The outlook for financial markets remains as uncertain as ever while they navigate a post-election environment that affects the easing of interest rates, employment (i.e. labor supply & demand), and investors’ earnings expectations. Yet, amid this uncertainty, public entity insurers must generate sufficient, predictable investment income to support underwriting results.

For many public entity insurers, such as government risk pools, joint powers authorities, self-insurers, captives, etc., that means an investment portfolio already hamstrung by asset class restrictions – typically limited to US Treasuries and Agencies – faces even further pressures and potential volatility.

Even for public entity insurers that are allowed to invest in a greater scope of investment-grade bonds or have the flexibility to invest in risk assets (i.e. equities, bank loans, high-yield bonds, etc.), it will be a difficult time to assess the benefits of short-term changes versus the long-term horizon intended for public entities.

With such an uncertain outlook on the horizon, public entity insurers must invest prudently. But what should they do?

First, public entity insurers should be sure to focus on the overall investment process.

Start with the basics, which are surprisingly little followed all of the time.

Markets go up, down, and sideways, and, many times, surprise the so-called experts.  However, what doesn’t change is that what is most important is making investment decisions that are correct for your entity, irrespective of what you may see, hear, read or smell about financial markets.

Investment basics revolve around the “Investment Process Value Chain,” which encompasses the six most important parts of a public entity’s investment process.

Why focus on process? A good process should produce good results over the long term.

To illustrate, if poor results ensue from a good process, such outcomes would be considered bad luck. Meanwhile, it is possible to get good results from a bad process. That, too, would be luck. But, this time, it would be good luck, since you would expect poor results to come from a bad process.

Many investors focus solely on the results. “Just give me the bottom line. Did we beat our benchmarks or not?  Are we getting the yield we need or not?”  These are worthy sentiments, but besides there being better questions to ask than those, they do not focus on the process.

Here’s a simple explanation of the “Investment Process Value Chain” and how, if focused on an improved investment process, public entity insurers can manage much of the financial market uncertainty over the long term.

1. Investment Policy – These can be anywhere from two-page policies to near handbook-length documents. However, a ‘best practices’ policy has five important sections. And what may be the most important section is the one the I see missing all too often: Corporate Governance - Who is responsible for what, when, and how?

This is also not a static process; new investment alternatives, changing regulatory environments, and evolving operating conditions mean that reviews should typically be conducted annually.

2. Strategic Asset Allocation – This goes hand in hand with the policy since the results of a comprehensive asset allocation analysis – one that considers assets, reserves, capital, income, different interest rates and economic scenarios, etc. – will ultimately determine most of the total return a public entity will receive.

3. Investment Manager Evaluation and Selection – Most public entity insurers will utilize an external investment manager to manage the portfolio. What is key is keeping their performance, adherence to the entity’s goals and objectives, and any material firm changes top-of-mind. A disciplined approach to manager evaluation and selection that takes into account the manager’s investment process, philosophy, people, and systems is a good starting point

4. Portfolio Monitoring – Since most public entity insurers don’t have a Chief Investment Officer (or similar position) on staff, most will meet with their investment manager quarterly and have little communication with the manager intra-quarter, unless something unusual or unexpected occurs. However, it is usually better to anticipate and monitor potential areas for discussion rather than awaiting those end-of-quarter communications. Discussions would include analyzing expected credit losses, assuming investments are being made outside US government-related bonds, and stress testing the portfolio for potential ‘black swan’ type events. Anticipating changing risks before they may occur becomes part and parcel of portfolio monitoring.

5. Performance Measurement – This is an area most public entity insurers would say is handled quite well given monthly/quarterly reporting. However, it is important that public entities also review metrics like risk-adjusted performance (since there is no return without some risk)? Does the public entity know how the manager’s performance compares to various other similar investment managers? Importantly, there are many other ways to view performance measurements, including monitoring how your public entity insurer is progressing in improving the overall investment process.

6. Peer Group Analysis – While not always easy to conduct, it can be helpful to gauge how the portfolio may compare to others. While more holistic in nature, peer group analysis can prompt key questions such as, “Why do you think are they doing that?” “Is this a strategy we should consider? Why?  Why not?”

While the financial markets and operational expectations will certainly fluctuate over time, a better understanding of the overall investment process can prompt public entity insurers to take an overall, detailed look at how the investment portfolio is tied to its organizational goals and objectives. This, in turn, helps improve the chances of achieving positive investment results even during uncertain times.

