Natech Risk Assessment and Management – Reducing the risk of Natural-hazard Impact on Hazardous Installations

Authors: Elisabeth Krausmann; Ana Maria Cruz; Ernesto Salzano
The problem that is currently on the rise is that of technical disasters triggered by previous natural disasters or natural events. Examples include frost, heat, drought, rainfall, floods, earthquakes, whether or not combined in tsunamis, lightning strikes, etc.
In an extensive introduction, the authors give a number of examples of what these natural phenomena can do. And that is quite something: ranging from power cuts and pipe breaks, to destruction of storage tanks and explosions. These in turn give rise to an evacuation of the employees of the company, the environment, with or without death toll, as well as a possible enormous economic damage and the stagnation of (parts of) the economic activity in the affected area. It is therefore not for nothing that people want to arm themselves against the even worse domino effects of such events. To this end, these so-called Natech events are studied. To make the world a little safer.
Unfortunately, no two Natech disasters are the same. Although performing risk assessments makes progress in this regard, according to the authors, it remains (for the time being) an impossible task to compare the results of risk assessments. That makes it difficult to prioritize. Yet there are some standard works that the authors regularly refer to, among many other things in their detailed literature lists. Namely the so-called purple book, red book, green book and yellow book from TNO. But perhaps more important for their discussion are the software packages RAPID-N, PANR, the methods of TRAS 310 and TRAS 320, risk curves and ARIPAR-GIS. These contain qualitative, semi-quantitative and quantitative risk assessment modules.
After a number of chapters in which RAPID-N, ARIPAR-GIS and RISKCURVES are illustrated with discussion of the results, two chapters deal respectively with structural (technical) measures and organizational (more administrative) measures.
An innovative framework, which the authors say is worthwhile, was proposed by IRGC and consists of the following five elements:

  1. Risk preassessment: an early warning and “framing” of the risk to provide the problem with a structured definition. Or how it is framed by the various stakeholders and interested parties, and how best to deal with it.
  2. Risk assessment. By combining a scientific risk assessment (of the hazard and the probability of it) combined with a systematic ‘concern’ assessment (of public concerns and perceptions) to form the basis of knowledge for taking subsequent decisions.
  3. Characterization and evaluation: making use of scientific data and a thorough understanding of the societal values ​​affected by the risk to determine whether the risk is acceptable, tolerable (with or without mitigation of the risk as a requirement) or intolerable (unacceptable).
  4. Risk management: all actions and remedies that are necessary to avoid, reduce, share or retain a risk.
  5. Risk communication: how stakeholders and interested parties and society understand the risk and participate in the risk governance process.

The work is, in particular, a piece of “compulsory” reading material for continuity managers and risk managers of large companies that are important for the economic motor of a region or country with large industrial installations. It requires a healthy portion of common sense, but also a sufficient knowledge of process engineering to grasp the storylines. In addition, an open view of a wide range of sciences, technical and non-technical, and of society, is necessary to correctly assess the importance of this work.

Adaptive Business Continuity – A New Approach

Authors: David Lindstedt; Mark Armor
Adaptive Business Continuity wants to blow a new wind through the BCM world. To this end, they throw, among other things, the BIA and the risk assessment overboard. When I read the arguments why they do this, it’s not clear why. After all, if I read the authors’ arguments in Appendix B (the manifesto), then there is the following in B.5.1 page 154:
“Adaptive BC discourses a sequential approach. Continuous value, coupled with the core mission of continuous improvements in response and recovery capabilities, leads to the adoption or a non-linear approach that adjusts to ongoing feedback from all participants. … “.
The manifesto in https://www.adaptivebcp.org/manifesto.php also states that things are becoming increasingly complex:
“How long can an organization without a particular service almost always depend on an integrated combination of factors too numerous to identify and too complex to quantify. Moreover, the changes that result from the exact timing and actual impact of a disaster on a service will dictate different judgments about applicable recovery strategies, priorities, and time. Definitive changes to a service’s holistic “ecosystem” cannot be foreknown. ”

Nobody can deny that the problems are becoming increasingly complex. However, it can be denied that linear problems no longer occur can be denied. That is why I would like to look back at the picture of the full spectrum of possible disasters. I tried to discuss this in a previous blog, at http://www.emannuel.eu/en/artikels/resilience-strikt-genomen-disaster-management-red-ants-gray-rhinos-black-swans-de-verhouding-van-bcm-risico-management-rm-en-crisis-management-cm/ in question 6:

