7.6 Business Continuity, Security, Violence Prevention, and Lone Workers

Recovering Operations and Preventing Security-Related Harm

Business continuity is the organized effort to keep critical functions operating, or restore them, after a disruption. It is related to but distinct from emergency response: emergency response protects people and controls immediate hazards, while business continuity addresses operations, customers, suppliers, records, equipment, utilities, payroll, leadership, and recovery priorities afterward. The recognized framework is NFPA 1600 / NFPA 1660, Standard on Continuity, Emergency, and Crisis Management.

The analytical core is the business impact analysis (BIA), which identifies critical activities, dependencies, tolerable downtime, required resources, and the consequences of interruption. Two metrics drive strategy. The Recovery Time Objective (RTO) is the maximum acceptable time a function can be down before unacceptable consequences occur. The Recovery Point Objective (RPO) is the maximum acceptable data/transaction loss measured backward in time — for example, an RPO of 4 hours means backups must be no more than 4 hours old.

Recovery strategies follow from these targets: alternate sites, backup suppliers, remote work, manual workarounds, spare equipment, mutual-aid agreements, and prioritized restoration.

Continuity and Security Planning Links

Worksite security includes access control, visitor management, badge practices, lighting, parking, reception procedures, perimeter conditions, contractor controls, and reporting of suspicious activity. Security ties directly to emergency planning: a security incident may require lockdown, evacuation, police notification, or trauma support, and poor access control complicates evacuation accountability.

Workplace-violence prevention should be proactive. Although OSHA has no specific workplace-violence standard, the General Duty Clause, Section 5(a)(1) of the OSH Act requires a workplace free of recognized hazards likely to cause death or serious harm, and OSHA has cited employers in high-risk sectors (healthcare, late-night retail, social services) for failing to address violence. Effective programs include leadership commitment, multiple reporting methods, anti-retaliation protection, prompt investigation of threats, coordination with HR and security, de-escalation guidance, and post-event support.

For an active-shooter event, the federal CISA/FBI guidance is Run, Hide, Fight — evacuate if a safe path exists, hide and barricade if not, and fight only as a last resort. A safety professional must treat threats, stalking, domestic-violence spillover, and aggressive behavior as structured-response issues, not personality conflicts to ignore.

Threat assessment requires confidentiality and competence and may involve management, HR, legal counsel, security, employee-assistance resources, and law enforcement. The aim is to evaluate behavior, protect potential targets, and choose proportionate controls — overreaction can cause unnecessary harm, but underreaction leaves people exposed.

Lone-worker safety belongs to emergency preparedness because a worker who is alone may not be noticed when injured or threatened. Examples include remote field work, after-hours maintenance, utility rounds, security patrols, lab work, and driving.

Controls include pre-job hazard review, reliable communication devices, scheduled check-ins, missed-check escalation (a defined response when a check-in is not received), location information, weather monitoring, and rules barring certain high-risk tasks alone — for instance, OSHA's permit-required confined-space and many energized-electrical tasks effectively require a second person or attendant.

Worked Example: RTO/RPO Driving Strategy

Suppose a manufacturer's order-management system has an RTO of 8 hours and an RPO of 1 hour. Those two numbers dictate concrete investments: the 1-hour RPO means backups or replication must run at least hourly (a nightly tape backup would lose up to a day of orders and fail the target), and the 8-hour RTO means a warm standby or rapid cloud failover is needed rather than rebuilding from scratch. Compare that to a printed-archive function with an RTO of two weeks and an RPO of one month — a far cheaper strategy suffices.

The exam lesson is that recovery strategy is derived from the BIA's RTO/RPO, not chosen first; an answer that buys an expensive hot site for a non-critical function, or a nightly backup for a 1-hour RPO, misallocates resources.

Connecting the Domains

A continuity plan must not create new hazards. Restarting equipment after a flood, fire, outage, or security incident may require inspections, permits, lockout/tagout (1910.147), sanitation, air monitoring (especially in confined or flooded spaces), or management of change; pressure to resume service invites shortcuts, so the safer answer is phased recovery based on verified conditions. A useful sequence is: secure the scene, verify utilities and structure, inspect and de-energize/isolate as needed, restore critical safety systems first (fire protection, ventilation, alarms), then bring production back in stages with monitoring.

ASP scenarios often combine these topics: a violent threat can interrupt operations, summon law enforcement, demand employee support through an employee-assistance program, and raise reentry questions; a storm can require shelter, utility isolation, supplier rerouting, lone-worker check-ins, and continuity decisions all at once. The strongest answer recognizes that emergency response, recovery, security, and worker well-being are connected parts of one preparedness system rather than separate silos.