Resource Type: Free Resources

DTR011 Space and Territory: Creating a Secure Org.

This module will take you through Space and Territory: Creating a Secure Organisation.

  1. Creating A Secure Organisation
  2. Introduction
  3. Total Security Management
  4. Two ‘Best Practice’ Organisations
  5. Security is About the Management of Territory
  6. The Attributes of Territory
  7. ‘Total Cover’
  8. ‘Tight Management’
  9. Territory Equals ‘Security in Depth’
  10. Security in Depth
  11. Total Cover Means That Everyone is Responsible for Security
  12. Tight Management Is ‘Sensitive Systems’
  13. Kaizen….
  14. Summary
  15. Main Points
  16. Further Work
  17. Exercise 1:
  18. Exercise 2:
  19. Exercise 3:

The information in this document is part of the Deltar
‘Level 4 Management Award in Advanced Risk and Crisis Management’

Creating A Secure Organisation

‘The purpose of security is to create safety, not respond to danger’.


One of the most effective ways of developing security management systems is to look at how other organisations manage their security programmes, and to learn from how they have managed to balance the various aspects already covered in previous chapters. This chapter introduces two organisations that are widely accepted to have developed world class Best Practices for dealing with widely differing threat profiles: one is tasked with managing mass-access but low-threat amusement parks, whilst the other has developed its own security management practices in the face on international terrorism for over forty years. The principles that they have developed to create security management capability across their organisations will be of value for anyone involved in any aspect of security management.

Total Security Management

Although the ‘Creation of a Safe Organisation’ is the ultimate objective of any security manager, there are still many differing (and in some case, conflicting) ideas of how that can be achieved.

One of the common models of security management has been ‘Threat-Based Management’ which was covered in the three-stage Risk Assessment – Risk Control – Contingency Planning model introduced in Unit 1, which is based on the idea that if you identify all possible threats, and then develop methods (‘protocols’) to prevent them from happening, you will then have created a safe organisation. The problem is, of course, that you will never run out of possible threats, and the likelihood is that however many threats you think of, the world will throw a new one at you that you hadn’t taken into consideration.

However, another method is to approach the problem from the other side, namely by concentrating on creating security as an integral part of the organisation, and then trusting that any potential problem that might become threat to the organisation will be identified early enough to manage and deal with that potential threat before it has the opportunity to escalate into an actual danger. One phrase used to describe this approach is ‘Total Security Management’. Although TSM was originally coined to describe the management of vertical risk – that is, through the different levels of supply chain management, so that the end-user was not dependent on the effective management of the previous links in the supply chain that were outside of their control, it can be equally used to describe the total control of territory that comes under a security manager’s responsibility. In this way, security management can be seen as a proactive measure designed to create safety, rather than a reactive system that responds to risks, threats and dangers only after they have been detected.

Two ‘Best Practice’ Organisations

There are two organisations that are widely recognised to have integrated best-practice security and risk management into every aspect of their wider management operations, one dealing with the issue of normal, daily low impact high-likelihood scenarios, and the other dealing with potentially more serious low-likelihood-high impact threats.

The first is Disney World, which has created a self-contained Kingdom within which one of the main selling-points for potential visitors is its safety. Although Disney World is designed to deal with a massive amount of people with the freedom to choose to do a massive amount of different things (apparently…), the underlying management system is one based on total control of their territory, so that once you are inside Disney World you are actually experiencing a totally managed experience.

The second organization is El Al, the Israeli national airline, which since the first political hijacking of a plane on 21st June 1967 of an El Al plane from Rome to Tel Aviv airport (following the end of the 6-Day War), has maintained security in its airports and planes across the world for 45 years (despite a couple of notable exceptions, specifically the killing of 26 people in an attack on Lod Airport (now Ben Gurion) in 1972 by members of the Lebanese-trained Japan Red Army). El Al is still considered as perhaps the most effective security management system in the world, and its methodologies are widely accepted as setting the bench-mark for securing mass access public areas. Although the Disney World and El Al are seemingly faced with radically different threats, the methods they have devised to manage them are remarkably similar.

Security is About the Management of Territory

The first concept common to both systems is Territory. Territory is that space over which you have control, and for which you take responsibility. For both Disney World and El Al, their territory begins a long way before you reach any actual buildings. In Orlando, Florida, there are signs welcoming you to Disney World from 30 miles away, telling you what documents you will need, informing you of what attractions are available, telling you what radio station to tune to for Disney world information. In Israel’s Ben Gurion airport, the first check points are 2Kms from the actual airport, and are designed to give you the positive feeling that you are entering a safe zone, one where possible threats and problems have been identified and effectively mitigated. This First Point of Contact has two purposes. The first is to clearly mark the territory where you accept responsibility for creating and managing a safe space. The second is to allow the FPoC to act as an initial filtering system, allowing the initial security team to identify people who will not move through the system smoothly, who can then take be taken to the side and dealt with on an individual basis, without disrupting the main flow of business.

The concept of Control of Territory is continued once the visitor is ‘inside’. There is nowhere within Disney World, or within an Israeli airport or airline section, that is not under the control of someone who has the specific responsibility for maintaining the safety of that area. One writer told how his daughter developed a blister during a visit to Disney World and removed her shoes and socks. She was immediately identified and confronted. When told that this was not allowed ‘for the safety of visitors’, and that failure to replace her footwear would result in them being escorted from the grounds, she decided that the she would undergo the pain in order to be allowed to remain within the funfair.

The Attributes of Territory

Territory is defined by a Boundary. This is where the First Point of Contact is made. Access Control allows easy entry to that territory for those who pose no problem, and gives the security system the opportunity to identify potential problems before they are able to make an approach to higher-risk areas deeper within the system

‘Total Cover’

The second concept common to both organisations is the fact that ‘Everyone is involved in security’. It is reasonable to presume that a small security team cannot maintain control and ‘eyes on’ to every possible situation that might develop. However, if everyone within the organisation is security aware, then the likelihood is that someone will become aware of a potential problem before it escalates into an actual threat, and that information can be passed on to the security team, who can then intervene in the most appropriate manner. This is not only relevant to traditional security threats, but is valid for any actions that could threaten the organisation.

Although it seems that this is a simple principle, you only need to read the papers each day to see how organisations are putting themselves into danger because simple problems are allowed to develop into major threats, because although people are aware of them, no-one has taken the responsibility to inform someone in authority.

The question therefore, is how can we adapt the lessons learned from these global security leaders, and introduce these highly effective security management models into our own organisations?

‘Tight Management’

The third principle of security management that both systems are based on is that of ‘Tight Management’. Writing security manuals and lists of protocols is easy. Maintaining them at an effective level over time is almost impossible. The truth is that most security programmes fail because the policies that have been put into place are not adhered to, and then a culture of laziness or ignorance becomes embedded into the organisation. Both of the organisations that we have discussed here have a very strong management system in place, so that there is a clearly-defined organizational culture that security management is important, everyone understands what they have to do, and control systems are in place to ensure that they do so. If you want to test the system, drop a chewing gum wrapper on the floor at Disney World, and see how long it takes for someone to pick it up, and then inform you that littering is not allowed.

Territory Equals ‘Security in Depth’

Territory is not just ‘Space’. For example, if you were the manager of a factory with an attached car park, but you had no information about what was happening within that car-park, it could not be considered your ‘Territory’. Even if you had information about the car-park – for example, through use of CCTV monitored from a central Control Room – but could only observe what was happening without being able to do anything about it, you would still not be able to consider that area your territory. So, one definition of Territory is ’That area over which you have both information and control’.

Once the concept of Territory as a function of information and control is accepted, the next question concerns exactly where our territory starts. This is a critical question in the process of developing an effective security management capability.

Any Territory is defined by Boundaries. It should be clear to anyone coming into your territory that they are now coming under your control – though that should be done in a friendly, welcoming way, rather than an officious, impersonal way. The Boundary is marked by the First Point of Contact. Although the First Point of Contact might be overtly security-based, as in a government building or military base, depending on the general threat environment it can also be seen in terms of ‘Meet and Greet’. This form of security as ‘customer care’ can be seen in hundreds of different situations where security managers want to clearly mark the beginning of their territory, such as bars, where there is a Door Supervisor outside the door, 5-star hotels, where there is a doorman waiting to greet you, corporate headquarters, where there are security personnel who will show you to the reception desk, or shopping centres, where there are (or at least, should be!) security personnel at the main entrance.

As we established in Unit 1, there is always a balance between Freedom and Security. One way that we can calibrate the level of security is the distance between the First Point of Contact and the thing that we are securing, and the number of barriers you need to pass top get there. As a basic rule, ‘The greater the distance between the FPoC and the target, and the greater the number of barriers, the safer you are’.

Security in Depth

Additional security can be created by increasing the distance from the First Point of Contact and the main area that is being protected, and by the introduction of additional barriers. The basic principles behind Security in Depth are the same whether it is limiting access to the backstage area at a concert, the VIP room of a club, the Chairman’s office in a major corporation or the research laboratories in a technology company.

Total Cover Means That Everyone is Responsible for Security

One of the fundamental principles of both Disney World and El Al is that security is not just a single event – you show your pass to someone, and then the security checks are finished – but that security is in-built into every aspect of that organisation’s functions.

For example, whilst the security teams in both systems are highly-trained, extremely professional and well-resourced, they are not the only people responsible for security. The car park attendants, the toilet cleaners, the peanut-sellers, the people taking the rubbish out of the kitchen are all considered to be part of the security management programme. In this way, it is possible to have total cover of an organisations’s territory, where someone will be bound to spot any potential problem before it becomes an actual danger. The role of that person is then to inform the security team that something is not quite right, and they will then be able to respond in an appropriate manner, assess the situation and take the necessary actions.

Tight Management Is ‘Sensitive Systems’

David Veness, the former head of Metropolitan Police Special Operations Unit, who was later a Special Adviser to the United Nations Commission on Security, used to have only one sign on his desk. It read ‘Security is the management of complacency’. Any effective security management programme has to be one which can be maintained over time, without any loss of capability. Although this is a simple idea to put into words, it is possibly one of the hardest aspects of security management to actually control.

People are lazy, systems that are considered too intrusive are switched off, good practices are left to wither, systems are not maintained, and often after a certain amount of weeks or months, things return to how they were. It is well recognised that to create genuine organisational change is one of the hardest things to achieve, and yet to a large degree that is the purpose of the security manager. After all, if everything was OK, there would be little need for the security manager in the first place.

