08 March 2004

Terrorism Risk Management for Critical Infrastructure Protection - A Series

By Peter L. Higgins
1SecureAudit LLC

Part IV

TRIA (Terrorism Risk Insurance Act) is an interim solution to the management of unknown risks and information as a result of a particular incident. The act provides temporary help to:

· Protect consumers by providing widespread availability of property and casualty insurance for terrorism risk.

· The Insurance industry to establish standards, protocols, and time for the stabilization of the pricing and models.

The building finance sector is focused on the commercial infrastructure including malls, banks, hotels and other high profile commercial structures in downtown districts. Currently the models have covered major threats such as bomb blast, aircraft impact, and chemical, biological, nuclear and radiological. The Real Estate and Insurance industry has yet to grasp a model that takes into consideration all of the potential events and their impact. So far, the models have been slow in coming and many property owners have a wait and see attitude about purchasing terrorism insurance.

TRIA requires insurers to provide terrorism risk and to disclose the cost of added coverage as a percentage of the total premium. Some insurers charge from 0% to 80% depending on how much risk coverage they want to write and the details of a building location. Without actuarial data to work from, the insurers are working more from a subjective point of view than objective. Models may be good for now until we have real data to work from.

As new standards are developed across the spectrum of the industry from architectural design to building codes and operational mitigation strategies the new baselines will emerge. These new baselines will help determine how organizations effectively prepare for incidents of catastrophic proportions.

In light of the fact that the insurance industry is still immature in their models due to a lack of actuarial data the real estate financiers are considering alternative approaches to risk mitigation and management. For example, tools for the assessment of terrorism vulnerabilities exist today that could be introduced into the cycle of due diligence. As these tools are adopted to assess and help reduce the risk of unknown man-made events, the lenders and the insurers will converge on these new models to help rate buildings and critical infrastructure in terms of their exposure to terrorism risk.

Due diligence requires detailed property inspections and audits to provide sound advice to key decision makers on the state of a real estate property. Vulnerability to terrorist attack will become, if it isn’t already, a critical component of due diligence. The individuals and firms that provide these solutions must be multi-faceted in operations, security and building systems in order to provide a comprehensive and fair report. This assessment shall include the operational procedures and hazard mitigation programs of the building to determine the overall vulnerability to a combination of both natural and man-made events.

More on this series over the next few weeks.

No comments:

Post a Comment