RISK MANAGERS' FORUM

THE CHANGING WORLD OF CRISIS MANAGEMENT

Terrorism has permanently altered the concept of crisis management

By Deborah M. Hampton, CIC, CRM, CPCU, ARM

One of the most prevalent challenges of crisis management today is the ability to minimize negative financial consequences due to terrorism.

Today, more than ever, the practice of crisis management is facing new challenges. Historically, crisis management served to address primarily natural disasters such as fire and earthquake. However, over the past decade, crisis management has expanded to address man-made crises such as economic losses caused by market fluctuations, fuel prices, and now a new challenge--terrorism. Terrorism has served to permanently alter our concepts, views and priorities of crisis management. More than a year later, our society is still grappling with the challenges of 9/11 and the subject of terrorism. While some Americans have been accused of becoming complacent regarding terrorist issues, this is certainly not true of businesses. Of course, there are the obvious reasons for this, such as the current insurance market, which has rendered terrorism coverage largely unavailable or unaffordable. However, this heightened awareness is also due in part to the quantity of terrorist activities reports.

In September 2002, the Washington Times reported receiving information from U.S. intelligence officials that self-proclaimed 9/11 organizer Ramzi Binalshibh indicated that the al-Qaeda has decentralized its leadership structure, making it more dangerous. In August 2002, an Afghan intelligence official reported that a would-be homicide bomber with more than a half-ton of explosives packed into his vehicle was 300 yards from the U.S. Embassy. A chance traffic accident stopped him. At last count, The Terrorism Research Center had compiled information on more than 70 active terrorist groups.

Let's examine how the topic of terrorism impacts the practice of crisis management--the act or process of managing a crisis to prevent (if possible) and reduce the impact of catastrophic losses to the organization.

One of the most prevalent challenges is the need to minimize negative financial consequences due to terrorism. What, to date, has not been widely addressed is the increasing frequency with which businesses are experiencing negative financial impacts due to terrorist threats. I recently met with a client who is involved in a major project at an international airport. The client commented about the first (of which they anticipate will be many) expenses associated with potential terrorist activities. The airport received notice of a potential terrorist threat and issued an advisory. The client was forced to send everyone home for the day. The cost was around $40,000 per day for loss of overhead. Because the client currently is unable to recoup this cost, it will directly impact the profits of the company, as will any future episodes.

Unfortunately, this scenario is becoming fairly commonplace, especially for those clients who work in high-profile areas such as airports. For many businesses, this unpredicted new cost is staggering. Imagine a client with overhead at $100,000 per day who encounters only four episodes per year (which in many areas is considered a conservative estimate).

Other clients are concerned with delays in receiving imported products due to increased security at borders and ports. Imagine the project delays (and resultant liquidated damages) in this scenario: A contractor awaits the arrival of steel trusses manufactured abroad. Their arrival is delayed by
30 days due to increased security at borders and ports. The result is an uncompensated delay to the project.

What do these scenarios mean for today's risk manager? A diligent risk manager must include terrorism and its consequences as part of the company's crisis management program. The following points illustrate the five phases that need to be considered in adequately addressing the terrorism exposure to an organization:

1. Planning--This should include an assessment of potential terrorist threats and consequences. In addition, the planning phase should serve as a platform for discussion regarding potential impact to personnel and operations.

2. Prevention--This should address how the firm will endeavor to prevent a terrorist activity and/or minimize its impact. Some common examples that increase the overall security of your organization are the installation of security cameras, the employment of security personnel, and badge systems and card systems which serve to identify personnel.

3. Preparedness---This phase is very important in crisis management. It should address educating your personnel. A place to start is to address typical bomber profiles. The Israelis have developed such profiles which include:

* Wearing unseasonably
warm attire

* Protruding bulges in clothing

* Sweating, mumbling or fidgeting

* Avoiding police

* Trying to fit into crowds.

4. Response--This phase will consider the coordination with state and federal authorities. For instance, FEMA meets periodically with representatives from major cities to assess their capabilities with regard to planning and training. Ultimately, these cities are destined to receive FEMA-sponsored terrorism training. In attendance will be personnel from city fire, police, emergency medical, and emergency management. In addition, many of these cities currently have FEMA-sponsored Urban Search and Rescue (US&R) Task Forces. These task forces will be trained to respond to terrorist incidents. Risk managers should be aware what FEMA and/or DOD (Department of Defense) training has been conducted at the local level and what support they may offer your company.

5. Recovery--The recovery phase considers how an organization will recover from a terrorist act. Recovery activities depend largely upon the results of the above four referenced phases.

In summary, the time has arrived to consider a major update to your organization's crisis management program. *

The author

Deborah M. Hampton, CIC, CRM, CPCU, ARM, is president and risk management consultant for Comprehensive Risk Services, Inc., a claims, risk management, and safety consulting company located in Largo, Florida. Deborah is also a faculty member of the Certified Risk Managers (CRM) program. For more information on the CRM program, call (800) 633-2165, or visit the National Alliance for Insurance Education & Research Web site at www.scic.com.