Alert Spring 2014

Journal of the Institute of Civil Protection and Emergency Management
ReSilieNce
Prepare and Protect Crisis Management Persistent Lessons from Major Disasters
Spring 2014
ICPEM ICPEM // // Alert Alert // // Spring Spring 2014 2014 2
MEmBERSHIP MATTERS
Malcolm Parker, membership@icpem.net
Membership matters I Subcriptions are the life-blood of the institute and they can be paid by; Standing Order Direct Debit Cheque Bank transfer The institute also benefits from Gift Aid when you sign up for it, and all the relevant forms are available for download from the website. Whatever arrangements you have made for your subscriptions, can you please ensure that they are in place, active and have valid details. Some subscriptions from the start of the year remain outstanding, so could you please check? If you have any queries about arrangements for payment, please contact the Treasurer (see contact details on the back page of the journal). Membership matters II The Registrar makes a special plea for members to keep their contact details and preferences up to date.We make every effort to keep records accurate, to ensure that members receive all relevant communications. Email and the website will be the main means of getting information to members, so it is vital that email addresses are spot on. You can download an update form from the website under the membership tab. What else do you do? Members come from many different and interesting backgrounds and take part in many interesting activities. We would like to reflect these activities and achievements in Alert in order to show the human side of its membership. So, if you have something unusual or interesting that you get up to, let the managing editor know, with some photos if you have them and we will publish them in forthcoming editions. Events If you are holding an event that other members of the institute might be able to assist with or attend, such as exercises, and seminars, please let the Managing Editor of Alert and the Webmaster know and they can be advised. The public view of the website includes a calendar of events across the spectrum of interests, so we would like to have information on anything that you think might be relevant. Membership matters III Membership fees remain at the 2013 rate for 2014. Membership fees are due on 1 January of each year. So, once again, please check that you have paid the required amount..
Contents
IFC
Membership Matters Thoughts from the Chair Editorial European News Branch News: Scotland Branch News: North West Special Interest Group Events: ICPEM Conference and AGM Events: IDER Updates: Joint Emergency Services Interoperability Programme Updates: BS11200 Crisis Management Incident Reports: Jomo Kenyatta International Airport fire Incident Reports: Glasgow helicopter crash Role profile - Carole Jeffcock Book Review Education and Training Crisis management in cases of multifaceted cyber attacks Announcements: ICPEM & EPS joint statement Protect and Prepare both under the umbrella of Local Resilience Forums Complexity science to guide managers thoughts and actions Disaster Victim Identification: The Use of Deoxyribonucleic Acid (DNA) Profiling Announcements: David Cloake appointed Chief Executive Officer Announcements: Cranfield Security course ICPEM membership details Contacts
1 3 4 6 6 7 8 13 14 15 16
20
22 23 26 30 35 36 40 45 49 50
IBC
NEW MEMBERS
For a comprehensive update of new members please visit the website at www.icpem.net
BC
Thoughts from the Chair
RESILIEnCE In THE UK
By Jeff Little, OBE MBA CGIA FICPEM
I write these notes in the UK just as the Met Office has confirmed that January 2014 was the wettest for over 100 years. I think those who live in the South West of the country knew that already! Military amphibious vehicles will have been deployed to assist those who have been caught up in the flooding on the Somerset Levels. The be underestimated. Flooding has become endemic in parts of the UK during the winter and spring and this trend has been apparent for a number of years. One has to ask why are the military only now planning a response at this 11th hour.What has happened to contingency planning, anticipation and forward thinking? Crime may have fallen by 10% according to the latest statistics, or has it simply transferred to cyberspace where we are all vulnerable to identity theft and on-line fraud. The implications for resilience and readiness to cope with large area emergencies of the type we are now encountering must be of concern to us all. And one can bet that the mandarins in the MOD will be charging top dollar rates for any defence resources deployed to assist Somerset in its hour of need. The response has been slow and ponderous and this is surely a warning for the future. Whether it is floods or drought, terrorism or fire, some serious questions need to be asked, at national level, as to our preparedness to deal with situations requiring large scale response and the deployment of specialist capabilities. The alarm bells should be ringing. Reflecting on last year, the world was continually exposed to the effects of hostile events including terrorist attacks, extreme
The army bolster defences in River Street, in the Clementhorpe area of York
weather conditions, civil wars causing mass migration, industrial accidents and much more. Despite our progress in technology, economic growth in some countries and claims to be a civilised world, we are continually reminded of our vulnerabilities and what appears to be a lack of coordinated effort for international intervention to help people in need. I am pleased that some of our members have offered to write about some of these events in this edition of Alert and I hope it is this sharing of information along with the obvious benefits identified during last years Academic Summit on the subject of
residents of the village of Muchelney were effectively marooned for over a month at the end of January. Many UK residents had their Christmas and New Year holidays adversely affected by power cuts caused by the stormy weather in December and travel plans were disrupted both on the roads and on the rail network. And on top of all that, we understand that the Environment Agency may lose 1500 of their staff, some of them who work in the flood defence area. The seriousness of the situation should not
My main concern is that although the economy may now be on the route to recovery, and I am sure we are all very grateful for that, the austerity reductions demanded by government budget cuts have not yet taken affect in practical terms. It takes time to reduce numbers. The army is falling to 82,000. Police and Fire and Rescue Services numbers will fall and fire stations will close. And this will happen during 2014 although if you believe the media, many of these changes have already taken place.
ICPEM // Alert // Spring 2014 2
Thoughts from the Chair
CALL FOR PAPERS

Flood water at Walton-on-Thames, Surrey, as Royal Engineers were now being tasked to carry out a high-speed assessment of damage to the UKs flood defence infrastructure.
disaster risk reduction, that together we will ensure progress in the field of civil protection and emergency management, or reslience to be more inclusive of all the potential threats to society. I think that ICPEM with its partners and allies now have a serious role to play in raising these issues with the national leadership and flagging up the risks involved. But we cannot do that alone or in isolation and I welcome the work now underway to bring unity and strength to the sector. We need a stronger voice if we are to gain more influence. We need a louder voice if we are to best represent the resilience sector. We need to unite with our fellows across the sector and make our voice heard clearly and unambiguously. Old scores need to be set aside. The world is becoming an increasingly dangerous place and we have the expertise to provide advice, to inform and to lead the response necessary. This may include increasing the involvement of the private sector. Nothing should be ruled out. But we do need unity between ICPEM and the EPS to spearhead that thrust together. I think the future is very exciting for our Institute.
Sadly for me, I have to take my leave at this time as Chair. I depart overseas in March to a new role in the renewable energy sector which is simply too exciting to refuse. I will of course continue the work on behalf of ICPEM and the new organisation when it is formed whilst I am abroad. It is appropriate for me to acknowledge everyones support whilst I have served as the Chair with a special thanks to the Executive Council for their sterling efforts to assist me in my role and manage the interests of the Institute. I wish the future ICPEM all the best and ask more members to become actively involved in running our fabulous organisation. The Executive Committee work long and hard, and they need and deserve more support to shoulder the load. Please come forward and assist. Your Institute and the profession need you! Jeff Little OBE MBA CGIA FICPEM FSyl
ALERT: JoURnAL of THE InSTITUTE of CIVIL PRoTECTIon AnD EmERGEnCY MAnAGEmEnT

he Institute of Civil Protection and Emergency Management (ICPEM) ALERT journal considers for publication review articles, news and views articles and communications on all aspects of civil protection and emergency management. The journal is made available in hard copy, website and other electronic formats. News and views and review articles (reviewing the research or work of your group and addressing other related published literature) and original articles (news and views, your experiences in the field of civil protection and emergency management) are welcome for publication in one of the forthcoming issues of this journal. Articles should be in aerial 11 point font with 1.5 line spacing and ideally be no more than 3000 words, although longer articles will be considered. Papers and communications may be submitted by email to the editorial team at alert@icpem.net. We look forward to hearing from you. Dave Dowling Editor of ALERT
Editorial
ALERT EDITORIAL
By Dave Dowling MEd BSc(Hons) MICPEM MIFireE MCMI TechIOSH
elcome to the spring 2014 edition of Alert which I hope you will find interesting.
I would like to thank Tony Moore for his valuable contribution and the high standard he has maintained during his tenure as Alert Editor. I am sure many of you will be reassured to know that Tony continues to work behind the scenes and I am also very grateful for the support he has given me whilst I find my feet as the new Editor of Alert. Alert is a forum where members can contribute and share information on a wide range of topics including new areas of research, lessons learned from incidents, technological advances, updates on legislation and good practice. Whilst the journal continues to maintain a credible academic level, I would like to encourage more practitioners to share their experiences so that ICPEM fully realises the mission to bring together emergency professionals, academics and business, in order to provide an informed and influential voice on all aspects of civil protection and emergency management. A short item may be sufficient to communicate a useful piece of information, for example, I recently learned that a state of the art emergency services training centre has been opened in Frankfurt. The centre has a variety of facilities including life size underground tube station with a train, a live fire training facility located in a 450m2 hall designed to protect the environment from carbonaceous emissions, a large scale exercise hall populated with a mix of structures and a streetscape that reflects the city, a training and education building that houses a driving simulator, a virtual reality multi-agency emergency incident simulator and much more. During times of austerity, the German government has recognised the importance of investing in organisations that will help to protect, not only life and the environment, but also the infrastructure and industry that are key to ensuring a sustainable economy. For those who have something to share,
but are daunted by the thought of preparing an article, please be reassured that there is a great deal of support to help a Member frame their thoughts and ideas. Alert is fortunate to be supported by an eminent Editorial Board, many of who have had their own work published, but also have experience of assisting others to articulate their experiences and ideas. Reflecting on last year, the world was continually exposed to the effects of hostile events including terrorist attacks, extreme weather conditions, civil wars causing mass migration, industrial accidents and much more. Despite our progress in technology, economic growth in some countries and claims to be a civilised world, we are continually reminded of our vulnerabilities and what appears to be a lack of coordinated effort for international intervention to help people in need. I am pleased that a few of our members have offered to write about some of these events in this edition of Alert and I hope it is this sharing of information along with the obvious benefits identified during last years Academic Summit on the subject of disaster risk reduction, that together we will ensure progress in the field of civil protection and emergency management, or resilience to be more inclusive of all the potential threats to society. In support of the ICPEM Strategic Objectives I would like to develop an arrangement where academic establishments provide short updates on areas of research so that Members are aware of what developments are taking place in the fields of civil protection and emergency management. There may also be an opportunity to enhance the current ICPEM database on where centres of excellence are located across the world, providing practitioners with a directory of potential partners. This is an open invitation to academic establishments and a request to Members for relevant information. This edition of Alert introduces new regular sections including a Role Profile designed to
raise awareness of people and organisations that are not normally high profile, but are essential to the progress of effective civil protection and emergency management an Incident Report aimed at presenting an item in a structured format so that lessons are learned from the event; and Updates where relevant standards, regulations and guidance, etc. is shared. Your views on the content and ideas for future editions are welcomed. Finally, I would like to take this opportunity to remind everyone that the Annual General Meeting takes place at the Union Jack Club on Wednesday, 2 April, followed by the Conference Dinner. Given the proposed closer links between the Institute and the Emergency Planning Society leading to a possible merger, it is in the interests of all members to attend the former and make their views known. The Annual Conference will be held at University College, London, on Thursday, 3 April. As always, the Conference Committee have endeavoured to put together an interesting programme and we do hope that you will attend. Dave.dowling@icpem.net
EDITORIAL BOARD
Tony Moore (Chair) MPhil FICPEM Dave Dowling (Secretary) MEd BSc(Hons) MICPEM MIFireE MCMI TechIOSH Professor David Alexander PhD Prof FRGS FRSA FGS FICPEM Professor Frank Gregory, Hon FICPEM Professor Gary Silver MSc GCE LLS (QTLS) FICPEM FEPS Professor Ian Davis, PhD Hon FICPEM FPWRDU Dr Karen Reddin PhD FICPEM Kevin Arbuthnot QFSM MPhil DMS FICPEM FIFireE Mike Broadbent MSc BSc CEng CSci CEnv FICPEM FHEA FICE MCMI Dr Sarita Robinson PhD MSc FICPEM
European News
By Lina Kolesnokova MSc FICPEM
NEw EURoPEAn LEGISLATIon

