Whether lessons have been learned and actioned.

I thought this week with the 10th anniversary of 7/7 I would look back through one of the reports on the incident by the London Assembly (Report of the 7th July Review Committee) and highlight in this bulletin some of the learning points from the incident. If we can learn from incidents and improve our response, then something good has come out of a terrible incident. In reading the report one of the things that struck me was a number of communication failures during the response. This should not surprise us as almost every incident report or exercise report highlights failures in communication as one of their key learning points. There were three main failures in communications; loss of communications to those responding underground, overload of the mobile phone system and the failure of the ambulance communications system. The difficulty of communicating underground was identified as a significant issue in the report into the Kings Cross fire in 1988. During 7/7 the report noted that the Metropolitan Police Commissioner, Sir Ian Blair, told us that he regarded the inability of the emergency services to communicate underground as ‘a significant problem for London’. The lessons from the last incident in this aspect of communications had not been learned. Do you go back through your own incident reports and those of other organisations, which are relevant, and check that the lessons identified have been learned or actioned in your organisation? All of our mobile plans are highly dependent I suspect on mobile phones working. Much of the communications failure during the response to 7/7 was due to the emergency service and other responders having a high reliance on mobile phones and the system not working in certain areas. This was again identified in the report as a foreseeable problem. The same happened during 9/11 and actually happens in many areas each New Year’s Eve. The failure of the mobile system was due to the large number of calls overloading the system which the report details: “London’s telephone networks experienced unprecedented volumes of traffic. Vodafone experienced a 250 per cent increase in the volume of calls and a doubling of the volume of text messages. There were twice as many calls on the BT network as would normally be the case on a Thursday morning. Cable & Wireless handled ten times as many calls as usual to the Vodafone and O2 networks – 300,000 calls were placed every 15 minutes, compared to 30,000 on a normal working day. O2 would normally expect to handle 7 million calls per day. On 7 July, 11 million calls were connected – 60 per cent more than usual – and this does not include unsuccessful calls”. Have you got plan of how to deal with an incident without mobiles, especially at the scene of the incidents, and how staff caught up in the incident will inform you that they are safe? Lastly on communications, although it didn’t affect the overall response, there was a major breakdown of The Ambulance Service communications. This lead to “repeated instances of London Ambulance Service officers requesting more ambulances, supplies and equipment and receiving no response”. Failure of communication within the ambulance service was due to issues with their radios and failure of the mobile phone system. Could your response be majorly impacted by failure of communications and are your existing communications fit for purpose, tested and staff trained in their use? One of the themes I have been promoting in my bulletins is ‘do our plans have sufficient emphasis on looking after people during an incident’. I was disheartened to see the following within the report: “The response on 7 July demonstrated that there is a lack of consideration of the individuals caught up in major or catastrophic incidents. Procedures tend to focus too much on incidents, rather than on individuals, and on processes rather than people. Emergency plans tend to cater for the needs of the emergency and other responding services, rather than explicitly addressing the needs and priorities of the people involved”. I am guilty of this as well, but I think we should look again at our plans and see if they take account the need to look after our people and those affected by the incident? My last point is the importance of leadership at the scene of an incident and in someone taking command. The following is an extract from the section on communications from people in authority within the first 15 minutes: ‘Michael, survivor of the Aldgate explosion said ‘Information is essential when in shock people freeze and can’t make rational decisions, people need to know what to do, even if it is to remain on the train and wait’. Nobody knew what to do immediately after the bombs had gone off. They were in an unfamiliar environment and were unsure whether it was safer to leave the train or to remain where they were. A number of survivors talked about the relief of having someone in authority, the train driver, tell them to what to do and “walk down the track to Russell Square”. This highlights to me the importance of training for staff likely to be at the scene of an incident so that they can make quick decisions and be the voice of authority in an incident.