However, when I get the idea of linear issues, difficult or complicated issues and complex issues from the article of http://www.emannuel.eu/en/artikels/herhaalt-de-geschiedenis-zich-of-niet/# then I come to the next figure:

I believe that Traditional BCM has a linear approach. This is extremely suitable for linear issues and systems with a (well) known impact and linearisable systems from the complicated part of the spectrum. The question that remains is whether the arguments of the authors are clear enough to put this linear approach aside. This I deny: the objectives of Adaptive BC are not clearly defined enough to throw traditional BCM overboard here. After all, no arguments are given. The BIA simply refers to an article by Rainer Hübert, the authors of which do not reflect the line of thought.
Mutatis mutandis, I think the argument to drop the risk assessment is a non-argument.
After all, they write:
“Administering a proper risk assessment and implementing the resulting action items may necessitate deep knowledge of actuarial tables, information security, insurance and fraud, state and federal regulations, seismological and meteorological data, and the law. Typical continuity practitioners do not possess such deep kn owledge; those who do are most likely specifically trained as risk managers. Adaptive BC practitioners as such should eliminate the risk assessment from their scope of responsibility. ”
I do not agree with this: a BC manager does not need to be an expert in all these matters. Rather, he / she must be able to know the right experts within the company, gain their trust, facilitate and coach them in order to achieve results. Then making a risk assessment is not hopeless and not unusable. I leave the criticism of the readers to judge a lot of other claims to the detriment of traditional BCM: it is clear that the authors are trying to declare the traditional BCM dead for reasons they unclearly articulate.
Has the Adaptive BC depreciated for me? No, not at all. Because they offer an answer to issues from a different part of the disaster spectrum: possibly, provided that they have a solid foundation, a solution can be distilled here for complicated and complex systems where I think traditional BCM has a harder time answering as follows:

So in my opinion, the time of traditional BCM is not over as long as there are linear issues. In addition, Adaptive BC will have to develop further into a more mature activity, which can claim its own part of the spectrum of disasters, together with monitoring, building scenarios and future scanning. But next to Traditional BCM. Not instead of.
So there is still work to be done.

Managing Outside Pressure – Strategies for Preventing Corporate Disasters

Authors: Matthias Winter; Ulrich Steger

In Chapter 1, the authors offer a historical statement of the Nobel Prize Laureate Economy Friedman from 1962: “In a free society, there is one and only one social responsibility or business – to use its resources and engage in activities designed to increase its profits so long as it stays within the rules of the game, which is to say, engages in open and free competition without deception or fraud.” With that, organizations became dominant in society. But more and more people believe that today the same organizations are causing much of society’s problems. This creates groups of activists and they start to exert pressure. A number of questions follow from this:

  • What is the stakeholder concept and how can they influence organizations?
  • What is the difference between a “transactional” and a “contextual” environment?
  • How do we evaluate the situation from the point of view of the organization?
  • How do we evaluate the situation from the point of view of the activists?

The authors provide answers to these questions in the course of a number of chapters.

The “Stakeholders” can be an extensive number of groups: consumers, customers, competitors, employees, shareholders, environmental organizations, local communities, local authorities, suppliers, special interest groups, owners, the media, the legislature, scientists and researchers, banks, … they all have an interest somewhere in the results and the operation of the organization.
These can be divided into two groups: the transactional environment and the contextual environment: the first has some professional business relationship with the organization. Normally they can negotiate with the management about the rules for the transaction. The contextual environment has no direct market or business relationships.

There are also activists: these can be loosely classified into environmental activists, health-related activists and socially motivated activists. That way they are mainly in the contextual environment. How can they influence an organization? The authors describe this with “Transmission belts”. The first is direct pressure of protest. A second is the search for associates in the transactional group, for example the customers. This impact can cause the organization a financial hangover. They can also find supporters in the contextual environment, for example with the legislator. They can best use both, since the clients can work flexibly in the short term, while the legislator works more decisively with regulations but more in the long term.

In chapter 3 the authors talk about “Corporate Early Awareness Models”. They state that the traditional model of the stakeholder analysis is outdated. After all, a number of things vary over time: the agendas of the various stakeholders, the importance and influence of different groups, how the organization behaves in the sector, and social values. The new analysis models try to make the difference between early identification versus a late intervention. One advantage on the first is that you can avoid the difficult things so that they are no longer relevant. The second means that you as an organization do not waste time and energy on what is not relevant. In addition, it is good to make a distinction between strong and weak situations. Strong situations are best identified early, while weak situations can usually be dealt with later on. The strong situations run the risk of going through the following stages:

  • “concern”
  • “issue”
  • “crisis”
  • “scandal”

Because it can become a “scandal”, it is necessary to intervene quickly. Weak situations do not usually reach this final stage.

