By Matt East, Senior Advisor – Logistics and Infrastructure Policy for the UK, Europe & Middle East, and Keith Brown, Executive Advisor – Asset Management, GHD


Now, more than ever, port operators need to account for isolated, disruptive events that have the potential to impact not only their operations but also their profitability, as supply chains across the world are affected.

World trade increasingly relies on longer, larger and more complex port facilities and systems, with maritime transportation a vital trade backbone. As such, when ports experience failures or disruption, it’s big news.

For example, in June 2018, the rollout of a new terminal operating system at the Port of Felixstowe, one of the largest ports in the world and the busiest in the UK, caused significant disruption and decline in productivity issues that reportedly took more than a month to fix. Five years earlier, the NotPetya cyber-attack that hit Danish shipping giant Maersk cost the company more than USD 200 million and led to a temporary shutdown of the largest cargo terminal in the Port of Los Angeles.

These are just two examples of the increasing risks and challenges facing ports around the world, and the pressure to prepare for, and respond promptly to, threats beyond ‘business as usual’ conditions is mounting.

The most common maritime risk management issues have traditionally been relatively consistent, if not predictable: natural disasters, mechanical failures and human error. Now, however, the incredible growth of international trade, the impact of climate change and the introduction of new technologies mean the threats are broader and constantly evolving.

The growing list of potential risks for ports includes:

  • Extreme weather events and climate change
  • Economic disruption and market turbulence
  • System failures and disruptive technological advances
  • Aging assets
  • Strikes and similar action
  • Civil emergencies
  • Compliance failures
  • Pandemic and terrorism threats
  • Supply chain failures

At the same time, ports are facing increasing pressure to reform; if they haven’t already done so, many ports will need to evolve rapidly from being traditional land and sea interfaces to providers of complete logistics networks.

Without effective risk management and business continuity procedures, the disruptions or shutdowns resulting from such events, and in turn the negative impacts these have, can potentially cause significant short and long-term financial and reputational damage to the broader business. The outcome could also expose the Board and management team to legal action and possible prosecution.

How can you achieve effective contingency planning and resilience?


The simple ‘plan, do, check, act’ approach to contingency planning is a universal concept that has been successfully applied around the globe but, like any system, it has to be managed and maintained.

The first step to developing an effective contingency plan is to assess the existing business operations to identify the inputs, decision points, processes, information and connections that produce the outputs and outcomes. In many cases, system weaknesses stem from gaps or discontinuities within these areas. Another common problem is having a hierarchy structure in place that does not operate effectively during disruption – for instance, one that doesn’t allow for rapid decisions to be made in order to achieve an effective outcome.

The following diagram illustrates the first few steps a business can take to embark on the journey of effective contingency planning:



Importantly, the contingency plan should aim to identify a process that can be followed to manage a return to normal operations, rather than identifying individual mitigations to known operational risks.

This process should include the identification of:

  • Who has been delegated what authority
  • The criticality ranking of each business operation so that priorities can be established
  • The stakeholders who need to be contacted
  • The responsibilities of individual departments across the business

The system must incorporate a testing and monitoring process that can identify the effectiveness of the continuity strategy, which may include a mock run-through of an emergency event. A mock test is particularly important, given that some of the scenarios being planned for may only occur once within our lifetime. However, we must be confident that the intended response will be effective and achieve the goals.

In many examples, it is more beneficial to take preventative steps to avoid loss of business operations than to take corrective steps following failure. It will depend on the nature of the failures and the extent of the impact, with a balance between the ongoing cost of prevention and what might be the one-off cost of recovery.

Having a well-defined strategy in place will enable the business to proactively respond to a disruptive event. The strategy will also provide confidence to clients and the local community the business serves that there is a coordin