O
n 9 December 2013 I was invited to attend a technical briefing at the major disasters. To ensure better prevention, the Member States will regularly share a summary of their risk assessments, share best practices, and help each other identify where additional efforts are needed to reduce the risks associated with disasters. In the area of preparedness, there will be more training available for civil protection personnel operating outside their own countries, more exercising of civil protection response capabilities (such as search and rescue teams and field hospitals), more exchanges of civil protection and prevention experts and closer cooperation with neighbouring countries; all of which will improve the cooperation of Member States teams on the ground. To improve on the current system of ad The following day, 10 December, the European Parliament adopted the new legislation on EU Civil Protection, which is designed to better protect and respond to natural and man-made disasters. It so doing it is hoped that the safety of EU citizens and disaster victims worldwide will be increased. Although the primary responsibility for disaster management remains with Member States, it is hoped that the improved coordination arrangements, with the ERCC at the hub, will ensure closer cooperation on disaster prevention, better preparedness and planning, and a more coordinated and faster response to ensure that the assistance provided by Member States actually meets the needs of the affected region. A better understanding of risks is the starting point for providing an effective response to hoc offers of assistance, a voluntary pool of Member States response capabilities and experts on stand-by will be established allowing for crucial pre-planning, immediate deployment, and fully coordinated interventions. The EU will compensate parts of the costs for setting up the pool, and also reimburse up to 85% of the costs involved in the transportation of the assets and teams when deployed. The legislation also includes, for the first time, a requirement that Member States assess if there are genuine gaps in response capabilities throughout Europe, and to address them with the help of seed financing up to 20% of the costs from the EU. It also allows the EU to make standby arrangements to cover temporary shortcomings in major disasters. Member of European Parliament Elisabetta Gardini, Rapporteur of the Union Civil Protection Mechanism legislation in the Parliament said: Today, the European Parliament voted in favour of a legislation that will make Europe and the wider world a safer place. EU Member states will be able to better coordinate preparation, prevention and eventually respond to disasters within Europe and globally. This is especially important in light of the upcoming Post-2015 Framework for Disaster Risk Reduction and the European Unions work in the field of disaster risk reduction with UNISDR. The new Union Civil Protection Mechanism came into effect in the beginning of 2014. The adoption was warmly welcomed by Kristalina Georgieva, the EU Commissioner for International Cooperation, Humanitarian Aid and Crisis Response, who was a prime mover of the new legislation. She said: A rising trend in natural and manmade disasters over the past decade has demonstrated that coherent, efficient and effective policies on disaster risk management are needed now more than ever. This vote brings us a step closer to a predictable and reliable civil protection system at the European level. This can mean the difference between life and death when a disaster strikes. Equally important, the revised legislative proposal includes measures that will help to prevent and prepare better for the upcoming disasters. Successful disaster risk management is first and foremost about providing security to our citizens. I would like to thank the European Parliament for its strong support. European Union (EU) Emergency Response Coordination Centre (ERCC). The briefing was dedicated to the a discussion and a vote on new legislation relating to EU Civil Protection which was due to take place in the European Parliament the next day and consisted of three sessions. The first was on the assistance that the ERCC had provided to the Philippines during the Haiynan typhoon; the second outlined the possible improvements to the EUs ability to provide assistance in civil protection if the legislation was adopted; the third was dedicated to questions from the floor, with answers being provided by the briefers.
European News
By Lina Kolesnokova MSc FICPEM
CoLLAPSED SUPERmARKET In RIGA
BomBInGS In VoLGoGRAD
f late, the Russian southern city of Volgograd has become a constant terrorist target. On 21 October 2013, a female suicide bomber set off an explosive device on a bus, killing 7 and injuring 36 people; on 29 December a male suicide bomber, set off an explosive device in a train station, killing 18 and injuring about 50 people; and on 30 December a male suicide bomber set off an explosive device on a trolleybus, killing 16 and injuring 41 people. At the time of going to press, there are many unanswered questions. For instance, who (which group) is responsible for these terrorist attacks? Who, precisely are the perpetrators of these attacks? To-date, no-one has claimed responsibility and only the female suicide bomber who was involved in the 21 October incident has been indentified. Are these attacks related to a threat made in July 2013 by Doko Umarov, the leader of a Chechen separatist group known as the Caucasus Emirate, to disrupt the Sochi Winter Olympics? Umarov is already Russias most wanted man, having been involved in a number of terrorist attacks in Russia, including one in 2009 outside the Cechen Interior Ministry in 2009; the bombing of the high-speed Nevsky Express train, in which 28 people were killed, also in 2009; the bombings of the Moscow subway that killed 40 people in 2010; and the bombing of Domodedova Airport in Moscow in 2011, that killed 36 people. When the answers to these questions become clearer, I will write further on these terrorist attacks.
A view of collapsed Maxima supermarket in Riga, Latvia, Saturday, Nov. 23, 2013
n 21 November 2013 the roof of Rigas (Zolitude micro-district) supermarket Maxima collapsed at around 17:40 local time. The disaster killed 54 rush-hour shoppers and injured a further 39. Three rescue workers were also killed when a portion of the roof fell on them as they responded to the initial collapse. It was the largest disaster to happen in Latvia since the 1950s when a steamer sank killing about 150 people. A garden was being built on the roof of the supermarket and, at the time of going to press, the Latvian police are examining three possible scenarios as the cause of the collapse. The first is that architectural design and construction supervision standards may have been violated. The second is that construction regulations could have been violated during the first stage of the construction of the Maxima store, and the third deals with possible violations during an upgrade to the building. Latvian police also asked Polish and Russian law enforcement representatives for assistance in investigation.
Following the disaster the President of Latvia, Andris Berzins, described the disaster as murder and apparently called upon everyone to assess their responsibility and act accordingly. On 27 November, in a meeting with the President, Prime Minister Valdis Dombrovskis told him that the government took political responsibility for the tragedy and announced his resignation, thereby bringing about the fall of his government. This is not the first time that a roof has collapsed in Europe due to increased weight being put on it. In 2006, there were three such collapses following particularly heavy snowfalls across Europe. In Poland, the roof of one of the buildings at the Katowice International Fair collapsed whilst over 700 people were inside. Sixty-five people were killed and around 170 injured. In Germany, the roof of an ice-rink collapsed in Bavaria, killing 15 people, including 8 children and injuring 32 others. In Russia, the roof of a market collapsed, killing at least 56 people and injuring 32 others.
Author Profile
Lina Kolesnikova is an independent expert in risk, crisis and disaster management based in Brussels. She is currently the Institutes representative to the European Union.
Branch News
Scotland Branch
David Dalziel QFSM MA FICPEM FInstLM
Northwest Branch
Dave Dowling MEd BSc(Hons) MICPEM MIFireE MCMI TechIOSH
ollowing expressions of interest from a number of ICPEM members based in Scotland or with business connections there, the Executive Council has approved the formation of a Scotland branch of the Institute. There were significant changes to resilience structures in Scotland that came into effect in November last year. The Scotland branch has a broad based membership from the public, private and third sector from places as diverse as Glasgow and the Western Isles. It should to be an excellent forum for developing members and making a valuable contribution to civil protection across Scotland. Amongst the aims and objectives of our new branch, members propose to;
Regional zones of the ICPEM within the UK and Ireland
meeting with the North West (NW) Branch of the Emergency Planning Society took place during January.. Mark Taylor, the Emergency Planning Society (EPS) NW Branch Chair, met with Bernard Kershaw, NW Branch Events Coordinator, Sarita Robinson, NW Branch Secretary, and I to look for opportunities to progress the recent joint statement between the EPS and ICPEM. The meeting was very productive and a joint event is being planned for the 12th May. Initial thoughts are for a 3pm start with short updates from the Chair of each Branch on the aims and objectives followed by a short summary, by a local member from the EPS and the ICPEM Branches, on the work of each organisation. This will highlight opportunities for aligned activities. The meeting will conclude with an opportunity to socialise in a more relaxed environment (local hostelry). Beyond the May meeting, there is a proposal from the EPS NW Branch Chair to develop a joint event in the autumn of this year on the theme of Psychological Impact. The event will focus on the psychological impact of incidents on the public and the emergency services. Anyone interested in joining the North West Branch should contact Dave Dowling on dave. dowling@icpem.net
Support the delivery of the Mission, Vision and Objectives of the Institute of Civil Protection and Emergency Management and promote the professional interests of Scottish members. Provide a forum for the professional development of Branch members Liaise with other relevant partners to help develop best practice in civil protection Act as positive advocates for the Institute to increase its influence and standing Contribute to professional publications, consultations, conferences and seminars relevant to the skills, knowledge and experience of members Promote the most effective means of providing civil protection and emergency management in Scotland
Share good practice and lessons identified in Scotland Actively recruit new members and promote the interests of the Institute in Scotland. Organise events that support the objectives and involve the members along with other interested partie The branch has around 20 members and new members are always welcome. A discussion forum is being established on the ICPEM website to support the business of our new branch. Anyone interested in joining should contact our regional representative, David Dalziel on Scotland@icpem.net
Special Interest Group
FoRmATIon of THE UK BLUE LIGHT SPECIAL InTEREST GRoUP

