Fall World 2014

Conference & Exhibit

Attend The #1 BC/DR Event!

Summer Journal

Volume 27, Issue 3

Full Contents Now Available!

Lessons Observed vs. Lessons Learned

Last year's devastating events in Japan were yet another reminder of the vulnerability of our business operations in general and most specifically our supply chains. While the full impact on organizations worldwide may never be known, there are lessons to be learned.

It is a fortunate truth that few organizations will ever experience the combined direct impact of a black swan event like Japan's estimated 9.0 earthquake of March 11, 2011, the fourth largest in the world since 1900. This was the resulting domino effect with a sequence of multiple events occurring in a relatively short period of time … an earthquake, a tsunami, and nuclear power plant damage and shutdowns.

Widely diverse industries including automotive, computers, electronic components, industrial equipment, steel, textiles, and processed foods felt the effects. A partial list of Japanese and global businesses experiencing direct damage and/or significant supply chain interruptions includes some of the world's biggest and best known companies: Apple, Canon Inc., Cosmo Oil Company, Fujitsu Ltd., Honda, Mazda, Mitsubishi, Nissan Motor Co., Oriental Land Co. (Disney), Panasonic Corp., Sapporo Breweries Ltd., Sony Corp., Sumitomo Metal Industries, Subaru, Suzuki, TDK, Texas Instruments, Tohoka Electric Power Co., Tokyo Electric Power Co., Tokyo Gas Company, Toshiba Corp., Toyota Motor Corp., and Vopak.

Supply chain disruptions were far-reaching with transportation companies, suppliers, tier suppliers, supply chain strands, outsourcing companies, contractors, and customers all feeling the impact.

It is not only the international behemoths that suffered resulting losses, though they are the expected focus of most media reports. Coeli Carr's article "A Sake Story," (Portfolio.com March 17, 2011 http://www.portfolio.com/business-news/2011/03/17/importers-worried-about-sake-business-following-japan-earthquake/#ixzz1VrZwLETJ) reported the disruption and uncertainty for a U.S. importer of Japanese sake and the related impacts on U.S. importers, distributors, retailers, and restaurants, as well as the Japanese distribution companies, sake breweries, and rice growers.

As worldwide attention to the continuing consequences continues to wane, in Japan heightened concerns about nuclear power are raising questions about whether some or all 54 of Japan's reactors could go off line as a result of continuing fears. According to Reuters, with nuclear power plants providing one-third of its power, "Japan could face a power shortage of more than 9 percent next summer if all its nuclear reactors are shut down, media reported Wednesday citing government estimates."

No one invests in earthquake preparedness and mitigation like the Japanese. A system of bullet train trackside seismometers detect a coming earthquake, causing train operation controls to activate and launch a shutdown command to trains that reduce speed or bring the train to a rapid halt based on earthquake acceleration levels. Reports are that 27 bullet trains running in the affected areas on March 11 avoided derailment by applying emergency breaking 9 seconds before the shaking began, 70 seconds prior to the most violent tremors.

Infrastructure equipment has been strengthened to withstand earthquake motion. Japan's undersea cables remained mostly intact, allowing much-needed Internet communication and response in many areas.

Building codes in Japan are among the world's most stringent. Structural mitigation includes buildings with fluid-filled shock absorbers, Teflon foundation pads, reinforced walls and foundations, and ongoing increased engineering and earthquake-proof designs. Seawalls, considered a blot on the landscape by many, protect the coast from tsunami waves.

An earthquake warning system notifies officials and the public via phone messaging as well as traditional media. There is even an earthquake warning app that sends out an alert to let subscribers know when a quake is coming, where the epicenter is located, and how bad the shaking is expected to be. A billion-dollar system, a network of more than a thousand GPS-based sensors, provides tsunami warnings that allow several minutes to evacuate before waves start hitting.

But March 11 happened, yet another reminder that we cannot prevent or fully mitigate all disasters. So what are we to learn? What are the lessons we can take from this latest disaster?

Definitions of "lesson" include: An experience, example, or observation that imparts beneficial new knowledge or wisdom; the knowledge or wisdom so acquired. Ergo, a lesson is knowledge or understanding gained by experience, whether that is a negative or a positive experience, our own experience or the experience of another. Our lessons may address information that is relevant and applicable or perhaps simply of interest. Not acting on the knowledge gained is not learning the lesson, only observing the lesson.

As an example, let's consider a person, while studying the physics of electricity and metal objects, observes that a steel rod raised in the air during a storm will possibly be struck by lightning. If that same individual is struck by lightning while playing a round of golf the following weekend, did he actually learn the lesson and take preventative action or simply observe the lesson and nevertheless put himself at risk? Observing the lesson: knowing that the structure of metals makes them good conductors of electricity and therefore at risk for lightning strikes. Learning the lesson: never playing golf during a lightning storm.

To move beyond simply observing lessons from the events in Japan to learning the lessons, here are seven business continuity practices to act upon.

