A food company’s supply chain can be the weakest link in the food safety program. Food ingredient adulteration, fraud, and counterfeiting negatively impact everyone in the food supply chain.

Don’t miss the 5th Annual Food Safety Supply Chain Conference — and learn more about regulatory compliance, as well as the tools, technologies, and techniques that can protect your company from the weakest link in your global supply chain.

When: May 29-30, 2019
Where: U.S. Pharmacopeial Convention, Rockville, MD
Details

Plus… Be sure to check out Kestrel’s presentation, Issues & Impacts Surrounding GFSI & FSMA, on Wednesday, May 29 at 1:15 p.m. In this session, you will learn about:

• Differences between GFSI & FSMA
• Key FSMA requirements
• GFSI conformance to FSMA requirements
• How FSMA is addressed in GFSI audits
• How findings are presented at closing meetings

Get Ready…by taking the FSMA IQ Test developed by Kestrel for Food Safety Tech on FSMA supply chain considerations that will be discussed at the Conference.

Learn about best practices and downfalls since the introduction of FSMA FSVP and updates regarding VQIP from Kestrel’s food safety experts and DNV GL, a leading certification body.

Complimentary Webinar
FSMA, FSVP & VQIP: What Have We Learned So Far?
Friday, May 17, 2019
9:00 am – 10:30 am CT
Register now!

Importing food & beverages into the United States can be complex and costly. The Foreign Supplier Verification Program (FSVP) Rule requires importers to verify that their foreign suppliers of food for human and animal consumption meet applicable FDA safety standards. FDA’s Voluntary Qualified Importer Program (VQIP) (TPP) established by the Food Safety Modernization Act (FSMA) provides expedited review and importation of human and animal foods into the United States for approved applicants who achieve and maintain a high level of control over the safety and security of their supply chains.

This complimentary webinar will cover the following topics:

• Validating your FSVP 
• Major issues found by FDA
• VQIP importers’ role
• Eligibility and benefits
• VQIP legalities and consequences
• DNV GL FSMA third-party certification

When business is disrupted, the costs can be substantial. Unfortunately, every organization is at risk from potential operational disruptions—natural disasters, fire, sabotage, information technology (IT) viruses, data loss, acts of violence. Recent world events have further challenged organizations to prepare to manage previously unthinkable situations that may threaten the future of the business.

Securing Company Assets

This goes beyond the mere Emergency Response Plan or disaster recovery activities that have been previously implemented. Organizations must now engage in a more comprehensive process to secure their companies’ assets (e.g., people, technology, products, and services). Today’s threats require implementation of an ongoing, interactive process that assures the continuation of the organization’s core business activities and data center(s) before, during, and, most importantly, after a major crisis event.

Creating a Resilient Organization

Business continuity planning helps ensure that companies have the resources and information needed to maintain service, reliability, and resiliency under adverse conditions. While companies can’t plan for everything, they can take steps to understand and effectively manage events that might compromise their products/services, supply chain, quality, security, and future as an organization.

A Business Continuity Plan ensures that all involved parties understand who makes decisions, how the decisions are implemented, and what the roles and responsibilities of participants are when an incident occurs. Through business continuity planning, companies are able to:

• IDENTIFY the human, property, and operational impacts of potential business threats
• EVALUATE the potential severity of associated risks
• ESTIMATE the likelihood of business threats occurring
• CREATE timelines for restoration and strategies that proactively mitigate the most pressing business threats, take advantage of opportunities that lie ahead, and provide for a more resilient and sustainable future

Systematic Approach

A sound Business Continuity Program relies on a systematic approach to identify and critically evaluate risks/opportunities, as outlined below. This approach broadens the scope of issues beyond mere emergency response and allows companies to budget for and secure the necessary resources to support critical business activities before, during, and after a major crisis event. Ultimately, following this process helps companies to stay in business through a time of crisis.