*The views and opinions expressed in the Public Risk Management Association (PRIMA) blogs are those of each respective author. The views and opinions do not necessarily reflect the official policy or position of PRIMA.*

We all know them. We’ve either worked for them or supervised them. That first-line supervisor who just won’t commit to the level of productivity, responsibility, and accountability needed to be an effective leader. It happens in government agencies, including police and fire departments, jails and correctional facilities, and at the city, county and state level. These ineffective “leaders” permeate private companies too. 

What does it look like? 

• Shirking responsibility. Waiting it out as others step up for assignments, sometimes having to be “voluntold.”
• Not accepting or fostering accountability. It’s always someone else’s fault, or the organization wasn’t supportive enough, didn’t provide resources, didn’t address low morale. (Never mind they could tackle these issues themselves.) Sometimes, they’re just more concerned with being friends with direct reports.
• Low productivity. Many problem supervisors are promoted because they are charming and competent communicators. But they use the gift for gab to appear busy and avoid work.

Identify problems early. Stay alert! 

Other symptoms: 

- Spending an hour in your office. It starts with a legitimate question but becomes a discussion about, literally, the kitchen sink. 

- Complaining. No one else does their job correctly. 

- Micromanaging. Lack of self-confidence leads to no confidence in others. 

- Disappearing. Naps or personal errands on company time. 

- Unavailability. Their input is needed but they can’t be found. 

- Emphasizing non-work tasks. Deciding where to eat lunch becomes the morning’s focus. 

- Not delivering. Work product is late, incomplete, or not submitted. 

Diagnosis: Pathological First-Line Supervisor 

The long-term effects of a Pathological First-Line Supervisor are far-reaching and create significant consequences for your organization. 

Overall Risk. These supervisors often exhibit destructive behaviors—abusive supervision, incivility, an uninvolved style of supervision—all linked to psychological distress, ineffective work behaviors, and reduced employee safety. The results? Decreased productivity. Higher reportable incident rates. A compromised company reputation. Significant negative impacts to your company’s financial and operational success. 

Decreased morale. Pathological supervisors severely impact employee well-being. Research shows that when supervisors mistreat employees, they disengage, suffer from emotional exhaustion, and become overtly counterproductive. 

High turnover. Perhaps the most concerning is how the presence of a pathological first-line supervisor can negatively affect employee retention. Employee retention ensures operational continuity, reduces training and recruitment costs, and sustains your organization’s vision, mission, and values. Unhappy employees start job hunting to escape their hostile environment.  

This malady progresses in two ways: Catch it early, intervene and create a healthier environment for your employees. Leave it untreated, the problem will worsen, and removal will be necessary. 

Treatment - Focus on the whole problem, not just individual symptoms. 

• Assess. Is it an isolated incident rather than a systemic issue? Address it internally. But if the issue is systemic, you may need a reputable consultant to assist you with a comprehensive evaluation.
• Treat. Proper treatment mitigates hazards. Interventions include:
• Creating or revising policies
• Training or coaching
• Attention to wellness issues
• Modeling accountability at all levels
• Disciplining: probation, reprimands, or termination
• Document. If you didn’t document early symptoms and intervention, it didn’t happen. Documentation alone may encourage change. Firing any employee without proper documentation puts your organization at risk for lawsuits.
• Reassess. Develop a clear plan to assess the effectiveness of interventions. As a former colleague of mine once said, “Don’t expect what you don’t inspect.” Creating a culture of accountability is a critical component of an effective leader in any organization.

Whether your company’s focus is people or products, you require effective first line supervisors to exceed performance goals. Let’s identify and treat pathological supervision before it metastasizes.

Sources linked in article: 

Mullen, J., Fiset, J., & Rhéaume, A. (2018, August 24). Destructive forms of leadership. Emerald Publishing Limited, 39(8), 946-961. 

Li, Z., He, B., Sun, X., & Zhang, Y. (2020, March 13). Demonstrating the psychological aspects of stressors and abusive supervision behavior: Attainment of sustainability under the rubric of resources theory. Frontiers Media, 11. 

Pradhan, S., Srivastava, A., & Jena, L K. (2019, December 5). Abusive supervision and intention to quit: Exploring multi-mediational approaches. Emerald Publishing Limited, 49(6), 1269-1286.   

