A strategic approach to loss prevention engineering.
Furthermore, some loss prevention solutions intended to mitigate risk associated with a specific hazard may be counter-productive for another hazard (e.g., fragmentation-reduction film on windows for blast loads could impair firefighter activities for gaining access in the event of a fire), while other measures can be shown to protect a facility against a wide range of threats (e.g., some seismic provisions can generally make the structure more resilient to some impact and blast loads).
Implementing loss prevention engineering without a strategic approach that accounts for the multiplicity of hazards to which the facility may be subjected, while balancing often competing objectives, may result in non-optimized use of limited resources, and in some cases, systems that do not meet loss mitigation goals.
Loss prevention engineering should be the direct outcome of a holistic risk assessment, risk management and design process, aimed at objectives that have been agreed at the onset of the project. This process--risk-informed performance-based design--has four key steps:
* Setting goals and objectives
* Performing a threat and risk assessment
* Performing a loss prevention options analysis
* Engaging performance-based loss prevention engineering
Setting Goals and Objectives
The goals of the organization, as they relate to facility risk, should be clearly communicated and agreed upon between senior management, facility managers, design and risk consultants, and other stakeholders. Goals may range from bringing loss estimates to a level in which the organization can implement a self-insurance policy, to bringing loss consistency across various facilities, to protecting critical assets that are instrumental to the organization as a whole.
Objectives can be used to provide more direction for how a goal might be met and can be stated in quantifiable terms. An example might be to limit expected structural loss at a certain facility (or building within a facility) to 20% following a 2,500year seismic event. Another example would be to protect a certain piece of machinery from the effects of building conflagration to the point that it can be operational within two hours. Accounting for the diverse perspectives of the stakeholders is critical to the success of setting targets, as a singularly focused view of risk and its tolerability may inadvertently miss important considerations such as technical, social, economic, value or perceptual impacts. If a key perspective is omitted, the risk problem may be formulated improperly and the ensuing analysis may omit key parameters.
The goals and objectives for a facility underpin the threat and risk assessment, the mitigation options analysis, and ultimately, the implementation of the loss-prevention engineering measures.
Threat and Risk Assessment
The intent of performing a threat and risk assessment is to provide a high-level and simplified means through which interested and affected parties can agree on the critical assets of a given facility, what threats and hazards may affect those assets, and what are the consequences of those threats on the assets. The results from the threat and risk assessment provide the framework through which the loss prevention options are analyzed.
Assets may include people, property, machinery, operations, information, surrounding infrastructure and reputation. For a facility, the list of assets can be quite long, and the types and importance of the assets can vary by facility type, location and operation. As outlined in the Reference Manual to Mitigate Potential Terrorist Attacks against Buildings (FEMA, 2003), identifying a facility's critical assets can be accomplished in a two-step process: (1) define and understand the facility's core functions and processes and (2) identify critical building infrastructure, such as critical components, information systems and data, life safety systems and security systems.
Threats that may affect those assets include various natural hazards (e.g., hurricanes, earthquakes, tornadoes, extreme temperature and electrical storms), accidental or technological hazards (e.g., mishandling of toxic agents, and machinery malfunction), and willful hazards (e.g., criminal activity and terrorism). Many hazards are interrelated and can occur as both isolated and combined events. For example, a seismic event can often be followed by associated fire or mechanical malfunction.
For most natural hazards, the probability of various events can be predicted due to the vast amount of data that has been collected, especially for earthquakes and hurricanes. The likelihood of an earthquake or flood or severe wind can be characterized by the probability of exceedance during a specific time period (e.g., most seismic building code regulations are based on achieving a life-safety performance criteria for an earthquake that has a 10% chance of being exceeded in the lifetime--50 years--of the structure). This, however, is not the case for terrorism, where probabilistic data is difficult to obtain, loss models are in their infancy, and the threat is constantly evolving in an attempt to outsmart mitigation measures.
After determining the threat scenarios, the impact of a hazard or threat in terms of life loss, injuries, structural and non-structural facility damage, contents damage, loss of operations or mission, or other objectives specific to the facility and assets of concern can be estimated. A key element in any such consequence analyses is that of the importance--and perception of importance--of the particular asset or facility as a whole. The consequence of a roof collapse in one building could be greater--or perceived to be greater--at one building than another.
The risk assessment pulls together the threat, probability and consequence assessments for the identified assets. Although the quantification of risk is often viewed quantitatively as the combination of three components: an event, the probability that the event will occur, and the potential consequences should the event occur (i.e., R = P x C), such simple calculations can sometimes result in important factors being missed, such as perception, valuation and criticality (e.g., a high probability, low con sequence event could have the same numerical value as a low probability, high consequence event, yet the risks could be perceived and valued much differently).
Nevertheless, the matrix in Figure 1 provides a concise framework for a performance-based risk assessment, using categories for likelihood and consequence. Events in red are often considered to be unacceptable and require mitigation. Events in yellow and green are of less concern, but all scenarios will benefit from exploration of risk-reduction options.