Although there are often limits in what a security manager can achieve (it is often true that the security manager is relatively low in the organisational power chain), there are a number of basic rules that will make it easier to achieve organisational change, and introduce an effective security management system that will at least move towards the creation of a safe organisation.

The first is that it is better to have a few rules that everyone follows, rather than many rules which are mainly ignored. The purpose of the security management programme is to support the overall activities of the organisation, so any rules that are introduced should be simple, easy to adhere to and understood by everyone. If there is a system of access passes, that should be used by everyone. If there is a rule that lone workers should log where they are going to be, and then confirm that all is well in a final call before they go home, that should be adhered to.

The second rule is that the security management system needs to be supported by everyone, from the Chairmen to the toilet cleaner. Security is not just the responsibility of the security team, but is one of the basic functions of everyone who works within that organisation.

And the third rule is that security is for ever. It is the role of the security management to ensure that the level of security awareness and readiness is maintained, and that standards are not allowed to slip. The Second Law of Thermodynamics (also known as Entropy) states that unless extra energy is put into a system, it will tend to slow down, lose effectiveness and generally come to a halt. This is equally true of security management. Effective security management is not a natural state. It is the role of the security manager to ensure that the necessary protocols are adhered to, just as much as writing the initial security management programmes in the first place.


Having taken two examples from American and Israeli organizations, we can finish off this Module with another concept, this time from Japanese management systems. Kaizen is the idea of ‘Continuous Improvement’, and has become one of the leading general management theories in the last twenty years. In its simplest terms, Kaizen is built on the principle of incremental improvement – identify a weakness, find a way of improving it, implement it. It is a philosophy as much as a method, and believes that everyone has expert knowledge of their own field – the car-park attendant is as expert at being a car park attendant as the chief scientist is as being a research manager. They might also be aware of ways in which the security of the car park might be improved which no one else in the organisation has. Arsene Wenger, the Arsenal manager, put it another way. ‘If you improve a hundred things by one per cent, you get a hundred per cent improvement’. Whilst this may not be strictly true from a mathematical perspective, it is an excellent way of managing security kaizen.


Security has to begin and end somewhere, and that point is decided by how we define the territory that we accept responsibility for. Security in Depth describes the way that we can utilise our own resources in order to create progressively more secure environment. These simple principles of security management are used by two of the most well-respected organisation in global security management, each of which is facing completely different potential threats.

These principles are easy to understand, simple to implement, and can be adapted to almost any security situation.

Main Points

  • Total Security Management allows you to be proactive in developing a safe organisation, rather than responding to individual risks / threats
  • TSM can be Vertical – as in Supply Chain Management – or Horizontal, through control of Territory
  • Territory is Space which is defined by Boundaries, and for which you have Information and Control
  • Safety is increased by Security in Depth
  • Everyone in an organisation is part of the Security Management Programme
  • Kaizen allows for a culture of continuous improvement across the organisation

Further Work

(Although the exercises below do not constitute part of the assessed course work, they are offered as a suggestion as to how students can utilise the principles covered in each module in a practical, task-orientated manner. Your tutors will be happy to give you feedback on any work you do, though it will not carry marks for course assessment).

Exercise 1:

An organisation has been identified as being involved in an oil spill in Alaska. The Board have decided that the security system around its HQ offices on the 13th-20th floors of an office block in Canary Wharf need to be reviewed, and if necessary improved. Using the principles covered in this module, what recommendations could you make to the Board?

Exercise 2:

Your Chairman has returned from a visit to Japan, where he has heard about Kaizen. He has requested you give a presentation to the next Board meeting, identifying how Kaizen can be of use to the overall security management of the organization. Put together a PowerPoint briefing (about twenty minutes), that could be given to the Board, together with notes that could be distributed to the Board at the meeting.

Exercise 3:

Your company has taken over a production factory in Ukraine. It stands in its own area within a larger industrial park. As Head of Security EMEA, you are going to visit the facility to assess the level of current security, and to identify possible areas that might need improvement. Put together a checklist of points that you would need to cover during your visit to the facility.

DTR012 Gold, Silver, Bronze : Operations Management System

This module will take you through Gold, Silver, Bronze : Operations Management System.

  1. Introduction
  2. Gold, Silver, Bronze – Creating Operational Capability
  3. Potential Problems with the GSB Command Structure
  4. And finally…
  5. Summary

The information in this document is part of the Deltar
‘Level 4 Management Award in Advanced Risk and Crisis Management’


The Gold, Silver, Bronze (GBS) command system is used across the world to manage any sort of operation that involves multi-team coordination. Multi-team operations inevitably create issues of command and control, communication, information transfer, and integration with other teams, and possibly other outside organisations. This chapter introduces the basic concepts behind the GSB command system, as well as giving examples of where the GBS system has been used in real-life situations. An understanding of the GBS system will give the security manager the skills to design more complex security operations, safe in the knowledge that they will be able to function effectively and with a high degree of coordination and adaptability in the widest range of possible scenarios.

Gold, Silver, Bronze – Creating Operational Capability

One of the basic problems in security management is turning good ideas into operational capabilities. Unless it is little more than a one-office operation, the likelihood is that the security management operation will consist of various teams, each with their own duties and responsibilities, and which might well be based in different sites, geographical areas, or even countries. The Security Manager will be passing instructions on to other people, often Team Leaders, who will then be expected to carry out those duties. As such, it is likely that there will be the need for a Command and Control Structure that will allow effective daily operations to take place. This module looks at the most common form of Command and Control Structure, and is designed to give the student an understanding of the various components and functions of the system that will allow them to design the most appropriate C&C system for their own organisation.

The three-tiered management structure is common to almost all operational management programmes, whether it is government, military, emergency services or corporate. It consists of Gold, Silver and Bronze Command levels, each of which have their own duties and functions, and it is designed to allow information to pass speedily up the chain, commands and instructions to cascade down the system, and over all a high-level of coordination between the different teams and other units involved in the command structure. If designed correctly, the C & C system should be able to deal equally effectively with standard daily activities, minor incidents that might require immediate response, and crisis management situations that demand a high level of coordination and organisational resilience.

Bronze Command level denotes the lowest level of the command chain, and consists of the people, and teams who will actually do the work. This is often called the Operational Command. This could mean inter-facing with the public, as in a hotel security team, the security teams in an airport or the door supervisors in a pub. The Bronze level teams are the people on the ground, so they will often be the first people who are aware of changes in the immediate situation. As such, as well as carrying out their individual functions, their role is also to be the ears and eyes of the Silver and Gold Commanders, and to pass information up the command chain as required.

Silver Command is the level of command responsible for making sure that that work is carried out effectively, and is often known as the Tactical Command level. Tactical Command could involve defining roles and responsibilities, creating working protocols, delivering training programmes, ensuring that the correct equipment and other resources are in place, and in general ensuring that operational capability is at the required level. The Silver Command level may well be on charge of a number of Bronze level teams, and one of the functions of the Silver Command is to coordinate the work of the individual bronze teams so that they can respond in the most effective manner to any incident that might occur.

The Gold Command level is responsible for creating the overall strategy, so that each team knows where they fit into the overall command structure, and how their roles contribute to the overall success of any operation.

As an example in a hotel chain, the Gold Commander might be the Regional Security manager, who is responsible for ensuring that there are clear security polices within each hotel, that there is sufficient training and resources to allow the security teams to carry out the functions, and who would review the security operations on a regular basis. The Silver Commander would be equivalent to the hotel security manager, who is responsible for ensuring that the hotel, its staff, guests and general operations are kept safe, and that all appropriate steps are taken to ensure that those processes are adhered to. The Silver Commandeer would also be responsible for managing the response to any situation that would come outside ‘normal daily activities’, such as a complaint from a guest, a report that a member of staff was stealing from rooms, or a tree falling down in the car park. The Bronze Commander would be the person acting as Shift Manager or Team Leader, who would be actively interacting with staff and guests as their first point of contact, and who would be the people actually responsible for the on-going safety and security of the hotel.

One of the advantages of the GSB system is that it allows different Bronze Commanders, Silver Commanders or Gold Commanders to coordinate their actions with similar-level commanders in different systems, so as to create effective multiteam working groups. This is the basis of the most ‘senior’ of the GSB Command system in the UK, COBR, which is the government-level crisis management system. COBR stands for Cabinet Office Briefing Room, and is used when there is the need to coordinate a large number of different organisations for a national crisis, such as terrorism, health scare or natural disaster (such as flooding).

This is an example of an operational command system as set out by the National Police Improvement Agency (NPIA) Guidance on Command and Control

The COBR Strategic Coordinating group is comprised of Gold Commanders of various representative groups, each of which comprises organisations which have their own Gold Commanders. This is an extremely effective system for allowing a large amount of information and expertise to be brought together into one meeting, as well as allowing orders and requests to cascade down the command chain extremely quickly and efficiently.

This example of a Strategic Coordinating group demonstrates the number of stakeholders that need to be included. However, this is an extremely effective way of getting senior decision-makers together, allowing fast decisions to be made that can then be cascaded down through a variety of chains of command


Potential Problems with the GSB Command Structure

Although the Gold, Silver, Bronze (GSB) Command Structure is recognised as being the most effective way to manage security operations that are bigger than a one-team operation, there are a number of potential problems that are repeatedly identified as causing problems both in the planning and development stages of security management, as well as in actually responding to incidents.

The first potential problem, and one that is almost always identified as one of the critical causes of operation failure, is Communications. More precisely, it is the failure of the transfer of complex information under pressure. Carl von Clausewitz, the great Prussian strategist, coined the phrase ‘Fog of War’ in 1837 to describe the general chaos and uncertainty that almost always accompanies operational activity. As organisational complexity increases, due to more levels of command and a greater number of different teams, the pressures created by responding to unfamiliar or unknown situations whilst having to operate with less than full information creates an environment where information can be easily lost, misheard or misunderstood.