*The views and opinions expressed in the Public Risk Management Association (PRIMA) blogs are those of each respective author. The views and opinions do not necessarily reflect the official policy or position of PRIMA.*

Question: Which professional football player is the greatest of all time (GOAT)? Before someone says Tom Brady, let me tell you the correct answer is Earl Campbell. Having grown up in Houston, Texas, and watching him run, trust me. He also makes fantastic hotlinks. Okay, there could be some debate; his coach, Bum Philips, was once asked if Earl is in a class of his own, answering, “I don’t know if he’s in a class by himself, but I do know that when the class gets together, it sure don’t take long to call the roll.”

The GOAT is a topic of discussion in all walks of life, so what is the GOAT accident prevention principle? First, what is an accident? An unplanned event (extremely important since planned events are called insurance fraud) and an unforeseen event resulting in bodily injury and/or property damage.

Accidents occur at the intersection of normal production, unsafe conditions, and unsafe acts, resulting in one of four possible outcomes: a near miss, minor injury, major injury, or fatality. Failure to manage unsafe acts and/or unsafe conditions leaves the outcome to luck. Unsafe acts drive the bus! Depending on the expert, unsafe acts are the driver in 70-90% of all injuries in the workplace.

Unsafe acts are driven primarily by a lack of recognizing one’s surroundings – situational awareness (SA). SA comes down to three basic questions: what has happened in the past, what is happening right now, and what might happen in the immediate future – where those three questions coalesce is the home of SA.

Failure to grasp or ask any of those three questions diminishes one’s SA. If your employee doesn’t understand what has happened in the past, his SA is lessened! Conversely, employees who understand and ask those three questions have a heightened SA. An employee’s SA is directly proportional to their grasp of what has happened, what is happening, and what might happen in the immediate future.

For example, consider linemen who regularly working 45+ feet in the air. Fear of heights is the fourth greatest fear in America. Why? Because gravity sucks, and it always works. Linemen are fully aware of what could happen if they are suddenly no longer anchored to the pole, thus heightening their SA. BTW, an unanchored lineman 45’ in the air will make contact with the earth in 1.6725 seconds traveling at 36.69 mph.

Situational Awareness is the GOAT of accident prevention principles. Failure to grasp what has happened in the past, what is happening right now and what might happen in the immediate future puts you and your employees in a most precarious situation.

*The views and opinions expressed in the Public Risk Management Association (PRIMA) blogs are those of each respective author. The views and opinions do not necessarily reflect the official policy or position of PRIMA.*

In 2024, high claims costs have resulted in a more limited insurance marketplace with reduced capacity and increased retentions and premiums. Public entities continue to face challenges with their accumulation of values in a broad range of properties, from historical buildings to jails and inherited properties. This can result in either insufficient coverage in the event of a loss or paying higher premiums than necessary.

However, the pace of overall property insurance rate increases is beginning to slow, and capacity is starting to improve. Rates are leveling out on some layers of coverage while increasing on others. Multiple insurance markets have announced an increase in capacity for 2024, and insureds with optimal risk profiles are in the best position to take advantage.

Trends to Watch
Adequate Valuations
To secure optimal (or sometimes any) coverage, public entities must focus on obtaining adequate valuations of their properties and assets. As today’s economic conditions are inflating property values, accurate valuations and claim recovery are top priorities. Surging natural disasters are also increasing property risks, especially for organizations without up-to-date insurance strategies.

More frequently than ever, underwriters are questioning the validity of values for fixed assets, such as buildings and vehicles. When underwriters are dissatisfied with valuations, they usually impose coverage restrictions. Some underwriters may even refuse to offer any coverage unless the values are adjusted to their satisfaction.

Insurance carriers use third-party data sources and internal tools to capture and assess values. However, relying solely on these tools without vetting the output can lead to negative results for insureds. Public entities should partner with a knowledgeable broker to conduct a thorough review based on the actual circumstances of their individual properties. This helps secure maximum coverage at the time of loss while minimizing premium expenses.

Sexual Abuse and Molestation (SAM) and Traumatic Brain Injury (TBI) Insurance
Public entities are particularly at risk for SAM and TBI liabilities, as they often serve children, students, and other vulnerable populations. As a result, insureds might need to purchase SAM and TBI policies from a secondary market, which can be expensive and limited in capacity. It’s crucial to implement effective risk management strategies and maintain a strong risk profile to obtain the necessary coverage.

