Three-quarters of the 302 senior corporate executives surveyed in mid-2007 said that an emergency preparedness plan exists in their companies. The analysis was sponsored by the U.S. Department of Homeland Security as part of an ongoing research project to assess the effectiveness of security in American companies.
The survey sample was intended to reflect the characteristics of American businesses as defined by size and industry. The sample was divided into three strata: small business (companies with $5 million to $50 million in annual sales); mid-market ($50 million to $1 billion in sales); and enterprise ($1 billion or more in sales). Within these groups of companies, the survey polled executives with responsibility for security, business continuity, crisis management, and emergency response efforts.
A “voluntary” certification process for preparedness was adopted as part of the 2007 homeland security legislation (Public Law 110-53). The choice of standards that would permit certification under the law is currently under review. As this report goes to press, it is expected that several different standards may qualify for certification.
“Currently, the most significant finding is that none of the many standards proposed for certification has attained widespread usage in the private sector,” says Thomas Cavanagh, Senior Research Associate, Global Corporate Citizenship, The Conference Board.
The most common standard is the ISO 27001/17799 information security standard, which has been implemented by 23% of the surveyed companies. Following close behind, used by 20% of companies, is NFPA 1600, which was endorsed as the National Preparedness Standard in 2004 by DHS, the U.S. Congress, the 9/11 Commission, and the American National Standards Institute (ANSI). Three other kinds of standards have all been implemented by 12% of companies.The Larger the Company, the More Prepared for Certification
As with the other procedures examined, the size of the company has a major impact on the level of preparedness. Roughly three-quarters of companies at the enterprise level conduct regular risk audits, mitigation, and activation of their backup facilities, and two-thirds undertake regular tabletop exercises. Annual risk audits are conducted by 69% of mid-market companies, and 53% of mid-markets report that they conduct regular mitigation activities and backup site activation. However, only 31% conduct tabletop exercises at least once a year. Fewer than half of small businesses report that they conduct any of these activities on an annual basis.
Different industries have different approaches to the pursuit of preparedness. The clearest example is the IEEE SCADA standard, which is used by many firms in the energy industry (38%) but is rarely encountered in other sectors of the economy. NIMS is the most widely utilized in the energy and healthcare industries (38% and 29% respectively). The financial services industry leads the way in the implementation of NFPA 1600 (36%) and the ISO IT standard (33%).Ownership Structure and Industry are Factors
Only 52% of private firms and 37% of family-owned companies conduct annual backup activation, and regular mitigation is undertaken by 43% of private companies and 40% of family firms. Regular tabletop exercises are conducted by only one-third of private companies and one-tenth of family-owned businesses.
The financial services sector is at or near the top of the list of industries on virtually every one of these procedures, with especially impressive showings for backup facility activation (72%) and tabletop exercises (64%). Service industries are most likely to schedule “work from home” days, a procedure most commonly followed in healthcare (39%), business and professional services (36%), and other services (32%).Crisis Communications is an Integral Component
Compared with smaller companies, firms at the enterprise level are far more likely to have implemented written plans that contain these specific items. The differences are most striking with regard to organizational procedures that go beyond the immediate needs of first responders and involve dealing with stakeholders in the outside world. Eighty-eight percent of large companies have a written plan for crisis communication, compared to 63% of mid-markets and 48% of small businesses; and 52% of enterprises have a written plan for legal representation in the event of an emergency, as opposed to 24% of mid-market firms and 17% of small companies.Some Plans Have Board Approval
Among large companies, 92% of companies have a written plan, compared with 72% of mid-markets and 58% of small businesses. But only one-third of large companies have plans that have been formally approved by their board, compared to 49% of mid-markets and 44% of small firms.
“It is quite surprising that so few large companies have board approval on their emergency preparedness plans,” says Cavanagh. “This could be because in larger companies, emergency preparedness is considered an operational rather than a strategic issue, so it may not be considered essential to send it to the board for review.”Off-Site Storage Very Popular
Some basic procedures are performed at least annually by a wide range of companies. Fully 83% of companies regularly update their emergency contact information, and 81% conduct fire and/or evacuation drills at least once a year.