This can be the case even when the security operation is run by the best trained operation managers in the country. The Jean Charles de Menezes incident in 2005, when an innocent Brazilian student was mistakenly shot by armed police counter terrorism teams, was in a large part due to a misunderstanding as to the nature of the threat. Was it a ‘normal stop’, or was it part of Operation Kratos – a stop with possibility of a ‘critical shot’ to prevent the immediate detonation of a suicide bomber’? Despite the clear national threat, and a whole range of briefings, there was still lack of agreement in the report given by one of the officers who made the critical shot, and Commander Cressida Dick, who was acting as Gold Commander at the time, and who had denied giving any order that would have triggered ‘Operation Kratos’. The report into the de Menezes incident by the Independent Police Complaints Commission gives a good insight into some of the issues of command and control in the pressures of immediate incident response.

An associated problem with the transfer of information is stove-piping, or when different departments don’t share information with each other. This can be because there is simply a lack of available channels to exchange information, or can be because different departments see other departments as possible rivals for influence, and therefore see the control of information as a way of maintaining their own power position. This was certainly the case in the run up to 9/11, when the lack of open communication between CIA and FBI (on both an official and informal, personal basis), meant that information that was known and on the record was not shared.

A third problem connected with a hierarchical GSB command system is that often the situation being dealt with demands an immediate response, but the command system means that it takes a long time to transfer information to the decision-makers, who then spend time discussing the situation, and only then start issues instructions as to how to respond. This is true whether the situation is a national disaster such as Hurricane Katrina or snow blocking UK airports, or a local office complaining that the road to their warehouse is blocked, and they need to make alternative arrangements. In most cases, the most effective use of the GSB system is to devolve authority to the lowest appropriate level. In other words, if one level of decision maker has the ability to make the decision, there is nothing to be gained by having to go higher up the command chain to receive authority for that decision.

And finally…

As in all security management programmes, the success of the system lies not in drawing pretty command plans with boxes and arrows, but in ensuring that everyone involved in the operation knows what they are doing, understands what they are trying to achieve, and are able to exchange information and make decisions on an on-going basis.

The GSB command System works best when there are three criteria that are met. Firstly, that all of the groups within the system share the same basic culture and ‘risk recognition’. Every security manager knows the frustration from talking with Head Office administrators who don’t understand the seriousness or immediacy of a problem! Secondly, the different people involved in the organisation know each other on a personal basis, and are able to work together effectively for a common cause. And thirdly, that the various teams have worked together in training situations, either with table-top exercises for the team leaders and commanders, or in real-time with the different operational teams.


As soon as a security management system involves more than a single person, then a Command and Control structure will need to be in to ensure that all aspects of the security management programme are coordinated and controlled in an effective and professional manner. The Command & Control Structure should be able to manage Routine Activities, Minor Incidents and Crisis Situations, and should allow information to be passed up the command chain from front-line responds who have information on any situation and instructions to be passed down the command chain from managers who may well be located far away from the incident site. The ability to create effective command chains is at the heart of effective security management, and it is almost always the case that it is failures in command chain management that is one of the major causes of most security management failures.

DTR013 Railtrack – Complexity and Disaster

This module will take you through Case Study: Railtrack – Complexity and Disaster.

  1. Case Study: Railtrack – Complexity and Disaster

The information in this document is part of the Deltar
‘Level 4 Management Award in Advanced Risk and Crisis Management’

Case Study: Railtrack – Complexity and Disaster

One of the clearest cases of the connection between complexity and loss of organisational control was Railtrack, the company that was created after the privatisation of the railway system by the Conservative government in 1996. Formerly known as British Rail, the nature of the railway network was already extremely complex, with a high degree of inter-connectedness and mutual systems-dependency – (10,346 miles of track and signalling, 40,000 bridges and viaducts, 50 tunnels, 2,508 stations, 1500 signal boxes, 9000 level crossings). Although there were organisational problems with BR before the break-up, at least there was one organisation that was responsible for the entire system, and which had clear lines of responsibility for its maintenance and management.

After nationalisation, different section of BR were broken up into autonomous organisations, each responsible for a specific area of operations, and often developing a competetive or even adverserial relationship with other areas of operation. The trains and rolling stock were owned by three separate companies, that in turn leased them out to twenty-five different train operating companies. Railtrack owned the track, but its role was purely administrative. Responsibility for the maintenance of the track (a critical factor in the operation) was sub-contracted to other companies, which although they were then tasked with the responsibility for the maintenance of the track, in turn sub-contracted it out to other companies to actually deliver the work. Railtrack did not have its’ own engineering department, and did not have the technical knowledge within the company to oversee the maintenance work, or even to gauge whether it was being delivered effectively.

Another consequence of the break-up of BR was that rather than acting as a single entity with different divisions, each division acted in order to maximise its own profit and minimise any potential liablility. This meant that the highy critical and immensely complex network of relationships between the new companies were controlled by detailed contracts, each of which tried to micro-mange extremely complex operations. There were 224 separate legal agreements covering freight contracts, and apportioning responsibility for delays was based on 1,900 checkpoints, 204 predefined delay causes, and 1,300 delay-attribution points. Railtrack employed fifty people just to account for delays in the Southern region alone. These contractual relationships led to increasingly bitter legal actions between the various companies, which in turn led to a break down in over-all service delivery.

Although the government still held nominal responsibility for overseeing the running of Railtrack, that was equally murky, with a raft of different organisations involved in the oversight, including the Office of Passenger Rail Franchising, the Office of the Rail Regulator, Her Majesty’s Railway Inspectorate, the British Railway Board, the Rail Passengers Council, and the Transport Secretary. It will be no surprise that rather than working cooperatively and collaboratively, these government agencies often saw each other as rivals for power and influence, and spent more time trying to out-manoeuvre each other than concentrating on the actual objectives.

The consequences of this organisational complexity became tragically clear on the morning of 17th October 2000, when an Intercity train travelling at 115 miles an hour was derailed near Hatfield, with the death of four passengers and over seventy injured. Subsequent enquiries found that the cause of the derailment was the failure to repair damaged tracks, despite the fact that the damage and potential consequences were known. The official review into the incident laid the blame for the accident squarely on the lack of clear responsibility for the management of the tracks. This accident led to massive disruption of national rail services (with an estimated loss to UK businesses of £6 million per day), and ultimately caused Railtrack to go into administration in 2002.

DTR014 Maintaining Sustainable Capability

This module will take you through Maintaining Sustainable Capability.

  1. Introduction
  2. Effective Protocols
  3. Crisis Cognition
  4. From Incident to Crisis
  5. By becoming aware of a potential problem earlier rather than later in its development cycle:
  6. By being unaware of a potential problem, or by ignoring a problem you are aware of:
  7. ‘Normal Accidents’
  8. Complexity
  9. Information Transfer
  10. Clear Lines of Responsibility
  11. Regular Reviews
  12. And Finally…
  13. Summary

The information in this document is part of the Deltar
‘Level 4 Management Award in Advanced Risk and Crisis Management’


As has already been mentioned in previous sections, the secret of creating effective security management capability is to ensure that whatever programmes and protocols are introduced are not seen as one-off events, but are embedded into the organisation so that they become a natural part of its operating procedures and its organisational culture. For many security management systems, this is the hardest part of the management process. Protocols can be written, programmes designed and personnel trained, but to create organisational change is one of the hardest things for any manager to achieve, and even if they have succeeded in doing so, the natural tendency is for organisations to revert to previous practices. This module will introduce some ideas as to how security managers can self-audit their own organisation, and can identify areas where weak practices or lack of management oversight are likely to produce vulnerabilities that could allow small scale potential problems to develop into genuine problems.

Creating multi-team operational capability is not something that can be left to chance, or can be established once a crisis situation has occurred. The development of such capabilities is something that must be managed over time in a continuous cycle of learning, reviewing and improvement.

Effective Protocols

There is often a desire in security management to try and identify every possible problem, and then to introduce increasingly detailed and situation-specific protocols to try and manage those scenarios. The problem is that in any organisation, if the control systems become too intrusive and disruptive, the natural reaction is to ignore them or to switch them off. This is then not just a problem with that particular situation, but creates a culture where it is not only permissible, but is accepted practice to ignore guidelines and directives. The purpose of the security management team should always be to support the overall operations and objectives of the organisation, and though it may be tempting to introduce more and more controls, that is self-defeating in the long-run. It is better to have a few guidelines that are accepted and adhered to, rather than a whole raft of directives that are ignored.

Crisis Cognition

It is a basic rule in life that the earlier you are aware of a potential problem, the more likely you are to be able to deal with it smoothly, effectively and with the minimum of disruption to the rest of the operating network. If you allow that problem to go unmanaged, it is likely to escalate to a level where it sets alarm bells ringing, at which point the system takes notice and responds, but will often need a much higher level of intervention to deal with the situation than if it had been detected and managed earlier in the escalation cycle.

From Incident to Crisis

  • An Incident is something that happens
  • A Problem is when that incident impacts on your operation
  • A Crisis is what happens when you lack the capability to respond effectively or appropriately.

By becoming aware of a potential problem earlier rather than later in its development cycle:

  • You have more options to deal with it
  • You can respond with a lower level of intervention
  • You are safer from both a personal and organisational perspective

By being unaware of a potential problem, or by ignoring a problem you are aware of:

  • You will have less options to deal with it
  • You will need to respond with a higher level of intervention
  • You will be in greater danger from both a personal and organisational perspective

‘Normal Accidents’

In most situations, crises do not just happen. They are only the final stage in a long process of gestation and development. In most situations, the reason that a major problem occurs is not because of an outside event, but rather because there is a lack of ability to respond effectively. In almost all situations, there will have been warning signs that the conditions that will allow the crisis to develop are in place, and there are what have been called ‘Normal Accidents’ that occur on a repeated basis, which highlight the organisational weakness that is allowing those situations to occur, but which are ignored or accepted.


Many organisations are complex – that is the nature of our inter-connected world. However, it has been well-recognised that organisational complexity itself creates an increased likelihood of problems arising – or even catastrophic failure, which threatens the continued existence of an organisation. Although the issue of organisational complexity is a subject in itself, from the security managers perspective there are two clear consequences of an organisation’s over-complexity which may well (actually, undoubtedly will) create avoidable situations that have the likelihood of developing into genuine and serious problems.

Information Transfer

One of the clearest signs of harmful organisational complexity is if there are regular breakdowns in transfer of information. This can either be because the lines of communications between different sections of the organisation are ineffective, or because different sections of the organisation are unaware of the need to pass information across to other sections.