Insurance Strategies

Public entities can implement effective strategies in a challenging market by:

• Preparing a comprehensive market submission that highlights a strong or improving safety culture and risk management approach.
• Developing analytics around risk financing opportunities that improve decision-making and outcomes.
• Using catastrophic property modeling to identify the appropriate amount of wind, flood, and earthquake coverage.
• Ensuring that construction, occupancy, protection, and exposure (COPE) data is detailed and accurate.
• Evaluating all U.S. and London market options, focusing on risk appetite and industry.
• Performing a cyber policy review to ensure an organization’s program includes current coverage updates and uses risk management tools to help navigate cyber exposures and claims.
• Addressing specific needs — for example, threat/terror solutions that offer a broad coverage option for strikes, riots, and civil commotion.
  

*The views and opinions expressed in the Public Risk Management Association (PRIMA) blogs are those of each respective author. The views and opinions do not necessarily reflect the official policy or position of PRIMA.*

 In this article, J. Brett Carruthers offers additional tips on minimizing conditions that might cause pipes to freeze. Click here for Part 1.

As winter begins its annual visit, this is the time to minimize the opportunities for conditions leading to freezing pipes and their subsequent rupture, damage and disruption.

Additional helpful tips
Cold weather is an equal-opportunity freezer. Both metal and plastic pipes will break when water freezes and expands.

• Keep thermostats above 60 degrees in areas that are poorly insulated. Every degree counts!
• Drain all pipes not in use or not used for fire protection.
• Check for pipe insulation in basements, crawl spaces, under stages, and other areas where pipes may be under-heated.
• Check for wet pipe insulation in the same locations. Wet insulation is an indication of an active leak and requires correction before a freezing condition occurs.
• Identify all water main valves and maintain clear access to them in case they must be closed quickly. Ensure closure devices are in place.
• Open doors from heated areas to unheated areas to keep pipes sufficiently warm.
• Take and monitor thermometer readings, especially on cold days, to help determine vulnerable areas.
• Check fresh air intakes (especially in boiler rooms) to ensure the louvers are not frozen open.
• Check to see if pipe sleeves and heat tapes are working.

Double-check vulnerable areas such as:

• Pipes running against exterior walls
• Outdoor hose bibs, pool or outdoor shower supply lines and sprinkler lines that run through unheated or uninsulated spaces
• Supply lines in garages or receiving areas
• Water lines in locker or team rooms

If you’ve had a pipe freeze in the past − or experienced a near miss − anticipate a repeat unless you’ve taken adequate preventive measures.

Be proactive over winter holidays and long weekends
The winter months have a host of extended breaks and long weekends. These are particularly worrisome because fewer staff are available to detect heat malfunctions, frozen or burst pipes, low thermostat settings or renovations and repairs that expose pipes.

Arrange for staff to check buildings during these breaks. Early detection can prevent significant damage and coinciding disruption to school operations.

Building management systems
Meet with your building management system (BMS) contact. Ensure temperature setbacks are not below 55 degrees. Ensure univents are programmed to increase heat if temperatures in the room fall below 55 degrees. Check boiler operating temperature set points to ensure they are compliant with the manufacturer’s specifications. Check other temperature parameters and sensors to ensure they are properly set for the change in seasons.

If your BMS provider has the capability to send critical alerts via text or email, ensure these are set to notify you of below 55-degree temperatures in rooms (in unoccupied state). This is also a great time to update your contact points with your automated BMS alerts (above) and EMS, police, and security companies to reflect personnel and contact number changes that may have occurred in the last year.

Loss of power
The loss of power is a leading cause of pipe freeze and pipe break losses. Buildings are without heat for an extended period leading to their freezing, rupturing and subsequent damage. Buildings without emergency power should have arrangements made for portable generators to provide emergency power to mission-critical equipment [heat plant, freezers, coolers, IT equipment, and building alarm systems]. Alternatively, provisions should be made for portable heating units to provide building heat while the building is without power.

Emergency generator checks
Emergency generators should be run weekly for at least 30 minutes and periodically under load to ensure they will start and can handle the load. They should receive preventive maintenance by a qualified firm semi-annually to ensure their reliability during emergencies. Staff should receive training in their operation.