Sustaining Business for the Long Term

Sustainability is about staying in business for the long term, and today, business continuity is key to sustaining business over time. That is because a well-developed and implemented Business Continuity Plan:

• Keeps employees and the community safe when an incident occurs
• Protects the organization’s important assets (e.g., people, technology, products, services)
• Reduces disruption to critical functions in order to limit financial impacts due to loss of product/service
• Reduces adverse publicity, loss of credibility, and loss of customers
• Reduces legal liability and regulatory exposure
• Reduces the risk of losing critical business data (e.g., historical, operational, customer, regulatory compliance)
• Provides for an orderly and timely recovery by allowing critical decisions to be made in a non-crisis mode
• Helps companies mitigate risks and focus on the future

*****
Guiding Standards

ISO 22301: Societal Security – Business Continuity Management Systems is specifically designed to help organizations protect against, reduce the likelihood of occurrence, prepare for, respond to, and recover from disruptive incidents when they arise. Like other ISO standards, ISO 22301 applies the Plan-Do-Check-Act/Adjust model to developing, implementing, and continually improving a Business Continuity Management System. Following this internationally recognized standard allows organizations to leverage their existing management systems and ensure consistency with any other ISO management system standards that may already be in place (e.g., ISO 14001 – environment, ISO 9001 – quality, ISO 45001 – safety, ISO 22000 – food safety).

The American Society for Industrial Security (ASIS) Business Continuity Management System Standard, National Fire Protection Association (NFPA) 1600: Standard on Disaster/Emergency Management and Business Continuity Programs, and Office of the Comptroller of the Currency (OCC) federal banking requirements for business continuity provide further industry-specific guidance on business continuity management.

Today’s business managers face greater complexities than ever when it comes to making business decisions. For every business decision, there are a number of factors that impact the associated risks. Fortunately, the use of statistics, predictive analytics, and data mining has become increasingly useful in taking the “gut feel” out of making important and often complex business decisions.

Data-Driven Decisions

Most people are familiar with common descriptive statistical techniques, like measures of central tendency (e.g., mean, median, mode) or variability (e.g., interquartile range, standard deviation). More advanced data mining and predictive analytical techniques are increasingly being used to explore and investigate past performance to gain insight for future business decision making.

Data mining draws on large amounts of data to identify patterns, which are often classified as opportunities or risks. Predictive analytics encompasses a variety of statistical techniques that are used to analyze historical data to predict the most probable future events. A few examples of these include the following:

• Discriminant Analysis – a machine learning model where a computer program “learns” a pre-existing data set that includes attributes and outcomes for each individual, and then predicts probable outcomes for individuals in the new data set based on attributes.
• Linear Regression – creates an equation so that one variable can be predicted based on the known values of other variables.
• Logistic Regression – a machine learning model where a computer program “learns” a pre-existing data set that includes attributes and a binary (“yes/no”) outcome for each individual, then predicts “yes/no” outcome for each individual in a new data set, along with a probability associated with the decision.
• Decision trees – machine learning model where a computer program “learns” a pre-existing data set that includes attributes and outcomes (not necessarily binary) for each individual, then predicts outcomes for each individual in a new data set, along with confidence in the decision; also identifies the attributes that are most helpful for making predictions (i.e., those that are best able to discriminate between outcomes).
• Neural networks – similar to decision tree, but more effective if finding the connections between attributes is a concern.

Together, this information can help decision makers to predict the outcome(s) of a decision before it is made—and make smarter decisions based on data instead of gut feelings. The following case studies demonstrate the value that statistics provide when it comes to making important business decisions.

Case Study: Wildfire Risk Index

For a large transportation organization, wildfires have historically presented a unique challenge. The company has worked diligently over the past several years to control its fire risk through research and a number of assessments. To help further minimize the wildfire risk, the company turned to past data and is working with Kestrel to develop a comprehensive Wildfire Risk Index to:

1. Quantify the operational risks of wildfires (i.e., identify environmental conditions, determine areas of concern)
2. Make informed business decisions to help minimize identified risks

Creating the Index requires a significant amount of data from both internal and external resources, including traffic, weather, geography, internal fire incidents, and others. This information is used in several components contained within two main models that create the Wildfire Risk Index. These model components are relatively simple when used on their own. The complexity arises when combining the various models and their components into a single Wildfire Risk Index that reasonably reflects relative risks, while considering all variables.

The ultimate output of the Wildfire Risk Index is a single number that quantifies the relative risk of wildfire by location and by month. This information will help the company to:

1. Identify the areas of greatest risk.
2. Focus resources on those areas.
3. Make more informed decisions regarding operations—like when to plan hot work and when and where to perform vegetation control—to help prevent future incidents.