David Dalziel QFSM MA FICPEM FInstLM
of our vulnerabilities and what appears to be a lack of coordinated effort for international intervention to help people in need. I am pleased that a few of our members have offered to write about some of these events in this edition of Alert and I hope it is this sharing of information along with the he Institute is pleased to announce that the Executive Council agreed at their meeting on the 29th of January to the formal creation of the UK Blue Light Special Interests Group (SIG).. With over 20 members from a diverse, multi-agency response background, our newly formed SIG has expertise ranging from mainstream policing, fire and rescue and health professionals through to security, counter terrorism, firearms, transport emergencies, maritime risk and the nuclear industry. The SIG is not restricted to Cat 1 responders and already has members from other organisations including the voluntary sector such as a BASICs medic. That diversity of skill, expertise and knowledge will add real value to the standing and reputation of the Institute and provide a forum for members in the SIG and wider membership. The Terms of Reference for the SIG has also been approved. The SIG objectives are to: th in some countries and claims to be a civilised world, we are continually reminded obvious benefits. 1. Assist and support the ICPEM vision and values providing a forum to represent the Institute on activities associated to the groups specific areas of expertise and specialisation including the submission of research and other relevant articles to ICPEM publications. 2. Provide a supportive learning environment for group members and to share that learning including the dissemination of good practice and lessons learned. 3. Support the continuous professional development (CPD) of members including acting, where appropriate, as the Institutes main liaison body in terms of CPD within the groups areas of specialisation. 4. Maintain currency and awareness of the most effective means of delivering civil protection and emergency management in the specific context of primary and other emergency responders including those in the voluntary sector. 5. With the support of the Executive Committee, liaise with and influence The group is chaired by David Dalziel supported by Phil Trendall as the SIG Secretary. Any ICPEM members from a response background in either the public or voluntary services who wish to be part of the group should contact David on David. Dalziel@icpem.net The SIG will ensure that it reports its activities to the Executive Council and members through a mixture of formal communication and submitting articles for publication in Alert and Communiqu. A discussion forum will be hosted on the ICPEM website. the development of policies and procedures through relevant UK bodies, organisations, associations and other agencies. 6. On request, represent the Institute on relevant national working groups, committees, seminars and conferences. 7. Proactively promote the ICPEM through delivering presentations, raising the profile of the Institute and attending relevant seminars and conferences and by actively recruiting new and current members to join the ICPEM and the SIG. 8. Provide a professional advocacy of multi-agency interoperability and incident command. 9. Develop a centre of excellence within the ICPEM on the most current best practice in integrated emergency management for responders.
The Annual General Meeting of the Institute of Civil Protection and Emergency Management will be held at the Union Jack Club, London on Wednesday, 2nd April 2014 at 3p.m.
Union Jack Club location By underground - The nearest underground station is Waterloo on the Northern Line. Exit through the mainline station, Exit No 2 By mainline train - The nearest mainline station is Waterloo. The UJC is directly opposite Exit No 2. Special rate accommodation for the AGM and conference dinner ICPEM members attending the conference dinner 2nd April who are not Union Jack Club members can reserve single or double rooms en-suite, subject to availability, for 72 single and 126 double, excluding breakfast. These rates are only applicable for the night of 2nd April and not for the following nights. When making bookings they will need to quote the ICPEM Dinner as reference. Members of the Union Jack Club may, of course, book at the published membership room rate. ICPEM Annual Conference Dinner The conference dinner will be held on 2nd April 2014, commencing at 7.30 pm for 8 pm, at the Union Jack Club, London. The cost is 45.50 (inclusive of VAT) Anyone wishing to attend the dinner should contact Bill Blake, at bill.blake@icpem.net
ICPEM Annual Conference 2014
Routes to business & community resilience Enhancing the national security agenda
Sir Ambrose Fleming Lecture Theatre, UCL, London, UK Thursday 3rd April 2014
Rate discounts for members of
Check www.icpem.net for updates ICPEM AGM and Conference Dinner April 2nd - Union Jack Club, London
www.icpem.net
Sp
d te e bl ise ra la a l s ai fin te av s g a n er le tio ak d e ra e st S p n & o gi re and dati e in e o nl m m O am om r c og ac P r ia l s
ec
ICPEM Annual Conference 2014

Routes to Business and Community Resilience: Enhancing the National Security Agenda Conference Chair: Richard Gordon, MBE, MA Director of the Disaster Management Centre, Bournemouth University 0845 Registration 0930 Opening address by the Conference Chair 0945 1st session An international perspective Christian Sommade, Executive Director, French High Committee for Civil Defence. A French perspective on enhancing business and community resilience. Alastair McAslan, OBE, FCPEM Director, Strathfillan Consultancy, prev. Director of Torrens Resilience Inst., Adelaide, Australia. An Australian perspective on enhancing business and community resilience. 1100 Coffee 1130 2nd session UK approach to achieving resilience in the face of changing threats Ronnie Coutts, MBE, MA Director of Training and Resilience, Serco at the Emergency Planning College. Government approach to training for resilience. Sir David Veness, CBE, QPM, MA Honorary Professor of International Relations at the University of St. Andrews. The enduring threat from global terrorism. 1245 Lunch 1345 3rd session specific threats Galatas Ioannis, MD, MA Editor-in-Chief, CBRNE-Terrorism Newsletter. CBRNE hardening or soft targets airports, shopping malls and luxury hotels. Dr Dinos Kerrigan-Kyrou, BA, PhD, Dartmouth Strategic Studies Group. Threats to the critical infrastructure. 1500 Tea 1515 4th session roles of business and academia Jeff Little, OBE, MBA, CGIA, FSyl, FICPEM Former CEO, National Security Inspectorate, UK The role of business in enhancing the national security agenda. Professor David Alexander, PhD, FICPEM Professor of risk and disaster reduction at University College London. An academic perspective on enhancing business and community resilience. 1630 Concluding remarks by the Conference Chair 1645 Close (CPD certificates will be available)
11
Delegate Fees All Fellows and Members of the ICPEM All Student Members of the ICPEM Non-members (i.e. public sector, military and recognised academics*) Others (All fees are subject to VAT at the Standard Rate) Rates include conference pack, lunch and all day tea and coffee * * * NB. * * * Delegate places will only be guaranteed once payment is received. Payment cannot be accepted on the day due to catering arrangements ICPEM, SIESO, CSARN and EPS members will need their membership number when registering Members of SIESO, CSARN and the EPS qualify for a 10% discount off the full rate Public sector employees includes central government, local government and emergency services. Recognised academics means those who are employed by a recognised academic institution or are registered to undertake research at a recognised academic institution. 75 50 150 175
Registration People wishing to attend the Conference can register here Any queries regarding registration should be directed to +44 (0) 1322 660434. Conference Dinner The Conference dinner will be held on 2nd April 2014, commencing at 7.30 pm for 8 pm, at the Union Jack Club, London. The cost is 45.50 (inclusive of VAT) Anyone wishing to attend the dinner should contact Bill Blake, at bill.blake@icpem.net ICPEM - Annual General Meeting The Annual General Meeting of the Institute of Civil Protection and Emergency Management will be held at the Union Jack Club, London on Wednesday, 2nd April 2014, 3pm
Continuing Professional Development Attendance at the Conference carries 5 CPD hours. Certificates will be available/issued.
Conference location Sir Ambrose Fleming Lecture Theatre (G06) at the Roberts Building, University College London (UCL), Torrington Place, London WC1E 7JE, UK By Underground The nearest train stations to UCL are Goodge Street (Northern Line), Euston Square (Metropolitan), Hammersmith & City and Circle Lines which are all within a 10 minute walk from the venue. Warren Street is also on the Northern Line and is around a 15 minutes walk. Goodge Street is the nearest station to the Roberts Building (5-8 minute walk). On exiting Goodge Street Tube Station, turn left onto Tottenham Court Road. After 121 metres, at the junction of Tottenham Court Road and Torrington Place, turn right onto Torrington Place. After 282 metres, at the junction of Torrington Place and Malet Place, turn left in to Malet Place. After 38 metres, enter Roberts Building on your left. For directions to the venue from other stations and locations, please use the following route finder function provided by UCL: http://bit.ly/9P71cc Union Jack Club location By underground The nearest underground station is Waterloo on the Northern Line. Exit through the mainline station, Exit No 2 By mainline train - The nearest mainline station is Waterloo. The UJC directly opposite Exit No 2. Special rate accommodation for the AGM and conference dinner ICPEM members attending the conference dinner 2nd April who are not Union Jack Club members can reserve single or double rooms en-suite, subject to availability, for 72 single and 126 double excluding breakfast. These rates are only applicable for the night of 2nd April and not for the following nights. When making bookings they will need to quote the ICPEM Dinner as reference. Members of the Union Jack Club may, of course, book at the published membership room rate.
13
Updates
JESIP
JoInT EmERGEnCY SERVICES InTERoPERABILITY PRoGRAmmE. JoInT DoCTRInE: THE InTERoPERABILITY FRAmEwoRKES.
By David Dalziel, QSFM MA FICPEM FInstLM, Chair ICPEM Blue Light Special Interests Group
ollowing a series of reports, recommendations and lessons learned from a number of major incidents, specifically the 2010 shootings in Cumbria, the Hillsborough independent report, the Hallett report into the July 2005 London bombings and the Pitt Review into the 2007 floods, a tri-service group from the police, ambulance and fire service was formed to address the recurring issues raised around better working between those services at incidents. Tragic events overseas such as the mass killings in Breivik in Norway were considered in developing the Joint Doctrine as were the very positive aspects of joint working as one of the legacies from the London Olympics. The Joint Emergency Services Interoperability Programme (JESIP)1 was established in the early part of 2012 by the leads of the three professional associations working closely with the Home Office, Cabinet Office, Department of Health and the Department for Communities and Local Government with full support of the three professional associations. It is programmed to run until September 2014. Publication of the JESIP Framework in
complemented the Civil Contingencies Act and the principles of integrated emergency management. In that context, although the Framework is primarily aimed at improving the interoperability of those three blue light services at incidents, it should be of great interest to Category 1 responders and other organisations that support those agencies responding to emergencies.
of common terminology for emergency management. It sets out the roles and responsibilities of commanders and strategic coordinating groups and provides a very helpful Joint Decision Model to support a common approach to reconcile differing service specific models during a joint emergency service response. It states that decision makers should however use their own judgment and experience in making jointly agreed decisions in what can often be difficult and time sensitive situations. See diagram 1. In describing the levels of command the Joint Doctrine uses the terms, operational, tactical and strategic indicating that they are broadly equivalent to the Bronze, Silver and Gold descriptions in other documents. Whilst the document provides clear definition of these generic tiers of command it has given rise to some discussion on the continued use of the latter terminology with some organisations considering reverting to the former.
Diagram 1: Joint Decision Making Model: JESIP October 2013
October 20132 emphasised the desire to have it embedded as a national standard and, to quote the projects Senior Responsible Officer DCC Charlie Hall of Norfolk Police .we should not train in isolation but work to single service protocols. The JESIP team worked with cross Government partners to ensure that the Joint Doctrine
The Joint Doctrine provides additional clarity on the overarching doctrine for a multiagency response to emergencies and supports the associated guidance published under the Civil Contingencies Act 2004. The Joint Doctrine provides clarity on common terminology and provides a definition of key terms including reference to the lexicon
The Joint Doctrine has been developed by and for police, ambulance and fire service commanders to provide a commonly recognised approach to commanding major and complex incidents and as a cohesive, integrated response to emergencies as possible. Whilst it does not purport to be a set of rules the document does seek to guide, explain and inform the principles of integrated emergency management and multi-agency incident command.
15
Updates
BS 11200, CRISIS mAnAGEmEnT GUIDAnCE AnD GooD PRACTICE
By Roger Gomm
This British Standard sets out the principles and good practice for the provision of a crisis management response, delivered by the top management of any organization of any size in the public or private sector. The intention of the standard is to aid both the design and/or ongoing development of a crisis management capability for an organization. The standard is intended for senior executives with strategic responsibilities for the delivery of a crisis management capability within their organization, and those whose roles are concerned with the implementation of the crisis plans and structures, and maintenance and testing of the procedures associated with that capability, who operate under the direction of, and within policy guidelines, of the executives. The standard provides guidance for: a. understanding the context and challenges of crisis management; b. developing the organizations crisis management capability through planning and training; c. recognizing the complexities facing a crisis team in action; d. communicating successfully during a crisis. The current position is on BS11200 is that the Panel are currently finalising the new draft which will be made available for public consultation from 1 November 2013 till 10 January 2014. This will be followed by publication in the Spring. It promises to be a good read! Roger Gomm
The need for incident commanders at all levels to be able to demonstrate appropriate interoperability training in England, Wales and Scotland particularly where cross border mutual assistance arrangements are likely or are in place, places an onus on those services to ensure that their local protocols and procedures adhere to the Framework. Rightfully, there is a public, political and professional expectation that our emergency services work closely together at incidents. The vision of JESIP is Working Together Saving Lives and their aim is something that brings that vision into real focus. JESIPs aim is .that the blue light services are trained and exercised together as effectively as possible at all levels of command in responding to major or complex incidents including fast moving terrorist scenarios so that as many lives as possible can be saved. That aspiration needs the full cooperation, not only of the tri-service partner organisations but the wider emergency services, resilience and civil protection communities including their training providers. Following a survey of 2000 employees from the tri-service partnership, Skills for Justice published a report in September 20133 which provides a baseline of skills, knowledge, operations and culture within those services in terms of issues to be addressed in moving to national training standards for full interoperability. A follow up survey by Skills for Justice is scheduled for the summer / autumn of 2014. Two one day courses were developed for police, fire and ambulance services who will jointly train up to 18,000 operational and tactical commanders. The Train the Trainer programme to enable this national training initiative ran throughout October 2013 and resulted in a network of over 260 JESIP trainers. Further training products for other staff and an awareness package for wider Category 1
and 2 responders are in development and will be completed before September 2014. There is potential for our national training providers at the College of Policing, the Fire Services College, the Emergency Planning College and elsewhere to examine the recommendations made in the Skills for Justice survey and consider collaboration in developing and delivering the national training standards that the JESIP Framework and the Skills for Justice survey findings recommend. Readers may also be interested in the All-Party Parliamentary Group on Homeland Security report entitled Improving the Efficiency, Interoperability and Response of our Blue Light Services. Published in June 20134 the report acknowledges the work of JESIP but raises what it describes as more strategic issues. The recommendations in the report are indeed strategic, far reaching and challenging setting out as it does the thinking of some senior politicians on the future of our blue light services5. EPC Occasional Paper 6 Reviewing the Persistent Lessons Identified relating to Interoperability by Dr Kevin Pollock published by the Emergency Planning College (2013) and available by free download from www.epcollege.com provides an academic perspective on the same topic. References
1. www.jesip.org.uk 2. www.jesip.org.uk/wp-content/uploads/2013/07/JESIPJoint-Doctrine.pdf 3. http://www.sfjuk.com/ 4. www.google.co.uk/#q=all+party+parliamentary+group +interoperability 5. The Institutes response to that report was published in the Autumn 2013 issue of Alert.
About the author