Charlie Maclean-Bristol

Director of Training

Business Continuity Training Ltd

Headlines over the 150-year history of tall buildings provide us with evidence of what can go wrong and the likely costs and consequences of such events.  Many of the challenges are the same as those in any multi-story building, but the higher the building, the more complex the problems become, with some super-tall skyscrapers requiring two or three hours to get everyone out.  Even if you are not evacuating people from a skyscraper, the considerations that follow will give you useful information for reviewing your plans for evacuating employees and visitors from any multi-story building.

Under normal circumstances and with a good evacuation plan, it should only take a few minutes to evacuate one of these basic 5 or 6-story buildings. Thus, when we talk about skyscrapers or high-rise buildings, we mean buildings over 10 stories, their height made possible by the invention of the elevator.  The majority of the people will have reached their destination through the use of elevators, which would probably be out of action in an emergency.

The population density, the volumes of traffic, and the vertical distances in a skyscraper demand a more detailed and focused investigation, planning, and delivery cycle for your evacuation plan.  Challenges such as the safety of disabled employees and visitors are intensified.

Since it is unlikely that you were involved in the design, engineering, and construction of your building, you will need to work with the alternative escape routes and exit points that are present. So your challenge is: “What can you do to reduce the risk of an incident developing into a tragedy?”

Seven Critical Areas of Investigation and Concern

1. Structure.  Do your homework. Investigate every floor and every aspect of the structure of your building and become familiar with all of the details and their intended purpose in relation to emergency evacuation. Do not rely on floor plans alone. Walk every inch of the building yourself and take notes. It helps if you do this with someone familiar with each section of the building and the activities that take place there. That person can help you identify features and oddities and come up with a list of possible threats.

2. Routes.  While you are inspecting and taking notes, check the marked exit routes and exit points. Pay particular attention to the likelihood of escape routes being compromised or obstructed and if this might happen on certain days when, for example, hallways could be used temporarily for shipments of boxes. Think through the whole route, walking in the shoes of an evacuee starting out from each of the locations you visit – and then consider additional challenges if evacuation were being done in near darkness, by someone in a wheelchair, by a child, or by a visitor unfamiliar with the building.

3. Volumes.  Estimating the volume of people that will need to escape from any part of the building is a normal part of evacuation planning. However, volume becomes critical in a high-rise environment, since excessive crowding on lower levels will take place as those from upper levels descend, creating “pinch points,” which impede evacuation. Gain a clear understanding of the likely volumes of people who might be in various parts of the building on a normal day and what their special needs might be. In addition, look for regularly scheduled events that would increase the number of people in the vicinity. As you visit and inspect each and every area, build up a picture in your mind of the growing volumes as people make their way downwards and mingle with the rest of the crowd. Ideally, your architecture should allow for escape routes to become wider as they merge to avoid congestion, but, in practice, this is not always the case, especially if you are in an older or reconfigured building. In your evacuation drills you will need to be prepared for “heavy traffic” in the halls.

How long will it take to get everybody out?  For example, if people leave the venue at a rate of one person every 2-4 seconds (allowing for delayed response or special populations), and it takes each person an average of 5 minutes to travel to safety (which may be some distance, and exposed to hazards or obstacles along the way), and you have a crowd of 1,000 people, you could estimate a minimum of approximately 55 minutes to completely evacuate the Venue.

4. Warning. You should have a system of warnings and alerts in place to cover different emergency situations. For a dangerous occurrence such as a shooter on the premises, the warning might be in the form of text messages to managers and others responsible for emergency actions. People would be instructed where and how to take shelter until local authorities give instructions to go back to work or evacuate the premises. The traditional alarm would mean that emergency evacuation procedures are being officially invoked for an emergency, a planned test, or a planned drill and that everyone should follow the instructions of the marshals to escape the premises. The alarm should never be used for a “surprise test,” since its use in anything other than a real evacuation lessens its value. When the alarm is used too frequently, you run the risk that people will stay where they are rather than evacuating – and once they realize that the threat is real, it may be too late for them to get out.