  1. Be proactive
  2. Build in backups and redundancy
  3. Fully include the supply chain
  4. Assess and measure continuity program effectiveness
  5. Develop continuity partnerships
  6. Address people's considerations
  7. Strive for progress, improvement, maturity

1. Be Proactive. It's as true today as it has ever been. The best return on investment is funds spent before the disaster. Success of recovery is directly related to the quality of the planning, the training provided, and the testing that occurs before the disaster.

2. Build in Backups and Redundancy. That includes people, facilities, equipment, data, suppliers, service providers, transport companies, and outsourcing companies.

3. Include the Supply Chain in Business Continuity Planning. Every link, in every phase of the planning lifecycle. Today's global supply chains are more susceptible than ever before to risks that encompass everything from power outages to pirate attacks. Conduct a post-March 11 supply chain review and reassess the risks for all supply chain links and touch points … internal, upstream, and downstream:

  • Manufacturing
  • Suppliers: raw materials, components, parts
  • Outsourcing companies
  • Service providers
  • Transportation services
  • Distribution services
  • Warehouses
  • Retailers
  • Wholesalers
  • Supporting technology
  • Utility service providers
  • Contractors

Based on the review, identify and implement needed mitigation actions and update continuity strategies and plans.

Beyond the traditional criteria of quality and price, consider business continuity capability in the supplier selection process. Select low-risk suppliers and identify those that may be high-risk by asking relevant questions when considering new suppliers and before renewing contracts with current suppliers.

  • Do they have a business continuity program?
  • Are we aware of their vulnerabilities?
  • How transparent are their operations?
  • How critical is the product or service?
  • Is this a single point of failure?
  • Do we have workable alternatives?
  • Will their security measures protect our data and intellectual property?
  • Will they jeopardize any regulatory or legal requirements?
  • Can they create liability issues for us?
  • How financially healthy is the company?
  • For current suppliers: Have we experienced deteriorating service levels?

4. Measure and Manage. Continue to assess Business Continuity Programs to measure program effectiveness, yours and that of suppliers and other business partners. Include continuity in selection metrics and scorecards, and continue to monitor after the selection is made.

5. Address People Considerations. With every major disaster we are reminded of the importance of people and how they truly are an organization's most important asset.

  • Cross-train for critical functions and skill sets
  • Develop communication plans and capability
  • Document detailed operating procedures to allow back-up personnel to carry out critical business functions when necessary
  • Encourage employee home and family disaster preparedness

6. Develop Continuity Partnerships. Move beyond the traditional customer-supplier us vs. them relationship mentality. Develop collaborative, mutually beneficial partnerships with suppliers, outsourcing companies, service providers, and the rest of your business partners.

  • Communicate; let them know what your expectations are by sharing business continuity standards and policies
  • Provide sources for needed business continuity training or coaching
  • Present supplier business continuity workshops to provide guidance in developing their program
  • Include suppliers, contractors, and more in your continuity training sessions and exercises
  • Work together to develop collaborative continuity strategies and solutions
  • Be open to their suggestions and ideas for developing continuity capability
  • Identify and offer corrective actions to reduce risks

7. Progress, Improvement, Maturity. Things change, and old solutions don't always work for new problems.

  • Keep up-to-date through performance monitoring, tests, and benchmarking
  • Ensure that operational changes and new products, processes, and acquisitions are added to plans
  • Continually reassess internal and external risks; adjust as necessary
  • Use advanced supply-chain tools for a complete risk assessment

Are there lessons to be learned from Japan? Were there lessons to be learned from the Eyjafjallajokull ash cloud when air travel disruptions were the highest since World War II and resulted in losses in the billions with impacts to companies in Africa, Asia, Europe, and North America?

Were there lessons to be learned from Katrina in 2005 when continuity team members and critical staff were not available or able to reach their assigned location, cargo shipments were halted or limited, and recovery time estimates were found to be greatly overly optimistic?

Were there lessons to be learned in the 2001 terrorist attacks such as the need to conduct regular reviews, updates, and test plans; provide cross-training to ensure backups for continuity team members; plan for potential for wide-area disasters, loss of multiple sites, and long-term recovery; build in communication redundancies, and plan for significant transportation interruptions?

The answer to each of these questions is a resounding, "YES." Every disaster presents us with lessons and two options.

Lesson Observed Lesson Observed
+No Change +Positive Change
=Lesson Observed =Lesson Learned

The first is to observe the lessons, take no positive action, move on, and hope ours is not the company struck by lightning. The second is to observe the lessons, make positive changes, and be better prepared for the next storm.

Make a commitment to learn the lessons of the tragedy in Japan. Start today and implement positive changes before the lessons that were observed begin to fade.

Betty A. Kildow, CBCP, FBCI, has been a business continuity consultant for two decades, working with a broad range of companies and organizations in the development and implementation of tailored programs to manage risk. Kildow has been a strong proponent of supply chain business continuity. She is also the author of "A Supply Chain Management Guide to Business Continuity" (AMACOM 2011). She can be contacted at BettyKildow@comcast.net.

Add comment


Security code
Refresh