David Dalziel was the Chief Fire Officer of Grampian Fire and Rescue Service for eight years and was vice chair of Grampian SCG. He was Secretary of CFOA Scotland for six years and chair of the Association from 2012 to 2013. David is also the ICPEM regional representative for Scotland and is an Associate Lecturer at the Cabinet Office Emergency Planning College. David can be contacted on Scotland@icpem.net
Incident Reports
Jomo KEnYATTA InTERnATIonAL AIRPoRT (JKIA)

By Adrian Meja MSc FICPEM ABCI ACIArb MEPS(UK)
omo Kenyatta International Airport, named after the first president and prime minister, is located in Nairobi, the capital
and largest city in Kenya. Situated in the Embakasi suburb 15 kilometres southeast of Nairobis central business district, the airport has scheduled flights to destinations in over 50 countries. Unit 1 & 2 cater for international departures and arrivals. Unit 3 caters for local departures and arrivals, Presidential Pavilion opposite unit 3 caters for state visitors and other VIPs and Cargo area caters for cargo transport. The airport served 5,803,635 passengers in 2011, making it the ninthbusiest airport in Africa.
Situation
At approximately 04:30 hours on Wednesday 7 August 2013 a fire in the immigration area rapidly spread affecting parts of the international arrivals building and Unit 1 Departures. The major blaze caused severe structural damage and significant disruption to flights for a month.
Police stand guard as fire engulfs the international arrivals unit of the Jomo Kenyatta International Airport
7.00 am- the head of security, Eric Kiraithe, declared major fire and more fire engines arrived with support from the military, police and private sector. Members of The National Youth Service, a college that empowers youth with training in various technical fields and includes members of the army, were seen with some police officers were seen with plastic buckets attempting to put out the fire. 7.56 am- Principal Secretary, Mr Michael Kamau, shut down the airport. 8.00 am- security helicopters carried out aerial survey of the burning airport and confirmed that fire -fighting efforts were having an effect. 8.40 am- the fire was contained. The President arrived and general assessment of the damage commenced.
8 August Controversy as to where the fire started. 9 August Kenya Airports Authority reported limited operations have resumed at JKIA with both domestic and International departure and arrival functions operational. September Airport had recovered to handle its normal workload (11,000 passengers) using Unit 3 and Cargo area for international and local passengers respectively.
Situation
7 August 4.30 am- smoke noticed by passengers and airport staff. 5.00 am- airport police and other officials alerted as smoke rises above the walls. 5.25 am- two fire engines arrived and firefighters attempted to tackle a fire that is beyond the initial crews capability. 6.30 am- explosions were heard from the building and evacuation of passengers and staff began.
Investigation
The investigation followed a number of lines of enquiry to establish the cause of the fire and the reasons for rapid development.
17
Incident Reports
On Thursday, controversy escalated over where the fire started as witness accounts contradicted the official position that the fire broke out in the immigration area. At JKIA, head of the Anti Terrorism Police Unit (ATPU), Boniface Mwaniki, led the probe as detectives searched for clues in the fire-damaged section of the airport. Deputy President William Ruto met with heads of the countrys security agencies and Cabinet Secretaries in charge of Security and Infrastructure at State House, Nairobi to discuss progress on the investigation. Apart from the ATPU, officers from the Bomb Disposal Unit, Kenya Airports Police Unit, Nairobi County and CID headquarters were helping with the investigation. Personnel from the National Intelligence Service, Kenya Power Company personnel, the City Council of Nairobi Fire Department and investigators from insurance companies were also at the scene.
images on the closed circuit television (CCTV) cameras to examine events before and after the fire broke out, as part of their investigations. It was not immediately clear if the entire sequence of events was captured on the surveillance cameras. There were suggestions that the huge inferno may have been caused by exposed electric cables left in one of the 56 shops pulled down by the Government as it ejected duty free shop operators the week before the fire. Airport employees and Firefighters who spoke to The Standard, a local newspaper, explained the power was cut off in some of the shops and was left on in others. The Government has maintained that the shops were 50 metres away from where the fire is reported to have started and the demolition of the empty shops. The design of the premises was blamed by
the fact that the Firefighters responding from their homes, which is common practice as the airport personnel are stood down (return home) when flights cease and return when the daily schedule begins. In the meantime emergency personnel were seen to be carrying water in buckets to the fire, struggling to operate hoses and had no equipment to attack the fire from above. To make the situation worse, fire hydrants at the airport were defective. Management of the incident appeared to be ineffective for a fire of this magnitude and, without a specific command and control structure, this is likely to have contributed to an uncoordinated response resulting in delays. International standards require a three minute response time on the air side at airports, but the domestic side does not have the same stipulation. Insurance companies will investigate the motivation in case the fire turns out to have been started deliberately. The local economy was suffering a recession and there were allegations of corruption, evictions and related disputes. A tenant was forcefully thrown out of the JKIA, on the 31st July the same year.
Officials reported that some of the staff claimed in their statements that they heard two explosions after smoke started billowing out. The explosions, according to those who have been questioned, were not very powerful or loud, with suggestions and they may have been caused by air conditioners. Although the worst fire in the airports history occurred on the fifteenth anniversary of the 1998 United States embassy bombings in Nairobi and Dar es Salaam, no connection was immediately obvious and no terrorist group has claimed responsibility. FBI agents sent by the US embassy in Nairobi joined the investigating team a day after President Obama called President Kenyatta to offer his governments support following the fire. The FBI agents arrived carrying special equipment to back up their Kenyan counterparts with their expertise, in a joined bid to unearth the cause of the inferno. The agents took away samples from the scene for further analysis and tests. Investigators were also reviewing
the Cabinet Secretary, Mr. Michael Kamau, in charge of this Ministry Transport and his allegation shows the importance of risk management during the construction phase of such a building. Bitumen was one of the materials used in the construction of the premises which is commonly recognized as a substance that will accelerate the development and spread of a fire. Also, the toxic by products of combustion can result in deaths whilst hampering fire fighting operations. There was criticism of the immediate response to the fire as it unfolded. The fire started in the arrival lounge and some passengers claimed to have smelled smoke on arrival; some airport staff have admitted seeing a small fire and used fire extinguishers to put it out for about an hour before they realised the firm hold of the fire and called the fire brigade. It then took more than half an hour for the first fire engine to begin working. This was due, in part, to
Impact
Three people were injured, the most serious with a leg fracture but others suffered carbon dioxide inhalation and were treated before being discharged after a relatively short stay in hospital. Hundreds of stranded passengers watched as their pieces of luggage burnt to ashes during the emergency evacuation. Fortunately nobody was injured as the catastrophe could have been very much worse. The inefficiency exhibited in the firefighting process shocked many Kenyans who said navumilia Kuwa Mkenya (persevere to be Kenyan).
Incident Reports
President Kenyatta called a meeting of the National Security Council to discuss the tragedy and the huge economic losses caused by the disruption to cargo and passenger flights. The consequential cancellation of tourist bookings, especially during this month of August when the tourism business is at its peak due to people wanting to see the wildebeest migration, had a significant impact on the economy. Fortunately other airports were able to provide support and accommodate many of the diverted flights. Public servants in Kenya, including police, firefighters and soldiers, are rumoured to be poorly paid and frequently accused of corruption. However, the issue is more to do with a lack of effective prosecutorial commitment to punish corruption and abet impunity. Police officers who guard the entrance to Jomo Kenyatta International Airport are well known in Nairobi for demanding bribes from taxi drivers and other vehicles with Kenyan drivers. Officials investigating the fire told the Associated Press valuables were stolen by emergency services including police, firefighters and the army. Anonymous sources have alleged that first responders stole electronics and money from an ATM. It is also believed that police guarding the site overnight attempted to a take a safe from a bank in the burned-out arrivals hall, which also houses several foreign currency exchange shops. One official said there was now behind-the-scenes finger pointing taking place between the police, fire department and army. However, the Inspector General of Police said they had not received Since 1991, Pattnis World Duty Free Company has held exclusive rights to shops in all airports built by KAA. However, in 2013, over 600 people lost their livelihoods when the duty free shops were demolished following a court order disallowing businessman Kamlesh Pattni to renew his lease. An online blog claimed that during an NTV interview Pattni warned President Uhuru Kenyatta and Deputy President William Ruto that they had abused their powers by oppressing innocent people who were just earning a decent living from the
People watch dense black smoke billowing from the Jomo Kenyatta International Airport in Nairobi, Kenya, early Wednesday, Aug. 7, 2013
duty free shops, and that God will remove them from power very soon.
Resilience
There were apparently no smoke detectors, or limited in operation, at the time of this incident since no alarm was sounded to alert people of a likely fire. It is evident that there were no automatic water sprinklers which could have contained the fire within a reasonable time. Corruption is blamed in part for the build quality and the lack of protection systems in the buildings involved in the fire. During former president Kibakis 10 year rule, KAA was reported to be one of the main sources of income for the Kenya Kikuyu elite. An item posted at jukwaa. proboards.com on 2nd December 2010 reported that the KAA was undertaking a massive airport expansion project at the JKIA, a project initially projected to cost Kshs800million ($9,411,765), but the spend kept varying upwards projected to cost Kshs3Billion ($35,294,118). Additional information confirmed that similar expansion was taking place at other airports including the Kisumu International Airport involving a Sh3 Billion project with a final cost yet to be estimated and another multi-billion project at Malindi Airport. Most of these projects were being undertaken by Chinese contractors, well known for arranging deals with the African equivalent of the mafia who facilitate contracts for them. It is partly
any official complaints from owners who had suffered losses from the fire.
19
Incident Reports
in these multi-billion, multi-cost-varying infrastructure expansion projects that the scrutiny of Amos Kimunya, who was the Transport Minister, was called into question. What is strikingly curious is that these airport expansions and so called modernisation projects keep undergoing metamorphosis from their original plans and designs.
Lessons learned
In an article in Alert in 2001 (Spring edition) presenting lessons from the International Decade of National Disaster Reduction (IDNDR), Eric Alley wrote Chance favours the prepared, the unprepared stand no chance. Survival will depend on the level of preparedness from a young age and the continued development as people grow older. A safety culture that a country adopts helps in the attainment of the level of preparedness. A review of the Japanese level of preparedness has identified that such preparations for survival start at primary school level. The UKs preparedness in preventing terrorist attacks demonstrates the effectiveness of such preparations where many attempts were thwarted.
communication structures, a command and control framework, the quality of emergency plans and the level of preparedness. Training and exercising is essential to confirm the adequacy of the arrangements for an effective response to an emergency. The investigation has highlighted a number of potential areas where improvements can be made regardless of the political motivations or corrupt practices within the business world. The emergency services must be better prepared and equipped, but if this is not possible due to culture or austerity issues, the design and protection of buildings should be considered to protect expensive investments and parts of the critical national infrastructure. Pracademia is becoming a more common
Business Continuity
On the 9 August, minimal operations resumed at JKIA with the Government indicating they expected full operations by midnight on the same day. Kenya Airports Authority (KAA) and other stakeholders worked overnight on the day of the fire to convert the domestic departures Unit 3 into a temporary international arrivals and departures terminal. International flights have now arrived and departed from Unit 3. The authoritys ICT team worked with various technology partners to restore the crucial connectivity and passenger system at the temporary passenger processing units. The State also opened up the exclusive Presidential Pavilion, usually reserved for visiting heads of states, for use by passengers to help ease the crisis. KAA safety marshals continued to carry out safety briefings for airport workers to ensure international safety and security standards were maintained. Media outlets such as the Kenya Television Network (KTN) and Nation Television (NTV) provided regular updates on the situation and helped communicate key messages to the public and potential passengers. The Kenya Airport Authority (KAA) recovered from the worst fire in the airports history and returned to normal operations within one month of the fire. President Kenyatta received support from the President of the African Development Bank, Donald Kaberuka, and senior executives of the World Bank who made immediate offers of financing the rebuild of JKIA.
Disasters are believed to incubate where the potential threat can be identified at a lower risk level if the culture of an organisation encourages the staff to be responsive to the symptoms. Early preparations and mitigating action can prevent the event from occurring or escalating out of control. Past lessons can inform the process to prevent recurrence and deliver an effective response when a disaster strikes. What went wrong at JKIA, so that the symptoms of an incubating disaster went unnoticed? The question will help to answer the effectiveness of the risk management methods adopted by the KAA before the fire and how this new learning can inform improvements for the future. But the success of the business continuity arrangements can be celebrated as examples of good practice. The findings should be shared with a wider audience so that others can prevent a similar catastrophe or recover quickly from potential economic disruption. Effective disaster response depends on many factors including the competence of the response teams, availability of suitable equipment, coordination and
term as the emergency planning and response community recognise the value of both practitioners and academics working closely. The work by practitioners and academicians can be complimentary and will achieve good results if professionals are willing to combine evidence from research studies with practical experiences. If investigations have to stand test of time, the professional academics ought to be incorporated in the mainstream investigations. The United States National Safety Transport Board have adopted such an approach and other countries too have complimentary independent investigative bodies. Any one who has studied the TWA Flight 800 accident will understand the role of such bodies and the need to have them.
About the author

