 for this national program.

NFPA has made NFPA 1600 available for free viewing and PDF downloads. Since making it publicly available in 2005, there have been over 120,000 PDF downloads. It is also available as a free iPhone application.

Please submit your comments to FEMA by November 16, 2009. An electronic comment form and instructions are available at http://www.regulations.gov/ in Docket ID: FEMA-2008-0017-0100. Additional information on the PS-Prep program is available from FEMA.

Following the terrorist attacks of September 11, 2001, NFPA 1600 was endorsed in the 9/11 Commission’s report. The 9/11 Commission’s recommendation on private sector preparedness and NFPA 1600 was reiterated in Public Law 108-458 in 2004 and most recently in Title IX of Public Law 110-53. Title IX calls for the voluntary certification of private sector preparedness programs. In addition to the endorsement of the 9/11 Commission, NFPA 1600 has been adopted by the U.S. Department of Homeland Security under the category of Incident Management System Standards along with 26 other NFPA standards.

Development of NFPA 1600 began in 1991, and the first edition was promulgated in 1995. New editions have been published in 2000, 2004, and 2007. The 2010 edition has just been completed. Throughout its history, NFPA 1600 has been developed by subject matter experts from both the private and public sectors. Private sector input has come from a broad range of industries including those that control our nation’s critical infrastructure.

NFPA 1600 addresses emergency management, business continuity, crisis communications, and recovery in a holistic framework that includes organization, management, risk assessment, prevention, mitigation, resource management, response, continuity, and recovery. NFPA 1600 is aligned with the Disaster Recovery Institute’s 10 Professional Practices for Business Continuity. The standard recognizes and provides the flexibility entities need when developing individual preparedness programs and does not preclude the use of corporate or industry best practices.

The Canadian Standard Association’s Z1600 standard correlates with NFPA 1600 and was developed under license from NFPA to be used as the national preparedness standard in Canada. Besides becoming the most widely used preparedness standard in North America, NFPA 1600 has gained significant attention in Latin American and Asia. Most recently NFPA 1600 has been adopted as the national preparedness standard in Argentina. It is translated and used by national standards bodies in Chile, China, Colombia, Ecuador, Korea, Thailand, Tobago, and Trinidad. It is also being used by European insurance companies.

NFPA has been a worldwide leader in providing fire, electrical, building, and life safety to the public since 1896. The mission of the international nonprofit organization is to reduce the worldwide burden of fire and other hazards on the quality of life by providing and advocating consensus codes and standards, research, training, and education."

Links to Title IX of Public Law 110-53, NFPA 1600, the designated standards, and resources for development of your emergency management and business continuity program can be found on the Preparedness, LLC website.

Friday, October 16, 2009

Proposed Standards for Voluntary Private Sector Preparedness Certification Program Announced

WASHINGTON—Department of Homeland Security (DHS) Secretary Janet Napolitano today announced new proposed standards for a 9/11 Commission-recommended program for the private sector to improve preparedness for disasters and emergencies.

“Preparedness is a shared responsibility and everyone—including businesses, universities and non-profit organizations—has a role to play,” said Secretary Napolitano. “Ensuring our private sector partners have the information and training they need to respond to disasters will strengthen our efforts to build a culture of preparedness nationwide.”

DHS published a notice in the Federal Register today seeking public comment on three new standards identified for adoption under the Voluntary Private Sector Preparedness Accreditation and Certification Program (PS-Prep). PS-Prep is a partnership between DHS and the private sector that enables private entities—including businesses, non-profit organizations and universities—to receive emergency preparedness certification from a DHS accreditation system created in coordination with the private sector.

The notice proposes new PS-Prep standards to enhance operational resilience, business continuity management, and disaster and emergency management among participating private sector partners.

The notice proposes new PS-Prep standards to enhance operational resilience, business continuity management, and disaster and emergency management among participating private sector partners.

The notice proposes new PS-Prep standards to enhance operational resilience, business continuity management, and disaster and emergency management among participating private sector partners.

