Use of Social Media During an Emergency

I think there is a good place for the use of social media in emergencies, however, we should acknowledge that there will be a large number of people who simply won’t be able to get the message due to obstacles.

Some of the obstacles include, as Ms Wagner says blocking or inaccessibility in the work environment, those that don’t use social media or only sparingly, the audience not being aware that a message is important or not having the device or access point to retrieve the message.

In the Boulder County area we experience a significant wild land fire every few years. The usual ‘reverse 9-1-1’ works well except if now one is home to receive the message or does not check their home voice mail.

There is also a large number of younger generation folks that do not watch TV or read the news through traditional means, but they are texting, tweeting, and checking Facebook regularly.

Therefore, we are considering how to use social media like Facebook and Twitter to alert residents of an impending danger. More work to be done to determine efficacy, but I do think it is time we use social media more regularly.

Impact of Risk Enablers and Realization on Supply Chain Disruptions

Impact of Risk Enablers and Realization on Supply Chain Disruptions”

Andy Amalfitano

MSBC Seminar #4

Risk Management

Week 9, Essay 8

Aug. 7, 2010


Supply chain disruptions can dramatically and permanently affect the success of a business. A shipment fails to arrive on time or is damaged enroute due to violent storms suffered by the transport barge; political unrest in developing nations changes the import/export policies; increasing piracy threatens to severely limit the source of parts and supplies being delivered to your overseas factories. More recently, the eruption of the Eyjafjallajokull volcano in Iceland demonstrated how vulnerable some industries are to air transport disruptions.

Nearly three-quarters of risk managers say their companies’ supply chain risk levels have increased since 2005,” according to Marsh’s survey of 110 corporate risk managers in January and February.[1]

Supply chain insurance demand grows each year, yet the types of insurance coverage rarely account for more than physical damage. That’s changing and businesses need to reevaluate their supply chain insurance coverage.

This paper describes the financial challenges faced by a companies with global supply chains and some suggested actions to realize and mitigate risks using among other strategies understanding of options including joining the C-TPAT program.[2]

The Unexpected: We May Not be Ready?

Singhal and Hendricks in a study of 800 companies who incurred a supply chain disruption between 1989 and 2000 found that 33-40 percent experienced lower stock returns, share price volatility increased 13.5 percent, profits plummeted 7 percent, costs rose 11 percent and inventories increased 14 percent.[3]

Companies can hedge their investments by diversification which brings some comfort level to the executives and shareholders. However, very little can prepare a company for unforeseen and unexpected supply chain disruptions.

The conflation or confluence of disruptions can further exacerbate the impact and significantly damage customer satisfaction.  Conflation describes the sequential occurrence of risk events that disrupt the enterprise. For example, a first event (major earthquake) partially disables and weakens the supply chain; a second event (dock workers’ strike) cripples the supply chain causing significant delays.  Confluence describes the simultaneous occurrence of risk events that overwhelm the enterprise. In the previous example, both events occur at the same time resulting in completely undeliverable shipments.[4]

Insurance typically only covers physical losses due to transit or other damage incurred from natural hazards. Conflation and confluence situations don’t usually produce physical damage and therefore a company does not have risk mitigation in the form of financial reimbursement. In most cases, the risks caused by natural hazards, political unrest and other modern day threats is not covered by insurance. Some companies are now holding their subordinate supply chain and vendors accountable for implementing their own risk management plans.[5]

Even if the company does have a way to cover financial losses, the impact on customer satisfaction will be dramatic. Understanding and realizing options for risk mitigation can have a profound effect on the how companies recover from such disruptions.

Intangible Risk

Another key issue is that beyond the physical and tangible risks are many more (and worse) intangible risks. Members of the supply chain including employees may hold attitudes and perceptions that undermine the process and inadvertently pose a risk.

