What is Your Company’s Preaction Rating Index?
Firestorm’s Preaction Rating Index™
Firestorm’s Preaction Rating Index™ rating is designed to provide a common platform to assist analysts, clients, investors and regulators evaluate and compare an organization’s continuity of operations effectiveness before a crisis or a disaster occurs. Predictability of revenue and the preservation of life, following a disaster or crisis, is a function of continuity of operations.
The Preaction Rating Index is a tool which enables Enterprise Risk Management (ERM) to become a measurable compliance function. The Preaction Rating Index is used to compare multiple organizations to one another and assess their readiness and potential volatility of earnings.
How Does the Preaction Process Work?
Firestorm analyzes infrastructure stress points, bottlenecks, and barriers for continuity of operation. These limitations impact an organization’s ability to respond in a catastrophic incident and identify critical failure points.
Firestorm starts the disaster due diligence process by conducting a hazard impact analysis to identify potential threats faced by an organization and establishes a Hazard Index. These risks are analyzed to determine likelihood, onset speed, forewarning, duration, intensity, and impact. These hazards are mapped against the grid containing the Preaction Rating Index of the organization’s ability to address these exposures to identify key vulnerabilities and stress points.
What Factors are Involved?
Firestorm’s Preaction Rating Index uses 20 evaluation factors to assess how a given plan addresses individual risk indicators, and scores the degree the plans respond to those indicators, resulting in a total weighted Preaction Rating Index. The Preaction Rating Index analysis provides an actionable matrix of potential critical exposures and failure points which will impact an organization’s ability to respond to a catastrophic incident.
Governance and Predict, Plan, Perform
Continuity planning is a governance issue. Proper disaster planning requires that an organization Predict the vulnerability, Plan the response, and Perform when the event occurs. The Predict phase will identify and classify the critical vulnerabilities, identify key emergency personnel, ascertain critical decisions, analyze gaps, identify infrastructure needs, and define communications requirements.
The Plan phase will develop the strategy, construct the plan, and involve the appropriate personnel to assure their buy-in and commitment. The Perform phase will establish protocols for implementation, community involvement, communications, test exercises, audits, reviews, updates, and compliance. A well designed and executed plan can transform a crisis. Firestorm has often found that plans are not updated to reflect ongoing changes within organizations, thus creating unforeseen vulnerabilities.
Regional / Industry Benchmarking
Firestorm will benchmark client plans with other regional or industry plans. There currently is no uniform standard for continuity plans. Some may be well designed and tested. Others are a weak link in coordination. A plan’s effectiveness is compounded by decisions to evacuate or shelter in place, provide support services for employees and clients, establish command and control, facilitate transportation, maintain quality communications, reduce panic, manage technology concerns, supply critical supply chain partners, and provide for inter-agency/jurisdiction coordination.
Since plans are developed and implemented over time, organizations might find themselves at risk by not having an executable plan in place, and will remain more vulnerable to incidents during periods of transition. Firestorm identifies opportunities for implementing interim plan strategies. By using this approach, Firestorm creates a strategic advantage for clients while at the same time increasing the safety of the employees and protecting shareholder value during this period.