Emergency Management Ready or Not

Preparing security managers for mission impossible safety and security in an open environment

• By Rob Hile
• Jul 01, 2011

Institutions of higher learning are, by virtue of their mission, open environments. They invite creative thinking and resist interfering, without boundaries, fences or barriers to hinder students’ ability to learn at the highest level. To the security professional responsible for providing a safe and secure environment while maintaining the “open” nature of today’s colleges, it’s not a matter of if something is going to happen, but rather a matter of when. There’s no way to prevent someone with the intent to harm the student body, faculty or themselves from showing up, no matter how many surveillance cameras or access-controlled doors there are on the campus. The question is this: Wi ll you be ready to handle the situation when it happens? Do you have the proper procedures and technology in place?

If history has taught us anything, it is that being prepared for any situation or emergency is the best we can hope to achieve. Such organizations as the Federal Emergency Management Agency’s National Incident Management System (NIMS) and its National Response Framework have aided private sector organizations by creating an environment for sharing best practices and much-needed subject-matter expertise for the full spectrum of emergency management and response.

Due to a freer exchange of knowledge and best practices, many colleges and universities are investing a significant portion of their energies and budgets to expand their security programs. Their emergency response framework includes all four phases of incident management, not just the basic functions of prepare and respond.

In the past, threat assessments were often conducted by only the federal government, critical infrastructure overseers or chemical/ biological organizations. But now, such assessments are becoming standard operating procedures (SOP) for higher education facilities. In addition, organizations are developing disaster recovery, resiliency and business continuity plans to ensure that, when disaster strikes, they can resume operations as soon as possible. It’s not good enough to have situational awareness and a generic response plan. The best defense against a catastrophic event is a strong offense coupled with a solid playbook with well-thought-out procedures for any situation.

Let’s explore each phase of the emergency response framework in more detail:

Mitigate: The definition of mitigate is to “cause to become less painful” or “to make less severe.” The best way to accomplish this is to identify all known or perceived threats and develop the best way of dealing with each of them. This is not as easy as it sounds, simply because each facility is different. Even though the threat might be the same—fire, for instance—the student body and faculty’s reaction to the threat may differ depending on a number of factors: the type of fire, traffic-flow patterns, lighting, number of exits, a building’s layout. Ironically, a number of organizations simply search the Internet for a fire evacuation plan, copy it, place it in their SOP manual and move on to the next task. This is just not acceptable given the unique nature of each threat and of each campus’s facility. A number of qualified firms specialize in creating detailed threat assessments for virtually any situation, which would make for a much better evacuation plan. These same firms have assembled best practices from various markets and, in most cases, can help develop an SOP best-suited for your specific facility. Only SOPs specifically designed for your unique situation will help mitigate an emergency situation.

Prepare: Many organizations have spent a considerable amount of time, money and energy on this preparatory phase only to realize when something tragic happened that they were not even close to being ready. As mentioned, without a crystal ball, it’s impossible to know exactly when and where a disaster will strike. Unless one has a good foundation that includes professional threat assessments and custom SOPs, it’s difficult to adequately prepare for an emergency. For example, proper placement of surveillance cameras in common areas, hallways, lobbies and classrooms is crucial to providing firstresponders with critical information in the event of a hostile situation on the campus. Without sufficient planning to identify the best areas to place cameras and the optimal fields of view, how can campus security professionals truly be prepared?

Situational awareness is only part of this equation. Scenario-based role-playing and tabletop simulations are also important elements that should be performed on a regular basis. Without regular training exercises, it can be difficult for security personnel to remember exactly what needs to happen when a tragic incident suddenly occurs. Fortunately, there is help in this area as well. Command-and-control platforms can list SOPs for specific emergencies and provide the operator with detailed written workflow instructions. These systems make it virtually impossible for the operator to make a mistake when dealing with what can be an incredibly stress-filled period of time.

Respond: Probably the most important aspect of the emergency response framework is responding quickly in an organized and accurate manner. The significant provisions of the Jean Cleary Act require institutions of higher learning to make timely warnings to the campus community about crimes that pose an ongoing or immediate threat to the student body or faculty. But what is timely? Everyone has a different answer. It is important that security professionals continue to focus on reducing the response time to as close to zero as possible.

The good news is that integrated security platforms can aid in responding to any emergency by leveraging the power of individual security systems under one common operating system. Grouping specific surveillance cameras in and around a security alarm can provide immediate video verification of any emergency. Geographical Information System integration can provide sitespecific location of alarms, including 3-D imaging, to key security personnel. Virtually every aspect of situational awareness can be made available to first responders via their smartphones or PDAs. The campus’s mass notification system can be integrated and automated with the integrated security platform to ensure the right message goes out immediately in the event of a specific emergency. All or part of an SOP can be automated, such as locking or unlocking exterior doors and locating and dispatching key security personnel in certain emergencies. In the event the operator fails to follow proper protocol, the system can contact his or her supervisor, or electronically enforce critical emergency procedures. This integration can give the operator all the tools he or she needs to respond quickly, accurately and efficiently to any emergency.

Recover: Often the most overlooked aspect of any emergency situation is recovering critical data after the event. Integrated security platforms have the ability to track and record every aspect of the incident, including any deviation from SOPs, all voice and data communication, critical time-of-response data and video footage. Every aspect of the data can be electronically verified for accuracy. In addition, this data can be used for forensic purposes as a basis for review and revision of current SOPs.

As far as business continuity goes, recovery after a disaster can often be measured in thousands, if not millions of dollars. Having the ability to bring your security platform back online immediately after a failure or disaster is vital. Many of today’s systems operate in a virtual machine world that remotely host and mirror key database information, features that contribute to full disaster recovery capabilities.

Remember, it’s not if something tragic is going to happen, it’s when. The ability to implement all aspects of the emergency response framework is critical and essential to managing chaos efficiently and effectively when disaster strikes, turning mission impossible into mission accomplished.

This article originally appeared in the July 2011 issue of Security Today.