Two-thirds of companies give regular messages about security to their employees and conduct risk assessments and vulnerability audits, while 57% follow up the audits by implementing plans to mitigate the identified weaknesses. Some 56% of companies activate their backup facility in a test at least once a year. Some other procedures are considerably less common. Only 42% of companies conduct tabletop exercises on a regular basis, and only one-quarter schedule “work from home” days in advance to test their resiliency in the event that their personnel are unable to work from their main facility.Business Continuity Plans are Closely Related
A second cluster of issues, which is less commonly addressed, concerns the conduct of business operations. These items include conducting financial transactions (mentioned by 70%), contingency plans with suppliers (65%), coping with an avian flu pandemic (51%), prioritizing customers (49%), disruption of business travel (40%), and alternative transportation of goods (32%). The relative lack of attention to transportation issues may be somewhat surprising and even alarming, in light of the extent to which supply and distribution chains now extend across the globe for American businesses.
Companies at the enterprise level are especially likely to have implemented business continuity plans dealing with the conduct of business operations. The energy and finance sectors are most likely to have written business continuity plans, with 92% of energy companies and 90% of financial firms reporting such a plan. These two industries also lead the way on virtually all of the specific items that were asked about in the plans. One interesting anomaly is that the healthcare sector scores quite low on many aspects of business continuity planning, often at levels comparable to the trade and industrial manufacturing sectors.Source: Benchmarking Business Preparedness:
Carol L. Courter | Newswise
Mathematical confirmation: Rewiring financial networks reduces systemic risk
22.06.2017 | International Institute for Applied Systems Analysis (IIASA)
Frugal Innovations: when less is more
19.04.2017 | Fraunhofer-Institut für Arbeitswirtschaft und Organisation IAO
An international team of scientists has proposed a new multi-disciplinary approach in which an array of new technologies will allow us to map biodiversity and the risks that wildlife is facing at the scale of whole landscapes. The findings are published in Nature Ecology and Evolution. This international research is led by the Kunming Institute of Zoology from China, University of East Anglia, University of Leicester and the Leibniz Institute for Zoo and Wildlife Research.
Using a combination of satellite and ground data, the team proposes that it is now possible to map biodiversity with an accuracy that has not been previously...
Heatwaves in the Arctic, longer periods of vegetation in Europe, severe floods in West Africa – starting in 2021, scientists want to explore the emissions of the greenhouse gas methane with the German-French satellite MERLIN. This is made possible by a new robust laser system of the Fraunhofer Institute for Laser Technology ILT in Aachen, which achieves unprecedented measurement accuracy.
Methane is primarily the result of the decomposition of organic matter. The gas has a 25 times greater warming potential than carbon dioxide, but is not as...
Hydrogen is regarded as the energy source of the future: It is produced with solar power and can be used to generate heat and electricity in fuel cells. Empa researchers have now succeeded in decoding the movement of hydrogen ions in crystals – a key step towards more efficient energy conversion in the hydrogen industry of tomorrow.
As charge carriers, electrons and ions play the leading role in electrochemical energy storage devices and converters such as batteries and fuel cells. Proton...
Scientists from the Excellence Cluster Universe at the Ludwig-Maximilians-Universität Munich have establised "Cosmowebportal", a unique data centre for cosmological simulations located at the Leibniz Supercomputing Centre (LRZ) of the Bavarian Academy of Sciences. The complete results of a series of large hydrodynamical cosmological simulations are available, with data volumes typically exceeding several hundred terabytes. Scientists worldwide can interactively explore these complex simulations via a web interface and directly access the results.
With current telescopes, scientists can observe our Universe’s galaxies and galaxy clusters and their distribution along an invisible cosmic web. From the...
Temperature measurements possible even on the smallest scale / Molecular ruby for use in material sciences, biology, and medicine
Chemists at Johannes Gutenberg University Mainz (JGU) in cooperation with researchers of the German Federal Institute for Materials Research and Testing (BAM)...
19.06.2017 | Event News
13.06.2017 | Event News
13.06.2017 | Event News
23.06.2017 | Physics and Astronomy
23.06.2017 | Physics and Astronomy
23.06.2017 | Information Technology