For fueled generators, the fuel should be fresh, and the tank(s) topped off prior to cold weather setting in. There have been numerous instances of generators failing due to contaminated fuel. Stored fuel can accumulate algae, which can quickly plug fuel strainers and filters.

Capital Planning
In buildings without emergency power generation, this must become a priority need for upcoming capital projects. Protecting mission-critical equipment is essential.

Other Steps
If leaks occur, remove and discard water-damaged ceiling tiles, clean up the water as soon as possible, and utilize drying equipment (fans and dehumidifiers). Call a restoration company or flooring expert immediately If water gets on or underneath. It needs rapid attention to avoid a significant loss. When necessary, contact a restoration company for emergency mitigation services.

*The views and opinions expressed in the Public Risk Management Association (PRIMA) blogs are those of each respective author. The views and opinions do not necessarily reflect the official policy or position of PRIMA.*

Public mass shootings are horrific events that annually take innocent lives in the United States. Federal, state, and local governments, as well as educational institutions, need to propose and enact policies and strategies to protect people from and during active shooter situations.  Public entities and public-sector organizations need to consider the best ways to protect people in their buildings from active shooter situations and how best to mitigate the risk of mass shootings.

A mass shooting is an incident of targeted violence carried out by one or more shooters at one or more public or populated locations. Multiple victims (both injuries and fatalities) are associated with the attack, and both the victims and location(s) are chosen either at random or for their symbolic value. The event occurs within a single 24-hour period, though most attacks typically last only a few minutes.  The FBI defines an event in which one or more individuals are “actively engaged in killing or attempted to kill people in a populated area.  Implicit in this definition is the shooter’s use of a firearm.  United States statute (Investigative Assistance for Violent Crimes Act of 2012) defines a “mass killing” as “3 or more killings in a single incident.

Public agencies need to assess the risk in their workspaces as well as in the communities that they serve.  Mitigation strategies should be developed and incorporated into emergency management and hazard management plans. Public entities and public-sector organizations need to consider the best ways to protect people in their buildings from active shooter situations and how best to mitigate the risk of mass shootings.

Items to consider:

• Implement a threat assessment team
• Develop an emergency action plan
• Create a crisis communication plan
• Train staff
  • Drills and tabletop exercises
• Conduct site assessments
• Form community partnerships
• Restrict access
• Security officers
  • Armed and/or unarmed

Statistical information can be found at https://rockinst.org/gun-violence/mass-shooting-factsheet/.

*The views and opinions expressed in the Public Risk Management Association (PRIMA) blogs are those of each respective author. The views and opinions do not necessarily reflect the official policy or position of PRIMA.*

First responders serve as the frontline managers of risk and safety in the public sector, responding in real time to worst-case scenarios across our communities 24 hours per day, every day of the year. The threats responded to by our police, firefighters, EMS professionals and 911 dispatchers include murders, suicides, high-risk domestic violence, environmental catastrophes, active shooters, mass evacuations and myriad other terrible realities most of us never confront firsthand.

Responding to these harsh realities leads to two interrelated types of risk. The first, Decision-Action Risk, captures the extent to which first responder decisions and actions mitigate the risk of the situations they respond to over time. The second, Wellness-Trauma Risk, captures the extent to which first responders are negatively affected over time by the stressful and traumatic aspects of the situations and scenarios to which they respond. Of course, Wellness-Trauma Risk, by undermining emotional stability and decision-making quality, directly aggravates Decision-Action Risk, which in turn fuels great Wellness-Trauma Risk. Both types of risk are the direct concern of risk managers, first responders, the public at large and any stakeholders concerned with mitigating risk or maintaining public safety. Research demonstrates that first responders are also suffering from an unsustainable degree of understaffing, further aggravating these risks. Fortunately, many solutions are available.

People Risk Management Solutions

First responders benefit substantially from high-quality peer support, or fellow first responders specially trained to provide support related to both work and non-work stressors. Because peer supporters are also first responders themselves, they are easy to access, capable of building trust, and relate effectively to the realities of the work. Research has shown that 90% of first responders who used peer support found it helpful, 80% reported they would seek assistance again and 90% said they would recommend the program to a peer (Digliani, 2018).

While peer support is a key part of the solution to managing Wellness-Trauma Risk, and in turn Decision-Action Risk, it is far from the entire solution.

