Comprehensive disaster planning and response strategies

¶ … Disaster Planning

A Review of Crisis and Disaster Prevention Literature

Disasters strike weekly, sometimes daily, all around the world. Crises happen, simply because humans create and perpetuate them. This is why nations and the leaders within them, just as companies and their leaders, ought to be ready for any eventuality. Crisis and disaster prevention thus becomes, not a need, but a vital fact of reality, and those who want to survive implement comprehensive disaster planning early on, for longevity's sake. This literature review will discuss the importance of such planning, as well as detail different types of crisis and disaster prevention and recovery strategies.

The FEMA Outlook

Before beginning any crisis prevention plan, an enterprise must understand that there are clear emergency management techniques that must be put in place at the very outset of any endeavor. There has been a great literature written on emergency management, for it is undertaken not just by businesses around the world, but also by countries, including the United States. According to FEMA, which is the Federal Emergency Management Agency, the U.S. follows eight principles:

1. Emergency management is comprehensive, i.e. takes into account all hazards, phases and stakeholders that could be affected by a disaster.

2. Emergency management is progressive, i.e. takes preventive measures to build disaster resistant policies.

3. Emergency management must also be risk driven and utilize risk management principles (i.e. hazard identification, risk analysis, impact analysis) to assign priorities and resources to be utilized in the eventuality of a disaster.

4. Emergency management is integrated and ensures unity.

5. Emergency management is collaborative, which means that managers "create and sustain broad and sincere relationships among individuals and organizations to encourage trust, advocate a team atmosphere, build consensus, and facilitate communication."

6. Emergency management is also coordinate, meaning that activities are organized and synchronized in such as ways as to achieve a common purpose with all stakeholders.

7. Emergency management must also be flexible, and utilize creative and innovative approaches to solve the challenges that crises often pose.

8. Emergency management must, lastly, be professional.[footnoteRef:1] [1: All notes and quotations from: No Author. 2007. Principles of Emergency Management. FEMA.gov. Retrieved January 23, from .]

The principles outlined by FEMA are important because they present a clear structure for all crisis management plans, and also give hint as to how these must be undertaken long before a crisis strikes.

Technology Basics

In order to further explore literature on this topic the next part of the paper will address components that must be set in place in order to help organizations in the eventuality of a crisis. Such a component, to be discussed in this section, is technology. Today's world could simply not function without technology, especially in the Western hemisphere where it has come to dominate both personal and professional lives. Technology is omnipresent, whether we like it or not. Yet when a crisis happens, technology becomes ever more vital. With the 9/11 Attacks, for instance, it was of the utmost importance to have clear communications channels, especially with regards to the FDNY, since many firefighters were in the two buildings, trying to rescue people and needed to be able to communicate with those who could offer support. Disaster and crisis prevention and recovery planning should, thus, place technology as an important facet in the larger picture.

Though technology, in the case mentioned above, has proved to have saved many lives, it is important to mention also for the simple fact that, victim or not, many companies had an interest to continue doing business without interruption. Though this is a stark and soulless reality, many companies who had contingency plans were able to continue their day uninterrupted. Such a plan, in this case, could have involved a secondary facility. In this way, a company affected by the 9/11 Attacks could move its primary location to its secondary location and continue business with "minimum downtime and minimum loss of data, [as] the alternate facilities provided by the vendors were not overcrowded even in this largest of disasters."[footnoteRef:2] [2: Noakes-Fry, K. 2001. Business Recovery and Disaster Recovery Planning and Management: Perspective. Gartner, Inc. Retrieved January 23, from . ]

Though the case mentioned above seems unique, it may not be, given the threats faced by many businesses in today's ever-changing society. The contingency plans mentioned above are thus only some ways in which businesses can cope with such realities. Customers expect supplies and services to continue -- or resume rapidly -- in all situations. The fact is that although certain events truly change the course of humanity forever, business must still take place. In her paper, Noakes-Fry also describes some expectations that are maintained by those served by a business, regardless of circumstances:

• Shareholders expect management control to remain operational through any crisis.

• Employees expect both their lives and livelihoods to be protected.

• Suppliers expect their revenue streams to continue.

• Regulatory agencies expect their requirements to be met, regardless of circumstances.

• Insurance companies expect due care to be exercised."[footnoteRef:3] [3: Noakes-Fry, p2. ]

In the case presented above, as in many cases around the globe, such expectations may not have necessarily been met, for the simple reason that many businesses in the U.S. did not expect such a hard hit on the country. Yet this is a lesson to be learned, for such events may, unfortunately, take place in the future, and companies must be prepared to face even the harshest of circumstances if they expect to survive.