Case Study: Incident Data

For a large petroleum refining organization, safety and environmental incidents present a significant risk to operations. In order to reduce incident frequency, the company has implemented a robust safety management system, which includes frequent audits and inspections. Despite the company’s best efforts, however, incidents have continued to occur.

To further improve safety and environmental performance, Kestrel is working with the company to conduct detailed reviews of previous incidents using Kestrel’s proprietary Human Performance Reliability (HPR) approach. This approach identifies and classifies the human factors contributing to incidents, as well as the controls associated with those human factors (engineered, administrative, and/or PPE). Once the reviews are finished, the results are statistically analyzed to generate a prioritized list of human factors to be addressed. Kestrel’s Human Factors Integration Tool (HFIT™) software then generates a list of existing controls associated with the top human factors, as well as a list of missing controls that could be created and implemented.

The ultimate output of the incident review process is to help the company identify the human factors contributing to incidents, create or improve associated controls, manage operational risks, and protect the health and safety of workers and the surrounding environment.

Versatility

These examples demonstrate how predictive analytics can be used to support decision making. The versatility of predictive analytics, combined with the variety of statistical techniques available, can be applied to help companies analyze a wide variety of problems and gain insight for future business decision making.

On behalf of our team, Kestrel Management would like to invite you to join us at BRC Food Safety Americas on May 21-22 in Coronado, California.

The conference offers invaluable insights and exclusive updates designed specifically to improve food safety management–and we want to offer you the chance to attend at a discounted rate (see below).

You’ll learn more on:

• Preparing for and passing inspections
• Food safety culture and training
• Identifying and controlling contamination
• Future-proofing food safety
• Traceability within the supply chain

When you register, use our discount code KESTREL15 and receive a 15% discount off your BRC Food Safety Americas registration. Join us in California this May!

GFSI requires a robust auditing function for every organization seeking food safety certification. Specifically, GFSI certification requires that:

• Internal audits are established.
• Supplier audits are conducted.
• External service audits are used.

Each individual GFSI scheme requires internal audits for Food Safety Management System (FSMS) conformance, and each has its own specific internal audit requirements:

• SQF: Internal audit requirement must show that the FSMS is established to meet the standard.
• BRC: There needs to be an effective audit system to verify that the FSMS covers the standard.
• IFS: Effective internal audits shall be conducted according to a defined and agreed-upon program that covers the requirements of the standard.
• FSSC 22000: The company plans, conducts, and reports on internal audits to ensure that the FSMS has been effectively implemented and maintained.

Planning to Meet Requirements

Meeting these GFSI requirements involves developing a strong internal audit program that uses internal resources and trained and certified auditors to perform internal audits. Lack of a properly designed or implemented internal audit process is one of the most common GFSI non-conformances.

It takes planning and strategy to create and implement an effective internal audit program. Kestrel often works with companies to determine the most effective internal audit development process, create a strategy for the audit program, and assist in its subsequent implementation.

All requirements under GFSI must be developed to assure a robust and well-functioning internal audit program, including development of:

• Internal audit process
• Process review
• Effective audit schedule
• Trained internal auditors
• Strong corrective/preventive action program
• Appropriate links to Management Review

Once these elements are developed, conducting required audits allows the company to identify the areas for improvement. Once non-conformances are identified, it is important to evaluate potential approaches and determine what will allow for the greatest improvements, while also meeting GFSI requirements. Following the management system Plan-Do-Check-Adjust cycle helps to ensure continual operational and food safety improvements.

Planning to Realize Benefits

This “planning” approach to internal audits leads to a number of benefits. The company will:

• Become more capable of managing the internal audit process on its own.
• Learn to identify non-conformances within current practices.
• Create opportunities for continual improvement by following the Plan-Do-Check-Adjust cycle.
• Realize subsequent quality improvements and cost reductions.
• Gain a better understanding of the GFSI management system requirements.
• Be better positioned to achieve GFSI certification.

Internal audits identify possible non-conformances and show continuous improvement of the management system for the certifying organization. Auditing on a regular basis further creates an environment where continual improvement occurs naturally.

A Safety Management System (SMS) is a systematic organization of policies, processes, programs, procedures, and records. Like other management systems, an SMS is built on the Plan, Do, Check, Act/Adjust (PDCA) cycle. Ideally, safety-related activities are planned, done, checked (through auditing, inspections, investigations), and finally reviewed by both local and executive management to facilitate continuous improvement (i.e., adjust).