Loss Prevention Options Analysis
There are many strategies to prevent and/or mitigate risk associated with hazardous events, from operating procedures to structural or nonstructural upgrades, and it is likely that not all potential strategies will be selected. The intent is to consider a wide range of options before committing to their costly implementation.
To help select appropriate loss prevention options, both their cost and effectiveness with respect to the threat scenarios and overall risk rankings for facility assets should be considered. This should include a life-cycle approach to the problem, as there will be variation in capital versus operating costs, variation in effectiveness of mitigation measures with time (durability and reliability issues), and other such factors that could have an influence on overall cost effectiveness and mitigation effectiveness of the various alternatives.
One way to look at cost-benefit analysis is to focus on the "optimal" level for balancing risk and cost. In brief, this optimal level is achieved when the incremental or marginal cost of risk reduction equals the marginal reduction achieved in mitigation cost. In other words, if one spends too little on risk mitigation, the result could be significant expected losses. Conversely, excessive spending on risk mitigation might not be worth the cost, as the expected loss which results could be disproportionately low when compared to the mitigation investment. The optimal level, therefore, is somewhere in between. This concept is illustrated in Figure 2.
[FIGURE 2 OMITTED]
Performance-Based Analysis and Design
Once the preferred loss prevention options have been selected for implementation, the goals and objectives discussed previously can be utilized to develop specific performance criteria for the loss prevention measures. These may range from specifying specific damageability states for the structure to seismic loads, to specifying the throw of window particles due to a specific bomb threat.
Performance-based design is different to that of prescriptive, or code-based, design. Prescriptive design is usually intended to provide minimum performance levels to ensure pubic safety--a life-safety performance objective is implied in most building codes. Prescriptive codes are not usually designed to protect to a more stringent performance criteria (e.g., immediate occupancy, or repairability) following a hazardous event.
Under the prescriptive approach, most building classes are treated alike and thus criteria for one building are similar to those of another building of different occupancy.
Performance-based analysis and design is a process of engineering a solution to meet specific levels of performance, where performance may be stated in terms of qualitative or quantitative objectives, criteria, or limiting states of damage or injury. The process consists of the following elements:
* Selecting appropriate performance criteria
* Developing a preliminary design which aims to meet the criteria
* Verifying that the design can achieve the criteria
* Iteratively revising the design until an acceptable design is achieved
Various analytical techniques can be used to predict the behavior of the systems to the threats, and quantify their performance. For example, the objective for a given building may require that the structure be repairable with minimal damage following a 500-year seismic event. Performance criteria can then be identified which quantify displacement limits for critical structural elements. Non-linear structural analysis can then be performed to quantify the predicted level of displacement that the structure would undergo during that event, and thus allowing for a predictive indication of damage and whether it would meet the performance targets.
An example of a performance matrix for seismic hazard is presented in Figure 3. Note the similarity between this performance matrix and the risk matrix presented previously. The likelihood of the event has been quantified into four distinct levels of earthquakes, while the consequence, or in this case performance targets, are quantified further. In the actual matrix, specific performance criteria are presented for which facility structures can be both analyzed and designed.
By defining performance objectives at the outset, instigating a high-level threat and risk assessment to prioritize mitigation options for a wide range of hazards, and using performance objectives to guide the design of the facilities, loss engineering can be optimized to balance a variety of objectives.
Perhaps most importantly, the risk-informed performance-based design process provides a simple, candid and auditable means of bringing stakeholders into the risk decision process, therefore helping to determine whether loss prevention engineering indeed meets the goals of the organization.
Figure 1 Consequence Castrophic Very Serious Serious Not Serious Likelihood 1 2 3 4 Certain 1A 2A 3A 4A A Highly Probable 1B 2B 3B 4B B Probable 1C 2C 3C 4C C Improbable 1D 2D 3D 4D D Figure 3 Target Building Performance Levels Operational Immediate Occupancy Earthquake Hazard Performance Performance Level (Level 1-A) (Level 1-B) 50%/50 year a b 20%/50 year e f BSE-1 i j (- 10%/50 year) BSE-1 m n (- 2%/50 year) Life Safety Collapse Prevention Earthquake Hazard Performance Performance Level (Level 3-C) (Level 5-E) 50%/50 year c d 20%/50 year g h BSE-1 k l (- 10%/50 year) BSE-1 o p (- 2%/50 year) (FEMA 356)
Andy Thompson, P.E. is a senior risk consultant with Arup, a global, multidisciplinary risk consultancy firm. Thompson is based in San Francisco.
|Printer friendly Cite/link Email Feedback|
|Title Annotation:||STRATEGIC LOSS PREVENTION|
|Date:||Jul 1, 2005|
|Previous Article:||Do catastrophe models mislead?|
|Next Article:||Coping with catastrophe: the first 24 hours.|