The proposed standards, developed by the National Fire Protection Association, the British Standards Institution and the ASIS International, were selected based on their scalability, balance of interest and relevance to PS-Prep from a group of 25 standards proposed for consideration following the publication of a Federal Register notice in December 2008 announcing the program.

In addition to the standards in the notice posted today, DHS is establishing classifications and methods of certifications that recognize the unique needs and characteristics of small businesses.

Individuals wishing to submit comments on the proposed standards, recommend additional standards for consideration or comment on other programmatic aspects of PS-Prep may obtain a comment form and instructions for submission online at www.regulations.gov, in Docket ID: FEMA-2008-0017. DHS requests comments by Nov. 15, though it will accept submissions at any time thereafter.

For more information, visit http://www.fema.gov/privatesectorpreparedness/.

As chair of NFPA’s Technical Committee on Emergency Management and Business Continuity, which is responsible for NFPA 1600, I have been involved in the PS-PREP program since the legislation was been written by Senator’s Lieberman’s staff. I have posted links to all of the related documents and organizations to the "Standards" and "Public Law 110-53" section of “Resources” page of the Preparedness, LLC website. In addition, I have posted a self-evaluation checklist on NFPA 1600 to the website.

After the 30 day comment period is over, DHS will finalize the list of standards. ANAB now has to finalize the accreditation rule and begin the process of certifying third parties to evaluate private sector programs. Only then can the certifying bodies begin evaluating any programs.

Thursday, October 1, 2009

BrightTALK's Business Continuity & Disaster Recovery Summit

Checkout BrightTALK’s Business Continuity & Disaster Recovery Summit on October 6. This summit will feature leading experts exploring strategies and tactics to build a strong business continuity and recovery plan within an enterprise, the right technology choices for business recovery and best practices and tips to develop a strategy and architecture to meet 24/7 availability and recovery requirements.

I will be presenting at 3:00 PM Eastern Time on the subject of “Enterprise Preparedness Using Our National Preparedness Standard.” I will be discussing the essential elements of an enterprise preparedness program and provide information on NFPA 1600’s current edition and the upcoming 2010 edition.

Click here for a link to the full program or to my webinar session.

Wednesday, August 5, 2009

Atlantic Hurricane Forecast Update

Forecasters William Gray and Philip J. Klotzbach of Colorado State University have adjusted their forecast for the Atlantic Basin hurricane season.

“Information obtained through July 2009 indicates that the 2009 Atlantic hurricane season will be less active than the average 1950-2000 season due largely to the development of an El NiƱo. We estimate that 2009 will have about:

  • 4 hurricanes (average is 5.9)
  • 10 named storms (average is 9.6)
  • 45 named storm days (average is 49.1)
  • 18 hurricane days (average is 24.5)
  • 2 major (Category 3-4-5) hurricanes (average is 2.3)
  • 4 major hurricane days (average is 5.0)

The probability of U.S. major hurricane landfall and Caribbean major hurricane activity is estimated to be below the long-period average. We expect Atlantic basin Net Tropical Cyclone activity in 2009 to be approximately 85 percent of the long-term average. We have decreased our seasonal forecast slightly from early June.”

Unfortunately, it only takes one severe, landfalling hurricane to cause a lot of damage (Hurricane Andrew in 1992 for example). Monitor the weather forecasts and make sure your hurricane preparedness plan is ready.

Saturday, July 25, 2009

NFPA and DRI International Partner to Offer Preparedness Program Auditor Training

Boston, MA / New York, NY; July 22, 2009 – The National Fire Protection Association (NFPA) and the Disaster Recovery Institute International (DRI) have joined forces to create an education and certification program that will qualify participants to audit disaster/emergency management and business continuity programs against existing standards and regulations. Certifications available are: Certified Business Continuity Auditor (CBCA) or Certified Business Continuity Lead Auditor (CBCLA).