An example that many security managers might recognise is if the Business Development section creates plans to open a new office or factory in a country where there is genuine risk, whether political, social, criminal or health based. These are problems that the security department would be well aware of, and could highlight if they were part of the business development process. A Risk Analysis of any new country (or even city) should be a natural part of the business development process, but this is dependent on the working relationship between the different divisions.

A similar example would be if the HR department is responsible for booking flight tickets for travelling executives, but doesn’t inform the security department if one of the company’s managers is travelling to what could be perceived as a high-risk area. If the first time that the security department is aware of a problem is when the HR department contact them because that executive’s wife has called them because she hasn’t heard from her husband in five days, then there is clearly a breakdown in organisational communication and planning.

Clear Lines of Responsibility

One of the hidden effects of organisational complexity is that it blurs lines of responsibility. In some cases, complexity is introduced specifically to allow people to avoid individual responsibility for decisions and policies that they know to be questionable, flawed or even illegal. Many of the major incidents that hit the national headlines are a direct result of organisational over-complexity that left a vaccuum where clear responsibilty and leadership should have been. This includes the FEMA (Federal Emergency Management Agency) response to Hurricane Katrina (2005), the Japanese government’s response to the Fukushima disaster (2011), BP (British Petroleum) response to Deepwater Horizon Gulf of Mexico oil spill (2010) or G4S failure to supply security personnel to the London 2012 Olympics (2012).

Regular Reviews

One of the fundamental developments in security management since 9/11 has been the realisation that rather than something that is limited to a security department, security management should be an integral part of every aspect of an organisation’s operations and culture. In a similar way, security protocols are no longer seen as static things that are written and then forgotten, but are living documents that develop and evolve in the same way that any other part of the organisation would develop and evolve. Regular reviews of every aspect of the security management system play an important role in ensuring that security management capabilities are maintained at the highest possible level. As well as reviewing existing protocols and documentation, regular reviews also allow the security managers to develop their relationships with managers and personnel in other divisions or departments, which in turn helps facilitate the personal relationships which underpin effective security management at every level of an organisation.

And Finally…

In many ways, security management fulfils a different role from every other activity within an organisation. Whilst mistakes in most other divisions are recoverable, and can often be resolved by way of a simple apology, mistakes made in the security department can often have much more significant consequences, are not recoverable, and may, in the worst circumstances, lead to death, injury or catastrophic impacts. The responsibility of the security manager is to create the correct balance between freedom of movement and activity on the one hand, and safety and security on the other, but also to ensure that lessons are learned, mistakes rectified and the overall system strengthened and improved on an on-going and continuous basis.

Security management in its fundamental form is a simple art, but it is the ability to maintain standards, and to manage them effectively over time, that is the ultimate test of the success or otherwise of the security management system.


It is almost certain that the front page of the newspaper you brought this morning carries an example of where failures in security management have had significant impacts, and quite possibly have led to actual disasters. The likelihood is that these failures did not happen because of some catastrophic outside event, but are the result of a breakdown of what should be basic management controls. The reasons for these failures are usually predictable and well known, but have in some way been ignored or side-stepped. The issues covered in this chapter will give any security manager the ability to audit their own operations, and to identify problems that have a high likelihood of leading to significant operational failures.

DTR015 High Reliability Organisations – The New Buzz Word for Risk Management?

This module will take you through High Reliability Organisations – The New Buzz Word for Risk Management?.

  1. High Reliability Organisations – The New Buzz Word for Risk Management?

The information in this document is part of the Deltar
‘Level 4 Management Award in Advanced Risk and Crisis Management’

High Reliability Organisations – The New Buzz Word for Risk Management?

Looking back over the last thirty years of what we now call the risk management sector, it is interesting to see how different eras have been defined by different buzzwords, each of which have become the flavour of the day, before being superseded by other more current terms.

In the first instalment of an exclusive two-part series for Risk UK, David Rubens appraises the latest development: the advent of ‘High Reliability Organisations’

Whilst it may well be that this is to a certain degree the result of major management consultancies inventing new things for corporate security directors to worry about (and which, obviously, the consultancies have a high-priced solution for), it is also true that this has reflected the changing way that we have conceptualised and engaged with the whole issue of risk management.

The risk managers of the 1980’s were likely to have little if any formal training in what we now consider risk management and in fact were often hired because of the skills picked up in their previous careers, usually policing. It is no surprise that the skills that they brought to the table were therefore largely those of the policeman – securing premises with gates, fences and window locks, and investigating incidents in order to identify perpetrators. The increasing globalisation of the corporate sector meant that such a limited understanding of the role of the security director was no longer appropriate to the challenges and responsibilities that they were faced with, and so we saw the emergence of the concept of risk management, with the understanding, particularly in the post-9/11 era, that all organisations were vulnerable to situations over which they had no control, and in fact the larger and more complex the organisation, the greater the vulnerability.

Risk management thus became a focus of interest for corporate leaders in a way that security management never was, and became a subject that was considered appropriate for discussion at the C-suite level. This period could be seen as the start of the development of the professionalization of the risk management sector, linked with the emergence of academic programmes, often at Masters degree levels, that had not previously been considered relevant to the skills and capabilities associated with security management.

Given the potential catastrophic impacts of external events on corporate activities, and particularly those associated with disruption to the extended supply chains and increasingly complex support frameworks on which corporate business were established, the next stage could be described as the ‘Age of Business Continuity’. This accepted that external events would occur, but brought responsibility for the maintenance of business activities (and therefore business value) back into the hands of risk managers. The underlying objective of business continuity was to say ‘ It doesn’t matter what happens in the outside world – just make sure that we maintain operations’. To a large extent, this involved developing duplication in manufacturing, storage and management functions, so that no one component would be considered as ‘systems critical’, in that the failure of one component would lead to the failure of the overall system.

Although business continuity could be seen as a new development in terms of risk management methodology, it was still firmly grounded in classical risk management frameworks, based as they were on identification of potential fault lines, development of management responses that would either minimise the likelihood of unwanted events happening, or minimise the impact of those events if they did happen, and the imposition of those protocols through traditional management capabilities.

Such process management approaches could be considered as ‘straight line solutions’, as they could be easily captured in organisational charts that showed where excess capacity could be required, and how that could be integrated into the overall organisational management model.

The next stage in risk management development was not so much an extension of previous models, but rather the emergence of a new paradigm, in that the underlying assumptions on which they were based were fundamentally different from the systems management frameworks that had underpinned crisis management until then. The emergence of the concept of ‘resilience’ took risk management out of the process management framework of the straight line models, and into the more free-flowing unstructured world of ecological interdependencies, multiplicity of non-dependent outcomes and the understanding that the response to potentially traumatic external events was not so much to resist or defeat them, but to go with the flow, respond to the challenges of the surrounding environment, and to realise that the inability to predict or model the outcome of highly chaotic system-wide failures meant that the presumption that pre-planned solutions would be either deliverable or relevant was increasingly outmoded and unrealistic.

However, it is also clear that there are some organisations that are, by their very nature, more capable of dealing with the challenges of an unstable operating environment, and some for which the ability to create management frameworks that will maximise their ability to maintain operational capability within such chaos is not only desirable, but can be considered as absolutely critical. These have been labelled as ‘High Reliability Organisations’, and it is their ability to develop a highly successful operating framework in terms of both management protocols and a wider organisational culture that is becoming increasingly interesting to organisations that have the challenge of maintaining operational capability in the face of unstable operational environments.

The academic study of high reliability organisations has, understandably, centred on various areas of critical national infrastructure, but has also covered nuclear submarines, aircraft carriers and air traffic control systems. These systems are by their very nature highly engineered and operating with a strictly regulated management structure, but it is the realisation that it is the ability of operational managers, at every level of the organisation, to have a surprisingly large range of decision-making freedom, that will have greatest relevance for any organisation wishing to learn from their experience and example.

HRO’s are often seen as the supreme embodiment of high-design organizational micro-management, in that by their very nature they have to deliver a high (infallible) level of service delivery in what are often extremely complex operating environments, with the threat of catastrophic consequences for any failure. As such, despite the fact that they seem to offer a potential model for effective management of high-risk operations, their high-design nature has meant that they have been considered as lacking relevance to the chaotic environment of crisis management, or corporate management in general. However, a different perspective suggests that HROs are a reflection of a ‘mindfulness’ rather than a particular design approach. Under this model, the success of HROs is due to the fact that they focus on reliability rather than efficiency, and on understanding how to avoid failure rather than concentrating on what created success.

Efficiency is a quality that is management driven, and that sees subordinate functions as requiring direction, control and standardization. Reliability requires a multitude of approaches, an ability to identify faults as well as the ability to choose amongst a range of response options. The tension between efficiency and reliability is one based on design-led belief that one can design out problems (and that the world will operate in predictable ways), and operator-led models which accept that even the best designed system will need to have immediate operator input in order to respond to fluctuations in the working environment. In its purest terms, efficiency is built on the belief that ‘if designed correctly, things will work’, whilst reliability is built upon the foundational belief that ‘we’d better be ready when things go wrong’.

An organisational culture in which it has become normalised to ignore those issues that it either feels are too big to be dealt with or which would cause political embarrassment if they were acknowledged presumes a high level of ‘group think’ and a tacit agreement to ignore exactly those issues that are in greatest need of attention. In effective HROs the culture is exactly the opposite – to actively go out looking for potential problems and failure points, and to highlight and deal with them at the earliest possible stage. The defining cultural imperative in HROs is that it is the responsibility of everyone involved in the organisation to identify potential problems, and to develop solutions, before they ever have the chance to develop into actual problems. There is no shortage of examples on the front page of newspapers on a daily basis of organisations that have got that basic approach to risk management wrong – often with catastrophic consequences. These are high-impact examples of the organisational hubris that leads to the ‘drift towards failure’, and which reflect an organisational complacency that is (theoretically at least), in direct contrast to the values that underpin HROs.

The operating environments associated with HROs means that all problems are considered as unique and extremely time pressured. Operational failures are not only significant in themselves, but gain significance as indicators of organisational vulnerabilities that allowed those failures to happen. Every problem is accepted as serious, and there is an urgency to find not only a solution to the immediate problem, but to understand the causal chain that lead to that situation. In most organisations, errors are identified as local events, which do not reflect or impact on the overall operating framework. In HROs, they are seen as harbingers of potential organisational and structural weaknesses, and that ‘causal chains that produced the failure are long and wind deep inside the system’.