Keys to a Successful SMS

The primary purpose of an SMS is to effectively manage safety-related risks. But how does an organization ensure that its SMS—new or existing—actually does this? Kestrel has compiled the following best practice tips for implementing an effective SMS:

1. All employees with management or supervisory responsibilities must be visibly and conspicuously committed to safety and the SMS. Management demonstrates leadership and promotes commitment to improving safety performance through active and visible participation. It is up to management to routinely demonstrate that this is not just the “flavor of the month” but the organization’s way of doing business. (Choudhry, Fang & Ahmed, 2008; Hansen, 2006; Lyon & Hollcroft, 2006; OSHA, 2015)
2. Employees are engaged in the SMS—emotionally and cognitively. Employees must understand how the SMS works and believe in the value that it offers them and the organization. (Wachter & Yorio, 2014; Moraru, Babut & Cioca, 2011)
3. The SMS is integrated into other business objectives and aligned with other in-place management systems (e.g., quality, environmental). The SMS should support the company’s goals and objectives. Aligning and integrating with other systems further improves efficiency, consistency, and understanding. This also provides the flexibility needed to function in a dynamic business environment. (Hansen, 2006)
4. There are clearly defined safety policies and principles. Policies should be established, communicated, and updated, as necessary. (Hansen, 2006)
5. The SMS establishes challenging objectives, goals, and plans. High standards of performance that are tracked and measured ultimately lead to performance improvements. (Hansen, 2006; OSHA, 2015)
6. Contractors and other third parties are effectively managed. Contractors, suppliers, and others must be assessed and monitored for their capabilities and performance. Clear performance standards should be established to ensure that these third parties meet needs and uphold safety management expectations. (Hansen, 2006; OSHA, 2015)
7. The SMS ensures compliance with legal and other requirements. The SMS should help the organization to measure and verify compliance with applicable legal and regulatory requirements. (Hansen, 2006)
8. There is effective communication about the SMS, including clearly defined roles and responsibilities. Employees need to understand the purpose of the SMS and their roles in achieving related goals and objectives. (Hansen, 2006; OSHA, 2015)
9. Staff receive continuous safety training and development opportunities. Safe operations rely on well-trained employees and contractors who understand the SMS and how to perform their jobs in the safest ways possible. (Choudhry, Fang & Ahmed, 2008; Moraru, Babut & Cioca, 2011; Lyon & Hollcroft, 2006; OSHA, 2015)
10. The organization is committed to hazard identification, risk assessment, and implementing effective controls. Identifying, assessing, and prioritizing hazards can mitigate risks to employees, customers, contractors, and the general public. Procedures should be put into place to continually identify workplace hazards and evaluate risks. Doing so must be a continuous process with periodic inspections to identify new hazards. (Hansen, 2006; OSHA, 2015)
11. The organization conducts injury and incident investigations, produces reports, and follows through on corrective actions. Effective incident investigations provide the opportunity to learn about and improve safety performance. Investigations should identify the root cause and contributing factors, determine and track corrective actions, and share lessons learned across the organization to prevent recurrence. Perhaps most importantly, the organization should refrain from using the investigation to figure out who to blame for the incident. Fault-finding, rather than fact-finding, leads to mistrust and a negative safety culture. (Singh, 2014; OSHA, 2015)
12. Audits provide the opportunity for ongoing re-evaluation and to demonstrate a strong commitment to continuous improvement. The SMS must be regularly reviewed to ensure that it is delivering consistent, desired performance. Planning and implementing internal audits helps verify whether safety processes and activities are meeting goals and creating the desired outcomes. Audits also help determine the effectiveness of the SMS and uncover new opportunities to systematically guide the PDCA continual improvement process. Sharing best practices and lessons learned further promotes ongoing improvement. (Hansen, 2006; Choudhry, Fang & Ahmed, 2008)
13. Risk-based, data-driven decision-making is informed by both leading and lagging indicators. While lagging indicators provide valuable information for SMS improvement, leading indicators provide that information without waiting until someone gets hurt. Advanced statistical techniques and predictive analytics can help predict where and when an incident will happen based on leading indicators. Organizations can make drastic safety performance improvements by making a strategic, sustainable investment in gathering and analyzing leading indicators.
14. Implementation is guided from the top down; buy-in is obtained in all levels of the organization. Ownership of the SMS resides with the safety department and executive management, while ownership of implementation and performance resides with all departments and operations. Safety should be continually reinforced as a line-organization responsibility. (OSHA, 2015; Choudhry, Fang & Ahmed, 2008; Moraru, Babut & Cioca, 2011)
15. The SMS builds on and improves what already exists. The SMS should fit within the organization’s existing business structure and be tailored to the organization’s needs, operations, risks, processes, culture, and existing strengths.