NFPA, the authority on fire and life safety, and DRI, the leading certification and education body in business continuity planning, today announced a new interactive certification program that provides training, tools and hands-on experience. Through the program, participants will be able to apply the key components of disaster/emergency management and business continuity, the relevant standards, laws and regulations, the process of risk assessment, vulnerability analysis, loss prevention, risk mitigation, and develop, implement, test and maintain their plans and procedures.

“Professionals dealing with the growing need for disaster management and business continuity planning have been clamoring for a turnkey solution to help them measure the level of their organization’s preparedness against appropriate standards and regulations, and this certification program answer that call, “ said NFPA’s Bob Vondrasek, vice president for technical projects “This unique interactive program uses tools that allow novice and experienced corporate planners, internal and external auditors, and those interested in self-assessing their programs, or their clients’ programs, to perform an audit to better measure their state of preparedness.”

Course materials delve into existing legal and regulatory requirements by industry and country, as well as emerging requirements including: NFPA 1600, DRI International’s professional practices, financial services, insurance, healthcare, utilities, public sector guidelines and many others are explored. In addition, careful attention is given to the processes by which disaster/emergency management and business continuity programs are initiated with an eye toward corporate governance, policy, and procedures.

“Education is the key to success for professionals working in environments where they are expected to be well versed in the ever growing set of regulatory requirements, and laws and standards,” said DRI International Executive Director Al Berman. “This certification gives participants the opportunity to demonstrate their knowledge, experience to help entities assess their preparedness programs, which is something that is increasingly needed.”

At the end of the course, a qualifying examination is conducted and individuals who have passed will be eligible to apply for certification as a Certified Business Continuity Auditor (CBCA) or Certified Business Continuity Lead Auditor (CBCLA). The certification level (CBCA or CBCLA) will be granted based upon the amount of demonstrated audit experience of the applicant. Those seeking the CBCLA designation will be required to provide references to verify that they have at least five years of active audit experience. The certification will be granted by DRI International, the largest business continuity certification organization in the world. DRI International has certified over 12,000 applicants in over 90countries in its 20 year history.

National Fire Protection Association

DRI International

Thursday, July 23, 2009

Thunderstorms, Lightning & Tornadoes - eNewsletter

Summer is thunderstorm season, and thunderstorms bring lightning, heavy rainfall, hail, and tornadoes. Resulting fatalities, property damage, and losses from business interruption are significant. Natural hazards can’t be prevented, but emergency management can protect life, mitigation can reduce property damage, and business continuity planning can speed recovery and reduce operational impacts.

What is the potential impact on your business from a lightning strike or surge? What would you do if a tornado warning were issued?

Review this eNewsletter to learn more about the hazards of thunderstorms, lightning, and tornadoes. Identify mitigation opportunities and considerations for your emergency management and business continuity program.


Thursday, May 28, 2009

Hurricane Preparedness

Hurricane season begins on June 1 and forecasters predict an “average” or “near normal” season. Fewer hurricanes, however, do not necessarily mean a lesser threat of disaster. Records for the most intense U.S. hurricane (1935 Florida Keys hurricane) and the second costliest, Andrew in 1992, occurred in years which had much below-average hurricane activity.

A recent survey of business leaders also indicates businesses may not be as prepared as they should be. Interviews of 100 U.S. and Canadian financial executives from large U.S. and Canadian corporations for the FM Global commissioned 2008 Natural Disaster Business Risk Study found that 48 percent are not well-prepared for a hurricane.

2009 Hurricane Season Forecast

National Oceanic and Atmospheric Administration (NOAA) forecasters predict a near-normal Atlantic hurricane season is most likely this year. Forecasters say there is a 70 percent chance of having nine to 14 named storms, of which four to seven could become hurricanes, including one to three major hurricanes (Category 3, 4 or 5).

In their April 7 forecast Professor William Gray and Philip Klotzbach at Colorado State University foresee average activity for the 2009 Atlantic hurricane season. “We anticipate an average probability of United States major hurricane landfall.”