David Rubens will complete this 2-part series next month, with a look at how High Reliability Organisations can be developed, and what are the defining characteristics that differentiate them from other, less effective, management systems.

David Rubens MSc, CSyP, FSyI is well known across the UK security sector. He is a Board Director of the UK Security Institute, and is currently completing his Professional Doctorate at the University of Portsmouth, where his research has focussed on strategic management and critical decision-making in complex crisis environments.

DTR016 High Reliability Organisations: A Model for Highly Effective Risk Management and Decision Making

This module will take you through High Reliability Organisations: A Model for Highly Effective Risk Management and Decision Making.

  1. High Reliability Organisations: A Model for Highly Effective Risk Management and Decision Making

The information in this document is part of the Deltar
‘Level 4 Management Award in Advanced Risk and Crisis Management’

High Reliability Organisations: A Model for Highly Effective Risk Management and Decision Making

In Part 1 of this series, published in the December 2015 edition of Risk UK, David Rubens discussed the advent of the concept of High Reliability Organisations. In this issue he discusses their value as a model for wider risk management practice.

It is often claimed that the causes of crisis management failures are embedded in the increasing complexity of a highly networked and interconnected world, in which it is impossible to model the cascading consequences of tightly inter-dependent systems. It might in turn be assumed that the frameworks that have been developed on a ‘steady state’ basis to manage risk, evolving and adapting in order to meet the challenges of each new generation, have been superseded by the almost inconceivably rapid development in 21st century risk environments, whether they are political, financial, social, environmental or any of the other myriad contexts within which risk management is expected to operate. Whether we are concerned with international financial systems, climate change or critical national infrastructure, in the face of such complexity we might conclude that we are no more than hostages to fortune as we wait the next major incident that, if unmanaged, could lead to catastrophic systems failures that will have multiple trans-jurisdictional consequences beyond our capabilities to either model or manage.

While it is certainly true that such situations exist, it is also the case that many, if not all, of the major catastrophic events that define risk management at the cutting edge of our personal, professional and organisational capabilities to deal with it, are highly predictable, both in terms of the way in which they develop, mature and finally are triggered, and in the reasons for our failures to deal with them. One only has to look at the front pages of any newspaper to see examples of risk management failures leading to major harmful impacts which, rather than having extreme and unpredictable causes, are actually the inevitable results of conscious decisions made by people who had all of the information necessary in order to understand the consequences of their actions.

These may be major financial institutions accepting hundreds of millions or even billions of pounds in fines as merely part of the cost of doing business; repeated flooding at increasingly unprecedented levels that continue to overwhelm the defence systems that have been built specifically to prevent them; the collapse of social care in terms of old people’s homes, child care, mental health facilities or merely the ability to support those that have fallen through the gaps in our social networks; or the ability of international rescue teams to operate in the chaotic environments associated with emergency response. In each case, the causes of those failings are in the management systems that are supposed to deal with exactly those challenges, rather than in the external environment over which we have neither influence nor control. However, such failures are not inevitable or unavoidable, and in fact can be directly linked to decisions made by those in authority concerning the development or otherwise of effective management procedures.

From a High Reliability Organisation perspective, the causes of those failings are both clear and unacceptable. HROs are those organisations in which failure is not an option. These include critical national infrastructure, national air traffic control systems, nuclear submarines, aircraft carriers and other similar extremely technical, highly-engineered systems that require the highest level of management and oversight at every stage of their operation. Like so many supposedly sophisticated systems, the fundamental beliefs that support them are extremely simple, and can even be encapsulated in two succinct belief systems.

The first is that the development of HRO is not based on highly technical manuals (though they exist) or highly detailed response options (though they also exist), but is rather the reflection of an attitude or state of mind. The state of mind is not ‘We have a programme that will allow us to succeed’, but rather ‘We will not fail’. It is the commitment to erase the possibility of failure that distinguishes the HRO from other organisations that are focussed on developing the tools for success – tools which are demonstrably fallacious in both their assumptions and the ability of the organisation to implement and manage them effectively.

The second belief system that runs through every aspect of an HRO is personal responsibility. Everyone is responsible for ensuring that their aspect of the operation is run in such a way as to exclude the possibility of failure. What is more, part of that responsibility is the requirement to continuously pressure test their own systems, to consciously search for potential failure points and then, having identified them, to ensure that they are either monitored, controlled or eradicated. HROs are extremely sensitive to anything that can be seen as a potential problem, and all such potential problems are considered as critical issues. This is because not only are they considered as problems in their own right, but also that they are indicators of management problems that go deeper, and that need to be considered, analysed and responded to on a tactical and strategic level rather than merely as single, isolated events.

If one was to offer a third basic principle of HROs, it would be that the entire system is designed to support and encourage people to find problems. The issues with many catastrophic failures, whether it was NASA space launches, preparations for Hurricane Katrina or the Fukushima TEPCO nuclear power failure, or any events of which readers of this article may have first-hand knowledge, the causes of the problem were widely known, but the organisational culture was one in which not only were such subjects not discussed, it was politically unacceptable to do so.

One of the founding academic studies of HROs (2) identified five characteristics that differentiated them from other organisations. They were:

  • Preoccupation with failure (in which the possibility of failure is examined at every stage of an operation on a pro-active basis)
  • Reluctance to simplify interpretations (so that the inherent complexity of problems, and potential solutions, are accepted as part of the problem-solving process)
  • Sensitivity to operations (in which there is the realisation that solutions are only effective if they work within the realities of the operating environment, rather merely existing as paper-based options)
  • Commitment to resilience (in that resilience, and the ability to adapt to the widest possible range of challenging environments, is considered as a critical function in any operational plan)
  • Under-specification of structures (which means that individuals and teams have the freedom to develop their own working relationships, rather than being forced to adhere to pre-set organisational restrictions).

It is perhaps paradoxical that it is in exactly the highest-engineered organisations on the planet, such as nuclear power stations or nuclear submarines, that those at the bottom of the command chain are specifically empowered to take critical decisions. However, it is exactly this approach that prevents the ‘wishful thinking’ approach to managing complex operations and environments that lead to inevitable errors. Once that culture is destroyed, and the ‘deference to expertise’ is replaced by political decision making, the inevitable result is that, as in the run-up to the Challenger Space Shuttle disaster, the attempt to maintain the illusion that everything was OK, meant that ‘It did things that were actually stupid’, or as in Three Mile Island, the US’s most serious nuclear disaster, it was found that time and again warnings were ignored, unnecessary risks taken, sloppy work done, and a culture of deception and cover-up were embedded at the heart of the senior management structure.

The simple truth is that the reasons for failures are well known. They do not just happen, but they are often the result of smart people taking bad decisions, and maintaining those decisions over time until they become an integral part of the culture of that organisation. If high reliability values are to be introduced into organisations, then it is the responsibility of the management to create a culture where such values are not only accepted, but are considered to set the foundations for everything else that might follow.

DTR017 Resilience:The Keystone Quality

This module will take you through Resilience:The Keystone Quality.

  1. Resilience : The Keystone Quality

The information in this document is part of the Deltar
‘Level 4 Management Award in Advanced Risk and Crisis Management’

Resilience – The Keystone Quality

Keystone:The wedge-shaped stone piece at the apex of a masonry vault or arch, which is the final piece placed during construction and locks all the stones into position, allowing the arch to bear weight

Resilience is a word that has become fundamental to many aspects of our society outside of traditional security and risk management. Transport systems need to be resilient, as do supply chains. Whole economies need to be resilient, as does technology or football teams that are on a losing streak. It seems that everyone agrees that resilience is a quality that is really good to have – but there seems to be little understanding of what that actually means – and even less understanding of what you need to do to ensure that you have it.

As with so many words that are thrown around as ‘buzz words of the day’, many of the people using it would have difficulty in explaining it, though they know what they think they mean when they use it. In its simplest terms, resilience is used to denote the quality of being able to adapt to changes in the surrounding environment, and to maintain operational functionality in sub-prime conditions. It also includes the ability to recover, and return to its normal operating position without permanent harm. A rubber ball is resilient – a china plate is not. To use a phrase made famous by Iain Dowie, ex-manager of Crystal Palace, resilience is the quality of ‘bouncebackability’.

From a risk management perspective, resilience is perhaps the all-embracing quality that you would like to see in your organisation. It means that you are able to adapt and respond, to continue to operate, to deal with problems effectively, and at the end of the day to come through the storm to safe waters on the other side of the crisis. If the one quality that Napoleon wanted in his generals was that they should be lucky, then the one quality that we should look for in organisations is that they should be resilient.

There have been many books and articles written on the qualities associated with resilience, but the qualities that are widely used when describing how an organisation can become resilient usually refer to the ones listed by the Resilience Multidisciplinary Centre for Earthquake Engineering Research (MCEER).

They are

  • Robustness
  • Resourcefulness
  • Redundancy and
  • Rapidity

Robustnessdescribes the general toughness of an organisation, its preparedness to take a bit of pain, the way that it understands that things will not always be smooth or easy, and its acceptance that the ability to roll with the punches is all part of building its success. There are many great footballers and rugby players who are considered to be at the top of the tree in terms of skill but their managers are always concerned that they are not ‘robust’. They tend to get injured, and small injuries tend to disrupt their availability. Other players with less skill would be considered much more robust, able to play week in, week out, with all of the minor aches and pains that are part and parcel of a professional sportsman’s life.

Resourcefulnessdescribes the quality of being able to find solutions, to work things out, to make things happen. Resourcefulness is a quality that needs to be embedded at every level of an operation, from the C-Suite to the frontline operator. Anyone who has been involved in security operations, and especially those that are moving towards emergency response, knows that resourcefulness is something that is absolutely critical to operating in the fast moving, high pressure environment associated with any sort of crisis. However good your planning and preparation may have been, once the situation takes on a life of its own, it is the ability of everyone involved to find innovative solutions to immediate problems that will decide the success of the response operations or otherwise, whether it is the tactical commander, logistical manager, communications engineer, lighting technician or the person responsible for ensuring that there is food and coffee available for those that need it.

Redundancyis the quality that allows the organization to continuing functioning despite the failure of any particular part of the operation. Redundancy (spare capacity) is one of the critical aspects of organizational management that ensures that critical failure points have multiple alternative delivery pathways that will allow operational status and service delivery to be maintained. It is a surprising aspect of many emergency plans that they are actually full of ‘single path critical failure points’, which means that if one aspect of the operation fails, then the operation itself becomes non-viable.

