America’s oil refineries, chemical plants, port facilities and many privately owned installations make up 85 percent of the country’s vital infrastructure and many of these, although not target hardened, are prime terror targets. “The 9/11 Commission Report”, that is, the final report of the National Commission on Terrorist Attacks upon the United States was released on July 22, 2004. In the chapter, “What To Do? A Global Strategy”, the report accentuates that national preparedness, due to the private sector controlling the majority of the infrastructure of the nation, must begin with the private sector.

The 9/11 Commission Report continues emphasizing that preparedness in the private sector, in partnership with the public sector should include rescue, restart and recovery of operations and recommends (1) a plan for evacuation, (2) adequate communications capabilities, and (3) a plan for continuity of operations. As 9/11 commission members examined the emergency response, numerous expert witnesses stated to them that despite the 9/11 tragedy, the private sector remains virtually unprepared for another terrorist attack. Consequently, the need for standards was clear and the commission asked the American National Standards Institute to develop a “National Standard for Preparedness” for the private sector. Therefore, safety, security and business continuity experts from many industries and associations, as well as federal, state and local government stakeholders were charged to consider standards for private sector emergency preparedness and business continuity. As one of over twenty-five recommendations in this chapter by the 9/11 Commission, this recommended standard for private preparedness needed endorsement. The Secretary of the Department of Homeland Security praised this standard and encouraged his Department to promote its adoption. Essentially, the Commission endorsed a voluntary National Preparedness Standard. The existing American National Standard on Disaster/Emergency Management and Business Continuity Programs (NFPA 1600) was the base for a proposed standard, which establishes a common set of criteria, and terminology for preparedness, disaster management, emergency management, emergency management and business continuity programs. The experience of the private sector in the World Trade Center crisis clearly demonstrated the need for standards.

Compliance with such a standard for crisis prevention, management and restoration is a standard of care owed by a company to its employees as well as to American society itself. The lesson of 9/11 must remain and that is private security preparedness is not an option; it is the essential heart of good business principles in a post 9/11 era. If private sector preparedness is ignored, it will be a potentially catastrophic cost in lost lives, financial loss to companies and their employees due to replacement costs, downtime, insurance increase ramifications and marketplace loss. A lack of private sector preparedness can lead to a terrorist attack, which can gravely impact national security by demoralizing the citizenry.

Although some experts argue that the government should mandate how private firms should spend money on security issues, the concern must begin with appealing to the moral compass of private firms to protect their employees. Another integral consideration is to educate private firms to realize that solid security procedures and policies is a sound business practice that allows the workplace to function safely and securely and also cultivates a highly motivated work force which protects the firm from a crisis that could potentially destroy it completely.

In the aforementioned National Fire Protection Standard 1600 on Disaster/Emergency Management and Business Continuity Programs, insights that assist professionals with definitions, emergency program management, program elements (risk assessment, hazard mitigation, mutual aid, planning, communication, finance and administration) and annex’s that focus on resources for companies and various certification programs are presented.

Complimenting the National Fire Protection Standard are guidelines recommended by the American Society of Industrial Security (ASIS International) in their published “Emergency Planning Handbook”. This document is essential for private sector security and safety professionals as well as for law enforcement personnel involved with emergency planning. This book gives a clear definition of an emergency plan and covers risk analysis, emergency preparedness planning, continuity of operations/incident management (continuity of management, incident command structure, transportation, etc.) special considerations in planning (protection of vital records, safeguarding vital computer information, liaison with government agencies) training, exercises and testing as well as recovery operations.

In addition to the Emergency Planning Handbook, ASIS International established a commission in 2001 in response to a concerted need for guidelines for security issues in the United States. ASIS International is the preeminent organization for security professionals (both private sector and law enforcement officials comprise the membership) worldwide with an important role to play in helping the private sector secure its business and critical infrastructure, whether from natural disaster, accidents or a terrorist attack. “The Business Continuity Guideline: A Practical Approach for Emergency Preparedness, Crisis Management and Disaster Recovery” from ASIS International allows organizations to consider the factors and steps necessary to prepare for a crisis (disaster or emergency) so that it can survive the crisis and take all appropriate actions to help ensure its continual viability. This plan gives step-by-step business continuity plan preparation and activation guidance, including readiness, prevention, response and recovery. It also details requirements necessary for the plan to avoid becoming stagnant and remain a living document, changing and growing with the organization and thereby remaining relevant, viable and executable.

When preparing disaster recovery measures, business continuity experts must pay particular attention to information technology systems. Disruptions in information technology cannot only interrupt entire systems (caused by numerous influences including terrorist attacks, sabotage, power outages, human errors and security breaches) but can actually completely destroy a company. Once disaster strikes, statistics show that many businesses’s fail to recover and this is often due to poor business continuity planning and negligence in regard to information technology. Private firms must consider relocation capabilities, regularly update phone lists, provide data backup and continually re-evaluate policies and procedures. Disaster recovery is only as successful as the proactive preparation that prevents disaster from occurring. Vital operations should be spread to different locations and back up devices to retain critical data are essential. Communication technologies that allow workers to update one another even if there is a power outage or other event are necessary.

World events compel us to vigilantly prepare for disasters that cannot only effect the survival of an organization but the very morale of our nation. America’s private sector organizations must rise to the challenge of this violent culture and engage with full force to all requirements of emergency planning to assure the survival of a firm before, during an after a crisis. An organization’s dedication to crisis prevention, management and restoration not only safeguards the firm but also contributes directly to securing the American homeland and strengthening our nation.

Vincent J. Bove, CPP is a Board Certified Protection Professional, Board Certified Crime Prevention Specialist, Certified Law Enforcement Instructor and U.S. Department of Justice Certified Community Anti-Terrorism Awareness Trainer.

He is the 2007 New Jersey recipient of the prestigious FBI Director's Community Leadership Award and was hand-selected to serve as a facilitator and mentor for the 2007 National Conference on Ethics in America and speaker for the 2008 conference at the United States Military Academy at West Point.

"Vincent J. Bove is considered one of the foremost national experts on school and workplace violence prevention, specializing in facility protection, evacuations, terrorism prevention and leadership training." -- U.S. Senate

You can visit Mr. Bove's website at www.vincentbove.com or email him at vincent@vincentbove.com