The Colorado State University scientists are forecasting:

  • 12 named storms
  • 6 hurricanes
  • 2 intense hurricanes (category 3, 4, or 5)
  • 54% probability of at least one major (category 3-4-5) hurricane making landfall in the United States

Professor Mark Saunders and Dr. Adam Lea from the Aon Benfield Hazard Research Centre at the University College London predict an active hurricane season with a “high likelihood that activity will be in the top one-third of years historically.”

Hurricane Hazards

Hurricane hazards include damaging wind, hurricane-spawned tornadoes, flooding from heavy rainfall, and coastal flooding from storm surge. Cascading impacts result from damage to critical infrastructure including electrical power, telecommunications, and transportation. Hurricane Katrina proved that these cascading impacts include widespread supply chain disruption.


High winds from a tropical storm or hurricane can damage buildings in many ways, and roofs are particularly vulnerable. Perimeter flashing can be loosened or removed. Failure of perimeter flashing allows wind to lift a portion of the roof covering and insulation. The covering may peel back, and roof deck panels may be dislodged.

Heating, ventilation, and air conditioning systems (HVAC) and equipment, antennas and satellite dishes, stacks, vent pipes, sky lights, and other fixtures and equipment on top of the roof may be damaged by the wind or by windblown “missiles”—objects or debris carried by the wind.

High winds and windblown debris also break windows and window assemblies, open poorly secured doors, and blow wall cladding in or out. When high winds are able to penetrate a building envelope, they increase internal building pressures that can result in structural damage to walls and roofs. Openings in walls or the roof allow rain to enter causing water damage to building contents.


High winds may not be the most significant hazard from tropical cyclones. Heavy rainfall associated with a slow moving or stalled tropical system can cause regional flooding. A large portion of the damage in four of the twenty costliest tropical cyclones (1851-2006) resulted from inland floods caused by torrential rain. Tropical Storm Allison (2001) produced rainfall amounts of over 30 inches in portions of Louisiana and southeast Texas. The Houston tunnel system, depicted in Figure 2, was inundated with water.

Storm Surge

Storm surge is water that is pushed toward the shore by the force of the winds swirling around the storm. The advancing surge of water combines with the normal tides to create a hurricane storm tide.

The storm surge can increase the mean water level to heights impacting roads, buildings, and other critical infrastructure. In addition, wind driven waves are superimposed on the storm tide. This rise in water level can cause severe flooding in coastal areas, particularly when the storm tide coincides with the normal high tides.

In 2008 Hurricane Ike made landfall in Texas as a Category 2 hurricane. Although only a Category 2 hurricane (on a scale of 1 to 5), hurricane force winds extended as much as 125 mi from the center, and this large storm created a peak storm surge of 15-20 ft. By contrast, Hurricane Charley, which had Category 4 storm force winds extending only 25 mi from the center, had only a 6–7 ft. storm surge.

Because much of the United States' densely populated Atlantic and Gulf Coast coastlines lie less than 10 feet above mean sea level, the danger from storm surge is tremendous.


Tornadoes are often produced by and embedded in hurricanes causing pockets of heavy damage. They are most likely to occur in the right-front quadrant of the hurricane, however, they are often found embedded in rainbands well away from the center of the hurricane.

Tornadoes can develop at any time of the day or night during landfall. Tornado production can occur for days after landfall when the tropical cyclone remnants maintain an identifiable low pressure circulation.

Studies have shown that more than half of the landfalling hurricanes produce at least one tornado; Hurricane Buelah (1967) spawned 141 according to one study.

Hazard Mitigation

Hazard mitigation can substantially reduce the damage caused by hurricanes. Property insurer FM Global compared the loss history of its policyholders that implemented its loss prevention recommendations with those with outstanding recommendations to complete. FM found that those policyholders that fully implemented its preparedness recommendations had on average 75% to 85% lower dollar losses than those policyholders that did not implement such measures [FM Global data provided to InterCEP ].

Prior to hurricane season survey the entire property and inspect all buildings to identify vulnerabilities. Begin at the roof level and inspect the flashing along the perimeter. Repair loose or damaged flashing and ensure sufficient mechanical fasteners are used.