Rapidityis the ability of the organization to adapt to changing circumstances in a speedy manner, developing innovative solutions and integrating them into their wider operating framework so as to minimize any potential disruption. It is always amazing to see how organisations that are considered world class In their core areas of operation have a genuine lack of understanding as to how crisis events escalate, and the demands that that will make on their organization. The ability to acknowledge problems as early as possible in their development cycle, and then to develop solutions that can be delivered as fast as possible in order to minimise disruption and harm, is crucial to ‘getting ahead of the curve’ in crisis management, rather than responding once events have moved on.

A further quality associated with successful response is Community Capital.That involves all aspects of interaction between the various people involved in a response, and presumes that if they have already met each other, recognise each other as dedicated and capable professionals and have a good working relationship, then the likelihood is that they will manage the response together better than if they either have never met each other before, or come to the situation with an active distrust of the other. Community capital can be developed in many ways – shared training programmes, cultural events, charity activities or a shared dining room, but as always, it is something that can be enhanced through active management policies, based on a clear understanding of the value that shared experience brings.

A good case study of a successful emergency management operation that undoubtedly benefitted from the strong community capital was the Fort Worth tornado in Texas in 2000. Although not a spectacular event, it caused significant damage in the area, but the fact that the directors of the various response agencies knew each other through local clubs, and had a social relationship, underpinned everything else that happened. Because they were in a relatively small town, the different agencies worked with each on a regular basis, and they liked and respected each other. As one person commented ‘It was so nice to pick up the phone and say ‘I need 500 mats’ and they say ‘When and where do you want them?’.

The truth about resilience is that it is a reflection of what an organisation is rather than of what it does. Resilience cannot be added on as an after-thought, or left to one particular department to be responsible for its development and management. However good your crisis and risk management plans may be, it is their ability to survive in the challenging and unstable environment that is intrinsic to any crisis event that it their true test of value.

David Rubens MSc, CSyP, FSyI is a risk management consultant specialising in situations involving high levels of complexity and coordination. He is a Main Board Director of the Security Institute. He can be contacted at

management solutions

DTR018 Adding Value

This module will take you through Adding Value.

  1. Introduction
  2. Cost or Investment?
  3. Business Manager
  4. Competitive Advantage
  5. Subject Matter Expertise
  6. Proactive Risk Management
  7. Crisis Management
  8. Business Continuity
  9. Education and Training
  10. Point of Contact
  11. Summary
  12. Main Points

The information in this document is part of the Deltar
‘Level 4 Management Award in Advanced Risk and Crisis Management’


As should already be clear from the previous sections of this module, for security management to be truly effective it should be embedded into the very heart of an organisation, intricately connected with every aspect of its’ operations and general management culture. However, the truth is that in many, if not most, organisations security management lacks the status of other aspects of the organisations management processes, and in many ways is seen as being something that can be considered once a year at an annual review.

There are a number of reasons why that happens, which will be touched upon in this section, but it is certainly the case that the way that security management represents itself often causes it to be seen as a ‘poor cousin’, one lacking the status and respect that it deserves. In many organisations, security managers are seen as being involved with operational matters, rather than strategic decision makers. As such, they are considered in the same group as facility managers, fleet hire managers and other members of the ‘back room staff’. If security management is to be given the central role that we believe it should, then security managers in turn must make sure that they have the skills and capabilities that will allow them to fulfil that role in an effective and appropriate manner.

Cost or Investment?

One of the fundamental reasons that security is not given the place it merits at the directors boardroom is that rather than being seen as ‘adding value’ to an organisation, it is considered to be a ‘non-productive cost’, which in turn causes it to become a ‘grudging spend’, rather than a well-supported investment. Security management is undoubtedly spend-driven – there is a need for a high level of technology, whether CCTV (Closed Circuit Television), fencing, lighting, control rooms, vehicles, personnel, etc, which needs to be both maintained and upgraded on a regular basis.

However, there is also a case that could be made that effective security management can rationalise the security management programme, and especially in a larger organisation where security functions are spread across different sites, and can find effective cost savings without compromising security. In many cases, there is a business case to be made that by upgrading and taking advantage of newer technology, real savings can be made across the organisations’ security spend.

Business Manager

The power of the above argument demonstrates another basic truth about the modern security manager – he or she is a Business Manager of a significant division within the organisation, and therefore should be able to bring all of the skills to the business management aspect of their role as would the equivalent head of any other division. This should be reflected in the language used to describe the value of the security division to the organisation, the way that it is presented and the supporting material that is produced.

Competitive Advantage

In many situations, security management is seen as a business inhibitor rather than an opportunity enabler. For many people within the organisation, the only contact they have with the security operation is when they arrive in the building in the morning, or have a problem with their pass card. However on a wider perspective, the security management programme should be a business enabler, allowing the organisation to gain a competitive advantage over its competitors. This may be because they can gain ‘First Mover Advantage’ by expanding into new markets where their competitors cannot – this is especially true in what might be seen as high risk areas that could be an inhibitor to business development by organisations with less well-developed security management capabilities.

Subject Matter Expertise

The Security Manager’s role has traditionally seen to have been relatively unskilled when compared to the level of professional capability expected from the heads of the finance division, business development division, marketing and branding division, etc. This is a hangover from the era when security managers were traditionally hired on the basis of their previous police experience, and the function that they fulfilled was often little more than in-house policeman. However, that has been changing over the last ten years, and there are now a wide range of professional and academic security management training programmes available. If the security manager is to achieve the same status as comparable managers in other divisions, it is necessary for them to show that they are able to bring the same level of expertise and professional development as their equivalents would. The security manager should expect to be the point of reference for all issues relating to security within the organisation, whether it is personal, as in foreign travel, operational, as in day to day management of security operations, or strategic, as in contributing to the organisation’s continued growth and development.

Proactive Risk Management

Whilst a large part of a security manager’s function will naturally be involved with managing the routine tasks associated with the security team, it is also necessary for them to become part of the ‘Over the Horizon’ thinking that is an essential part of any strategic management project. The nature of the present world means that the risks and threats facing any organisation are radically different than those that would have been faced in previous generations. Whether it is natural disasters, technological breakdowns, political upheavals or the ‘unknown unknowns’ that could strike at any time, the role of the security manager is to bring these threats to the attention of strategic decision makers, and to ensure that appropriate risk management procedures are in place.

Crisis Management

In the event that a genuine crisis does occur, it will be the security team that will be expected to draw up immediate response plans, to explain those to the rest of the organisation, and to take responsibility for the delivery and management of those programmes in order to realise a successful conclusion to the situation. The success or otherwise of such solutions will depend on the development of previous crisis management palns that will allow appropriate options to be created and managed in the face of high-pressure, potential catastrophic losses, breakdowns in normal communication and lines of command, and possible total disruption of normal operating capabilities. Crisis management capability is something that is developed , maintained and improved over time, through training, exercises and a high level of personal connection between the significant take-holders within an organisation. This is one area where the competent security manager can demonstrate real value to an organisation.

Business Continuity

One of the clearest aspects of a security manager’s function in relation to crisis management is to ensure that the organisation has the capability to maintain viable functionality even at the time of greatest disruption. Although this is not limited to the security management team, and will require genuine multi-division collaboration, it should be a function of the security managers to contribute their specialist expertise in terms of risk management, contingency planning and general project leadership. BCM (Business Continuity Management) is widely recognised as being a significant indicator as to the general level of effective organisational management, and is one place where the security management team can rightfully claim to have a level of expertise unmatched in any other division in the company.

Education and Training

Given that security awareness is something that should be an integral part of every aspect of an organisation’s operations, it is clear that the security division has a role to play in developing both the appropriate corporate culture as well as specific skills and capabilities. It is the security manager’s responsibility to ensure that everyone within the organisation is aware of their security role, how they can contribute to general organisational safety, and what specific steps should be taken in the event that potential threats are detected or actual incidents occur. Whilst it is easy for these up-skilling programmes to become tick box exercises, if they are seen as genuinely contributing to the development of a more effective organisation, then they will be valued as an integral part of the organisation’s on-going corporate development process.

Point of Contact

As well as proactively raising the role of the security division, an effective security manager will develop the relationship with other divisions that will allow them to approach the security team for advice and guidance in areas where otherwise they might just have made a best guess and carried on. To a large extent it is a sign of a successful security management system if managers from other divisions feel comfortable about dropping in to have a chat.


You have now completed the first, Introductory Module of this programme. Rather than giving detailed analysis of the specific skills that are an integral part of an effective Security Manager’s portfolio, which will be covered in the following modules, the purpose of this module was to give you a basic understanding of the fundamental concepts that are the foundation of any security management programme.

The concepts covered here will come up time and again in the rest of the course material, often within different contexts or with slightly different labels. However, if you understand the relationship between risk and security, understand how to create an effective command structure, can interact with the other divisions within the organisation, and perhaps most of all, can clearly demonstrate the added value that you bring to any organisation that you might be associated with, then you can be confident that you will be able to play a full part in creating an effective security management system that will provide the appropriate level of protection for the people, assets and operations in your company.

It may well be that as you go through this course there might be specific areas that take your interest. It could be in risk analysis, security auditing, overseas development, facilities management or crisis management. Whatever it might be, it is the duty of the modern Security Manager to be able to offer a level of knowledge, experience and professional capability that will be at least equal to the equivalent experts in every other division of the organisation. Your future path starts here. Enjoy, and Bon Voyage…..

Main Points

  • In order to add value to the overall organisational management structure, the security manager must have the same level of personal and professional capabilities as any other senior manager of equivalent division.
  • To make an effective contribution to the organisation’s security and long-term success, the security manager should be seen as part of the strategic decision-making process, rather than ‘merely’ as part of the back-room support staff.
  • In order to be valued, the security manager should be able to demonstrate that they are adding to organisational capability and competitiveness, rather than being an unproductive cost.
  • Security managers should be valued for the level of subject matter expertise that they offer, in the same way that the managers of other business divisions would be.
  • Security managers should be seen as making a contribution to the success of every other division within the organisation, rather than being isolated as a separate, and relatively unimportant, adjunct to the organisation.