Business Continuity Plans and Strategies Expanded

Though the previous sections focused on different, specific aspects of the crisis prevention and recovery plans that are in use today, including the most important of these aspects, technology, this section will focus on the general literature that exists on various plans that can be set in place, and what they aim to do. Though this section is in no way geared towards a specific business, it illustrates different ways of thinking that may be employed and altered by businesses in order to best address their potential needs. First, business continuity is the main philosophy to be studied there, as it is an umbrella term for both crisis and disaster preparedness, whether it be prevention or recovery. Second, this term is utilized in this way in order to reconcile the various literature written into a concise volume that makes sense in today's ever-evolving business world. For these reasons, business continuity will be utilized to mean "management and contingency planning [and] the creation of a sound continuity and contingency plan as a complex undertaking, involving a number of stages and discrete activities."[footnoteRef:4] [4: No Author. 2012. Business Continuity, Contingency Planning and Disaster Recovery. Business Continuity World. Retrieved January 24, from . ]

The first study examines a business contingency plan at a university. Though this may not seem relevant, one must realize nonetheless that a university is a business, and must be treated as such. First the plan addresses the potential situations that may arise and that may call for its utilization. These include anything from a safety-related crisis or a natural disaster. Furthermore, the plan provides for instances in which it may be altered. These include when there is/are:

'1. A change in university site or facility configuration that materially alters the information contained in the plan or materially affects implementation of the plan,

2. A material change in response resources,

3. An incident [that] occurs that requires a review,

4. Internal assessments, third party reviews, or experience in drills or actual responses identify significant changes that should be made in the plan,

5. New laws, regulations, or internal policies are implemented that affect the contents or the implementation of the plan, and

6. Other changes deemed significant."[footnoteRef:5] [5: Powers, W. et. al. 2011. Business Continuity -- Plan Annex. University of Texas. Retrieved January 24, from . ]

These needs presented here thus address not only the utilization of the plan, but provide provisions changing it in the interim, when necessary, which is precisely what a disaster mitigation structure should ensure.

Next, the paper addresses the concept of operations for the plan. In this section, the university addresses the need for the plan both for students and for staff. In this respect, it elucidates its facets as such:

"The Business Continuity Plan Annex provides guidance to university colleges, schools, departments, and agencies to ensure financial integrity and continuity of service to the community in the event of a natural or man-made disaster. The business continuity plan (BCP) is an annex of the Emergency Management Plan. All emergency planning and response provisions of that document and other annex are in effect. This BCP and unit plans all address the four phases of emergency planning (mitigation, preparedness, response, and recovery) but the BCP has special emphasis on the recovery phase."[footnoteRef:6] [6: Powers, p3. ]

This section also states that the presented plan has clear objectives, with preventing financial loss for the institution as the first mentioned objective. This is important, for finances are important to any organization that may see itself in a precarious position. But this plan also states that it aims to not just prevent the school from undergoing financial problems should a crisis arise, but also aims to enable it to continue serving its students, staff, faculty and visitors properly, as well as mitigate any disruptions that may arise from such as crisis or disaster. Lastly, the plan aims to protect the university's reputation, which goes hand in hand with protecting financial interests, and this is important to stress.

Just as any good contingency plan, the university expands upon its aims and structures its plan according to importance. The result is a comprehensive paper that is made up of six important headings and various subheadings. These include, in order:

Business Impact Analysis

Risk Analysis

Risk Assessment

Plan Components

Strategy

Prevention Measure

Mitigation Measures

Emergency Response

Unit Continuity and Succession of Leadership

Emergency Communications

Resource Management and Logistics

Mutual Aid (Internal and External)

Training and Awareness

Exercise and Testing[footnoteRef:7] [7: All points taken from Powers, p4. ]

Having such a clear and detailed structure in place, complete with specific descriptions as to how to function in the case of a disaster, as well as post-crisis, is very useful. As can be seen from the plan to be implemented above, such a program can help an organization save itself in the front of loss that may occur from an unexpected event.

Another document that builds upon such strategies and that stresses the importance of crisis management is found to examine a governmental organization. The structure of this crisis prevention plan is quite different, as it concerns a public institution, whereas some of the plans detailed here may be related to private enterprises. Within a public institution, for transparency reasons, a crisis prevention and recovery plan will almost always be posted for anyone to see. In a private setting, this may not be the case, as shareholders may not want all to know what could be done in the event of a disaster. Nonetheless, the plan described here involves a clear network of individuals that would "take over" in the case of a disaster. The thing that is most stressed is the fact that individuals must be able to undertake whatever roles they have been given, with success. In order to do this they must, of course, know and understand their roles, which is vital. For this purpose, this particular literature builds a flow chart that shows a clear structure in an eventual crisis.[footnoteRef:8] This is useful both for the individuals within the company, but also for the public, who must be informed of the smooth functioning of a governmental organization, especially in times of crisis. [8: Business Continuity Plan. 2012. Ready.gov. Retrieved January 24, from . ]

The FEMA section, which was the first written above, and which addressed the specific ways in which the government sought to mitigate disasters is important here, for it shows how the government could act in cases such as 9/11 or Katrina. Though not always successful in its endeavors, especially in the latter case mentioned above, governmental organizations always step in. Internationally, such organizations are replaced by things like the UNDP, which strive to foresee disasters on an even larger scale, especially those provoked by violence. Yet both natural and violence-related crises may happen at any time in the internal arena, and business are almost always affected by these, so it is ever more important in such cases to be prepared, and the FEMA principles related in the first section are very much upheld in the case of the United Nations.