The intangible lack of confidence in a supply chain leads to actions and interventions by supply chain members, which could increase the risk exposure. The bottom line is that the company experiences a higher level of uncertainty with lower confidence. Typical issues are no confidence in:

  • Order cycle time
  • Order current status
  • Demand forecasts given
  • Suppliers’ capability to deliver
  • Manufacturing capacity
  • Quality of the products
  • Services delivered[6]

This lack of confidence can compound the external risks described earlier and lead to conflation and confluence. It’s what Husdal (2009) calls a risk spiral which can lead to increased reliance on inventory buffers which may not hold up under protracted supply chain disruptions.[7]

Realize the Risk and Take Action

Two aspects of executive action may be simply the right and the wrong action. The former leading to positive consequences and latter leading to negative consequences. In either case, an altered state or risk is the result. To avoid the negative consequences a great deal of critical thinking needs to take place which challenges the current risk management plan and attempts to envision “Unexpected, Unanticipated, Unintended

Consequences.” [8]

C-TPAT – Customs-Trade Partnership Against Terrorism

Of the top 10 potential benefits companies considered for joining C-TPAT, reduction in insurance rates was only 10th with less than 4 percent indicating that as a motivator.[9]

Two key motivators for joining C-TPAT included:

  • reducing the time and cost of getting cargo released by Customs
  • reduced time and cost in CBP secondary cargo inspection lines.[10]

The results seem beneficial  as described by those companies responding to the survey:

  • “The vast majority (81.3%) of businesses that had a formal system in place for assessing and managing supply risk agreed or somewhat agreed that their businesses’ ability to assess and manage supply risk has been strengthened as a result of joining C-TPAT.
  • Three quarters (75.2%) of businesses that had formal supply continuity and contingency plans.[11]

Other actions suggested by C-TPAT guidelines include how to manage the supply chain risk process in a way that ensures not only that the guidelines are met, but that immediate control steps are enabled that help to provide better security.

  1. 1. Mapping Cargo Flow and Identifying Business Partners (directly or indirectly contracted)
  2. 2. Conducting a Threat Assessment focusing on: Terrorism, Contraband Smuggling, Human Smuggling, Organized Crime, and conditions in a country/region which may foster such threats and rate threat – High, Medium, Low
  3. 3. Conducting a Vulnerability Assessment in accordance with C-TPAT Minimum Security Criteria and rate vulnerability – High, Medium, Low
  4. 4. Preparing an Action Plan
  5. Documenting How Risk Assessments are Conducted[12]

Contingency Planning

Contingency planning is a strategic risk management tool. It allows for flexibility to use a generic set of plans to respond to unknown and unexpected events which pose a risk to the business. Success in managing unexpected events requires flexibility. These four contingency planning elements were found to be positively related to flexibility in managing risk in the supply chain:

  1. “Top management support
  2. Resource alignment
  3. Level of IT usage
  4. Inter-organizational collaboration” [13]

Consideration of contingencies is still a worthwhile action for executives to include among their strategic mitigation choices.


Studies show that major disruptions to supply chains can dramatically impact the long-term survivability of businesses. Insurance plans typically cover physical damage and not the wide variety of modern world disruptive events like volcano eruptions, earthquakes, high-seas piracy, political unrest, and other unexpected events.

Some companies have found value in joining C-TPAT to help ensure more security in their supply chain. Others realize that intangibles like the amount of confidence in supply chain capability can help strengthen or erode management of risks.

Enterprise strategies should include multiple approaches and implement a process that addresses risk in a way that is flexible and can more aptly handle unexpected disruptions.


[1] Byrt, Frank, (2008). “The Endless Quest for Indestructible Supply Chain“. Financial, Aug 2010. Retrieved 8-5-10:

[2] Department of Homeland Security, (2010). “C-TPAT: Customs-Trade Partnership Against Terrorism“. Retrieved 8-4-10:

[3] Bosman, Ruud, (2006). “The New Supply Chain Challenge: Risk Management in a Global Economy“.  Factory Mutual Insurance Company. Retrieve 8-5-10:

[4] Sikich, Geary. (2008). “The World of Risks and Opportunities“. Norwich University MSBC Seminar 4 Lecture Week 8, 2010

[5] Byrt, Ibid

[6] Husdal, Jan,  (2009). “Supply Chain Confidence“. Retrieved 8-5-10:

[7] Husdal, Jan,  (2010). “Contingent Flexibility“. Retrieved 8-5-10:

[8] Sikich, Ibid

[9]  Diop, Abdoulaye; Hartman, David, and Resrode, Deborah, (2007). “Customs-Trade Partnership Against Terrorism: Cost/Benefit Survey“.  Retrieved 8-5-10: pg 35

[10] Ibid.