DTE022 Are You Crisis Ready? A Ten Point Checklist

How Crisis Ready Are You? A Ten-Point Check-List

A coach of the German football was once asked what made the team so successful at winning competitions. He replied that to do well in the first half of the competition you needed energy and desire, but to do well in the second half you needed technique and discipline. It is similar in developing effective risk, resilience and crisis management capabilities. There certainly needs to be support and buy-in at every level of the organisation, from the car-park attendants and toilet cleaners through the general staff and the team leaders, all the way to the divisional directors and the chief executive officer, but there also needs to be the technical skills that will allow the organisation to understand its own capabilities, identify its weaknesses, and create an on-going culture of risk management that will allow it to become a truly resilient organisation. The ten points on the checklist below can be used as a quick guide in assessing how mature the organisation’s risk management culture is, and how strong (if at all) the underlying risk management foundations are.

Point 1: Risk Sensitivity

The first point that needs to ask is how mature an organisation is in terms of recognising and acknowledging risk. Just as a teenager will do things that are clearly (at least to older, wider eyes) foolish and potentially injurious, but they will nevertheless completely ignore anyone who tries to tell them that, so many organisations have an attitude towards risk that is clearly atleast to an outside observer, potentially harmful.If the overall approach to risk is one of wilful ignorance and an inability to discuss it in a meaningful way, then there is little else that can be done.

Point 2: Time Gap Management

There are two time gaps that are critical in assessing the ability to manage a crisis.The first is the time that it takes from a potential or actual crisis to be triggered, and the organisation to recognise it as such and then start to do something about it. Most organisations will spend a significant amount of time and effort trying to pretend that there isn’t a crisis, during which time the crisis itself is developing, growing and becoming more destructive. The second time gap is the time it takes between the organisation acknowledging the crisis and then having the ability to respond in a way that will actually impact on the external event as well as increasing the organisation’s chance to either manage it or, if it has got to that stage, survive it.

Point 3: Development of Crisis Management Team (CMT)

The ability to put together a crisis management team that can take control of the situation at the very start of the actual or potential crisis is a significant issue for any organisation. Crises are, by their very nature, rare events, and if the people involved in the CMT are not aware of their roles, have not practiced them or do not
understand the specific challenges associated with crisis management, then it is almost certain that the crisis management process itself will fail, and that within a very short time it will be the management failure that becomes the focus of attention as well as the actual crisis itself.

Point 4: Information Overload – Creating a Common Operating Picture

The problems in crises is not that there is not enough information, but that there is an overload of information, much of which will be partial, muddled, contradictory and without any context that can give it an overall meaning, all of which needs to be assessed and judged as to its veracity, its relevance, and its place in the overall picture.

The single issue that emerges in all post-crisis reviews is that the information management system was overwhelmed within the first few minutes, and that that in itself became a critical issue in the development of an effective and meaningful response.

The presence of a team that can sort that information, and pass it on in a structured form to the decision-makers , creating a Common Operating Picture that can be shared by all stake-holders, will be a critical step in creating an effective crisis management response.

Point 5: Interoperability

Any crisis response is going to involve a multiple of response teams, both internal and external, formal and informal, and it is the ability to create immediate working relationships with all of those teams that will set the foundation for an effective multi-agency response.

All crisis response operations will be made up of a mixture of command and control, coordination, collaboration and cooperation, and it is the ability to understand the differences between these relationships, and to make them work in the pressures and challenges of an actual crisis response, that will allow the different teams to develop effective working practices.

Point 6: Distant Management

Although many organisation talk about ‘empowerment, and ‘decision-making autonomy’, once an actual major incident occurs, the natural reaction of most organisations is to try and control decision making. They do this by bringing decision-making authority back to the centre (the headquarters), and restricting it to a few chosen people, without whose authorisation nothing can be done. Although it is easy to understand why an organisation does this, that does not justify it. In fact, the desire to take decision-making authority away from the people who are actually involved in the management of the situation s one of the chief cause of response breakdown.

The basic rule is, that the further away the person making the decisions is from the scene of the event, the more time it will take for responses to be developed, the less effective they will be, and the greater the impact on the actual response operation.

Point 7: ‘Support and Adapt, not ‘Command and Control’

The use of the phrase ‘Command and Control’ presupposes a traditional, military-style centralised, hierarchical command-based management system. Although this may be effective in the highly disciplined and well-trained environments within which a military operation will be operating, it does not reflect the reality of the more chaotic and less well-structured response frameworks that most emergency and crisis management operations are dealing with. The truth is that most response teams on the ground do not need a hierarchical command system to tell them what to do – it is clear to them from their own assessment as to what needs to be done. The role of the management system then is to understand what is needed, and to ensure that the necessary supplies, man-power and other resources are provided so as to enable the response teams to manage their own operations as effectively as possible.

Point 8: Developing a Common Operating Picture

All emergency response operations are complex, and involve high levels of interaction of multiple teams at different areas of the operation, all operating at extreme levels of stress on both an immediate and long-term basis. One of the critical responsibilities of the strategic management team is to ensure, a s much as possible, that there is a Common Operating Picture, that is, that as many people as possible involved in all aspects of the operation are sharing as much information as possible. This aspect of ‘information exchange’ and ‘information sharing’ means that all of the different teams and agencies are able to feel themselves as being part of a unified response operation that is working together to achieve a common goal, rather than each team working in isolation, with little if any understanding of what else is happening around them in the wider response context.

Point 9: Protecting Reputation: Managing the Message

In the modern world, there is no such thing as a ‘private incident’. Any incident that affects people or impacts on them in some way, can be considered as potentially global in the nature of the media coverage it can attract, both from traditional news sources – television and newspapers – and modern – social media in its various forms. The ability to manage that message, and to use it to protect an organisation’s reputation, is a critical part of any crisis response operation.

Recent examples that have hit the headlines, and from wildly different events, include the failure of the local council in north London to response effectively or appropriately to the Grenfell Tower fire disaster, the failure of British Airways to respond effectively when the failure of its ticket-booking system led to the disruption of hundreds of flights worldwide (and which they initially blamed on a minor power failure), and the catastrophic response of United Airlines when two security staff were filed dragging a passenger of one of its planes after they had over-booked the seats. The fact that the mobile-phone footage on the United Airlines incident went viral (together with the failure of the CEO to respond effectively), led to United losing $900 million in two days from their share price.

Social media is a powerful tool that can allow an organisation to be in the best position to manage and influence the response to any incident it is involved in, but just as with any aspect of emergency response and crisis management, that capability cannot be created in the middle of an actual crisis event. The ability to plan and for and prepare the organisation to make the maximum use of social media in order to protect its own reputation and brand value is one of the critical aspects of any modern crisis response framework.

Point 10: Effective CM Capabilities are Dependent on Sustained Support from the C-Suite

As important as the individual skills are, it is the corporate risk attitude and culture that will have the greatest impact on the ability of the organisation to identify potential crises at the earliest opportunity, to respond in a timely and appropriate manner, and to embody the concepts of organisational resilience that will allow the speediest recovery in the post-crisis period.

Real crisis management does not start when a crisis is discovered, but is an embodied value intrinsic to every aspect of an effective organisation’s operation.

Point 11

Point 12

Although it is nice to make lists, and it gives us a feeling that we can bring some sort of order and coherence to what is often a chaotic and incoherent reality, these ten points are only a guideline to what could more appropriately be considered as a corporate attitude or ethos.

As you may have noticed, we have left two points blank. That is because there are a whole load of possibilities that we could put in there, but it is up to each person and each organisation to decide for themselves what other points should be in there.

We put this tenth point in as the last one, because we consider it to be the killer argument,the one that we want our audience to remember at the end of our presentation to the Executive Committee, that they will carry with them, and which – hopefully – they can then use to support the development of an on-going, organisational capability development programme.

Some possibilities for Points 10 and 11….

    • Crisis management doesn’t start once a crisis event occurs – it is a reflection of our organisational DNA, who we are and everything that we do
    • We should be a learning organisation. Take advantage of near misses!
    • The role of the crisis management team to not simply to manage a crisis, but to ensure that every part of the organisation understands their role in contributing to and supporting an effective crisis management response.
    • Crisis management is important – take it seriously!

Deltar Training Solutions

Deltar Training Solutions runs a range of specialist risk and crisis management training programmes around the world, including three-day Level 4 Management Awards in Strategic Risk and Crisis Management, and a 12-month distance-learning Level 6 Diploma in Strategic Risk and Crisis Management. Both qualifications are accredited through Ofqual, the UK government’s registry of qualifications.

Dr David Rubens DSyRM, CSyP, FSyI is widely recognised as one of the leading authorities in strategic risk and crisis management, having worked at the highest level of academia, corporate and government risk and crisis management programmes. He currently runs the Deltar Training programmes around the world.

Deltar Training Solutions
Email :

DTE023 The Grenfell Tower Management Response

The Grenfell Tower tragedy has been described as a unique event, unparalleled in modern London history in terms of the scope and scale of its tragic impact. But whilst the uniqueness of the event might explain the multiple failures at every level to respond in a timely, appropriate and effective manner, both to the immediate event and to the management of its aftermath, it does not excuse them.

The Grenfell Tower fire was exactly the sort of complex, high-impact, multi-jurisdictional event that crisis management procedures have been developed to handle, and to give responding agencies, including local councils a framework and a guideline that could be used to prepare for, and then respond to exactly such an incident.

Whilst this paper is based on information in the public sphere, and therefore is not privy to decisions that have been made in private and behind closed doors, there is enough information available to build a strong picture of what did and did not happen in the immediate aftermath of the fire, and to identify significant failures in the management processes that were directly linked to the organisational failures that became a critical and central part of the disaster itself.

The Nature of a Crisis

A crisis, as opposed to a major incident or a routine emergency, is by its very nature something that falls outside of normal management frameworks, and which because of its scope, scale and impact goes beyond the capabilities of normative response frameworks to respond to it.

Just as a person will freeze when faced with a sudden and unexpected situation which is beyond their capacity to comprehend, so will an organisation. It is for this reason that there should be a series of automated processes associated with the initial response to a crisis event that will mean that the organisation can maintain critical functionality even when the situation itself can seem overwhelming.

