Security Emergency Preparedness
Preparedness is defined by DHS/FEMA as “a continuous cycle of planning, organizing, training, equipping, exercising, evaluating, and taking corrective action in an effort to ensure effective coordination during incident response.” This cycle is one element of an expansive planning and preparedness system in order to prevent, respond to, and recover from a security incident, acts of terrorism, and other disasters. (source dhs.gov)
Is your organization ready for a Security Emergency?
Security Planning
When it comes to preparing for and responding to a serious security incident such as an active shooter, is your organization ready? Do you have a security plan in place that is up-to-date and does it meet or exceed industry standards, published guidelines and best practices? Before you say yes to the above, are you really sure?
Did you know that the average plan has never been tested? Did you also know that if you are planning on your local law enforcement to assist in the event of a man-made disaster or security incident that you might find out too late that they have different plans?
When was the last time that your plan was reviewed and/or revised? It seems that no matter how many times that question is asked, and often answered with the response of “annually,” the fact is that is just not the case.
Emergency Response Planning
What seems to elude a lot of organizations is the fact that planning makes it possible to entirely manage the extreme security incident from pre-incident through post-incident. Basically meaning that your organization needs to plan to prevent, prepare, respond, and recover.
When planning for a security emergency your organization has to establish priorities in all parts of the planning stages. Along with that you will need to identify what are the expected levels of performance and capability requirements of your staff, or in those cases where another agency such as law enforcement or a private security contractor will be handling your response, what are their actual capabilities?
Security Culture of Preparedness
When it comes to planning for any type of security incident the best approach is to have an all-hazard approach, which is a comprehensive plan that takes into consideration most security emergencies/incidents.
The most important factor is to have a security response plan and associated policies and to ensure that adequate plans are in place and are validated, defining necessary capabilities required to address threats, providing resources and technical assistance. The one area that many organizations fail in is the validation of the plan, in other words it is often never tested to see if it will actually work or that the resources identified within the plan will be available.
Training all staff and managers is a key part of building a culture of security preparedness. Your organization must establish and deliver effective training and professional education programs for your organization’s response.
Security Considerations
There are actions that should be taken before, during and after a security event that are unique to each incident, therefore an organization must identify the potential risks, vulnerabilities and threats that have happened or could happen in your area and plan for the unique actions for each.
When reviewing past incidents one of the issues that came up several times was the fact that although an organization had a plan in place, during the actual incident they could not gain access to it either because it was not safe, or because law enforcement had taken over a scene and would not allow access. If that happens at your facility, what is your plan to ensure that you have access to and are following your response plan?
One of the best ways to determine if your plan is comprehensive and meets or exceeds industry standards and best practices is to have an independent security professional review it. The other important step to take is to actually test the plan, and when doing so insure that all outside services that are mentioned within your plan are a part of that drill. In essence you want to be sure that their agency and your organization are on the same page now, verses finding out later that that is not the case.