Adrian Meja is Head of the Disaster Resilience Centre (East Africa) Trust, Adrian has qualified and trained in the field of Risk, Crisis and Disaster management as well as Business Continuity Management. Adrian is preparing a report of the Westgate Mall attack in Nairobe which occurred in September 2013.
Incident Reports
GLASGow HELICoPTER CRASH

By David Dalziel QFSM MA FICPEM FInstLM Scotland Representative ICPEM
On Friday 29th of November 2013 at 2225 hours GMT the Police Scotland helicopter, call sign Sierra Papa 99, on its return to base from a routine call suffered a sudden failure and fell vertically onto the roof of a crowded public house in the centre of Glasgow. The helicopter, a twin engine Eurocopter EC-135 T2 weighing around three tonnes, commonly used by emergency services worldwide was crewed by a civilian pilot and two police officers. All three were amongst the nine people who lost their lives that night. Tragically a 10th victim lost their fight for survival and succumbed to his injuries some 12 days later. The Clutha Vaults is an iconic Glasgow pub that has been there for over 200 years. It was extremely busy on the night of the incident with an estimated 120 people in the single story structure. In addition to the tragic loss of ten people, 32 others were taken to hospitals across Glasgow with 14 of those victims suffering severe injuries. The Medical Director of NHS Greater Glasgow and Clyde described the main injuries as chest and head injuries, long bone fractures and lacerations. The Clutha Vaults public house is in Stockwell Street at the corner of Clyde Street near Glasgow city centre just yards from the River Clyde. The river is the normal return to base transit route for the helicopter based at the nearby heliport. A catastrophic failure, still to be identified by the Air Accident Investigation Board (AAIB), occurred causing the helicopter to drop so suddenly that the pilot had no opportunity to make a Mayday call or take any evasive action. Many eye witnesses described the aircraft as dropping like a stone.
Wreckage of the police Eurocopter that crashed into the Clutha Vaults in Glasgow
Customers who escaped from the building and passers-by immediately went to the assistance of those still trapped in the pub and carried out numerous rescues until the arrival of the emergency services. A major incident was declared and presented the recently formed national police and fire service organisations in Scotland with their first significant emergency. Police Scotland, the Scottish Ambulance Service, NHS Greater Glasgow and Clyde and other Category 1 responders including Glasgow City Council immediately deployed significant resources to the scene for what proved to be a major and protracted incident attracting intense media attention. An immediate major rescue operation commenced with crews from the Scottish Fire and Rescue Service in over 15 appliances and specialist vehicles at the scene including dedicated urban search and rescue
(USAR) teams from across Scotland assisting at this complex and protracted operation. Although Glasgows Local Resilience Partnership was not formally convened in what was a police led operation, the well tried and tested arrangements for dealing with casualties, multi-agency working, care for people and many other aspects of the local resilience planning and exercising came together very successfully. Police Scotland established a Casualty Bureau and Glasgow City Council set up a family reception centre. Fortunately there was no ignition of aviation fuel although crews were presented with a compacted debris pile and the entire, virtually intact, aircraft frame occupying much of the internal space of the pub. It was very quickly identified that there were a number of fatalities and a strong likelihood that more may be discovered under the debris and wreckage.
21
Incident Reports
The subsequent collapse caused sections of the Clutha to become unstable and this was compounded by the amount of debris from the roof construction. Originally there had been a four story tenement building above the bar and three substantial layers of flat roof and insulation materials compacted into the bar area. USAR teams had to shore up and clear the restricted space in a very careful and systematic way. The immediate focus clearly was to find casualties and rescue them. Balanced with this was the need to minimise disturbance of the scene in terms of the subsequent investigation and ensuring that those still in situ who had tragically lost their lives were treated with the utmost dignity and respect. As is often the case with these types of incidents, recovery took some days and there was an understandable degree of anxiety and frustration by friends and relatives of the victims. Whilst the first eight fatalities were located and recovered in the initial stages, the ninth body to be recovered was not removed until Monday 2nd December, some three days after the event occurred. The Deputy Prime Minister, the Secretary for State for Scotland, the First Minister and his Deputy together with other senior politicians all visited the scene over the duration of the operation and there was widespread acknowledgement and praise for the response to and overall resolution of this dreadful accident. Both HM the Queen and the Prime Minister sent their condolences to those affected by the tragedy and over 250 people attended a special service at St Andrews Cathedral in Glasgow on the Saturday afternoon. In a painstaking and high profile operation, the wreckage of Sierra Papa 99 was finally removed and taken to the AAIB facility in Farnborough in Hampshire where it will be reconstructed and forensically examined to try and establish the cause of the catastrophic failure. The initial AAIB findings could not find any mechanical fault in the helicopter and determined that there was still 95 litres of fuel
Wreckage of the police Eurocopter that crashed into the Clutha Vaults in Glasgow
remaining. The full AAIB report is not expected for some months. A parallel enquiry is being conducted by Police Scotland under the direction of the Crown Office and Procurator Fiscal Service. As a postscript to this incident, on the 12th of December 2013, Bond Helicopters grounded their entire UK fleet of the Eurocopter EC-135 due to a suspected fault in the fuel gauge. That is not thought to be a contributory factor in the Glasgow incident.
UPDATE: At the time of going to press, the cause of the accident was reported to be due to both engines failing at the same time. The investigation is continuing.
About the author