SMS Benefits

For organizations that are able to implement a strong SMS, there can be many benefits. For example, the Health and Safety Executive in the UK (Greenstreet Berman Ltd, 2006) published six case studies in 2006 illustrating the benefits of implementing an SMS. Some of the business benefits identified in these case studies included the following:

• 50% reduction in absenteeism
• Static or decreased insurance premiums
• Access to wider market based on improved safety outcomes

Another case study published in 2010 describes Newell Rubbermaid’s SMS success, as the company realized an 80% reduction in recordables and an 81% reduction in workers compensation costs after implementing a proactive SMS (Zahn, 2010).

In general, most organizations that adhere to the best practices described above may realize:

• Improved health and safety performance and compliance
• Greater operational efficiency
• Reduced injuries and injury-related costs
• Lower insurance premiums by demonstrating to insurers that risk is effectively controlled
• Better morale when employees see employers actively looking after their health and safety
• Improved reputation that comes with the public noticing the organization’s responsible attitude toward employees
• Improved business efficiency and, correspondingly, reduced costs

Each year, Kestrel looks forward to the Food Safety Summit as one of the premier events in the food industry. Join our experts to discuss industry trends and solutions to your food safety challenges.

• When: May 6-9, 2019
• Where: Donald Stephens Convention Center, Rosemont, Illinois
• Who: Retailers, food processors, distributors, food manufacturers, growers, foodservice, testing laboratories, importing/exporting, law firms, and other food safety professionals
• Find Kestrel: Stop by our booth (#214) in the exhibit hall!

Kestrel is proud to provide our ongoing support for the manufacture, processing, and distribution of safe food. We look forward to seeing you in Rosemont!

Kestrel  is pleased to announce our partnership with Measure UAS, Inc. (Measure) to provide drone program management and advisory services to companies with commercial drone operations. The expanded services created through this relationship will offer a more comprehensive array of solutions to companies who currently are or may be interested in using drones to enhance their core business operations.

Meeting Growing Needs

Drone (UAS) technology is evolving rapidly, but the industry is in its early stages. That creates many questions regarding regulations, equipment, applicability, and how drones can best help meet an organization’s specific goals. Companies are faced with the challenge of scaling a safe, compliant, and effective drone program. Lack of planning will (at best) add up to a short-lived drone program or (at worst) cause the organization undue risk or injury.

“Kestrel and Measure are working together to help companies better select and implement enterprise technology to reduce operational risk and to meet both industry and aviation-specific mandates,” explains Kestrel Principal Jack Anderson “We help effectively integrate UAS programs into core business processes and systems to bring the most value to the organization.”

Expanded Services

This strategic alliance will allow organizations with existing or planned drone programs to leverage the collective resources and expertise of the Measure and Kestrel teams, and to access a more comprehensive set of solutions to help ensure the drone program’s success. Together, Kestrel and Measure offer the following products and services:

• Operational Risk Management and Safety Management Systems
• Process Improvement and Compliance Assurance
• Turnkey Aerial Inspections
• UAS Training (Basic, Platform-Specific and Application-Specific)
• Drone Program Management Software
• Drone Data Analysis

“Kestrel’s approach to drone program management and overall operational risk management complements Measure’s portfolio of drone-related services and software,” explains Jesse Stepler, Chief Strategy Officer of Measure. “Together, we have the ability to bring enterprise drone programs to scale in a way that will help organizations reduce risk, improve worker safety, and remain compliant.”

About Measure UAS, Inc.
Measure is an aerial intelligence company that enables enterprises to realize the transformative benefits of drone technology. Through our comprehensive software solution, specialized data engineering team, and highly skilled flight operations, we help corporations deploy drones at scale, saving thousands of hazardous man-hours and providing millions of dollars in operational benefits. More information on the company can be found at https://www.measure.com/.