[11] Diop, Ibid, 4

[12] Department of Homeland Security, (2010). “C-TPAT: 5 Step Risk Assessment Process Program Guide“. Retrieved 8-4-10:

[13] Husdal, Jan,  (2010). “Contingent Flexibility“. Ibid


Continuity Insights, (2010). “Demand for supply chain insurance grows as a result of the volcanic ash crisis: Marsh“.. Retrieved 8-5-10:

Husal, Jan,  (2010). “Risk Disablers“. Retrieved 8-5-10:

“How Captive Insurance and Hedge Funds Can Help Offset Financial Risk Exposures”

“How Captive Insurance and Hedge Funds

Can Help Offset Financial Risk Exposures”

Andy Amalfitano

MSBC Seminar #4 – Risk Management

Norwich University

July 31, 2010


In the last two years, many economists were proven wrong as the economy hit the worst recession and downturn since the Great Depression of the early 20th century. Today, missing predictions continues.  One of many examples is offered by Soto (2010).

“In April we said GSCI Total Return Y/Y could appreciate by more than 20% and at the same time we warned Crude Oil Valuation model just reached again its overvalued territory. One month later, we can say we were wrong…. It looks like Crude Oil Valuation will reverse completely… and there might still be room for more decline ahead…” [1]

Risk managers try to predict and find easy ways to improve their financial advantage, often listening to economic pundits. Those days are gone. “Global supply-demand imbalances in raw materials, and resulting price volatility, will likely continue to impact the profitability and competitive position of many U.S. companies.” [2]

This paper describes why a company should consider using various techniques within the financial markets to offset financial exposures.


All businesses face exposures to predictable and unpredictable financial threats which can undermine goal achievement. The worst of these risks will be the unpredictable threats that present the greatest degree of uncertainty. Financial market-specific risks come in many forms:

  • Interest rate changes
  • Foreign currency exchange rate fluctuation
  • Goods and services tax and import/export tariff law changes
  • Geopolitical upheaval in areas where business is conducted
  • Stock market volatility affecting investments and portfolios
  • and more

Depending on the size of the business, some or all of these market levers may impact a business’ viability. [3] What’s more unnerving is the volatility and unpredictability of these risks. Economists have attempted to manage and predict the future with tools such as the CBOE-VIX [4], a widely used market analyzer. Academic researchers have attempted to create models to improve predictability. Both set of experts seem to agree that more data and understanding represents goodness, however, no specific model or approach to offsetting financial risk can be a guarantee. [5]

Verni (2005) offers four pieces of advice in managing risks:

  • “Be skeptical
  • Assume Murphy’s Laws are in force. If anything simply cannot go wrong, it will anyway
  • If everything seems to be going well, you have obviously overlooked something
  • Every solution breeds new problems” [6]

Gathering intelligence on financial risks and understanding what the information means to your business can be a key step in managing these risks. Scholes (2005) describes questions that a company can use to determine the ‘how’ of understanding asset management which he finds to be a key part of the strategy.[7] In addition, three key asset management criteria that demand understanding are:

  1. “Capital Allocation: How do we allocate capital to the risks we are taking, to each strategy individually or to a portfolio?
  2. Optimization: Risk management is not risk minimization – it is risk optimization – but what is the right tradeoff between risk and return?
  3. Stress Management: How do we handle it, and do we know how to do anything about it?”[8]

It is incumbent upon financial risk managers to avoid poor financial investments and make educated risks about trade-offs, alternatives, and options.


After decades of study and trial and error attempts to completely predict and understand financial markets, no one single model has emerged that completely defines how to manage risk 100% of the time or with 100% accuracy.

In a thesis offered by Rörden & Wille (2003) the authors concluded that “the only theory which was considered to actually work in practice without any unrealistic assumptions was diversification.”[9] Examples of diversification include spreading investments across different market types, investing some money in short-term and other money in long-term instruments, and selecting assets or commodities that are significantly unrelated by most measures.