Inspect the roof covering for evidence of ponding, blistering, alligatoring, delamination, surface erosion, or cracks that could result in tears or leaks. Verify that all access panels and doors to mechanical equipment and roof hatches have been properly secured. Confirm that all antennas, satellite dishes, and other appliances installed on the roof have been securely anchored.

Inspect all exterior walls for openings that could be penetrated by wind and evaluate methods to protect when a storm watch is issued. Consider installing glazing rated to withstand debris impact, hurricane shutters, or pre-cut plywood for protection of exterior glass that is especially vulnerable. Check all exterior doors—especially loose fitting, large overhead doors. Make exterior doors weather tight and equip them with secure latches.

Inspect exterior storage, tanks, equipment, signs, and vehicle storage and verify they are properly anchored to withstand expected wind forces. Identify what can be moved inside a building or removed from the site, if a storm watch is issued.

Focus on critical building areas, equipment, and utilities including data centers and process systems. Evaluate means to protect against damage from water entry in the event of structural damage or flooding.

Hurricane Preparedness & Response Team

Organize a hurricane preparedness and response team and appoint a person in charge. Assign responsibilities to each department head and ask each department to prepare a plan for preparing their department.

Department heads should become part of the team that directs hurricane preparedness activities when a hurricane watch is issued. They should meet periodically to manage preparedness efforts until the watch is rescinded or upgraded to a warning. This team also manages recovery after the storm.

Appoint staff for safety, crisis communications, liaison with external service providers and other company facilities. Assign responsibility for planning, logistics, and finance/administration in accordance with the Incident Command System.


There are many resources needed for hurricane preparedness. First, identify the complement of staff, including contract employees, needed to prepare your facility in the available time between a hurricane watch and hurricane warning.

Procure materials and equipment to prepare the facility including storm shutters, plywood, sandbags, and the power tools, equipment, and supplies to install them. A supply of tarpaulins and plastic sheeting can be used to cover valuable furnishings or equipment and provide temporary protection after a storm. Service pumps and emergency generators to ensure they are in good condition, and calculate the required quantity of fuel for each.

Procure weather monitoring equipment and ensure reliable access to broadcast and internet weather reports including forecasts from the National Hurricane Center. On-site weather monitoring equipment enable you to monitor local wind conditions and rainfall.

Evaluate communications capabilities assuming that landline telecommunications will be interrupted. Test communications equipment including two-way radios and satellite telephones. Evaluate how communications equipment could be used if roof mounted antennas are damaged.

Stockpile supplies for cleanup and repairs. Don’t forget food and water for employees restoring the facility.

Arrange in advance for procurement of equipment, supplies, and contractors from firms located well outside the immediate area for cleanup, repair, and restoration of buildings, equipment and stock. Establish mutual aid agreements with other company facilities outside the storm’s potential impact area.

Hurricane Preparedness Plan

Write a hurricane preparedness plan that includes multiple phases:

  • Before hurricane season
  • Tropical Storm or Hurricane Watch
  • Tropical Storm or Hurricane Warning
  • During the Storm (only if personnel must and are authorized to remain on-site during a storm)
  • After the Storm

Watch and warning phases can be expanded to include additional actions when a major hurricane has been forecast and to address a facility’s vulnerabilities to hurricane hazards.

Before Hurricane Season

Preparedness prior to hurricane season begins with conducting or reviewing the facility’s hurricane risk assessment, which is the basis for the hurricane plan.

Contact public officials to obtain the latest information on wind fields, storm surge, and flooding, which should be incorporated into your plan. If available, obtain official credentials for managers that will enable them to re-enter your facility after a storm but before the area is opened to the general public.

Walk the entire site and facility top to bottom to evaluate vulnerabilities and hazard mitigation. Complete hazard mitigation activities as soon as possible.

Review property insurance coverage including flood coverage, which may require a special endorsement. Evaluate business interruption limits especially if multiple facilities may be impacted by a single storm.