Many challenges experienced by first responders routinely go beyond what can be resolved with peer support alone and must instead be referred to licensed clinicians qualified to treat post-traumatic stress, depression, suicidal thinking, and related mental health issues common amongst first responders. Many years of firsthand experience has taught us the critical importance of utilizing clinicians who are culturally competent (i.e., familiar with the realities of first responder work), effective (i.e., skilled at treatment), professional (i.e., ethical and law-abiding) and available (i.e., responsive when needed).

Technology Risk Management Solutions

First responder Wellness-Trauma Risk and Decision-Action Risk are challenges we face on a national scale, and therefore nationally scaled solutions are necessary to ensure consistent quality, accessibility and availability of support. Technology has become a vital key to addressing these challenges on a national scale. Examples of agencies implementing high-tech wellness solutions for their first responders include the Vacaville Police Department and the Memphis Police Department, and both agencies subsequently won the prestigious Destination Zero National Officer Safety and Wellness Awards, a testament to their innovation and leadership in implementing strong wellness programs designed to care for their personnel at scale.

Other examples of technology being utilized to address the Wellness-Trauma Risk and Decision-Action Risk include providing training and certification of peer supporters, training and certification of first responder clinicians, access to certified first responder peer supporters and clinicians, access to crisis support resources, a wide range of high-quality wellness self-help tools designed specifically for first responders, and in-hand, on-demand access to the full range of wellness tools and support resources available to first responders at any given public safety agency, regardless of the size of the agency.

Leadership Risk Management Solutions

Public safety agencies have experienced substantial leadership turnover in recent years. Fortunately, strong leadership training is available for first responders at mass scale. For example, retired Navy Seals and NYT best-selling authors Jocko Willink and Leif Babin recently co-created online training for first responders on topics including extreme ownership, leading up and down the chain of command and how to care for team members while also achieving the overall mission of your organization. Additionally, executive peer support for police chiefs and fire chiefs is now available to help ensure that leaders have access to the same level of support available to other first responders.

Conclusion: Large-Scale Challenges and Scalable Solutions

First responders nationwide face enormous challenges and stressors on a routine basis leading to Wellness-Trauma Risk and Decision-Action Risk, which should be a topline concern for anyone invested in upholding public safety. Fortunately, many scalable solutions now exist that can help address these challenges via training and certification programs, scalable technology applications, leadership development and peer support.

*The views and opinions expressed in the Public Risk Management Association (PRIMA) blogs are those of each respective author. The views and opinions do not necessarily reflect the official policy or position of PRIMA.*

The trees are bare. Mother Nature’s fury has started for winter. The clocks have been changed and with the additional hours of darkness, temperatures are now settling below freezing at night. As winter begins its annual visit, this is the time to minimize the opportunities for conditions leading to freezing pipes and their subsequent rupture, damage and disruption.

Water Damage Losses

Water damage losses are one of the most common losses during cold and freezing temperatures.  These losses affect all areas of school buildings and create significant disruption to activities. Many of these losses are preventable with adequate pipe insulation, pipe tracing, heating system extensions, proper building management system setbacks and emergency generators.

Freezing and Bursting Pipe Basics

The time to start preparing is behind us. Being proactive now can keep your pipes warm and protected this winter. The following tips will prevent your pipes from freezing and keep water flowing this winter.

When pipes freeze, pressure builds and could result in them bursting at their weakest point, potentially causing water damage. Pipes in crawl spaces, exterior walls, team and locker rooms and outdoor hose bibs are particularly vulnerable, especially when they’re subjected to extra cold air.

We all know that freezing begins at 32° F, but at what point do pipes freeze within our buildings? Temperatures only need to drop to about 20° F for a few hours to put exposed pipes at risk. So, your best bet is to insulate your exposed pipes to keep that temperature well above the freezing point.

Best Practices to Keep Pipes from Freezing

The key to keeping your pipes away from freezing temperatures isn’t reaction - it’s preparation. Check out these tips on how to help you prevent the risk of your pipes even coming close to freezing temperatures.

Cover exposed pipes with insulation sleeves

Insulation sleeves, usually made of foam and are available at any building supply store, are inexpensive ways to surround your pipes with warmth and keep them from freezing in the cold temperatures. They’re affordable and easy to install, making them an excellent alternative to paying thousands of dollars to fix a frozen and burst pipe and its aftermath.

