From a Natech point of view, risk governance is becoming exceedingly important in modern times considering the increasing interconnectedness of society and industrialization, and the pace of new technological developments coupled with emerging hazards, such as climate change. There is concern among all stakeholders, such as government authorities, industry and civil society that risk-governance mechanisms might lag behind the processes that drive change in today’s world, and that it might not be possible to effectively deal with new risks (Renn and Walker, 2008).

Since natural hazards may impact large areas simultaneously, addressing Natech risk requires an integrated risk governance approach to tackle both the safety of individual installations but also the potential interactions with other installations, lifelines, and nearby communities before, during, and after a natural-hazard event. The interdependencies of these systems may result in cascading events that can have short-, medium-, and long-term health, environmental, economic, and social impacts beyond the disaster areas. The Great East Japan earthquake and the Thai floods in 2011 highlighted the need to better understand infrastructure failure interdependencies and their risk governance. This means that the management of Natech risks requires incorporating parameters of the physical environment, such as lifelines, industrial facilities, and building stock, as well as organizational, social, and systemic factors into the analysis of natural-hazard risks (Cruz, 2012; Cruz et al., 2015).

Thus, the need to address Natech risk reduction as a territorial risk-governance issue is of the utmost importance. Natech risk reduction cannot be tackled as a problem of an individual facility, but only through a comprehensive and integrated risk-governance approach that involves all stakeholders.

The work of the International Risk Governance Council (IRGC) aims to support the better understanding and management of emerging global risks by developing concepts for risk governance, anticipating major risk issues, and providing recommendations on risk governance to key decision makers (www.irgc.org). In this context, the IRGC proposed an innovative risk-governance framework in an attempt to provide guidance on how to investigate, communicate, and manage particular risks (IRGC, 2012). This framework supports a comprehensive and integrated view of risk governance and comprises the following five elements:

The second and third element are very similar to the process for (Natech) risk assessment introduced in Chapter 7. The IRGC framework, however, does not only consider scientific evidence in the assessment but also includes risk perceptions, social concerns, and societal values. The IRGC also analyzed contributing factors that provide fertile ground for the emergence of new or the aggravation of existing risks, such as scientific unknowns, technological advances, perverse incentives, or a loss of safety margins (IRGC, 2010). The associated guidelines for emerging risk governance have been published recently (IRGC, 2015).

A comprehensive treatment of risk governance under conditions of increasing complexity is provided by Fra Paleo (2015) in which light is shed on the underlying structural factors, processes, players, and interactions which influence decision making, thereby either increasing or reducing disaster risks, including those of Natech accidents.

Past experience showed that structural prevention and mitigation measures need to be supplemented by organizational measures at all actor levels to ensure the effective reduction of the risks associated with natural-event impacts at hazardous installations. Most importantly, industry operators should establish and promote a corporate safety culture that is reflected in a corporate safety policy or safety management system (OECD, 2003). This must include the periodic monitoring and/or reviewing of the safety performance of a hazardous installation, including the consideration of information related to natural-hazard risks (OECD, 2015).

Generally, during the design and construction stages of an industrial installation it is ascertained that the risks from the hazardous substances and processes present on-site are minimized. This includes the application of state-of-the-art design standards and codes of practice, which has to consider the risks from natural-hazard impacts where applicable. For earthquakes, for instance, seismic building codes based on a realistic assessment of the expected earthquake severity and the resultant loading on structures need to be implemented. Seismic design should be extended to also cover industrial equipment where not mandatory because the continued functionality of equipment containing hazmats and of safety-relevant auxiliary infrastructures is key to preventing a Natech accident (Krausmann et al., 2011a). It is essential that compliance with these codes is monitored. Since natural-hazard risks can vary over time and some industrial installations or infrastructures have a long operational life, natural hazards should not only be considered during the design stage but also during plant operation.

The best approach to preventing Natech accidents is naturally to keep hazardous installations away from natural-hazard prone areas via appropriate land-use-planning (LUP) arrangements and controls. LUP should consider the risks posed by natural events when considering the siting for hazardous industry, including the potential changes to the natural-hazard risk due to climate change. Authorities can, for instance, determine that certain areas, such as flood zones, may not be suitable for the siting of activities involving hazmats. Alternatively, they can call for additional protection measures or impose more stringent design, construction, and operational requirements in natural-hazard zones (OECD, 2015).