To make a difference between a “strong” and “weak” situation in a systematic way, the tool has been proposed by the authors, from the perspective of the organization. This covers the following eight sections:

  • Are the arguments against the issue plausible?
  • Does the issue cause emotion? Is this understandable – visually and touching – to the public?
  • Is the issue media friendly?
  • Are there links with other issues of the organization or of other involved organizations or within the sector?
  • How strong is the “key” activist group?
  • How isolated is the organization?
  • How far have the dynamics of the crisis already developed?
  • How easy is it to find a solution?

To complete their “world view”, however, the organizations also need a picture of the situation through the eyes of the activists. Which factors make the situation “attractive” for them? And for which type of campaigners? For this, the authors brought the activists into four groups along two axes. First: integrating versus polarizing. Do they integrate the role of the business and the public interest in their own system of objectives or not? Integrators place a high priority on developing a productive win-win relationship with the business, while the polarizers simply push through their minds and do not cooperate with the organizations. The second axis shows whether the action group discriminates between organizations within an industry with regard to a genuine or perceived commitment of the organization to environmental issues, health issues or social issues. “Discriminators” look at the progress of the organizations with regard to benchmarks in their sector. The non-discriminators focus on the problems that the organizations and entire industries cause, without distinction between the good guys and the bad guys. These four groups have their own modus operandi.

  • Sharks arbitrarily attack organizations. They are not very organization-specific in their target and are generally harmless to individual organizations.
  • Sea lions are usually even less dangerous for organizations because they tend to only address weak situations and discussions about social values ​​in general.
  • Dolphins focus more on a single situation and work with the organizations to find a win-win solution.
  • The really dangerous activist groups are the orcas. They isolate the organization and humiliate them in public for their sins. They choose symbolic situations and use a lot of symbolism in their campaigns.

The authors’ research shows that most activist groups, but especially orcas and dolphins, have a collection of guidelines for when to engage in a situation.

When a situation meets the requirements of this or a similar list, the danger of a confrontation increases:

  • The campaign must have a clear goal.
  • The issue must be easily understood by the general public.
  • The issue has a symbolic value.
  • The issue has the potential to damage the image of the organization.
  • The opponent is strong enough (no “underdog” effect).
  • The issue can be packed in a campaign in which the public can be involved.
  • There are solutions that are confrontational, not gradual (political concepts, management concepts, product or process concepts, that are competitive in terms of price and quality).
  • There must be a drama element to the campaign to engage the media.

In chapter six the authors give a number of tips and examples of the application of these checklists. A possible template for a signal description of an upcoming issue includes a place for the following questions:

  • What is the issue?
  • Who is affected? (Internal? External?)
  • Who discovered the situation?
  • When did the signals occur?
  • Where did the signals occur?
  • What are the signals that have occurred?
  • Why can this become an issue that is relevant to the organization?

In Chapter 7, the authors present nine cases of issues that occurred, or were to act potentially in the near future at the time, arguing that the model works.

In chapter eight, the authors indicate that the organization always has the choice between two options:

  • Drop the project / action.
  • Carry out the project / action anyway.

In addition, they provide advice in both cases.

A possible template for these tools can be found in the attachment.

