From routine to emergency, streamlining the transition
The transition from routine, non crisis preventative activities to crisis or emergency activities can be very complex both for management and field personnel. The following article, part two of a three part series, touches on select aspects of emergency management and is based on lessons learned from real world incidents. This article is by no means comprehensive and touches on the very surface of the subject and thus should be related to as such.
Part three will cover the same topic but will be focused at the protector level. The definitions of routine and emergency can be found in part one of this series by clicking here.
The main complexities in transitioning from routine to emergency are:
- Identifying an emergency situation
- Making the decision to transition to emergency mode
- Initiating a quick enough response to the emergency
Simplifying Complexities through Preparation
Whilst it may seem trivial to transition from routine to emergency activities, both small scale and mass casualty events around the globe have been studied and lessons learned from both successes and failures. During an emergency situation, it is critical that a system wide response is activated. This response should be rapid and decisive enough to minimize the damage caused by the problem in the shortest time possible. Should robust preparations not be in place, time will be wasted in this transition and the security system’s effectiveness will be diminished. The list below outlines some of the complexities that management face when preparing for an emergency.
Complexity: Recognizing an emergency situation
At face value, it seems fairly straightforward, but in actual fact, precious seconds, minutes and even hours are often lost due to not recognizing an emergency in time to control it before it evolves into a more complex situation. For example, many of the recent attacks in Africa began with a suicide bomber or VBIED outside the target which once detonated, the terrorists enter the site shooting. Just think how many lives would be saved if a plan was in place to prevent the attackers getting inside? The attacks in Mumbai in 2008 is a textbook example of a rolling or progressive attack and an excellent case study as to the damage that can be caused lest the attackers not be stopped as early as possible. There was no emergency plan at all.
Keep in mind that the MOs are global and that terror groups learn from others’ successes and failures.
Recommendation: Recognizing an emergency situation
It is not plausible to implement security apparatus that can effectively protect against every eventuality whilst enabling the protected site or person to function in a productive, unhindered manner. As such, one of the outcomes of a comprehensive Risk, Threat and Vulnerability Assessment (RTVA) should be a list of probable emergencies and relevant warning signs, or blatant indications that would indicate the particular MOs. As part of the routine procedures, all security personnel should be very familiar with these warning signs and familiar with actions to take without hesitation should these signs or indications be present. A process to check and verify possible signs should also be defined.
Complexity: Declaring an emergency
Who is authorized to declare an emergency? The vast majority of security protectors and management who I’ve asked who can declare an emergency have one of two resounding answers. They answer either “the director (or boss)”, or they answer “I don’t know, we haven’t thought about that”. Ask yourselves, who, in your organization can declare an emergency? In a real time emergency, such as a terrorist attack, every second lost equates to an additional person/s getting killed and thus in reality, there is no time for back and forth communications once an attack is imminent or has already begun.
Recommendation: Declaring an emergency
Whilst the incident management and life-cycle should be directed by security management, each and every trained security person, regardless of whether management or in the field, should be enabled and authorized to declare an emergency. If you believe your staff are not capable or trustworthy with such a business disrupting decision, then a reexamination of your staff, training and policies is required. During a real, life threatening emergency, there is no time to “get approval”, the attack needs to be stopped and transitioning to emergency mode as soon as possible will contribute to this.
Complexity: Timeline for solving the issue
Once an emergency has been declared, it is imperative to end the incident as quickly as possible. Without defining a realistic timeline for the life-cycle, and cessation of probable emergencies, direction and effective management can be lost, possibly enabling a “rolling” or progressive attack.
Recommendation: Timeline for solving the issue
Should a hostile act extend past the reasonable allocated time for cessation, a clear milestone based escalation process should be actioned.
Complexity: The use of non-routine equipment
An emergency is not the time to learn how to use unfamiliar equipment. In addition, this equipment which usually is purpose specific during an emergency, needs to be maintained at operational ready status during times of routine.
Recommendation: The use of non-routine equipment
Regularly train with the emergency equipment and tools. Maintain these regularly and ensure everything is in working order for mission critical functions.
As security professionals, during routine activities we are faced with a vast number of actions every day. During an imminent or occurring emergency however, our attention and focus needs to be directed to the issue at hand.
During an imminent or occurring emergency, all the security manager's focus needs to be directed toward ending the emergency as soon as possible with the least amount of damage caused. Action items should be conducted swiftly and decisively and non-critical actions should wait until after the incident.
Complexity: Too much information
Once the emergency has begun, you will receive reports from your security staff, inquiries from employees and management, and possibly press and the general public. This can greatly hamper the security manager’s ability to make rapid decisions due to the blast of information from the field.
Recommendation: Too much information
The security manager should filter out the “white noise” and focus only on relevant information which is important right now to help manage or end the incident. In addition, the security manager should place a lower priority on information that is not from quality sources so as to avoid “wild goose chases” when every second counts and manpower is limited.
Too much communication will hog the system and hinder the dissemination of critical information.
There are several, equally important points regarding communications during an emergency. All communications not directly related to the emergency should wait until after the incident to ensure that the lines of communication are open for critical communications only. The second, but no less important aspect is that dedicated communication to emergency services should be available. The last point regarding communications is that all systems, if not used on a day to day basis during routine activities, should be regularly tested to check that they work and that the people that need to use them in emergencies know how to use them.
Complexity: Mass-communication to non-security persons
When a crisis arises, it is of utmost importance to communicate what is happening, sometimes with instructions to non-security persons in the environment you are responsible for. The problem arises when we, as humans, are stressed and have multiple activities to conduct. Under the great stress that accompanies emergencies, we may make mistakes when communicating, be unclear or simply deliver a confusing message.
Recommendation: Mass-communication to non-security persons
A set of accessible, pre-defined messages to be read as per specific emergency is very helpful, assisting the reader to focus on the written message without having to remember the precise wording under great duress. These messages are often delivered via PA systems, bullhorns, text message, etc.
Complexity: Declaring an end of incident
Just as it is critical to declare the emergency, so it is important to declare the end of the incident or emergency. It is however very complex to be certain the incident is over and thus certain guidelines need to be in place. Is the incident over when the authorities arrive? It is over when the attack has seemingly stopped? Is it over only after post incident sweeps and scans?
Recommendation: Declaring an end of incident
There are multiple options for this, but for the sake of simplicity in an article, the end of the incident is over from a security perspective when the authorities have declared so. This does not need to, and should not however contradict your own internal post incident procedures (as long as they don’t conflict with, or hinder the authorities).
A word on checklists
Anyone who has worked me in recent years, or who I have had the privilege of teaching, will know that whilst I find systems useful, I prefer not to work according to standardized checklists as each environment, and each scenario is unique. Under stress however, environment specific checklists, supported by written procedures are extremely valuable to the security professional. As people, we can get flustered and panic under extreme circumstances and it is checklists and written procedures which greatly help us gather our thoughts and not let any key actions fall through the cracks by presenting a simplified chronology of what needs to be done. Current, written procedures for both routine and emergency are very important in any security system and should never be neglected.
The transition from routine to emergency is complex, but can be conducted with great efficiency if prepared ahead of time and if emergency procedures are defined, and known by security personnel. The emergency is not the time to create procedures, and whilst we should be open to unconventional solutions to the issue, pre-defined flows and procedures will greatly help support the transition of the security apparatus from routine activity to emergency activity and thus support mitigating the damage from attacks during extremely stressful situations. Operationally ready security personnel, tools and procedures will greatly streamline the transition from routine to emergency.
Part three to this series which will focus on the protection professional in the field, will be published in approximately one week.