Seal cracks in the walls that let cold air in

A small wall crack that lets in a small account of cold air might not seem like a big deal but add all those little cracks together and you’ll find out that they’re costing you quite a bit of money on your heating bill and doing damage to your pipes, too. Seal cracks and openings around windows, doors, and at sill plates. Use weather stripping to stop the air from getting in and consider picking up a couple of draft stoppers for your doors to the outside. They’re both easy to install, help prevent your pipes from freezing and are even easier to remove come springtime.

Turn off and empty outdoor faucets

A pipe without water in it won’t be able to freeze or burst, so make sure you turn off any outdoor faucets. After shutting them off, open the faucet to drain any remaining water. While you’re at it, disconnect and store any hoses you might have left outdoors so they don’t become damaged by the freezing temperatures.

Pay attention to pipes in unheated or under heated areas of your buildings

Pipes in crawl spaces and basements run a higher risk of freezing than your main-level pipes, so make sure to take all tips into consideration and pay special attention to those areas.

Keep your garage and shop doors closed

Not only will closing your garage and shop doors keep critters from getting into your stuff, but it’ll also keep your garage or shop areas warmer and add an extra layer of protection to stop any pipes from freezing in these areas or along its walls.

Open interior faucets

If a cold snap is fast on the way and you don’t have time to take all the previous recommended steps, you can still help prevent frozen pipes with a simple turn of the faucet handle. Open your faucets just slightly to allow a small flow of water. Moving water is less likely to freeze, and it relieves excess pressure that builds if freezing does occur.

*The views and opinions expressed in the Public Risk Management Association (PRIMA) blogs are those of each respective author. The views and opinions do not necessarily reflect the official policy or position of PRIMA.*

Risk teams are no strangers to the nuanced threat of data breaches and system compromises. Yet an emerging peril is making breach risk management even more complicated. The rise of the third-party breach, sometimes called a supply-chain attack, is adding to the list of risks faced by public sector organizations.

Third-Party Breaches on the Rise

An analysis of U.S. data breaches in TransUnion’s 2023 Omnichannel Fraud Report showed a 145% increase in third-party breaches between 2020 and 2022. The severity of the breaches, in terms of the potential identity and fraud risks measured by TransUnion’s Breach Risk Score algorithm, also rose by 23%.

Cybercriminals favor third-party breaches mainly because of the scale they provide. Penetrating the cyber defenses of a large enterprise can take months of research and multiple attempts. Targeting smaller service providers — which often have less robust cybersecurity resources — can give attackers access to the data and systems of dozens of the organizations that vendor services. With less effort and higher volume of targets, bad actors realize significant financial gain.

Disproportionate Impact on the Public Sector

While third-party breaches can happen to organizations in any sector, last year’s MOVEit breach is an example that drastically impacted public institutions.

While colleges and universities have taken the greatest hit, a significant number of government agencies and public health programs were also affected. Sensitive personal data was stolen from several high-profile users of the platform, including the US departments of Energy and Agriculture; New York City School District; registries of motor vehicles in Oregon and Louisiana; Colorado’s state health agency; and more than 850 colleges and universities.

Criminal access to private personal data, such as student records and driver’s license information, exposed millions of constituents to the risks of identity theft, social engineering scams and financial schemes.

Numerous Post-Breach Risks Impact Public Organizations

As risk management teams plan for potential third-party breaches, they should establish controls and mitigation strategies that not only help reduce the risk of such attacks, but also help the organization recover in the wake of an incident.

Some of the considerations to weigh when planning those strategies include:

• Ongoing disruption of services or benefits for constituents. By their nature, third-party breach forensics takes longer, often delaying restoration of critical systems and processes.
• Undue stress and hardship among employees. Whether fielding calls from upset constituents or losing access to technology, breaches can make even menial tasks a headache.
• Exposure of internal and employee data. Cybercriminals frequently seek personal data of employees to help them pull off sophisticated social engineering schemes that can provide access to the employer’s systems.
• Loss of trust that can occur among constituents, the public and funding sources.
• Long-tail exposure of sensitive data. Once stolen data is brokered on the dark web, it can cause problems for victims for years.
• Compliance with state notification rules. Regulations are wildly varied depending on the state, the size of the breach and even the sector — and they frequently change.