Once a decision on the siting of a new installation has been taken, the choice of the site layout with respect to the location of hazardous substances and processes can contribute significantly to reducing the likelihood of a Natech accident. For instance, if the siting of a new hazardous facility in a flood area cannot be avoided, it should be attempted to place equipment containing hazmats and other safety-critical plant components outside the projected inundation zone. Shut-off valves, for example, should be located above the predicted inundation levels as otherwise they might not be reachable during flood conditions. These risk zones may, however, not be static in time and a reassessment of these zones should be undertaken periodically to take account of newly available information or possibly changed boundary conditions related to natural-hazard frequency and severity. If these reviews show that the risks of Natech accidents have significantly increased over time at existing installations, the safety report should be updated, and retrofitting to comply with safety goals is advisable.

In natural-hazard prone areas, Natech-specific protection measures and systems should already be considered during the design stage of a hazardous facility. These measures might be mostly structural in nature. However, they need to be accompanied by procedures to make sure that plant personnel takes the correct actions in case of early warning, or during and after abnormal operating conditions, such as those caused by heavy rain, storms, earthquakes, etc. Examples of such procedures are the emergency shutdown of highly hazardous processes in case of power loss, for example, due to a lightning storm, or the careful monitoring of all processes during a plant’s start-up to detect possible safety issues after a storm as early as possible. Another procedure is the deinventorying of tanks or pipeline systems exposed to natural hazards to reduce the hazardous materials at risk of being released in case of an accident. During Hurricanes Katrina and Rita in 2005, a significant number of pipeline breaks occurred in the Gulf of Mexico, which is testimony to the vulnerability of this type of infrastructure to natural-hazard impact. The much lower number of releases from these pipelines was attributed to the deinventorying of the pipelines in preparation for the storms (Cruz and Krausmann, 2009).

In areas subject to multihazard natural risks, for example, earthquakes followed by a tsunami, the consecutive impact of both natural events needs to be considered in the safety management of the hazardous plant. An earthquake preceding a tsunami could weaken or damage the facility, which would then be more vulnerable to the impacting tsunami wave. This is applicable to both shore protection systems and industrial facilities.

Considering that Natech risks are often underestimated or little understood, training and education of all actors involved in the reduction of Natech risks should be expedited. This holds in particular for plant personnel to ascertain that they are competent to carry out their tasks under normal, abnormal, and emergency conditions, but also for authorities to help them better evaluate the Natech risk and to support informed decision making. In addition, a dialog between all stakeholders should be facilitated to avoid the fragmentation of knowledge across different actors.

It is therefore obvious that emergency plans for accidents involving hazardous materials should take natural-hazard risks into account. However, emergency-response plans in the industry are typically developed for single accidents that are expected to occur during normal day-to-day plant operation, and seldom include the possibility of multiple releases that are common during Natech events. In addition, onsite emergency-response plans usually rely on the availability of external lifelines for accident mitigation which are often destroyed by the natural event. It is recommended that plant-internal emergency plans for mitigating hazmat releases during natural disasters should assume that off-site response resources are unavailable. Instead, they should provide for backup lifelines or specific emergency procedures to cope with the consequences of a Natech accident. In this context and to be conservative, safety barriers should be considered as absent or nonfunctional. Onsite emergency plans should also foresee means for the adequate control of ignition sources in the wake of hazmat releases to allow the safe use of emergency-response equipment, such as power generators, foam sprays, and pumps.

Off-site emergency-response plans for hazardous industry in natural-hazard prone areas need to consider the eventuality of hazmat releases from natural-hazard impact, and the effect of these releases, including fires and explosions, on the population and on rescue operations. These external response plans should incorporate the emergency evacuation of residents in the vicinity of the hazardous facility which might be challenging if access roads are blocked by debris, flooded, or destroyed. Although usually not considered, attention should be given to possibly violent reactions of released chemicals with floodwaters and the formation of secondary toxic or flammable vapors from possibly innocuous precursor chemicals (Cozzani et al., 2010).

Natural events can also damage response capabilities by affecting power and water supplies, access routes, and communication systems, rendering emergency response a big challenge. Several past Natech events (cf. Sections 2.2 and 2.3) showed that the hazmat releases may hamper emergency response to the natural-disaster victims by forcing first responders to abandon the area to not endanger their lives. An assessment of the vulnerability of the emergency-response resources is also called for in the context of Natech risk reduction.

