Page 49 - GN-SEPT2013

Basic HTML Version

www.geotechnicalnews.com
Geotechnical News • September 2013
49
ASFE NEWS
is lower while the talent supply is
somewhat large.
Business 101
According to Symantec, hackers
launched 36% of their first-quarter
2012 cyber-attacks at businesses with
250 or fewer employees. They regard
these smaller organizations – espe-
cially professional firms – as “easy
pickings.” Regrettably, effective
preventive systems can be complex
and costly to develop, implement, and
maintain. And even if you have one
– and especially if you don’t – you’d
probably be well advised to look into a
cyber-liability insurance policy. Typi-
cal coverages include network liability
as well as first-party coverages related
to:
• privacy liability,
• regulatory liability, and
• expenses stemming from a security
breach.
An article in
Insurance Journal
noted
that additional exposures come from
outsourced service providers for Web
hosting, credit-card processing, call
centers, document storage, and data
warehousing.
A typical policy provides coverage
for:
• unauthorized access;
• unauthorized computer-system use;
• data theft or destruction;
• hacker attacks against third parties;
• denial-of service-attacks;
• malicious code;
• privacy liability arising from a
network-security breach;
• security breaches involving per-
sonal information in any format,
including nonelectronic;
• violations of state and/or federal
privacy regulations; and
• violations of security-breach notifi-
cation laws.
Because cyber-liability insurance is
relatively new, each insurer’s policy
forms are unique; coverages and
exclusions vary significantly from one
carrier to the next. Speak with your
insurance professional to be sure you
understand what you are purchasing.
Dr. English
One of the nicer features of ASFE’s
webinars is the speakers’ willingness
to answer questions. An important
question came in after the webcast
of “Think. Be Accurate.”, a John
Bachner-led presentation focusing on
commonly used words and phrases
that can be dangerous. What fol-
lows is an edited version of the Q&A
exchanges involved.
Tim wrote:
Good afternoon, John.
We just finished watching “Think. Be
Accurate.” at our office and I have
a question with regard to one of the
phrases you brought up. We often use
the phrase “in general accordance with
project plans and specifications” in our
field reports. We aren’t typically on
site full-time and we therefore don’t
want to make a guarantee that the
work we observed was performed in
full accordance with the project plans
and specifications. However, it seems
reasonable that we ought to tie our
observations to the project plans and
specifications, because if not, why are
we even out there? In your experience,
is there a phrase that is more suitable
than “in general accordance with”?
Thanks for the lively presentation. I
appreciate the ways you push the geo
community towards excellence.
– Tim
John’s response…
Thanks for writing, Tim. Here’s how
I see it.
If you were on the witness stand
and opposing counsel asked, “What
exactly does ‘in general accordance
with project plans and specifications’
mean?” what would you say? I guess
it would have to be along the lines of,
“Well, it means we don’t have enough
knowledge to know if full compliance
was achieved, because we are not on
site to look over everyone’s shoulder
24/7.” Fact is, though, what you do is
a far cry from that. You are providing
that level of service the owner selected
to satisfy the owner’s desire to assess
whether or not a constructor is fulfill-
ing its QC obligation to achieve cer-
tain specified conditions. I believe “in
general accordance with project plans
and specifications” creates an unwar-
ranted sense of security and, therefore,
is something you should not be saying.
And why are you making that assess-
ment when, in reality, it is the client
who should draw the conclusions,
because the client specified the extent
of security it wants?
I believe a better statement might be:
“Our [observation and/or testing],
as documented via the daily field
reports included in Appendix A,
indicate that the specific work
portion we [observed and/or
tested] met specifications of the
contract. Please recognize that
construction observation and
testing conducted for quality-
assurance purposes customarily
involves direct observation and/
or testing of less than one percent
of the overall work that the
observation and testing data are
applied to evaluate. As such, you
must base your conclusions about
the overall work’s compliance
with specifications on inferences
you draw from the data we have
developed, in accordance with the
scope of service you authorized.
If you believe the data we have
developed are insufficient, we
will be pleased to recommend and
conduct additional observation
and/or testing.”
Bearing in mind that I am not an
attorney, Tim, this may be enough to
get the point across. The conclusions
to be reached should be reached by
the client, not you. You’re there to
provide data. The client has restricted
the amount of data it wants, based on
its own risk/cost evaluation. If you say
“general compliance” and it’s not in
compliance – general or otherwise – I
believe you would be creating a risk