A business needs to consider who they are as a company, what their tolerance for risk is, and apply some flexibility to their approach in selecting financial risk strategies. What is clear is that the lack of understanding of risks and/or the lack of a strategy will often mean the difference between success and failure of a business.

Here are two of the many options available for consideration by businesses:

  • Captive Insurance
    • A form of member-owned self insurance, usually in a group of similar companies providing a form of alternative risk financing
    • Offers reduced insurance costs, stabilized insurance budgets, direct access to the reinsurance market, improved claims handling and data collection, possible tax benefits, profit center creation, and a negotiation tool. [10]

According to Jay Krafsur of the Krafsur Law Group, captives offer members a significant investment tool to manage insurance costs and reinvestment opportunities in the form of reduced and re-investable loss funding. [11] Approximately 60% of premiums go into loss funding which is mostly reimbursable over time. The other 40% is operating funds which are not recoverable, however all of the premiums are investment funds which provide a broad and rather securable asset which grows over time while simultaneously providing member insurance coverage. Further, captives apply strict rules to membership including letters of credit and other assurances of financial solvency of their members. [12] This strategy provides an avenue that businesses can consider to offset other financial risks that may be occurring within their industry or market space.

Hedge Funds

Usually reserved for the high net wealth individuals or firms[13], hedge funds can play an important role in offsetting financial risks.  A hedge fund is “an aggressively managed portfolio of investments that uses advanced investment strategies such as leveraged, long, short and derivative positions in both domestic and international markets with the goal of generating high returns“. [14]

Primarily, a hedge fund is a way for an individual or in some cases, a group of people to invest significant sums of money using instruments that provide some security against changes in market value. [15]

The concept of hedging can be applied as a strategy to financial risk management.  The old term ‘don’t put all your eggs in one basket’ may still be wise advice to businesses facing uncertain futures.


There is no one sure-fire answer to how to manage financial risk particularly in the uncharted territory of today’s economy. Economists and researchers disagree on the best model or tool to use to forecast commodities, the stock market or other economic changes. Therefore, market volatility continues to plague investment strategy success for many businesses.

Two possible strategies are investment in captive insurance and hedge funds. Both offer unique ways to bring some level of security and risk avoidance to a business. These strategies offer an opportunity for businesses to not place all their investments in the same place and thus help ensure a more balanced financial risk situation.


[1] Soto, Francis (2010). “Commodities Indicators: May 2010“.  Retrieved 7-30-10:

[2] Dickson, Duanel; Manocchi, Jim, and Agarwal, Sanjay (2206). “Commodity Management: Profiting from Volatility“. Deloitte Consulting.  Retrieved 7-30-10:

[3] Crabb, Peter R., (2003). “Financial Risk Management: The Big and the Small”. Northwest Nazarene University ID. Retrieved 7-30-10:

[4] Chicago Board Options Exchange-CBOE (2009). “The CBOE Volatility Index-VIX“. Retrieved 7-30-10:

[5] Rörden, Sarah & Wille, Kristofer, Supervised by Sundström, Angelina, Examined by Liljefors, Ole. “MEASURING AND HANDLING RISK – How different financial institutions face the same problem”. Mälardalen University School of Sustainable Development of Society and Technology Bachelor Thesis in Business Administration, 15 ECTS, June 4th, 2010. Retrieved 7-30-10:

[6] Verni, Ralph, (2005), “Financial Risk Management in Practice: The Known, the Unknown and the Unknowable“. Roundtable 4: Insurance and Reinsurance.” The Wharton School, Alfred P. Sloan Foundation, and Mercer Oliver Wyman Institute, 18

[7] Scholes, Myron, (2005), “Financial Risk Management in Practice: The Known, the Unknown and the Unknowable“. Roundtable 6: Asset Management.” The Wharton School, Alfred P. Sloan Foundation, and Mercer Oliver Wyman Institute, 22-24

[8] Schoel, Ibid

[9] Rörden, Sarah & Wille, Kristofer, Ibid

[10] Theriault, Patrick, PA, CPCU, AIAF. “Captive Insurance Companies: What to Consider When Establishing and Operating Captives“. Wilmington Trust Captive Management Services. Retrieved 7-30-10:

[11] Krafsur, Jay of Krafsur Law Group – Captive Insurance Consultants, Chicago IL. Interviewed by Andy Amalfitano July 2010.

