Emergency Management and Business Continuity

The National Fire Protection Association’s well-known standard, NFPA 1600, recently received the seal of approval by being endorsed by the 9/11 Commission in its report to the nation. The commission asked the American National Standards Institute to develop a “consensus on a National Standard for Preparedness” for the private sector. ANSI recommended a voluntary program based on NFPA 1600 and the commission agreed. Here is the commission’s recommendation:

“We endorse the American National Standards Institute’s recommended standard for private preparedness. We were encouraged by Secretary Tom Ridge’s praise of the standard, and urge the Department of Homeland Security to promote its adoption. We also encourage the insurance and credit rating industries to look closely at a company’s compliance with the ANSI standard in assessing its insurability and creditworthiness. We believe that compliance with the standard should define the standard of care owed by a company to its employees and the public for legal purposes. Private-sector preparedness is not a luxury; it is a cost of doing business in the post-9/11 world. It is ignored at a tremendous potential cost in lives, money, and national security.”

What’s particularly important is the commission’s recommendation that insurers factor in a firm’s support for NFPA 1600 when underwriting policies, as well as, other financial considerations. This could potentially help companies save money, for example, on certain types of insurance premiums – a very useful way to justify the cost of business continuity and related investments.

An interesting table maps FEMA’s Capability Assessment for Readiness (CAR) Emergency Management Functions with NFPA 1600’s chapter/section outline and the BCI/DRII Professional Practices. This table is among the most useful items in the standard, as it provides a bridge across three well-known industry standards. In addition, the document has lists of emergency management organizations in the public and private sectors, lists of periodicals, professional associations, list servers and forums, various incident management resources, and other relevant NFPA standards. In short, it’s a comprehensive, yet flexible, document. You can see it at: www.nfpa.org/PDF/nfpa1600.pdf?src=nfpa

Another document of interest is the Federal Financial Institutions Examination Council (FFIEC) Business Continuity Planning booklet. The booklet addresses the process for financial institutions to ensure the maintenance or recovery of operations, including services to customers, when confronted with adverse events such as natural disasters, technological failures, human error, or terrorism. See it at: http://www.ffiec.gov/ffiecinfobase/booklets/bcp/bus_continuity_plan.pdf

The International Business Continuity Guideline being developed by ASIS (an international organization for security professionals) encompasses all elements of disaster management and recovery. It can be seen athttp://www.asisonline.org/guidelines/guidelines.htm

This article was based on information from the September issue of the ContingencyPlanning.com e-Newsletter. To see more on this subject and other business continuity issues, go to: http://www.contingencyplanning.com/features/sep04.htm