After rampant attacks in 2023, cybercriminals are eyeing opportunities to replicate their success in 2024, so the threat of supply chain attacks is only expected to increase. Make sure your team has taken the proactive steps to minimize the risk of being caught in a supply-chain attack — and that your organization has a response plan in place to enable a fast, effective reaction if an incident does occur.

*The views and opinions expressed in the Public Risk Management Association (PRIMA) blogs are those of each respective author. The views and opinions do not necessarily reflect the official policy or position of PRIMA.*

In an increasingly complex and interconnected world, too many risk and safety teams continue to function with siloed data, systems, processes and operations.

Without cohesion between risk management and safety teams, organizations miss out on a single source of truth that enables fully informed risk management decision-making for all parties.

Public entities that use different technology systems for their risk and safety groups or rely on manual processes experience resounding impacts: Risk managers are left in the dark as to how safety programs are affecting their total cost of risk (TCOR), and safety managers struggle with proving that their initiatives have tangible, measurable benefits.

True strategic risk management requires collaboration between risk and safety teams, seamless data integration, and a unified, core system to power it all. This can be achieved with an Integrated Risk Management (IRM) approach.

3 Steps to Integrated Risk Management Implementation

An IRM approach is based on an acknowledgment that an organization’s risks are inherently interconnected, and that one incident can have a snowball effect that impacts the entire organization.

For example, risk managers benefit from safety initiatives that result in fewer workplace incidents, claims and ultimately a lower TCOR. Similarly, safety managers gain evidence-based data that illustrates the positive financial outcomes of their initiatives to gain stakeholder buy-in and further investment.

An IRM strategy brings the two teams together to proactively implement risk mitigation across all departments. To eliminate silos and consolidate claims and policy data, an IRM strategy will proactively identify and report on interconnected risks that require unified responses.

There’s no one-size-fits-all approach to IRM. Instead, your strategy will be based on how your organization operates and functions across risk management, safety and compliance. These three steps will serve as a baseline guiding IRM adoption:

A strong commitment from all stakeholders is crucial for an IRM strategy to take hold.

Foster leadership buy-in by aligning IRM goals with projected financial outcomes. This is, of course, one of the greatest challenges to any organization when it comes to IRM adoption. As with any change management initiative, leadership support will frame the entire implementation for all teammates.

• Assess data availability and the culture of risk across your organization. IRM spans departments and functions, so it’s imperative to get a clear picture of where your organization is generating useful data and where pertinent details are missing. Assess your cultural strengths and weaknesses and seek out opportunities to support a more risk-aware culture wherever you can.
• Consider how to manage the project and be clear about your objectives and intended results. IRM is only successful when it is adopted and practiced by everyone involved, so make sure the responsibility for outcomes is shared across departments to help promote collaboration. Commit to clear, timely communications when there are new developments or changes to IRM-related policies and procedures.

Once you’ve solidified the strategy, you’ll need to shift gears to implementation. Agile risk and safety management technology is necessary for supporting your IRM approach. Ask yourself: Is our current risk and safety technology up to the challenge?

Comprehensive, organization-wide risk mitigation is a hefty undertaking that requires a significant investment of time and resources. Implementing an IRM strategy has lots of moving parts. Take it one step at a time and elicit support from software experts who can help your organization achieve its goals with the right technology.

IRM Benefits: Fewer Claims and Strengthened Partnerships

The value gained by organizations that adopt an IRM approach is immense. A successfully implemented IRM strategy results in:

• Fewer incidents and injuries
• Avoidance and reduction in claims costs and potential litigation
• Strengthened partnerships with brokers and agents that can lead to negotiating lower premiums
• Improved workflows, metrics and trend reports to support your team’s efficiency and decision making

Public sector risk managers can make more informed decisions with a deeper understanding of the big picture around risk and safety. Ultimately, they are better equipped to allocate resources, prioritize risk efforts, proactively mitigate future risks, ensure regulatory compliance, promote health and safety, and reduce TCOR.

The IRM system’s interconnectedness compounds its value. Triumphs in one area of the organization can now flow to others — problems are identified sooner and prevented from muddying the rest of the organization’s waters.

Once you decide to make the leap to integrated risk management, stay the course. You’ll soon reap the benefits that an IRM approach has to offer.

*The views and opinions expressed in the Public Risk Management Association (PRIMA) blogs are those of each respective author. The views and opinions do not necessarily reflect the official policy or position of PRIMA.*