Returning to Business as Usual – Post-Event Recovery

Returning to Business as Usual Post Event Recovery

“No plan of operations reaches with any certainty beyond the first encounter with the enemy’s main force” as Prussion military commander Helmuth van Moltke wrote in 1880. However, this shouldn’t be read as implying that planning in general is a wasted effort. Any incident which triggers the emergency response framework of an organisation should be evaluated post-event to identify areas for improvement, learn from mistakes and to prevent similar incidents from happening in future. As the well-known 5Ps acronym suggests Prior Planning Prevents Poor Performance and a post-event evaluation will need to address the adequacy of the original emergency planning and the capability of the persons involved to effectively act on this plan.

Immediately following any incident, the business continuity plan exists to identify the impact to critical business processes and set out the strategy and resources required to return to business as usual.

Standard methods of incident reporting such as the M/ETHANE model allow for information to be shared between emergency services in the event of serious incidents, such as terrorist attacks. In order to properly evaluate any critical incident an accurate record of actions must be kept during the event. Clear practices and procedures for such log-keeping will then allow for an accurate post-event evaluation.

In 2017 a suicide bomber detonated an IED in the crowded foyer of Manchester Arena killing 22 people and injuring many more. This impact of this incident highlighted shortcomings in the original procedures requiring an independent review.

The Kerslake Report (Lord Kerslake, 2018) into the emergency response to the Manchester Arena attack highlighted several key findings as to how the various emergency service involved interacted and communicated with one another.

Since 2013 emergency services have been coordinating their response to a major incident through the Joint Emergency Service Interoperability Principles (JESIP, 2016) comprising of the following five key concepts:

  1. Co-locate
  2. Communicate
  3. Co-ordinate
  4. Jointly Understand Risk
  5. Shared Situational Awareness

One of the findings of the Kerslake Report was that there was a failure to properly co-locate, communicate and co-ordinate with the Ambulance and Greater Manchester Fire Services. This lack of communication caused confusion as to the risk and a lack of common situational awareness meaning that their involvement in the recovery was delayed.

As well as obvious physical injuries, terrorist attacks will also cause psychological distress to those involved both employees and the public or customers. Post-incident support is, therefore, something that should be included in crisis management planning. It should incorporate debriefing, support from trained professionals, monitoring of staff over time and support for the wider community. Upcoming pre-planned events, including social media campaigns may need to be reviewed to ensure that they continue to be appropriate. For example, a pre-scheduled lighthearted tweet or email campaign may be highly inappropriate after a terrorist attack and be seriously detrimental to the reputation of an organisation which is seeking to convey a concerned and sympathetic response to an event.

The Manchester Arena enquiry identified the need for consistent safety and security standards across publicly accessible venues. With the imminent introduction of Martyn’s Law (Protect Duty) organisations that fall within its scope will have a statutory duty to prepare and secure against terrorist attacks. It is, therefore, essential that any post-event response assesses how statutory duties such as this one have been complied with. Long-standing statutory duties such as health and safety legislation will obviously, still apply in such situations.

Another finding from the Kerslake Report was that communication channels were unsatisfactory meaning that families of those involved struggled for information which significantly added to their distress. Post-incident support should be pre-planned and a part of emergency incident strategy rather than an ad-hoc response. Terrorist attacks on an organisation can affect both its employees and its customers. Separate channels with failover options may need to be implemented to cover these. For example, public helplines, staff phone trees and alternative methods to email such as WhatsApp.

A crisis communications plan is key part of any organisation’s emergency planning documentation. This plan should include the communication policy setting out the chain of command, staff expectations and relevant channels. In addition, it should also include holding statements, roles, responsibilities and resources. By controlling the narrative, an organisation is in a better position to control outcomes post-incident and limit reputational damage. Social media channels mean that the public expectation is for a very quick response in any situation.

Guidance from the National Protective Security Authority is that the police should lead on external communication on anything related to a terrorist incident. Police forces work to a shared “Major Incident Plan” and are structured for mass communication with the public in light of an incident. The organisation should work closely with the police to assist with the accuracy of this communication.

In conclusion, planning for post event activities is an integral part of the emergency response framework and business continuity planning. Procedures and processes are defined to be followed in the event of an emergency incident.
Training and exercising should be designed to rehearse this response and both exercises and real events would be evaluated to ascertain the capability to effectively deliver this planned response. By implementing cohesive plans, both pre and post event, an organisation is putting itself in the best defensible position should a terrorist incident occur as well as protecting its’ staff, customers and the public