Security Sales & Integration May 2021 - 24

SMARTS & PARTS

Fireside Chat by Shane Clary

Risk Analysis in
Mass Notification
Risk
identification
should be
done at the
beginning
of a project,
but also
throughout a
project and in
the case of an
MNS, for the
duration of the
system.

Shane Clary, Ph.D., has
more than 45 years of
security and fire alarm
industry experience. He
serves on a number of
NFPA technical committees,
and is Vice President of
Codes and Standards
Compliance for Concord,
Calif.-headquartered Bay
Alarm Co.

▶ MY DISCUSSION THIS MONTH will be
on one of the key components that need to be
considered when designing any mass notification system (MNS), and that is the risk analysis. Before any design is laid out, shop drawings
produced, equipment ordered or a system is installed, a risk analysis needs to be executed. The
size and complexity of the occupancy will in the
end dictate the size of the risk analysis.
By definition, risk analysis is identifying and
analyzing future events that may have a negative
impact on individuals, property, assets and the
environment. Within NFPA 72, it is described
as " a process to characterize the likelihood, vulnerability, and magnitude of incidents associated
with natural, technological, and manmade disasters and other emergencies that address scenarios
of concern, their probability and their potential
consequences. " It is the " probability " that at an
extreme level mathematics comes into play, but
not at the level found within NFPA 72.
Risk analysis involves a number of basic steps,
and this should not vary between the design
of an MNS or the siting of strategic warheads.
What is the risk, what is the potential impact of
the risk, how can the risk be handled and how is
the risk to be monitored? The user of the occupancy must be part of this process. A risk analysis for an MNS can simply not be done without
the input of those that will be operating within
the premises that is to have an MNS system installed within.
In identifying risks, some may be more apparent than others. Risk identification should
be done at the beginning of a project, but also
throughout a project and in the case of an MNS,
for the duration of the system. Occupancies
change over time, both in use and hazards that
may be present both internally and externally.
Once an MNS is installed, that should not be
the end of identification of risks.
Once the risks have been identified, what is
the potential impact of each risk? One method is
to look at the impact as being high, medium or
low. A high impact would be an event that may

Security Sales & Integration MAY 2021

SS2105 pp24-25 Fireside Chat-IT Intel.indd 24

smclary@bayalarm.com

be catastrophic to the business or occupancy. A
medium impact would be critical and a low risk
would be marginal. In looking at the impact that
a particular identified risk may have, the probability should also be looked at. A highrisk impact
with a high probability would have more weight
than that of a low-risk impact with a low probability. There are of course a variety of combinations to this, and they are best to be placed
into a matrix such as high impact and then high,
medium or low probabilities.
The next step is how is the risk to be handled?
For an MNS, this would be the means of notification and who should be notified. Is this to be
for an event that may occur within a portion of
the premises, the entire premises, or outside of
the premises? If outside, is the event on the property of the premises or outside of the property? Is
the notification to go to those inside, outside or
both? Is notification to be provided to those that
are not on the property?
If this is determined to be required, is this in
the general vicinity, community, city, county?
How shall this notification be made, and is this
to be in stages as a situation develops or all at
once? During the formation of the risk analysis,
these questions and resolutions should be placed
within a matrix. Within the matrix would be
each risk, such as fire, hazardous substance release, active shooter and so forth.
The final part is how is the risk to be monitored? By this I mean before an event occurs. This
returns to the point that I mentioned above that
a risk analysis does not end with the MNS system being installed. Over time, there needs to be
a reassessment of the risks. Some may no longer
be as high as before, while others that were not
even present at the time of the original risk analysis may now be present and at a critical state.
New risk that may be identified will need to be
planned for. Risk reviews should be planned for
and clearly stated within the original risk analysis.
The specific requirements for a risk analysis
within the 2019 edition of NFPA 72 is found
in Section 24.3.12. A tool to use when preparing a risk analysis for an MNS is found in Table
A.7.3.6, Risk Analysis Checklist.
In closing, the risk analysis for an MNS does
not need to be overly complex but does need to
take into consideration identification of the risks,
impact of the risks, handling of the risks and ongoing monitoring of risks.
securitysales.com

4/16/21 11:31 AM

http://www.securitysales.com

Security Sales & Integration May 2021

Table of Contents for the Digital Edition of Security Sales & Integration May 2021