Is your company ready for emergencies? Should an incident threaten or harm your company’s people or property (or both), do supervisors and senior management know what to do? Who to call? What to say? What not to say? Most importantly, does your company have a written emergency escalation plan?
The plan might have other names, too. Business continuity plan. Disaster recovery plan. Threat mitigation plan. Emergency response plan. Whatever it’s called, if your company lacks a plan, it should take steps right away to develop one. After all, emergencies don’t announce themselves in advance and one could happen tomorrow. Fires. Storms. Medical crises. Violent crime. Power failures. Environmental spills. IT systems crashing. You name it, it can happen.
With that in mind, here are some suggestions for getting started on a plan:
1. Get executive-level buy-in on the need for a plan. Without this step, you’ll be spinning your wheels. Ideally, a member of the executive team will be assigned to sponsor this effort, which will help get the attention of the many stakeholders that must support the plan as described in the next step.
2. Determine required stakeholder functions and assign roles. Typically stakeholders in an emergency escalation plan will include people from operations, security, HR, facilities, IT and communications. The plan should define, in writing, what the roles of the functional representative should be. Once roles are defined, then choose the person to fufill that role. One person should act as the function’s main representative, with a back-up person designated.
IMPORTANT: Both persons should have appropriate decision-making authority, including spending levels if necessary. Without proper authority, critical time can be lost in seeking permission to engage or commit needed resources of time and/or money.
3. Document the different kinds of emergency situations and responses. Emergency responses should be appropriate to a particular situation. Of course, no two situations might be exactly alike, so flexibility needs to be expected. Still, responses can be described and documented for general types of emergency situations like fire, medical, hazardous spills, power outages, and so on. Relevant external parties should be identified and contact information listed, such as public safety, local utilities, and other vendors whose supplies and services might be impacted or needed. Your security provider, for example, should be involved. Escalation paths for different emergency scenarios should be described.
4. Consider needed funding for different situations. The costs of an emergency response can be varied and add up, so contingency funding should be identified including where it will come from and, as mentioned, who has the authority to spend it. Insurance can help, of course, but not in the immediate aftermath of a crisis. Your plan’s executive sponsor should help with this step.
5. Test the plan and validate periodically. Don’t wait for an emergency to test your plan. It should be tested immediately after its approval by executive management and then at least once a year after that. Names and contact data should be validated semi-annually, if not more frequently. Testing should have three phases: a thorough plan review by all the stakeholders; a “tabletop test” with all the stakeholders in a meeting or on the phone to walk through who-does-what, given a particular situation like a fire; and, finally, a simulation test in which stakeholders must actually perform their roles for a particular type of emergency.
6. Conduct a stakeholder debriefing and plan review after any emergency. As soon as possible following any emergency response, you should document the actual steps that were taken to keep a record of the event. Then gather all the stakeholders together to evaluate how the plan worked – and revised it wherever needed.
* * *
Emergency plans are critical tools that all businesses should have and review regularly. If your company could use the advice of a professional to develop one, we invite you to contact your GardaWorld Protective Services representative. And keep in mind that our highly trained guards, plus the advanced control centres that back them up, can provide the extra support your plan might need to fully safeguard your business.