GE has a multifaceted approach to identifying, anticipating and addressing potential impacts to its business operations from external disruption. As the world is increasingly volatile, our ability to anticipate, respond to and recover from events is critical.
Enterprise Risk Management (ERM)
Each year the Company completes a risk assessment to identify enterprise risks, which culminates in a C-suite discussion of the issues which could materially impact the company. For more on how GE identifies and manages risk, see our Risk Oversight and Management section.
Emergency Response Planning (ERP)
All of our operations, and especially our manufacturing sites and service operations, are subject to GE’s Environmental, Health and Safety (EHS) policy and EHS management system. GE requires these facilities to develop a hazard “heat map” of potential EHS risks and hazards within and external to its operations. This exercise requires operating leaders to identify and categorize hazards and potential external threats to their operations. For each significant hazard and threat, the operation is expected to detail strategies for defending against and mitigating the impact of the hazard. We refer to this exercise as a “strength of defense” matrix. Our audit program reviews the accuracy of the hazard heat map and the efficacy of the defenses to validate whether the defenses are in place and functioning. Impaired defenses are identified and prioritized for corrective action.
Once a risk such as the potential for flooding, earthquake, extreme weather or political risk is identified, the operational leader is required to develop a mitigation plan. Given the local nature of most natural hazards and the strong ownership GE’s operational leaders have over EHS performance, we rely on operations to understand their local issues and establish appropriate response plans. We expect the operation to reach out to their community’s local emergency planning organization for advice on reasonably foreseeable extreme events and community preparedness plans. In addition each GE site is required to hold an annual emergency planning drill to test its ability to detect and mitigate a hazard. Many sites will include local first-response teams in the activity to ensure proper coordination of resources. Finally, our insurance carrier, FM Global, evaluates many of our facilities for resiliency to natural hazards and provides recommendations to mitigate significant threats.
Business Continuity Planning
GE’s Business Continuity Management (BCM) Framework has been developed using an all-hazards planning approach. That is, regardless of the cause or the scenario of the event/incident, the plan is structured around specific and probable-loss scenarios:
- Loss of workforce/specialized personnel
- Loss of IT services/hardware/software
- Loss of building/facilities/workspace
- Loss of supplier services/supply chain
- Any combination of the above
The resulting Business Continuity Plan (BCP) provides a clear, scalable and flexible document for businesses to provide guidance to continue operations in the event of an incident that severely impacts their ability to conduct business as usual.
The planning process is an ongoing cyclical process of risk assessment, impact analysis, response planning exercising and maintaining in order to develop organizational resilience.
A BCP’s capability cannot be considered reliable until it has been exercised through increasingly complex exercise scenarios. Through a robust exercise program, the business can get assurance that its plans mitigate the risk to critical activities and if not, adapt the plan to meet the requirements.
At the higher level, exercises are undertaken to:
- Develop competence
- Instill confidence
- Impart knowledge in the BCP and framework
As a business, location or function develops its BCP maturity, more complex exercises are expected to test the business’s ability to recover.
Security & Crisis Management (SCM)
SCM teams at site, business and corporate levels are responsible for understanding the risks and impacts to GE’s operations and planning and coordinating GE response activities.
GE’s Corporate SCM team works together with the businesses and regions to conduct major crisis management exercises on an annual basis, in addition to the individual business exercises. Best practices and lessons learned are shared with the Crisis Management Teams and senior management, with action plans tracked to completion to address any recognized gaps.
With GE’s global footprint, Business and Corporate Crisis management teams have been activated to mitigate the impact to GE’s staff and operations; in 2016 this included incidents in Europe and major weather events impacting the U.S. and the Philippines.
GE is also working with others on projects to design more resilient energy systems. To learn more about the functional design of a resilient electrical micro-grid view the GE Reports article here.