[12] Krafsur, Ibid

[13] Investopedia, “Hedge Fund“. Forbes Digital Company. Retrieved 7-30-10:

[14] Ibid

[15] McNulty, Daniel, 2010.Offset Risk with Options, Futures, and Hedge Funds“. Investopedia by Forbes Digital Company. Retrieved 7-30-10:

Perception – A Key Obstacle to Successful Risk Communications

We often hear that perception is reality. I can think of several obstacles within a company to proper risk communication and would like to speak to one – government regulation actually providing a shield for companies to not be required to communicate. [1]

Risk communication can be a tricky thing to do successfully. During a major crisis, experienced communicators like public relations experts help companies gather pertinent data, analyze the exposures, determine what the audience needs to know and deliver a crisp and cogent message, hopefully in a forthright manner.

What if there was a law protecting a company from having to be forthright?

According to an article by Lyndsey (2010) in the Washington Post, chemical companies are in many cases protected by a 33 year old law. [1] Lyndsey writes:

“Of the 84,000 chemicals in commercial use in the United States — from flame retardants in furniture to household cleaners — nearly 20 percent are secret, according to the Environmental Protection Agency, their names and physical properties guarded from consumers and virtually all public officials under a little-known federal provision.”

In the mid 1970’s, the policy was created to protect a company’s trade secrets from being used by competitors to overpower or destroy the business, a step purportedly taken to secure American business against foreign competition.

A worst case scenario would include mass deaths due to chemicals we didn’t know could harm us. I’d like to look at a smaller and more likely event, closer to home. A news story says that a Colorado emergency room nurse was exposed for 10 minutes to a dangerous chemical found on the boots of an oil rig worker.[2] She became quite sick while doctors tried to decipher the less than complete information from the manufacturer. [3]

Although the company that makes the frac’ing fluid provided Behr’s doctors with what it calls ‘Material Data Safety Sheets” at the time of the incident, it refused to provide more specific information to the hospital once she fell ill, according to the Herald. Her intensive-care doctor had to guess what to do as he tried to keep her alive.”[4]

Of all the obstacles to providing good risk communication, I think overcoming perception is reality is probably the key hurdle. Often times perception is determined by how an individual’s interpretation of a how a danger affects them or people with whom they are concerned. If, as Sikich (2008) says, “Risk = Hazard + Outrage” [5], then managing risk communication must be conducted with a full understanding of who the audience is and the message they are expecting or think they need to hear. Crafting and delivering that message is not not-trivial.

To compound the perception issue, morality trumps economics. According to Griese (2002) events which are only economically impactful are more acceptable than events which cause both harm and economic damage. [6] Perceptions will then become more difficult to overcome due to the emotional stress associated with the ‘outrage’.

For the victims of chemical spills and their families, and for the emergency workers exposed to unknown, unreported chemicals, perception of the manufacturers will be an important consideration for the corporate crisis communications leaders to manage.


[1] Sikich, Geary. (2008). “ Decision Points-Communicating Risk”. Norwich University MSBC Seminar 4 Lecture Week 10, 2010

[2] Layton, Lyndsey, (Jan. 2010). “Use of potentially harmful chemicals kept secret under law“. Washington Post. Retrieved 8-9-10:

[3] Frankowski, Eric, (2008).Gas Industry Secrets and a Nurse’s  Story“. Retrieved 8-9-10:

[4] Sikich, Ibid

[5] Ibid

[6] Griese, Noel L. “How to Manage Organizational Communication During Crisis“. Anvil Publishers, 2002 Tucker GA, 89

Business Continuity Webinar 25-AUG10

Join us for a webinar on August 25th, 2010 at 1:00 pm EDT
To join the meeting:
Call in Number: 1-866-844-6898 | Conference code: 50261753
Sponsored by the Norwich University Master of Science in Business Continuity Management Program ( and the International Consortium for Organizational Resilience (