David Dalziel was the Chief Fire Officer of Grampian Fire and Rescue Service for eight years and was vice chair of Grampian SCG. He was Secretary of CFOA Scotland for six years and chair of the Association from 2012 to 2013. David is also the ICPEM regional representative for Scotland and is an Associate Lecturer at the Cabinet Office Emergency Planning College. David can be contacted on Scotland@icpem.net
Role Profile
ROLE PROFILE
By Carole Jeffcock
I Initially started work at The Fire Service College (TFSC) in 1989, for the facilities contractors, looking after the Library during the evenings, fitting work around bringing up 2 boys. Ive had a love of books from an early age with a keen interest in thrillers, adventure and crime/law books. On many occasions I could be found sat on the floor reading something in the extensive library and was subsequently offered a post in 1999 which was the start of my journey. As the Senior Assistant librarian, I focus on providing the Library with hard copy and electronic resources to support all areas of learning. Subjects range from Hazmats, fire safety, leadership, command, emergency response and disaster management, to name a few. Part of the development of the library services has included a major programme of removing outdated, irrelevant and invalid material, whilst maintaining an archive of the material. The team provide an onsite support service to help delegates, staff, visitors, external bodies and also answer enquiries from all over the world. Ive provided support to a wide range of customers including the Health and Safety Executive (HSE), Government Departments, Chief Fire Officers and the person who calls to enquire how to become a firefighter. Ive also been involved in legal cases, answered parliamentary questions and researched topics for new courses, in the current information age people expect an answer or solution immediately . its never a dull day at TFSC. Im currently working on a review of all the legacy material that provided national operational guidance for the UK Fire and Rescue Service. The research is in support of a national project hosted by London Fire Brigade and supported by the Chief Fire Officers Association (CFOA), the Local Government Association (LGA) and the Department for Communities and Local Government (DCLG). The project aims to refresh fire service operational guidance and the research will help ensure the variety of historic information issued over the years is collated to inform the national project.
Carole with colleagues from the UK fire and rescue service
Over the years Ive managed to build up a huge network of friends and colleagues through various academic establishments, emergency services, industry experts and fire libraries round the world. we help each other out as part of the InFire network sending journal articles, tips, ideas and of course the latest fire related news and research. Organisations and establishments include the National Fire Protection Association (NFPA), the University of Oklahoma, the Swedish Rescue Services Agency, the UK Emergency Planning College, the UK Police College library, the Prison Service library, the University of Nottingham Trent Emergency Services Research Unit with some links to Coventry University, to name just a few. TFSC library also has contacts in various parts of the Middle East and has helped the investigators following the Villagio shopping mall fire in Dohar and with subsequent fire safety inspections. My dream is for all the fire and rescue services, from all sectors, to work together to share lessons learned and prevent tragedys
recurring, share best practice, prevent duplication of effort, have consistent standards for training and improve interoperability across geographical areas.a border shouldnt be a boundary!! Following the sale of TFSC to Capita in 2013 the College is under going a significant investment programme that will ensure a prosperous future for a world renowned institution. The Library is seen as an important part of the future for community resilience, providing current information, guidance and research with the potential to become a central information hub for the UK fire sector. TFSC has the opportunity to build partnerships with the academic world to support and encourage fire related research and share a wealth of archive material. If you would like to develop a knowledge partnership with The Fire Service College Library please contact Carole on 01608 650831 Carole is pictured with colleagues from the UK fire and rescue service attending a First Responders Course and the skills have proven beneficial in her Fire Marshal role.
23
Book Review
REVIEw of PERSISTEnT LESSonS IDEnTIfIED RELATInG To InTERoPERABILITY fRom EmERGEnCIES AnD MAjoR InCIDEnTS SInCE 1986: A REPoRT BY DR KEVIn PoLLoCK,
CommISSIonED BY THE CABInET OffICE CIVIL ConTInGEnCIES SECRETARIAT. By Tony Moore MPhil FICPEM
A criticism often made of the emergency management community is that, following each emergency or disaster, lessons are identified, which had they been learned would have prevented a repetition, mitigated its effect or enabled there to be a more effective response when a similar set of circumstances arise. Instead, when the next disaster or emergency comes around it is often the case that the same mistakes are made. Whilst the purpose of Dr Pollocks report was to identify lessons relating to interoperability, it goes much wider than that and, in a single document, consisting of 97 pages, highlights many of the lessons identified in events occurring within the United Kingdom over the last twenty-five years. Published by the Emergency Planning College as Occasional Paper No. 6 in October 2013, Dr Pollock has selected thirty-two events, from the Bradford Stadium fire in 1985 through to the Derrick Bird shootings in 2010, either because a public inquiry was held, or the event had significant impact on the public consciousness. The wide range of events represented included human-made terrorist attacks, shootings, murders, industrial accidents, natural events including flooding, transportation accidents, sporting events and those relating to human and animal health. Each case study identifies the inquiries that arose specifically from it, together with previous reports which made recommendations relevant to the incident, particularly when they were not followed or implemented; the terms of reference of the The reasons why there have been so many incidents in the last twenty-five years which were not dealt with effectively are summarised in the report: Lack of leadership: Those running organisations fail to give adequate direction to staff or set an example and instil an ethos and culture that emphasises the importance of avoiding failure and learning from mistakes. Inadequate training: There is a reluctance to commit the necessary resources/time/cost to ensure response capacity and capability. Too many people have not been given the necessary skills to ensure an effective and competent response, to enable an organisation to resource a protracted incident. Failure to assume responsibility - at all levels: The drive for multiagency teams can give rise to a lack of clarity as to individual and organisational roles. Complexity of response structures: There is a lack of understanding about where individuals and organisations outside the blue light services actually fit into the response structure. It is not just the structures that are the problem, but the lack of skills of the staff who work within those structures. inquiry; an outline of the events; gives the total number of recommendations made by the inquiry and summarises those that are relevant to Dr Pollocks report; and where appropriate quotes from the previous reports arising from the inquiries. Inadequate communication between stakeholders: Both within organisations and between organisations from the very top to the bottom of the organisation people need clarity about what they should be doing and why. They also need the appropriate means of communicating, and, during a response, the system must be capable of dealing with the surge of related activity. Blame culture: There is a tendency to look for fault. The absence of a no blame culture discourages near miss reporting and candour regarding potential vulnerabilities and failings. This seriously diminishes the effectiveness of organisations and their ability to learn lessons from incidents. Failure to learn lessons: There are numerous examples of inquiry reports identifying previous incidents where lessons were identified and recommendations made but not acted upon. Reasons include the absence of monitoring and feedback mechanisms or there is no organisational incentive to seek out and implement necessary changes. Monitoring and auditing: There is a need to proactively monitor and audit recommendations and report on them, and there must be a mechanism to track them to conclusion. New legislation: There have been a number of recommendations in relation to enacting new legislation to deal with incidents. However, in almost every case the key issue was not a matter of law or
Book Review
regulation, which, in many cases, existed already, but organisations have failed to implement the necessary processes to ensure that legal requirements are being met. This is an organisational culture issue. In summary, then, the common causes of organisational failure are poor working practices, inadequate organisational planning, a lack of proper training, which is exacerbated by ineffective communication, and the absence of a system to ensure that lessons were learned and staff taught. There is a lack of rigour in considering how policy should be turned into practice and, in many cases, bureaucratic processes have delayed implementation. Dr Pollock points out that a number of the recommendations contained in the inquiries into the thirty-five events are structurally focused, proposing new procedures and systems. But the challenge, he claims, is to ensure that in addition to the policy and procedural changes, there is a change in organisational culture and personal practices. Effective leadership is seen as an essential component in bringing about such changes in attitudes, values, beliefs and behaviours because they are more difficult to achieve and take longer to embed. However, the failure to do so results in the same lessons being identified the next time around. To avoid many of the pitfalls that have occurred in the past, organisations need to take all necessary steps to set high standards. Senior management must provide clear visionary leadership and engage in effective two-way communication with all staff, thus engendering an ethos of cooperation while pursuing excellence of operations. Best practice needs to be identified and adopted from across the sector, and effective learning processes need to be developed
and implemented. Finally, training needs to be both appropriate and effective. In short, writes Dr Pollock, they need to become learning organisations. The report should be read by all civil protection, emergency management, business continuity professionals and those involved in providing training and consultancy services. It contains some excellent examples of how
and where things went wrong and what needs to be done to correct many of the mistakes that have been made in the past. Many of these examples can usefully be referred to when trying to convince senior management of the need to improve the arrangements necessary to improve an organisations ability to effectively manage emergency events.
25
Advertise with Alert

T
hank you for considering advertising in ALERT, the Institute of Civil Protection and Emergency Management quarterly magazine whose readership includes academics and practitioners within the field of emergency planning and response. The magazine is published as a full colour publication that is distributed to our members and freely downloadable from the institutes website as a digital PDF. Advertising Rates Format Price 925 Double Page Spread Full Page 515 Half Page (Vertical) 310 Half Page (Horizontal) 310 Quarter Page 180 ICPEM Members and Fellows are entitled to a 30% discount off the above prices for the purpose of advertising their own services. All prices shown are per issue of ALERT (one issue) and are shown in GBP exclusive of VAT at the current rate. Payment Payment should be made by cheque at the time of placing an advertisement in ALERT. Cheques should be made payable to: Institute of Civil Protection and Emergency Management Artwork Preparation All artwork may be supplied in any one of the following graphic image formats: PDF, PSD, TIFF, JPG or EPS. We require high resolution artwork to be supplied at a resolution of no less than 300ppi in either RGB or CMYK colour space. Please note that RGB will be converted to CMYK in the print process. Where images are too large to email (above 8MB), a DVD or CDR can be sent to the Advertising editor at the address provided. Amendments Once your advertisement has been accepted, this will be considered the final version of the advert for press (unless stated otherwise). Alterations will only be accepted at our discretion and is subject to production constraints. Sales Contact Advertising Editor: Andrew Featherstone email: alert@icpem.net Telephone: 44 (0)1980 612989
430m x 303mm
216mm x 303mm 216mm x 303mm
89mm x 227mm
182mm x 111mm
89mm x 111mm
Education and Training
THE EmERGEnCY PLAnnInG CoLLEGE

