Page 49 - GN-SEPT2013

www.geotechnicalnews.com

Geotechnical News • September 2013

49

ASFE NEWS

is lower while the talent supply is

somewhat large.

Business 101

According to Symantec, hackers

launched 36% of their first-quarter

2012 cyber-attacks at businesses with

250 or fewer employees. They regard

these smaller organizations – espe-

cially professional firms – as “easy

pickings.” Regrettably, effective

preventive systems can be complex

and costly to develop, implement, and

maintain. And even if you have one

– and especially if you don’t – you’d

probably be well advised to look into a

cyber-liability insurance policy. Typi-

cal coverages include network liability

as well as first-party coverages related

to:

• privacy liability,

• regulatory liability, and

• expenses stemming from a security

breach.

An article in

Insurance Journal

noted

that additional exposures come from

outsourced service providers for Web

hosting, credit-card processing, call

centers, document storage, and data

warehousing.

A typical policy provides coverage

for:

• unauthorized access;

• unauthorized computer-system use;

• data theft or destruction;

• hacker attacks against third parties;

• denial-of service-attacks;

• malicious code;

• privacy liability arising from a

network-security breach;

• security breaches involving per-

sonal information in any format,

including nonelectronic;

• violations of state and/or federal

privacy regulations; and

• violations of security-breach notifi-

cation laws.

Because cyber-liability insurance is

relatively new, each insurer’s policy

forms are unique; coverages and

exclusions vary significantly from one

carrier to the next. Speak with your

insurance professional to be sure you

understand what you are purchasing.

Dr. English

One of the nicer features of ASFE’s

webinars is the speakers’ willingness

to answer questions. An important

question came in after the webcast

of “Think. Be Accurate.”, a John

Bachner-led presentation focusing on

commonly used words and phrases

that can be dangerous. What fol-

lows is an edited version of the Q&A

exchanges involved.

Tim wrote:

Good afternoon, John.

We just finished watching “Think. Be

Accurate.” at our office and I have

a question with regard to one of the

phrases you brought up. We often use

the phrase “in general accordance with

project plans and specifications” in our

field reports. We aren’t typically on

site full-time and we therefore don’t

want to make a guarantee that the

work we observed was performed in

full accordance with the project plans

and specifications. However, it seems

reasonable that we ought to tie our

observations to the project plans and

specifications, because if not, why are

we even out there? In your experience,

is there a phrase that is more suitable

than “in general accordance with”?

Thanks for the lively presentation. I

appreciate the ways you push the geo

community towards excellence.

– Tim

John’s response…

Thanks for writing, Tim. Here’s how

I see it.

If you were on the witness stand

and opposing counsel asked, “What

exactly does ‘in general accordance

with project plans and specifications’

mean?” what would you say? I guess

it would have to be along the lines of,

“Well, it means we don’t have enough

knowledge to know if full compliance

was achieved, because we are not on

site to look over everyone’s shoulder

24/7.” Fact is, though, what you do is

a far cry from that. You are providing

that level of service the owner selected

to satisfy the owner’s desire to assess

whether or not a constructor is fulfill-

ing its QC obligation to achieve cer-

tain specified conditions. I believe “in

general accordance with project plans

and specifications” creates an unwar-

ranted sense of security and, therefore,

is something you should not be saying.

And why are you making that assess-

ment when, in reality, it is the client

who should draw the conclusions,

because the client specified the extent

of security it wants?

I believe a better statement might be:

“Our [observation and/or testing],

as documented via the daily field

reports included in Appendix A,

indicate that the specific work

portion we [observed and/or

tested] met specifications of the

contract. Please recognize that

construction observation and

testing conducted for quality-

assurance purposes customarily

involves direct observation and/

or testing of less than one percent

of the overall work that the

observation and testing data are

applied to evaluate. As such, you

must base your conclusions about

the overall work’s compliance

with specifications on inferences

you draw from the data we have

developed, in accordance with the

scope of service you authorized.

If you believe the data we have

developed are insufficient, we

will be pleased to recommend and

conduct additional observation

and/or testing.”

Bearing in mind that I am not an

attorney, Tim, this may be enough to

get the point across. The conclusions

to be reached should be reached by

the client, not you. You’re there to

provide data. The client has restricted

the amount of data it wants, based on

its own risk/cost evaluation. If you say

“general compliance” and it’s not in

compliance – general or otherwise – I

believe you would be creating a risk