PwC-UNISDR Interactive tool: Disaster risk management

What kinds of natural hazards could threaten companies, regions and even nations? What is your exposure to these large-scale threats — and how best to prepare? PwC and UNISDR have devised this innovative, interactive tool to help you get inside the impact dimensions of potential threats — and manage the risk in a resilient manner.

Disaster Risk Management Framework (DRM-F)


Select an area to explore

Geological hazards include internal earth processes such as earthquakes, volcanic activity and emissions, and related geophysical processes such as mass movements, landslides, rockslides, surface collapses, and debris or mud flows.

Hydrometeorological hazards include tropical cyclones (also known as typhoons and hurricanes), thunderstorms, hailstorms, tornados, blizzards, heavy snowfall, avalanches, storm surges, inland flooding including flash floods, drought, heat waves and cold spells.

Impact on social and economical welfare — including risks of diseases, injuries, loss of life

Impact on the environment — including air pollution, toxic spills

Adverse financial impact on a company — including profitability, liquidity, stock price

Disruptive impact on a company — including supply chain interruptions

Reputational impact on a company ­— including media fallout and public perception on how a disaster is managed

Damage to corporate assets e.g. facility deterioration or damage to corporate transport vehicles.

Disruption of business activities e.g. supply disruption, production bottlenecks or distribution failure.

Collateral damage e.g. oil spills or the destruction of a bridge.

  • Outside the organisation. The regulatory, policy and investment environment context within which you must manage disaster risk. Public-private collaboration is key to success.
  • Within the organisation. Your workforce skills, risk governance and risk processes.





Companies avoid disaster risks:

  • Systematically steering clear of regions that are known to be exposed to natural hazards
  • Pulling operations out of exposed regions
  • Refusing to work with suppliers that are not considered to be risk resilient

Companies attempt to reduce the likelihood or impacts of disaster risks:

  • Cautious expansion
  • Selecting suppliers carefully
  • Upgrading existing sites’ safety infrastructure
  • Increasing supply chain flexibility
  • Developing emergency planning actions

Companies try to reduce disaster risk by transferring it to third parties:

  • Insuring assets
  • Hedging risks
  • Sharing risks through contractual agreements with suppliers, buyers, peers and public institutions

Companies accept residual disaster risks. Once other strategies have been leveraged and implemented, there is a common agreement that ‘zero risk’ can never be achieved. Companies must determine an acceptable level of residual risk based on their risk appetite.

Quick decision-making, fluid information management and a regular reassessment of priorities are all hallmarks of a successful short-term response to a disaster. Other steps include securing remote access to work for employees, transferring work to other sites, and setting up a 24/7 "control tower" -- a nerve center for relaying information and instructions to all parties. In the longer term, scenario planning and enhanced risk procedures should be implemented.

Short-term responses to supply chain exposure include mutual assistance agreements with market peers or neighbours in the event of a disaster. Longer-term responses involve collaborating with suppliers in setting up sustainable business continuity plans (up to and including integrating some suppliers into the organisation).

Efficient collaboration with the public sector, post-disaster, requires preparation. Effective steps include building and maintaining resilient relationships with local and national authorities -- from emergency response organisations to government bodies -- and setting up scenario-based simulations to define the processes and standards that will determine minimum levels of service (e.g. telecommunications, energy supply and other lifeline services), which are crucial during a crisis.

A strategy that considers risk management as an integral part of business.

A clear structure that supports the overall strategy and the implementation of DRM.

The consistency and adequacy of processes to effectively manage DRM.

The skill set and competencies of people in terms of applying the processes involved in DRM.

The right tools and technology to enable implementation of the other four drivers.

The purpose of the 'Understand' section is to define a company's exposure by identifying potential threats and assessing their potential impact.

Once companies understand their risk exposure, they can choose between four distinct DRM strategies to manage this exposure.


Hazard Type



Disaster Risk

Asset Damage

Activity Disruption

Collateral Damage








Enabling Environment


Risk Driver






Disaster Risk

Corporate Assets

Supply Chain

Public Sector

Risk Appetite