By Tony Moore MPhil FICPEM Introduction
As a result of comments that were made about the Emergency Planning College (EPC) in the report by the All-Party Parliamentary Committee on Homeland Resilience in June 2013, entitled Improving Efficiency, Interoperability and Resilience of our Blue Light Services, and subsequently in the response by the Institute of Civil Protection and Emergency Management (ICPEM) to that report which appeared in the Autumn edition of Alert, I was invited to spend a day at Easingwold in November. There I met with Ronnie Coutts, who is the Director of Training and Resilience, Serco, and the four Faculty Heads, Mark Leigh, Head of Crisis and Emergency Management; Beverley Griffiths, Head of Crowd and Public Safety; Lynda Vongyer, Head of Business Continuity; and Alan Rees, Head of International Training. Michael Charlton-Weedy, Director of Resilience Training at the Cabinet Office, joined us for lunch.
Emergency Planning College at Easingwold, York
in-house, full-time staff to one in which training was largely delivered by carefully selected Associate Lecturers who had specific expertise in their subject area. This enabled the College to be more reactive to the demands of resilient professionals. At the same time, it also began to provide off-site training for those wanting locally-delivered and bespoke training. This included countries and organisations outside the UK.
History
The EPC is the United Kingdoms (UKs) leading organisation for multi-agency and major-incident preparation. Until the beginning of the century, it came under the Home Office but with the reorganisation of emergency planning at the beginning of the century, culminating with the passing of the Civil Contingencies Act 2004, it passed to the Cabinet Office and the College played an important role in guiding practitioners in its implementation. This coincided with a move away from the traditional way of delivering courses in which it relied on
Current organisation
When in 2010, Serco took on a 15-year contract to run the College on behalf of the Cabinet Office, the mission it was given was quite simple - to enhance UK resilience. This coincided with a financial downturn in the countrys economic prospects, which had the effect of making less money available for those involved in resilience to invest in training, and it became clear that more
flexible and innovative ways of accessing professional learning had to be offered. Whereas, under the Home Office and the Cabinet Office, although less so, it had been a College which people, predominantly from the emergency services and local authorities, attended to be trained, under Serco it became a service offering not just training but expertise in five main areas: Crisis and Emergency Management, formerly civil protection; Business Continuity, which is likely to be changed in the near future to Organisational Resilience to reflect a wider requirement from end users; Crowd and Public Safety; Exercising; An International Learning Programme to support the UKs interests overseas.
27
Areas of activity
It order for it to meet the current requirements of the resilience community, the College has six main areas of activity. Through its seminars, webinars, and occasional speakers, it is able to provide debate and promote information sharing. Webinars are particularly useful in that those interested can access them and, indeed take part, without leaving their place of work; alternatively, they can access the debate at a time which is convenient to themselves. Coupled with its Knowledge Hub, the College now provides a one stop service for professional development. It has recently formed a new partnership with the University of Portsmouth, as a result of which those attending courses at the College people can now gain credits that contribute to academic qualifications. The University offers four related degree courses, one at undergraduate level, a BSc (Hons) in Risk and Security Management, and three at post-graduate level, an MSc in Crisis and Disaster Management; an MSc in Security Management; and an MSc in Risk, Crisis and Resilience Management. Whilst the possession of formal qualifications are not essential to those involved in resilience, they are increasingly a requirement for those recruited to permanent, full-time roles in the field. Exercising is critical in ensuring organisations are prepared for and able to manage the risks that may affect lives, reputations and profits. Using sophisticated, computer technology, which enables participants to deal with events with unexpected complexities in real-time, the Colleges exercising capability now provides a flexible innovative exercising tool. Exercises can be created to simulate a range of events, including technological emergencies,
Delegates relaxing in one of the comfortable break out areas
transport emergencies, weather related emergencies, disruption of essential services and supplies, and emergencies associated with and human and animal diseases. The College now has a number of regional centres across the UK to enable it to deliver many of its programmes off-site. In addition, bespoke training can be developed and run for and within a particular organisation to suite individual requirements. For instance, in 2013, bespoke training was developed for Network Rail and Sellafield nuclear installation, amongst others. In the case of Sellafield, it involved the deployment of 20 subject-matter experts on an Emergency Management Improvement Programme, which is due to run for 4 years. In collaboration with a variety of partners, the College now leads on a significant number of resilience projects both in the public and private sectors. For instance, it has a team of highly experienced business continuity consultants that are appointed to directly assist an organisation with the implantation of key business continuity projects or programmes. It can also carry out an audit of organisations wishing to comply with BS2599,
the British Standard for Business Continuity Management, or ISO22301, Societal security Business continuity management systems Requirements, designed by the International Organization for Standardization. In both cases, the EPC played a leading role in identifying the standards in the first place. Through a variety of innovative techniques, for example, e-learning, tablets in classrooms and the use of virtual reality, together with new and revised courses, greater learner support, wider consultancy, quarterly newsletters, and online booking, the College is able to deliver a cohesive service on all aspects of resilience to both the public and the private sectors.
Facilities
The College has invested heavily over recent years in providing facilities that are in keeping with such an establishment. It has 150-seat tiered, state-of-the art lecture theatre, ten seminar rooms equipped with sophisticated Audio Visual (AV) and Information Technology (IT), and a modern, on-site hotel with 102 double en-suite rooms. In addition, it has a restaurant, a coffee lounge, a bar selling reasonably priced drinks, and a modern, fully equipped gymnasium.
Brief overview of work carried out in 2013

As stated earlier, the Colleges mission is to enhance UK resilience. But making the United Kingdom a safer and more resilient country is not merely dependant on the emergency services and local authorities. For instance, 80% of the countrys critical infrastructure is owned or managed by the private sector. So, if the College is to achieve its mission, it must work with a broad spectrum of professionals from both the public and private sectors, and, indeed, the voluntary sectors. In 2013, the number of delegates increased by 50% reflecting both a demand and a level of recognition in what the College has to offer. In 2013, the College currently offered 54 different courses of which 26% were new or revised courses. It delivered 130 courses at Easingwold and 145 courses at clients venues, and ran 35 exercises most of which were specifically designed for a particular client or in relation to a particular location. It also provided consultancy services to 25 organisations. Its customer breakdown with 39% from the private sector, 15% from local authorities, 14% from central or regional government, and 11% from the emergency services, reflected the wider involvement of people and organisations committed to making the United Kingdom a more resilient place in the face of emergencies that are becoming more complex. The Colleges growing international reputation meant that it offered advice and guidance or ran courses for 30 countries. Included in this were courses in Algeria, Mail, Mauritania and Morocco, which were all delivered in the French language. Courses were also delivered in the Arabic language both-in country and in the UK for delegates from Saudi Arabia and the United Arab Emirates. A recent mass fatalities seminar was not only attended by those who could be expected to be present,
Interacting in fully equipped modern facilities
such as police, specialists in Disaster Victim Identification (DVI) and local authority planners, but by coroners, forensic scientists and emergency planners from the private sector. It also attracted overseas delegates from as far as the United States of America and New Zealand, indicating its growing international reputation.
in local authority emergency management. The College has a small permanent staff. The Director has a military background as do two of the Faculty Heads. Of the other two, one has a local authority emergency management background and the other has experience of working in both the public and private sector in business continuity. There are also two Course Directors, one of whom has a military background and the other in the police and coastguards. But the important thing to recognise is that they all have considerable experience in the design and development of training. The subject expertise comes from the 48 Consultants and Associate Tutors, many of whom are recognised leaders in their field. For instance: 16 are either former or serving senior officers from all three of the emergency services; 7 are either former or serving members of local authority emergency planning departments; 1 is the co-ordinator of a Local Resilience Forum (LRF); and 1 is a central government resilient specialist. In addition: 8 are specialists in business continuity management with experience from both the public and private sectors;
Occasional papers
Another source of information is the increasing number of Occasional Papers emanating from the College, the most recent of which are: The Identification of Hazardous Industrial Sites in Publicly-Available UK Disaster Risk Assessments; Leadership in Multi-Agency Emergency Co-ordinating Groups; Review of Persistent Lessons Identified Relating to Interoperability from Emergencies and Major Incidents since 1986. The last of the three papers is reviewed separately in this edition of Alert.
Associate Lecturers and Consultants