In case of off-site consequences, local hospitals and clinics might have to treat people for toxic effects or burns. During natural disasters, it is, however, likely that hospitals might be overwhelmed by the onrush of natural-disaster victims, and therefore have only limited human and medical resources to deal with hazmat-exposure symptoms. In order to prepare for the eventuality of a Natech accident, local medical services should be informed about the risks at industrial facilities and make certain they have sufficient and suitable medication in stock for treating hazmat-release victims. Similar to medical personnel, local security forces play an important role during emergencies involving hazardous materials by informing and assisting the public during the evacuation, and by securing evacuation zones. This means that they are also at risk of exposure to toxic releases, fires, or explosions. It is essential that these units receive adequate training to better protect the population but also themselves (Girgin, 2011).

Generally, emergency-response plans drawn up at plant and community level should be periodically reviewed and tested to ensure that they address the potential consequences of natural-hazard impacts. This should be done proactively to avoid surprises during an emergency. The planning should also consider possible changes to the frequency and severity of some natural hazards due to climate change. Postaccident reviews serve to critically assess the performance of emergency response and offer an opportunity to improve response systems. Following the major Natech accidents during the Kocaeli earthquake in 1999, plant-internal accident investigations found that response resources were wanting during the emergency, and response capacities were subsequently increased. This included the installation of more and higher-capacity fire-fighting equipment, the improvement of the interoperability between plant-internal and off-site fire-fighting resources, and the inclusion of Natech scenarios in the updated emergency-response plan (Girgin, 2011).

It should be noted that careful consideration of conflicting emergency-management objectives such as the need to carry out search and rescue activities, while at the same time being forced to evacuate the same area because of a hazardous-materials release threat, is called for. This is aggravated by the fact that shelter-in-place to protect residents from the releases may not be feasible due to a loss of structural integrity of buildings by damage from earthquakes or other natural hazards. Steinberg and Cruz (2004) also found that panic flight behavior may be expected at facilities that house hazardous materials which suffered heavy damage. This finding indicates that mechanisms to deal with the lack of personnel at industrial facilities to handle emergencies involving hazardous materials following a large earthquake need to be identified.

The OECD (2015) suggests to integrate emergency planning for hazardous installations with emergency planning for natural disasters and civil defence, considering that these activities involve many of the same requirements. This would result in better coordinated and consistent emergency plans, as well as a coordinated command structure in case of an emergency.

For early warning to be successful, the facility operator has to receive timely warning from a reliable source, e.g., from authorities, quickly evaluate this information, and act upon it. Table 14.1 gives an overview of the effectiveness of Natech early warning using the ratio of warning and action time as a basis.

Early warning to prevent earthquake-triggered Natech accidents is the most unfavorable situation as warning times range from only a few seconds to a few minutes, depending on the distance of the hazardous installation from the earthquake’s epicenter. The subsequent actuation of protection measures and systems would have to be extremely quick and rely on automatic processes, as human intervention would likely be too slow. Signals from seismic sensor networks installed onsite could activate safety interlock systems and valve closure on hazardous equipment or trigger emergency shutdown of dangerous processes (Salzano et al., 2009; Krausmann et al., 2011b). Valve closure is, however, not an instantaneous process, and van den Bosch and Weterings (1997) indicate that safety valve isolation for equipment at atmospheric pressure (e.g., hydrocarbon storage tanks) will take about 10 min while pressurized equipment can be isolated in 3 min. Early warning for earthquakes might therefore not prove to be very effective in preventing hazardous-materials releases and earthquake-resistant design should be prioritized.

River floods have warning times that can typically range from hours to days, thereby providing ample opportunity to mitigate the associated Natech risk. Possible risk-reduction measures under these conditions can include complete plant shutdown, depressurization of equipment, deinventorying of critical units, and the transfer of hazardous substances from inundation zones onsite to safer locations. Since these measures can be rather costly, reliable early warning and the minimization of false alarms are a prerequisite for the acceptability of these systems for controlling the Natech risk (Krausmann et al., 2011b).

The warning lead time for tsunamis depends on whether they are generated in the near or far field. If there is sufficient time, prevention actions like for floods can be taken for securing the installation. However, tsunamis can trigger Natech accidents not only by impacting process and storage units, but also by causing damage at connected port terminals and their loading and unloading infrastructure. In case of a tsunami warning, tankers moored at a refinery’s oil terminal would require a warning lead time of a few hours to stop the product transfer, safely disconnect the loading arms, and move into deep waters to reduce the risk of a major oil spill (Eskijian, 2006).

Bouquegneau (2007) indicates that early warning is also possible for lightning-related hazards. Access to information from meteorological lightning-location systems can provide advance warning to operators, allowing them to take appropriate measures to disconnect sensitive equipment, stop hazardous processes, and protect open-air workers onsite.