Firearms Acquisition By Terrorists In Europe

Research findings and policy recommendations of Project SAFTE

Authors: Nils Duquet; Kevin Goris
In this book, the authors provide an overview of the knowledge regarding the purchases of weapons in the EU by terrorists. This is a phenomenon that deserves a lot of attention because it has been shown in the recent past that this is “in our back yard”. After every terrorist act there are a multitude of questions from the population. Not only why this happened, but also how this could happen is regularly asked. This book tries to chart the share of the “arms market for terrorists” in the “how” of these questions.
In the first chapter the authors deal with legislation up to 2017. This discussion of the legislation on arms sales shows that the EU still has a lot of work to coordinate between the countries in order to remove legal loopholes concerning arms transports and arms sales.
In the second chapter, the authors discuss the illegal arms markets in Europe itself. This shows how difficult it is to have an overview of something that seems simple, namely how many illegal weapons are there in Europe? The estimate ranges between 81000 and 67000000. Difficulties in making estimates include closed markets, but also the increase in available military grade weapons on illegal markets. Include illegal production, theft and reactivation of deactivated antique weapons, and you will get an unclear picture.
In the third chapter, the authors discuss the accessibility of the arms markets for terrorists. That appears not to be that simple. The arms markets are a closed market. If you already have criminal offenses on your record, you are known and trusted. Moreover, the arms dealers are not as keen on selling weapons if they know that the aim is to commit a terrorist attack. In addition, it appears that these markets are not a single market. Procurement methods differ depending on whether they are separatists, religious terrorists, right-wing terrorist groups or left-wing terrorist groups.
In the fourth chapter, the authors provide a number of policy recommendations with regard to the countries and the EU. This includes a coherent approach to regulation. But they also provide operational advice, such as exchanging data, uniform data storage, collaborating on data analysis, monitoring the implementation of legislation, applying strict penalties … Collaboration with citizens has not been forgotten, by the possibility of them voluntarily turning in their weapons. In addition, they also have an eye for the capabilities to be built in the nations, international coordination and cooperation. Finally, they indicate the following risks to follow up:

  • The increase in available military-grade weapons,
  • The spread of firearms from legality into illegality,
  • The role of weapon collectors and enthusiasts, and handymen,
  • Arms transactions on the internet,
  • The future of 3D printing.

 

 

risk management, strictly speaking – success factors of support

Author: Manu Steens

An organizational structure , a decree or law, (a) (some) measure (s), … must be supported to succeed. To be supported, they must be recognized. (I have no criterion to say in which cases this model is all relevant, for that a study should be done of successful and failed business in hindsight.)

Recognition in itself, however, is based on four success factors:

  • legitimacy,
  • cohesion of the target group due to proximity with civilians / the employees of the organisation,
  • effectiveness with purpose and perseverance,
  • authority.

These four pillars are interdependent. If you remove one leg from the table, the other legs will come along and the table will fall. So you cannot actually view them as independent. For the sake of the further discussion, I do that here anyway.

One thing that seems to be clearly supported is the EU regulation of the GDPR. Something that does not seem to be supported is the Brexit . Let us therefore illustrate these two things with this idea.

Success factors of support applied to the GDPR.

  • Legitimacy: The GDPR legislation was imposed by the EU and applies to all EU countries for implementation
  • Cohesion of the target group through proximity : The EU countries are interdependent because they are related to the EU, but also because they have free movement of people, which implicates that they can enjoy similar legislation despite traveling in the EU. At the same time, the EU is for the most part a coherent whole, as a result of which the countries are coherent in terms of supporting the legislation. Proximity is perhaps best illustrated by the fact that EU citizens have recognized the legislation as something that concerns them very much. It belonged very quickly to the
  • Effectiveness: A true barnum advertising has been conducted for the GDPR, pointing out that this legislation applies to the citizen. This was so effective that the people of the EU and the organizations are aware of their rights. And in the very short term jobs have been created: eg. lawyers specializing in GDPR but also DPOs, courses, …
  • Authority: There is also a place in the legislation itself for punitive measures in case of non-application of the law by the organizations in the EU. Also, auditing capabilities were provided. Partly as a result of the possible effect of the hammer, many organizations applied the law, and there was a great sense of “doing something about it”.

Conclusion: due to the barnum advertising, this legislation was strongly founded on these four success factors, so that it could actually only succeed.

Success factors of support applied to the Brexit .

  • Legitimacy: It came about through an unclear referendum with a majority “behind the comma”. There is total division within and across the political parties and within the people. The British Prime Minister was therefore completely in a gap of uncertainty. None of the proposals from the EU or the British themselves was accepted by a clear majority.
  • Cohesion: The British are divided. The votes for and against are neatly divided and without clear coherence. Many people, together with their politics, attach great importance to their sovereignty. Others opt for the possibilities that a cohesive Europe together with the British could mean. The connection is lost. The division is down to the granular level of the population.
  • Effectiveness: Due to a great deal of uncertainty, all proposals about the Brexit in a reasonable manner were As a result, it is regularly postponed. As a result of that, it is unclear how, if and when the Brexit will be a fact.
  • Authority : The Brexit could turn out differently from day to day in a new referendum. There is also a difference of opinion between, for example, the Scots and the rest of the British. In addition, the British regularly state the historic words of Churchill that “GB is with the EU but not of the EU”.

Conclusion: The Brexit cannot be called a success .