About Kestrel’s UAS Program Services
Since 1998, Kestrel has been delivering solutions to help companies reduce operational risks, assure regulatory compliance, and implement reliable management systems for continual improvement. Some of the highest value consulting we provide is in project planning and strategy development, particularly in the sequencing of compliance tasks and management systems development. We combine our EHS expertise with our experience developing and managing one of the largest industrial UAS programs in the U.S. to help organizations apply drones to meet company objectives, develop the systems required to ensure compliance, and minimize operational risk. More information can be found at https://kestrelmanagement.com/kestrel-drone-program-management/.

Spring is here…warmer temperatures, melted snow, anticipated rain, and, unfortunately, elevated flood warnings. Is your facility set with its flood preparations/Storm Water Pollution Prevention Plan (SWPPP)?

Safeguarding Against Spring Thaw

Many areas, primarily across the Midwest, are at a far higher risk of flooding this spring due to heavy winter snowpack, near record levels of soil moisture, and existing stream flows that are already significantly higher than normal. Spring thaw is a critical time to evaluate potential runoff impacts from storm waters and to ensure compliance with regulatory requirements for storm water management, particularly this year.

Permit Requirements

According to the U.S. Environmental Protection Agency (EPA), “The National Pollutant Discharge Elimination System (NPDES) permit program addresses water pollution by regulating point sources that discharge pollutants into the waters of the United States.” NPDES permits are issued by states that have obtained EPA approval to issue permits or by EPA Regions in states without such approval.

Businesses with specific SIC/NAICS codes are required to have NPDES general permits in place to help assure protection of the nation’s surface waters. If a business is required to have an NPDES general permit, they are also required to have a Storm Water Pollution Prevention Plan (SWPPP) for their site.

What Is a SWPPP?

A SWPPP is a site-specific, written document that is required to comply with a storm water general permit. The SWPPP describes:

• Potential sources of storm water pollution at the site
• Activities to control sedimentation and erosion
• Practices to reduce pollutants in storm water discharges from the site
• Procedures to comply with the terms of the general permit and Clean Water Act requirements

SWPPPs are intended to be “living” documents that are updated to reflect changes at the site. With thawing, raining, and flooding in the forecast, it is important to review the SWPPP and any Best Management Practice (BMP) strategies to ensure the site is effectively managing storm water and meeting permit and regulatory requirements.

SWPPPs and BMP Strategies for Low-Level Contamination

Kestrel recently talked with the Iowa Department of Natural Resources (IDNR) about how sites can manage the potential impacts of storm water runoff due to anticipated flooding. Here are a few tips to share based on discussions and consultation with IDNR:

Q: If the sites have had no known spills and have evaluated the contained storm water (visual evaluation for sheen, pH testing, BOD, VOCs, Tier II chemicals, and/or any requirements listed on their NPDES permit), is it an acceptable management practice for them to pump the storm water from their containment areas if they are filled with storm water? If they can pump the storm waters, where is the best option to pump them to? Is it acceptable for the industry to pump the retained, non-impacted storm waters to a ditch/culvert basin off their industrial site property?

A: Under the conditions described, storm water can be pumped out of the containment areas when the facilities are permitted if they are required to have permits. The water can be pumped anywhere to which storm water runoff could otherwise be discharged. The discharge by pumping is no different than a discharge by natural runoff, but if the water is clean, it is best to pump during low flow to not exacerbate any issues caused by high flows.

Q: If a business meets the SIC code requirement and all they store outside is a garbage dumpster with a poly lid that covers the top, do they still have to have an NPDES general permit and a SWPPP?

A: Unless the dumpster is covered by a storm-resistant shelter that also precludes run-on and subsequent runoff from the area of the dumpster, including loading and unloading areas, a permit would still be required despite the presence of the lid on the dumpster.

Storm Water Preparedness

Kestrel has worked with many industrial sites that have engineered detention basins designed to help with storm water management and, in some cases, containment for chemical spills or fire waters. Frequently, management of these sites during high water events and in compliance with regulatory requirements can be confusing. Kestrel understands how to manage onsite detention basins that have filled with spring thaw waters and rain.

Contact Kestrel today for a 30-minute, no-obligation consultation to discuss your storm water management and permitting needs. We can help you identify and implement SWPPP and Best Management Practice (BMP) strategies to effectively deal with storm water and potential runoff impacts—and ensure compliance with your National Pollutant Discharge Elimination System (NPDES) permit requirements.