5. Leading.  Your growing crowds will need to be led, guided, or marshaled as they make their way through the confusion towards safety. In a high-rise building, you will need more volunteer marshals and a regular training program based upon floor plans, business groupings, or other common factors which particular groups might share. Marshals will need visible gear and the tools to do their job – clipboards, flashlights, pens, and whistles. A common “uniform” to show the person’s role is the high-visibility vest. However, one company that prided itself on its informal culture simply outfitted all the marshals with brightly colored baseball caps that said “Marshal.”

6. Informing.  During the actual evacuation, keep the key players informed about progress and any further developments or special instructions. Walkie-talkies, cellphones, and mega-phones are all possible. Ideally, this should be a two-way communication system which will work under difficult circumstances throughout the building and its immediate surroundings – and a communication system commonly used by the people involved, since you do not want people learning a seldom used communication system in an emergency.

7. Checking. A very important aspect of evacuation planning, especially in the high-rise scenario, is that of accounting for every individual who was in the building at the start of the incident. A roll call at the final point of assembly is good, but it is a retrospective process that may take place too late. A simple evacuation area checklist would itemize each room, office, rest room, etc. on each floor of the building. Marshals would check each of the areas and check off that it was empty before leaving that floor of the building. In the event of a fire or local emergency, these lists could then be given to fire or law enforcement officers to show that the building is, indeed, empty. Failure to respond to the alarm or other safety communication is a common problem and should be handled with a severe reprimand from the highest level of the company.

Develop and Practice Effective Emergency Procedures

Once you have created the Emergency Evacuation Plan, it is important to test and drill several times a year, although that doesn’t necessarily mean a total evacuation for every test. Some tests may be limited to specific areas, populations, or extent. In between tests, it is important to check all the escape routes and alternate escape routes that are in your plan for each area of the building. Circumstances change regularly, and the back doors to the parking lot you were planning to use may now be blocked by a dumpster or that little-used hallway may have been made into a closet. Continue to check for unexpected problems such as missing signage, blocked passageways, cluttered stairwells, or locked doors. Finally, for your own safety and the safety of everyone on your team, scan the horizon for any new ideas or technologies which you might employ to improve various aspects of the EEP for your high-rise building.

About the Authors

Jim Burtles, KLJ, CMLJ, FBCI, has over 35 years of business continuity consulting experience in 24 countries. He began in-depth research on the subject of emergency evacuation in 2001, after the terrorist attacks on the World Trade Center in New York City.

Kristen Noakes-Fry, MA, is Executive Editor at Rothstein Publishing, a division of Rothstein Associates Inc. Previously, she was a Research Director, Information Security and Risk Group, Gartner, Inc.; Associate Editor, Datapro; and Associate Professor of English, Atlantic Cape College.

BCS – The Chartered Institute for IT has published a new book titled Business Continuity Management Systems – Implementation and Certification to ISO 22301. It was authored by Hilary Estall, a respected authority on management systems standards.

The book is targeted at BCM professionals & teams in the following situations:

•  Your organisation is seeking formal certification to ISO 22301.
• Your organisation is seeking alignment to ISO 22301.
• Your organisation is considering whether to become certified and wishes to understand what is involved before committing resource.
• Your organisation is working towards, or has already achieved, certification to BS 25999-2 and wishes to understand what is involved in moving from one standard to another.
• You wish to develop your own understanding of what is required to implement an effective BCMS.
• You are looking for a practical support mechanism to guide you through the implementation stages of your BCMS.

The book is set out in four parts. Two focus on management systems themselves and the certification process, and the remaining two look at BCM and the requirements of ISO 22301.

If you just want to know more about ISO 22301, I suggest this is the first (and perhaps only) book you need to read. If you are going further and want to become an ISO 22301 certified company then it gives you the route, the dangers, the tips and the confidence to succeed.

…. Lyndon Bird FBCI Technical Development Director at the Business Continuity Institute (www.thebci.org).

Please if you want to know more about the book or browse the contents please log unto BCS site (http://shop.bcs.org/)