While it is, undeniably, sound business sense to have contingency plans and resources in place should a disaster strike, there is a great deal of wisdom in the old saying: “prevention is better than a cure”. Certainly, it is less costly. The Association of British Insurers is on record as having paid out £790 million in commercial claims for fire alone in 2005, up by a massive 60 percent on the previous year. Also, business interruption claims following fire damage, at £220 million, were the highest since 1997. Insurers now expect one in every hundred businesses to make a fire-related claim every year.

Even if computer records and systems are safely replicated, the recovery challenges for a business are often overwhelming. Raw material stocks need to be sourced and replaced; production plant needs to be commissioned; finished goods have to be manufactured, stored and distributed. Even if, in utopian cases, the insurance payout meets the entire cost of recovery, it will take months, possibly years for a business to recover to its pre-event position. And what will your customers be doing? Right – seeking new suppliers

So what is needed is a mindset change. Businesses need to get away from what might be described as the: “What will we do if the IT suite is destroyed?” approach to business continuity, to: “How do we stop the IT suite being put out of action?” Business continuity planning should be about preventing hazards from developing into disasters, or minimising the effects of emergencies if they do occur. More attention needs to be focused on implementing sustainable measures that will reduce or eliminate risk.

The starting point, of course, is to first have a realistic understanding of the risks

Risk assessments, particularly for high-hazard sites, should not be limited to what might be described as “internal” hazards and challenges. In the current unsettled international climate, the risk assessor must consider the very real prospect of acts of terrorism aimed at the mass destruction of property and lives. The responsible assessor will take into account what is going on beyond the site’s perimeter fence: what spill-over risks do neighbouring properties and their processes pose; should neighbours’ emergency preparedness plans be integrated with the site under review; what facilities exist that can be shared, and can they be relied upon around the clock?

Such assessments may well take the assessor outside his or her usual sphere of interest and influence. Should, for example, the site’s perimeter security defences be improved as part of the plan to lessen the likelihood of fire? The assessor will also have to take into account the resources of the local authority emergency and utility services. What specialist equipment, for example, do they have? More importantly, is it available at a moment’s notice?

In addition to assessing the risks and implementing the necessary safety and security measures, it is also critically important to audit the site’s Emergency Control Centre arrangements. Without an effective Emergency Control Centre, incident management and the integration of all emergency services, it will not be possible to achieve a coordinated response.

The next step is to ensure that the correct resources are ready at a moment’s notice. It is essential to keep asking the question: what if? What if, for example, the site’s water supply is damaged by an initial explosion? What if the site’s firefighting or fire suppression equipment is destroyed in the blast? What if there is another fuel crisis, a major utilities failure, or a flood? What if your neighbour’s building suffers a major fire that results in you having no access to your production plant for days, possibly weeks? Customers’ sympathy and loyalty will last for only so long.

Pondering answers to these questions is certainly not something to embark upon when an emergency occurs. Back-up resources have to be in place and, like every other aspect of effective business continuity measures, these stand-by resources have to be constantly under review and regularly tested. 

Indeed, there is no substitute for training. The skills required by site personnel will obviously depend on whether they are responsible for tackling incidents, or whether, as is increasingly the case, the task is outsourced to a specialist emergency response organisation such as SembCorp Protection. Site incident controllers and operational personnel have to be trained to take control at the scene of an incident; Emergency Control Centre staff have to be ready to direct operations; and all personnel need to be competent in their roles and responsibilities.

On-site practice, together with full-scale exercising and testing of every part of the emergency arrangements are equally important. Testing credible scenarios, the “what if” challenges should be built into exercises to test as many as possible sets of circumstances. This will also create confidence in the team’s ability to safely tackle the incident, either temporarily as the site’s front-line defence until the emergency services arrive, or as the site’s professional emergency response resource.

Certainly, it is an area where there are no shortcuts, and no scope for half measures

AUTHOR: Paul Frankland MSc ACIM is General Manager of SembCorp Protection, which is based at the Wilton International site in Middlesbrough on Teesside – one of the country’s largest high-risk sites – and currently is responsible for safeguarding £14 billion worth of high-hazard industrial assets. Paul can be contacted on +44 (0) 1642 212904 or via email at This e-mail address is being protected from spam bots, you need JavaScript enabled to view it This e-mail address is being protected from spam bots, you need JavaScript enabled to view it  The company’s new website is at www.sembprotection.co.uk

Comments (0)

Subscribe to this comment's feed