Continuity of Operations Planning
Events such as Hurricane Katrina have demonstrated the importance of continuity of operations planning (COOP) for public agencies. Not only can critical services be disrupted by disasters, but response agencies must ensure their own operations if they are to serve the public need during an emergency.
Recognizing the importance of COOP, President Bush enacted National Security and Homeland Security Presidential Directive 51 that requires continuity programs to “be incorporated into daily operations of all executive departments and agencies.”
We will examine the fundamental elements of continuity of operations planning, as well as how it differs from private sector business continuity. Public sector officials will learn about COOP programs, and private sector business continuity planners will learn how governmental agencies maintain their services during a disaster.


Lynnda Nelson is the President of the Board of The International Consortium for Organizational Resilience (ICOR – a non-profit international professional development and credentialing organization. Lynnda is also owner and Director of Business Continuity Services, Inc., BCS ( a consulting company providing business continuity, disaster recovery, crisis management, and emergency management consulting, and an instructor in the Norwich University Master of Science in Business Continuity Management program.

Andrew Amalfitano is owner and principal consultant of AmalfiCORE, LLC (, a business solutions firm providing organizational learning, continuity of operations, and emergency planning to the public sector and disaster preparedness planning to medium size businesses.

Compliance Programs Only As Effective as the People

I’m not a fan of vast regulations. It seems, though that when corporate leaders make mistakes, or willfully fraud, a regulation is born that is often necessary.

Compliance programs are only as effective as the people implementing them. Yet, what ‘goes around’ seems to ‘come around’ and eventually it appears that most, if not all, perpetrators are eventually held accountable.

It never ceases to amaze me how a few dozen people in charge of various companies continue to try to get away with corruption. Some examples include:

  • American Express
  • Amoco
  • Arthur Anderson
  • BCCI
  • Bridgestone
  • Bristol-Meyers Squibb
  • Coca-Cola
  • Enron
  • Exxon
  • Ford
  • Johnson & Johnson
  • Marsh McLennan
  • Merck
  • Nortel
  • Pepsi-Cola
  • Texaco
  • Tyco
  • Union Carbide

Well the list is quite long. I’m not one to quote Wikipedia much, but it’s worth a look as it lists some 50+ corporations with scandalous episodes in their history. [1]

Sikich (2008) reports that “Current regulations and laws, such as NYSE Rule 446 and NASD Rules 3500, 3510, 3520, Sarbanes-Oxley (section 404), HIPAA, etc. make it incumbent on companies to assess compliance, operational resilience and ability to assure continuity of operations.” [2]

However, corruption continues. CNN reports on recent examples in a their expose of “75 Examples of Corporate Fraud.

I won’t pretend to judge each case as I don’t have the time or inclination to delve into the shenanigans of each. However, what is clear is that despite the plethora of compliance programs and regulatory oversight, the corruption seems to continue.

Leaders of corporations are responsible for setting an example and it’s definitely the people who consciously choose to follow the guidelines and comply or not. In my experience with a brush by compliance (i.e. SOX, HIPAA, etc), I can see where interpretation and judgment do enter the picture. Today’s businesses are quite complex and global connections can sometimes cloud an issue. Nevertheless, at the end of the day, someone makes a decision to do it ‘right’ or ‘wrong’ according to compliance laws and regulations.

There usually is an opportunity (usually as information comes to light) for the leaders to take responsibility, report transparently, and begin to comply. My guess is that most companies do, otherwise we’d probably be hearing about hundreds or thousands of cases instead of tens of cases.

That is crux of compliance, I think. Follow the rules the best we can and if we make a mistake, own up to it immediately, fix the situation, report what’s being done and continue our business. That is managing risk and I think it is the responsibility of all of the ‘people’ (employees included) to do the right thing always.

As for whether some of the regulations are properly worded or even need to exist is for wiser folks than me go figure out.


[1] Wikipedia. “List of Corporate Scandals”. Retrieved 8-3-10:

[2] Sikich, Geary. (2008). “Impact of Regulatory Initiatives and Guidelines“. Norwich University MSBC Seminar 4 Lecture Week 9, 2010

Uses wordpress plugins developed by