Does There Need to be a Change?

Daily newspaper articles and television news broadcasts draw audiences into the horrors of terrorist attacks, graphically display the mighty power of Mother Nature or attempt to explain the invisible threat of pandemic influenza.

In each example we watch and listen to experts or analysts comment on what had been done, should have been done or there was nothing that could have been done to mitigate and prepare for the crisis.

But, is that really true that nothing could have been done? If that is the case then why do so many individuals seek certification in their chosen field, such as risk management, security and crisis management? The reasons for seeking certification are as vast and diverse as the people who strive for their achievement. Reasons could include a desire to save lives and property, sense of community pride in helping those in need or a belief that responsibility associated with position involves more than just a pay check.

Personal Accomplishments

Regardless of their reason or reasons, these individuals desire a professional standing in their chosen field, but is their achievement being recognized and rewarded by the insurance industry? If not, should the insurance industry recognize certifications for risk management, security, crisis management or IT, through insurance premium reductions for businesses? Generally, recognition of individual professional certifications are from peers and through compensation packages on the job, but are absent in the insurance industry.

Let’s look at the meaning of insurance to establish a starting point.

The Information System Audit & Control Association stated, “The purpose of insurance is to spread the economic cost and the risk of loss from an individual or business to a larger number of people. This is accomplished through the use of an insurance policy.

Policies are contracts that obligate the insurer to indemnify the policyholder or some third party from specific risks in return for the payment of a premium fee. Like all contracts, there can be other specified duties imposed on the insurer, the policyholder or both. In 1944, the U.S. Supreme Court, in U.S. v. South-Eastern Underwriters Association, declared that insurance constituted a contract in interstate commerce.

There’s a Requirement for Risk Analysis

The decision recognized the need for insurers to coordinate issues of risk across jurisdictional boundaries. Particularly in the area of commercial insurance, insurers have adopted a strategy of risk management and have required their policyholders undergo a risk analysis and, if necessary, take remedial actions as a condition of receiving coverage. Reduction of risk is a key component for insurance companies and one would conclude analysis, education, training and certification of key employees all comprise strategies for reducing risk, regardless if proactive or reactionary to the event insured.

On Nov. 28, 2005 the State of Florida outlined a National Catastrophe Insurance Program with the following objectives:

• To protect consumers by ensuring the affordability and availability of insurance against the financial consequences of catastrophic events.
• To spread catastrophic risk broadly among insureds, insurers, reinsurers, the states and the nation, in a public-private partnership.
• To reward mitigation of hazards, conserve capital for catastrophes, maximize capacity and provide seamless coverage and service to policyholders.

The last point is significant for those individuals who seek professional certification and for businesses requesting insurance premium reduction as a reward to implementing recognized preventive measures, coupled with employing a professional certified staff.

Premium Reductions are Commonplace Elsewhere

Insurance premium reductions are often observed in auto insurance as drivers with good driving records are rewarded for their avoidance of accidents or tickets. Home insurance policies use premium reductions when new heating/cooling systems, roofs, fire alarms and home security systems are added to protect the property. In the law requires insurance companies to offer homeowners discounts or credits for existing building features or home improvements that reduce damage and loss from hurricanes.

Further, the Workers’ Compensation Premium Reduction Program offers employers with insurance premium reductions that demonstrate workplace safety and health, which is reflected in a reduced occupational injury and illness statistics. Most insurance companies will require the business to complete a safety and health survey, which identifies existing and potential hazards or even unsafe workplace practices. Even after the survey and documented changes are made to the property due to training and technical assistance recommendations, the company must reduce the lost workday incident rate to the national average and experience no workers’ compensation claims during the participation year.

If all has been completed, then the company may receive a 5-10 percent reduction in premiums.  Should there be a premium reduction program aimed at natural disasters preparedness, emergency command center operations, pandemic influenza readiness and allied professional certifications, to name only a few?   

Even pulling one from left field, The American Council on Exercise, stated in 2005, “The American Council on Exercise, America’s nonprofit fitness advocate is pleased to support Philadelphia Consolidated Holding Corp and its subsidiary Philadelphia Indemnity Insurance Company’s decision to offer a general liability premium credit program for all health and fitness clubs employing personal trainers certified by organizations whose programs have been accredited by the National Commission for Certifying Agencies.”

The “If Only” Factor

 In 1998 Tom Hanks and Meg Ryan appeared in the movie, “You’ve Got Mail.” One line from this film resonates in almost every business right after a significant disaster, emergency or crisis. The famous line was, “If only, if only I wasn’t Joe Fox and you weren’t the little shop girl around the corner, if only.”

How many times have you heard an executive or key manager use the words, “if only” to describe an event?  If only I would have known this or that, before we reacted. If only we would have spent the time to train our staff or conduct drills. If only we would have prepared better or hired a staff that was certified in their specialty area. This questioning process includes proactive strategies and thinking.

We think of proactive maintenance for our fleet vehicles, air conditioning systems and in almost every mechanical aspect of a refinery, manufacturing facility or assembly line. But where is that same thinking when it comes to personal risk and protection of the business?

As an example, ten years ago did your business continuity plan, emergency command center, business impact analysis, crisis communications, or even policies and procedures manuals consider and list in detail mitigation, response and recovery actions for anthrax, SARS, pandemic influenza, 13 different fields of terrorism, or earthquakes?

It’s Proactive Thinking

Proactive thinking means planning ahead with the right strategies, courses of action, detailed steps, engaging the right employees, all towards the ultimate goals of mitigating and reducing the risks to individuals and the business.

Today universities, private schools and professional organizations, such as ASIS International, Disaster Recovery Institute, American Board for Certification in Homeland Security, International Association of Emergency Managers and the Security Industry Association, educate professionals to confront business risk challenges head on. As stated on the SIA Web site, “SIA promotes growth and professionalism within the security industry by providing education, research, technical standards and representation and defense of its members’ interests.” Advancing professionalism and capabilities to reduce the consequences of a crisis to individuals and businesses is a fundamental building block to both individuals and certification/university partners in the pursuit of perfection.

The recipients of training, educational material and certification from these agencies and/or dozens of additional institutions, associations, organizations and universities add tremendous value to any business organization. These professionals are receiving specialization well beyond acceptable industry standards, and in many cases are redefining or creating standards for their industry. Just last year, as stated in an ASIS press release, “ASIS International, the preeminent society for security management professionals, has been awarded accreditation by the American National Standards Institute, the U.S. member of the International Organization for Standardization. This prestigious endorsement confirms that ASIS International certification programs adhere to the highest professional standards.”

Does there need to be a change when mitigating risk, responding to emergency situations and outlining an effective recovery program, in the partnership between the insurance industry and certifications for emergency management, security specialization, and crisis management?
Since 85 percent of the critical infrastructure of the United States is owned and operated by the private sector, discussions should begin to incentive risk reduction and enterprise resilience and to consider their high value when protection of the key assets of this nation.