Verify that all resources required for preparing the facility for a hurricane are available and in good condition. This includes all pumps, generators, communications equipment, personal protective equipment, hand and power tools, and supplies.

Conduct training of all staff, so they know their role and responsibilities as defined in the plan. Conduct a tabletop exercise to familiarize the leaders of your hurricane preparedness and response team with the plan and identify any gaps or deficiencies.

Storm or Hurricane Watch

When a hurricane watch is issued, hurricane conditions are possible within 36 hours. This section of the plan should detail all facility preparations.

Hurricane Warning

When a hurricane warning is issued, sustained winds greater than 74 mph or higher associated with a hurricane are expected in a specified coastal area in 24 hours or less. Preparations must be rushed to completion before any mandated evacuation order is issued.

After the Storm

A damage assessment protocol should be developed and assignments made to quickly assess the condition of infrastructure, buildings, utilities, furniture, equipment, and supplies. Prior to conducting the damage assessment, identify hazards such as downed electrical lines, leaking hazardous materials (e.g., liquids and gases), broken glass, and collapse hazards. Prohibit entry into unsafe areas.

Employee Family Preparedness

In addition to planning for your facility, be sure to provide preparedness information for employees to share with their families. Distribute information from Ready.gov and your local emergency management agency.

Ask all employees to develop a family disaster plan that includes a communications plan. Encourage them to prepare a family disaster kit. Make sure that you have emergency contact information for all employees, which includes the name and telephone numbers for a distant relative who can be contacted if the employee has evacuated.

Business Continuity Planning

Business continuity planning is in some ways easier with a forecasted event such as a hurricane. Data and paper records can be backed up offsite and systems can be shutdown without data loss. Relocation and or protection of raw materials, finished goods, equipment, supplies, and vital records can be accomplished before damaging winds or flood waters arrive.

However, a regional event such as a hurricane may impact a wide area that encompasses more than one company owned facility. Planning must address all facilities potentially impacted by the storm. Competition for resources including computer “hot sites” may be keen forcing some users to relocate great distances to available backup data centers or worksites.

Business continuity plans must be based on a business impact analysis that identifies the potential impacts from damage to or loss of all facilities within the path of a hurricane. Strategies must be developed to ensure the continuity of critical functions, processes, and services. Sufficient resources, outside of the area impacted by the storm, must be available even in the face of competition—even competition from government authorities. Following Hurricane Katrina in 2005, generators brought into storm damaged areas by private businesses were redirected by public officials and never reached their intended facility.

Plan for the Challenges

Hurricanes pose numerous challenges for emergency planning. Forecasting the intensity and landfall of an approaching storm is extremely difficult. Over the past 25 years “no statistically significant improvement or degradation is noted for landfall position forecasts. Time of landfall forecasts indicate significant improvement for the 19–30-hr period.” . Public officials have to be conservative and issue warnings sufficiently in advance of predicted landfall to allow residents in vulnerable areas to evacuate to safety inland. Mandatory evacuation orders may require completion of preparedness efforts earlier than expected.

Coordination with emergency management officials is essential to ensure you have the latest forecast, are aware of the timing for issuance of mandatory evacuation orders, and understand the time needed to safely evacuate on crowded roads.

The availability of resources to prepare a facility becomes limited when a hurricane watch is issued as businesses and citizens compete for materials and labor. Employees have to prepare their own homes and ensure the safety of family members.

A hurricane plan that accurately identifies the resources and time needed to prepare a facility has the greatest chance of success. Procuring necessary resources before hurricane season and arranging in advance for labor to assist with hurricane preparations is essential. Providing resources to protect the homes of managers will allow them to focus their attention on preparing your facility.

Build a project management plan that defines major tasks and the resources and time needed for completion. Use the timeline to calculate when preparations must begin, so they are completed before a mandatory evacuation order is issued.

Planning Resources

Numerous links to online planning resources can be found at the Preparedness, LLC website.