Receive CohnReznick insights and event invitations on topics relevant to your business and role.
Mitigating Risks With the All-Hazards Approach To Emergency Preparedness
Is Your Organization Adequately Prepared for the Unexpected?
Many forward-thinking businesses and public sector organizations have some sort of an emergency plan ready to deploy when disaster strikes. However, having a plan in place is only one component of a successful emergency preparedness strategy. Will your plan work in a variety of emergency situations? That is the real question to consider.
The concept of an emergency preparedness plan may seem quite simple. But organizations must realize the potential hazards for different types of emergencies, and the level of risk involved with each one. This brings in the all-hazards approach.
The all-hazards approach
When discussing emergency preparedness on their website, ready.gov, the Department of Homeland Security notes that, “The planning process should take an all-hazards approach. There are many different threats or hazards. The probability that a specific hazard will impact your business is hard to determine. That’s why it’s important to consider many different threats and hazards and the likelihood they will occur.” An all-hazards approach to emergency preparedness is designed to address a full range of threats, risks, and the overarching impact it may have on an organization.
It also is important to recognize that one disaster can simultaneously cause different negative events, creating a cascading effect. For example, a hurricane brings in a surge that causes flooding. That’s bad, but the flood may trigger an organization’s evacuation and relocation of staff. Now that your building is flooded, and has no electrical power or onsite staff, how do you maintain connectivity to your customers or clients? The all-hazards approach covers components of preparedness that often go overlooked.
For example, cybersecurity sometimes fails to make the final contingency plan. Thus, vulnerabilities can occur during a disastrous event which may cause the cybersecurity wall to crumble. Without a plan to mitigate cyber-risk, organizations risk losing a lot more than emails. They can risk losing valuable information that can jeopardize their reputation and bottom line.
All-hazards planning is a sound and proven concept, but it doesn’t mean that organizations must plan for every possible hazard. What it does mean is that organizations must plan for every possible hazard. What it does mean is that organizations should consider all possible hazards as part of a risk analysis. Using a risk-based approach to planning, coupled with functional and prioritized contingency planning, makes the best possible use of limited resources during an emergency.
Risk assessment: The primary component to an all-hazards plan
Risk assessment is a process for identifying potential hazards, risk exposures, and the probability of occurrence. However, most organizations have not conducted a comprehensive risk assessment, in part because of a lack of resources and time devoted to this important function. By doing a Threat, Hazard, Identification and Risk Assessment (THIRA), you can identify the range of hazard and risk exposures that have impacted, or may impact, the area and the organization itself.
The THIRA process allows individual business, faith-based organizations, not-for-groups, schools and academia, and all levels of government, to understand risks and determine the capabilities needed to achieve preparedness. Specifically, the THIRA process includes:
- Identification of threats and hazards of concern.
- Description of threats and hazards, showing how they may affect the organization.
- Establishment of preparedness goals to define success.
- Estimation of resources required to achieve the preparedness goals using community assets and shared resources.
Additionally, the THIRA process ultimately helps organizations answer the following questions:
- What do we need to plan for?
- What shareable resources are required to be prepared?
- What actions could be employed to avoid, divert, lessen, or eliminate a threat or hazard?
Planning for future emergencies and disastersWith today’s complex and tech-driven world, the interdependencies of our infrastructure and systems create vulnerabilities that differ from the past. Therefore, it is imperative for businesses and public sector organizations to assess inherent risks while taking a comprehensive approach to preparing for emergencies and disasters. Implementing an All-Hazards planning approach to assess potential risks is a necessity to mitigate impacts to business operations and to ensure the safety of your workforce.
Subject matter expertise
CPA, CFE, PMP, Managing Partner – Government and Public Sector Advisory
Let’s start a conversation about your company’s strategic goals and vision for the future.
Please fill all required fields*
Please verify your information and check to see if all require fields have been filled in.
This has been prepared for information purposes and general guidance only and does not constitute legal or professional advice. You should not act upon the information contained in this publication without obtaining specific professional advice. No representation or warranty (express or implied) is made as to the accuracy or completeness of the information contained in this publication, and CohnReznick LLP, its partners, employees and agents accept no liability, and disclaim all responsibility, for the consequences of you or anyone else acting, or refraining to act, in reliance on the information contained in this publication or for any decision based on it.