One aspect of a crisis that should not have been an issue with the Grenfell Tower is whether or not a crisis situation existed. In many cases, such as the Kings Cross Fire, one of the causative factors was the disinclination of the management of the station to recognise the fire as a major incident, and to put in place the necessary response measures that would have allowed it to be managed in a more effective manner – which in itself would have had a significant impact on minimising the loss of life. In the Grenfell Tower fire that was not an issue, and it should have been clear to the local council management that this was a crisis that required the immediate initiation of a strategic multi-agency crisis management framework at the highest level.

Crises are, by their very nature, rare events. Therefore, it is always likely that crises are going to challenge management frameworks beyond what they are used to or capable of. For this reason, it is important that organisations prepare themselves to deal with the organisational and emotional impact of responding to a crisis by ‘normalising’ that process through repeated practice, and the utilisation of the opportunities thrown up by the real world to trigger at least the initial stages of a crisis response capability. This is the doctrine that has been at the heart of the success of both the national COBR crisis management framework, and the London Resilience crisis management framework that has underpinned London’s crisis management capabilities. Both organisations recognise the value of being an ‘all hazard’ response mechanism that can utilise frequent potential incidents and ‘near misses’ to practice their moves in as realistic a setting as possible.Whilst the Grenfell Tower fire may have been unique, the necessity to respond to it was not, and an initial question would be as to how ready the council was to respond to exactly such an incident with an effective utilisation of the full range of crisis management frameworks and stakeholders.

Sense-Making – What Has Happened?

It is a truism of crisis management that the first question that needs to be asked is not ‘What shall we do’, but rather ‘What has just happened’? In the Grenfell Tower, that became almost immediately clear, but what was not clear was what the implications of that situation were. However, within the earliest stages of responding to the situation, it should have become apparent that this was a significant event that was going to have a long-term impact on the lives of the residents of the tower block as well as the surrounding community.

Even though the final scale of the tragedy may have been unknown, there should have been an understanding as a result of the first information that came in, that it would require significant levels of resources from multiple agencies, both formal and informal, to create an effective response mechanism. From that perspective, it should have been clear that as well as responding directly, it would have been the responsibility of the local council to put in place a coordination framework that would have acted as the central focus point of the local response operation, that would have been run as a ‘coordination centre’ rather than a ’command and control centre’, which would have been more appropriate to the response to the actual fire rather the management of the community response.

Lack of Management Capability

From a classical crisis management perspective, it can be predicted that when an actual crisis situation does occur, there will be three significant shortages – of manpower, resources and, perhaps most critically, management capability. The simple reason for this is that there is usually not enough manpower to manage even normal operational activities, so there is no spare capacity in terms of personnel that can be utilised to manage the crisis event. From a resource perspective, there is never enough spare capacity to prepare for the full range of potential crisis events, so there is a lack of necessary supplies, whether basic (food, bedding, accommodation) or specialist (decontamination units, search and rescue equipment, communications systems). Finally, from a management perspective, most managers are exactly that, people tasked with managing the procedures and protocols associated with their management roles, but who have not been given the training or preparation that would have enabled them to take an appropriate leadership role when faced the sudden and potentially catastrophic challenges associated with a full-blown crisis event.

Establishing the Crisis Management Team (CMT)

Any crisis is, by its very nature, complex and multi-dimensional. It requires the establishment of a management framework that will allow the multiple teams associated with the immediate and longer-term response operations to share information, develop plans and identify needs on an on-going and collaborative basis.

There is a well-established protocol for the establishment of such a team, and it would be expected that this would have been a central part of the crisis management capability development process covered in various training, exercising and validation processes.

Each member of the CMT would themselves been connected to their own networks, which would allow the speedy and effective collation of information, supporting the development of a Common Operating Picture (COP), which in turn would have allowed a cohesive, integrated response plan to be developed and put into play, recognising that, at least in the early stages, the information itself would have been partial, unverified and rapidly changing.

The establishment of the CMT at the earliest stage of the crisis would not only have allowed the highest level of effective management of information during the critical first few hours, but would also have demonstrated that the council leadership was able to assume the responsibility that was expected of them, and could take the leadership role that would have allowed many of the other aspects of the response operation to be managed in a timely and effective manner.

Given the nature and scale of the disaster, it became clear that rather than the council providing the necessary resources to support the immediate victims of the fire, the surrounding community would become the immediate first responders in terms of offering comfort, shelter, support and physical amenities such as food, clothing, and other support services. This is something that could and should have been expected, but once the level of community support that was being offered became apparent, then it was the role of the council to become the coordinating agency that would allow the most effective utilisation of the overwhelming level of support that was being offered, by every section of the community.

The fact that such support was not given, and the ability of the community to respond immediately and in overwhelming levels was not met with the same level of agility, adaptability and initiative by the local council, in itself became the central story within hours of the incident itself.


It is almost always said of crisis events that they are complex, chaotic, and with no clear solutions, or even a clear understanding of the basic problems. This cannot be an excuse for systemic failures across an organisation, and especially at the leadership levels. It is precisely those qualities that define a crisis, and the fact that the council as a whole and the leadership on an individual basis, seemed to have little or no understanding of what their role should be, never mind as to how to manage those roles, is in itself a damning indictment of their capabilities, and their attitude to their responsibilities.

In fact, the challenges facing the leadership in the first few hours were exactly those that they should have expected to be facing, and should have been able to respond to in an effective manner.

Those challenges included

  • Time pressure
  • Rapid escalation of the event
  • Lack of information
  • The fact that the event and its consequences went beyond any plans that were currently in place
  • There was a necessity to make immediate decisions
  • There was potential catastrophic consequences to those decisions, whatever way they had made them.

Community Relations

It is an integral part of a crisis of this nature that there will be a high level of personal disruption and dislocation amongst survivors, as well as those who were not caught up in the initial event, but were affected by its impacts as they rippled out across the community. There are also those within the wider community who are affected by physically and psychologically, and who also require the support of the formal response agencies.

It is a truism of emergency response of this nature that it is the people who live in the community who are the community, and it is the role of the support teams to actually support them. In reality, in the event that there is a breakdown in trust, as often happens when the initial response is not managed effectively, then the whole relationship can become defined though a worsening spiral of mistrust, alienation, aggression and then active opposition.

Whilst it is true that such antipathy is often based upon decades of perceived injustice and alienation, the crisis event itself, if managed properly, is an opportunity for the community to come together under a unifying leadership. As stark examples of both the dangers and the opportunities associated with crisis leadership, President George W Bush, in the aftermath of Hurricane Katrina, was an example of a leader who was clearly out of touch with the realities on the ground. However, Mayor Michael Bloomberg, following Hurricane Irene in New York, was able to become both a spokesman and a symbol of the unity of the city, and created a feeling that, in this case at least, they were ‘all in it together’.

Crisis Management Preparation

The role of the crisis managers is not only to offer leadership during a crisis, but to ensure that all aspects of the organisation have an understanding of the challenges of crisis management and have the necessary skills and capabilities to respond effectively as part of a multi-agency crisis management operation on personal, team and organisational levels. Given the failures of the council to respond effectively from the very first moments of the crisis, it is relevant to ask what preparation they had been through, what scenarios they had practiced, and what training and exercising they had received in order to prepare themselves for that task.

The Civil Contingencies Act 2004 lays out seven duties that local authorities have in terms of emergency preparedness.
These include:

  • To cooperate with other local responders to enhance coordination and efficiency
  • Ensure information is shared with other local responders to enhance coordination
  • Carry out risk assessments
  • Have emergency plans in place
  • Have business continuity management arrangements in place
  • Have arrangements in place to be able to warn and inform the public in the event of an Emergency
  • Provide advice and assistance to businesses and voluntary organisations regarding business continuity management.

There are also two significant documents concerning multi-agency emergency response – JESIP (Joint Emergency Services Interoperability Principles) and LESLP (London Emergency Services Liaison Panel). Although both of these documents are primarily aimed at emergency services responding to emergencies, rather than local authorities acting as a support agency to the community affected, both would presume that appropriate council representatives, up to and including the chief executive, would have been aware of these plans, and would have participated in a range of training and exercising programmes.


Although the tragedy associated with Grenfell Tower may have been unique, the challenges created by the aftermath of it were not – and in fact, were not only predictable, but could be considered to have been fundamental to any major incident that would have caused widespread impact and disruption. In that sense, the failures of the council to have accepted their responsibilities in preparing themselves as an organisation to have appropriate levels of crisis management skills and capabilities, as well as the failure to respond effectively to the specific challenges of the Grenfell Tower disaster, can fit into a well-known pattern of behaviours that can come under the headings of a failure of leadership and initiative (Hurricane Katrina Congressional Report) and a failure of imagination (9/11 Congressional Report).

However terrible the events of the night of 14th June, and whatever the institutional failures that led to the situation that allowed the fire to become so devastating so quickly, the failure of the local council to accept its responsibility to take leadership in the immediate aftermath of the event is inexcusable. Whatever the specific details and horrors of Grenfell Towers, seen purely from an emergency management perspective, there was nothing in the hours and days following the event that could have been considered unthinkable, unexpected or unforeseeable. In fact the challenges associated with housing and safeguarding the wellbeing of traumatised victims, utilising the resources of the council and collaborating with formal and voluntary agencies, as well as the community itself, is at the heart of any major incident scenario.

The ability to provide succour and support to those most impacted by crises is at the heart of the modern government’s responsibility, whatever level it is operating at. The fact that a failure of this nature can happen in the richest borough in London, in the absence of any other challenges or distractions, is once again an indication of just how fragile the crisis management frameworks are that we so heavily rely on.

Deltar Training Solutions is a London-based international consultancy specialising in the strategic management of complex crisis events.

Dr David Rubens DSyRM, CSyP, FSyI, MD Deltar Training Solutions
David holds a Professional Doctorate in Security and Risk Management (D.SyRM) from University of Portsmouth, writing his thesis on strategic management and critical decision-making in hyper-complex crisis environments. He holds an MSc in Security and Risk Management (2006) from Leicester University, where he was a Visiting Lecturer and Dissertation Supervisor on their Security, Terrorism and Policing programme (2006-12), and was a Visiting Lecturer on the Strategic Leadership Programme at the Security and Resilience Department, Cranfield University, UK Defence Academy (2009-’10), focusing on terrorism and public policy, and the management of large-scale, complex multi-agency operations.
Dr Rubens is a founding member of the Academic Advisory Group to the London Resilience Gold Command Crisis Management Project.

Deltar Training Solutions
Email :