A criticism that has been made of the College is that there are insufficient staff who have a background in the emergency services or
29
7 are crowd event safety management specialists; 3 are specialists in the design and development of exercises; and 3 are experts in civil protection risk, with experience at both the national and local levels. In addition, amongst the Associate Tutors are people who have experience of managing transportation accidents, technological accidents, health-related emergencies, flooding and other weather-related emergencies and those who have been involved in providing humanitarian assistance. Unlike in the past, Associate Tutors are no longer people who undertake the occasional teaching or consultancy role on behalf of the College. They are expected to undertake practical research, publish and make significant contributions to the development of a more resilient capability, both in the United Kingdom and abroad. Those who are former members of, for example, one of the emergency services or a local authority emergency planning department, are expected to remain up-to-date in relation to what current practices are in their former organisation.
of the College on the part of the Committee) did attempt to bring together all the emergency services and other organisations involved in multi-agency working including non-blue light scenarios such as influenza outbreaks, the implication was that this was not sufficient to provide a more integrated response to emergencies. The market for services in civil protection is becoming more competitive, in that there are a growing number of possible providers, and, at the same time, more constrained, particularly as suggested earlier in the article, as a result of current economic climate that exists in the United Kingdom. The EPC is aware of both and aims to stay ahead of any competition by adapting or updating many of its current programmes and becoming even more innovative in the manner in which they are delivered, in order to meet the increasing demands of its customers, but, it is important to note, without compromising on excellence. To achieve this, it has three principle aims. Firstly, it is currently introducing new ways of contributing to UK resilience through training, education, advice and exercising. Secondly, using a growing and innovative range of new products delivered in ways that make it easier for their customers to access them, the EPC is working hard to reach new and wider audiences with a growing range of products, some of which are described earlier in the article. Thirdly, it is building on its already national and international reputation as the thought leaders in multi-agency civil protection and its connections to government, practitioners, industry and academia and its position makes it best placed to do so. The fact that the United Kingdom has an Emergency Planning College, providing multi-agency training and education, is the envy of many countries around the world. It is in a position to provide a lead
in making the emergency services not only more interoperable amongst themselves when dealing with emergencies, but, more importantly, perhaps, in making them more interoperable with the host of other organisations without which the United Kingdom will not be a more resilient place. But this requires a strong lead from the Cabinet Office and a commitment and a willingness from Government Departments and the emergency services, in particular, to make greater use of the facilities and the expertise that the EPC has to offer.
Author Profile
A former soldier, senior police officer and pseudo academic, Tony Moore is a Founding Fellow and Deputy President of the Institute. He is co-editor of three editions of Tolleys Handbook of Disaster and Emergency Management, published in 2002, 2004 and 2006, and is the sole author of Disaster and Emergency Management Systems, published by the British Standards Institution in 2008.
ACADeMIC QUALIFICATIONS
The Emergency Planning College has launched a new partnership with the University of Portsmouth which would allow students who have attended certain courses at the College since 2009 to gain accreditation points towards a PostGraduate Diploma or full MSc degree. For further details, see www.epcollege. com/epc/training/academic-study/
The future
The main aim of the report, Improving Efficiency, Interoperability and Resilience of our Blue Light Services, by the All-Party Parliamentary Committee on Homeland Resilience in June 2013, was to suggest ways of improving interoperability of the police, fire and ambulances services. In doing so, it called for the formation of a National College of Emergency Service Excellence. Whilst it claimed that the EPC (referred to in the report, incidentally, as the Emergency Services College, possibly identifying a lack of understanding of the mission and purpose
Cyber Attack Crisis Management
CRISIS MAnAGEmEnT
In CASES of MULTIfACETED CYBER ATTACKS
By Dan Solomon, Director of Cyber Security Services, Optimal Risk Management Multifaceted Attacks
Response to sophisticated cyber attacks, and defense against persistent and prolonged threats is complex. These attacks may be planned as a campaign of intrusions across multiple vectors, using different methods, and over many weeks or months. Invariably the more advanced threats may have ambitious objectives such as sabotage or espionage, and are likely to be perpetrated by well-funded adversaries with access to advanced methods of digital and physical penetration. Such converged attacks have the capability to escalate and progressively challenge, and even exploit an organisations responses, methods, disparate teams, and decision-takers. Given that targeted attacks will rarely fit a scenario that has been anticipated, organisations will always need to maintain agility in their response capabilities, and be prepared to respond and pre-empt a plethora of plausible attack manifestations. This in itself has a considerable deterrent factor, as attackers will be forced to invest time and funding in increasingly sophisticated methods to effect a breech and all but the most determined may prefer to seek softer targets. Hence those organisations that are unprepared, are invariably targeted because they present a more attractive risk-reward proposition, which requires less attacker time and investment. Ultimately, an organisations response will depend on a broad range of factors and how those factors evolve over the duration of a cyber crisis. More specifically, the response will be a converged one incorporating systems, procedures, and decision-taking by managers. Many of the root causes of current security weaknesses, have been established by poor management decisions taken over the past 5-6 years and during a cyber crisis, it is commonly evident that poor management decision-making has the potential to further compound those established vulnerabilities. . In common with non-cyber crises the response options chosen by managers are based on judgments and therefore subject to what is discovered, further guided by what is understood, driven by what is known, and what is familiar. The main differentiator of cyber crises perpetrated by an advanced attacker is the greater complexity inherent Like any crisis, this is a test of how effectively the organisation recognises early warning signals, how it responds to sudden-impact events, and how it evaluates risk, which all expose the influence of internalities or heuristics; weaknesses of management processes; and flaws in security and crisis planning. This is compounded by the more common failings evident in cyber crises, which are poor risk awareness, ineffective anticipation, the inability to deal with uncertainty, and poor preparation. Progressing through various stages [see figure 1] from first response through to situational awareness and analysis, onto managing the complexity and consequences, to the crisis, and therefore the greater chance of failure.
31
will challenge all the organisations crisis management processes. To quote the Concise Oxford English Dictionary a crisis is a time of intense difficulty or danger. In the eyes of organisations, nothing is a crisis until there is recognition of the full extent of consequences. Most companies will be reluctant to classify an incident as a crisis until they realise how intense the difficulty, or the extent of the danger. There may be incidents that are dealt with effectively and early, and as such they never reach the point of intensity or represent real danger. However the minute that the organisation reaches the realisation that there is danger or intense difficulty, it is then, that a crisis is upon them. any failings companies have the inability to recognise consequences early and they may be in the full throws of a crisis without treating it as such, because of the lack the awareness or the analysis of likely consequences.
Figure 1 - managing the phases of a cyber attack
informed judgement can be reached about the scale and scope of the event, it is critical to resist the temptation to succumb to basic instincts that may shape the response to unfolding events: The first danger at this point is complacency in assuming that the attack will follow the pattern of other known or previous incidents, and that this conclusion can be reasonably reached based on current knowledge. The core issue is whether the incident represents a fundamental surprise that was quite unanticipated even within the context of the current environment; or a situational surprise that should have been anticipated as a possibility in the current conditions. In either case the first question should be whether events fit a scenario that has been anticipated, and if this is only partially the case, whether the incident is what it seems. In order to put events into appropriate context, it is important to avoid reaching any partial conclusions, and resort to a premature reaction, but rather to keep asking the right questions: What dont we know? What could happen next? However it is important to recognise early where there is no templated response plan for the potential scenarios that the incident may fit into, and whether an existing plan can be appropriately applied and adapted. If the attack has been a converged one, then a priority is to differentiate between the symptoms and the causes [particularly if there is the possibility that the attack is being facilitated by an insider or any planted hardware] and consider whether this incident is still an IT problem and how to respond to that possibility. The challenge at this early stage, especially when faced with a fundamental surprise or a level of malicious sophistication that had not been anticipated, is to maintain clear and rational consideration under increasing and the initial priority is to manage the communication between the stakeholders at set intervals, to allow for the timely exchange of information and appropriate action. The early emphasis on managing processes and communications is central to developing and maintaining the situational awareness at this critical stage. Besides the tasking of different individuals and teams, the challenge of monitoring the decisions that are being taken and evaluating whether those decisions are based on the appropriate knowledge, requires close scrutiny to two main types of processes: The process of alerts and indicators and whether this situational information is being translated into actionable intelligence. The process of how the intelligence is appropriately applied, and how this translates into effective decision-taking. In the early stage, before the full extent of the incident becomes apparent, and a fully
Incident Response
Irrespective of what triggers the first realisation that an organisation may be the victim of an attack, and without a clear perception of whether this is an ongoing event or not, teams are deployed with the initial objectives of detection [what has been detected & identified] and analysis [type of malware, correlated with relevant threat intelligence]. Early analysis is an imperative, to establish the status of system integrity, and identify any loss of command and control. The first steps are therefore to mobilise the appropriate response, and wait for a picture to emerge as quickly as possible. This process may be well understood and should have been exercised in the past, and the imperative is to ensure that the right teams, internal and external, have been mobilised and are responding. Communications need to be effective, particularly when dealing with external parties or staff in other time zones,
pressure as the organisation may already be experiencing the impact of a breech, and the consequences escalating. There are many reasons why failures become apparent at this stage including lack of intelligence or early warning, and an over-dependence on these systems. These common complaints are usually surpassed by the more complex causes of decision-making failure due to misinterpretation, and analytical bias such as a tendency to focus on more familiar aspects of the initial attack or those that have been best rehearsed and prepared for. This propensity to view events within the context of the more probable scenarios severely hampers the taking of appropriate decisions at this initial stage, when established assumptions about vulnerabilities are being challenged, and managers are faced with new uncertainties which expose their threatawareness as being outdated.
point the leader should be able to take more proactive steps to limit further escalation, and assess whether to deploy additional resources, and measures, in parallel. However, poor decisions taken previously, or the many potential causes of failure, may all act to limit the effective options at this point, not least may be the lack of effective capabilities. The escalation of the attack is likely to prompt a re-evaluation of risk as the severity of the breech has become apparent. The risk analysis at this point will invariably require an enterprise assessment of the possible implications from the recent turn of events in terms of business operations continuity, revenue recognition, client/customer impact, reputation, and input from the legal team. This will require a clear view of the likely implications as well as the already apparent impact of the attack, and this analysis should have been accumulating throughout the incident if the indicators are effective, and the appropriate staff properly involved. The
are immediate and potentially serious, because the crisis management team needs to be fit for task with the correct levels of seniority and capability of staff, as the attack has become more sophisticated, and the impact more severe. The introduction of the new team into a dynamic and evolving event is fraught with difficulties in a multi-phase attack, in deciding at what stage the crisis management team should become involved, based on an assessment of how quickly it will become effective, and how it should support the response. Before the incident is deemed a crisis, it may be viewed as counterproductive to involve the crisis management team. Foremost, without complete situational awareness and analysis, it is difficult to brief the team sufficiently for it to choose the appropriate course of action and how to enact a response. More importantly the team, or senior members of the team may hamper security or business continuity decision-making by placing their departmental or functional priorities ahead of the overall risk to the enterprise. For the crisis leader, failing to effectively manage the interface of one informed Chief Information Security Officer (CISO) with increasingly illinformed senior executives and division heads, and managing their inputs as a complex attack unfolds, often leads to bad decisions that exacerbate the crisis. This is particularly the case as consequences become increasingly apparent, in respect to in appropriate external communications with shareholders, suppliers, and attempts to manage customer expectations and minimise reputational damage. Managing post-crisis consequences then has the potential to become a destructive process of review, attribution and blame.
The Attack Evolution

An advanced attacker will employ a multiphase attack and the evolution of the attack to a second phase is invariably the make or break point of the incident and will determine whether it becomes a crisis. As the event takes a new direction, the organisation will be tested to apply and adapt the knowledge that has been built up to this point. More importantly it will force a reassessment of the situation, particularly if the evolution had not been anticipated, and raises the important issue of whether the new development affects decisions taken so far, and whether previous decisions have now become counter-productive in the context of the new reality. For the crisis leader this should launch a new cycle of tasking and the priority is to ensure that the new impact is integrated quickly into team understanding, and triggers appropriate response, or proactive actions. If the situational analysis is accurate at this
demarcation between security operations and incident response & forensics [often through external specialists] that are both tasked with tackling threats, and the interface with the a specific team that is tasked with assessing risk, can become complex as a single situational analysis is collated.
Crisis Management
As a risk team is assembled to evaluate the implications, the incident will now have been deemed a crisis and will trigger the involvement of a crisis management team comprising of a broader mix of senior managerial and departmental responsibilities to handle enterprise-wide implications. As the previous path of containment has run its course, the escalation of the incident to the crisis management team will introduce more complexity to the situation. For the organisation that has not faced such a crisis before, or not exercised a cyber crisis scenario, the issues that need to be addressed
33
Large companies will have different teams/ functions particularly for security operations and incident response/forensics. In many instances the incident response/forensics will be experts like Optimal Risk brought in from outside. Sometimes there will be a risk team appointed from within the organisation to assess risk on an ongoing basis, and in some cases there is cross membership between this team/committee and others. Crisis management should have its own team with the appropriate skills, qualifications, and authorisations to take appropriate decisions and this invariably is a group of much more senior and cross-functional directors. In some cases these functions are poorly staffed or non-existent, and that contributes to the problem. The author alludes to the issue that the Crisis Management team can be disconnected from the problem and can respond inappropriately to the crisis without the proper integration into the process, and we see this again and again when Managing Directors storm in and micro-manage matters that they should not. now compel organisations to adopt a more proactive approach to security, so it is disingenuous to consider crisis response without crisis prevention. In the future the ability to recover from a severe breech will be increasingly difficult and slow, and so it will be a much greater challenge to be sure that an organisation is resilient or quickly able to bounce back and resume normal operations. The nature of advanced threats such as espionage or sabotage significantly limits the effectiveness of reactive measures to defending against cyber attacks, and severely complicates incident response options and the feasibility of achieving resilience has to be questioned. Anticipating the characteristics of an advanced attacker incident requires a degree of heightened awareness that will support the simulation of outcomes and consequences: at first, in theoretical terms so as to assess how best to further explore the process of preparation; and latterly in realworld conditions to identify vulnerabilities and learn from experience. Without a prepared and rehearsed response to a wellanticipated scenario the response is likely to be poor, and the recriminations broad. Specifically, leadership for a cyber crisis needs a risk-informed manager, with a clear appreciation of converged threats who can develop board-level appreciation of the security risk landscape. Managers tend to build on hindsight, and in this, they focus excessively on past threats and past experience: irrespective of the rapid evolution of the threats. Similarly, they focus on their best-known vulnerabilities, often because they have been previously targeted, and managers have been forced to focus on what those most recent vulnerabilities were. Their failing is typically lack of insight. Insight into what is within their threat landscape, insight Preparing for crisis management scenarios, and developing crisis management capabilities needs to commence now: as soon as possible before the next crisis. The first conclusion that should be reached is that crisis managers and leaders need to be informed and prepared for what they might face, and refine the processes & procedures to cope with a severe cyber event, and this should inform the establishment of more comprehensive preventative security measures. It should also be recognised that failure to prepare, is a failure of organisational leadership.
Preparing for the Future

The status of crisis could be defined by the potential implications of a security incident, and in the future it is increasingly likely that cyber incidents will become crises, as cyber attacks could lead to severe impact outcomes, and therefore should now be considered a board-level concern and tier-1 threat. The main principles of crisis management leadership do not differ fundamentally for cyber crises, but this paper has described how the management of a cyber crisis is considerably different when faced with an advanced attacker employing sophisticated deception. This cyber context is not only the most relevant for the present day, but also the most challenging context in which managers & leaders need to adapt and respond effectively to crises that will severely challenge their abilities. The characteristics of multifaceted attacks
into what the potential impacts could be on the organisation, and insight into the pace of evolution.
unexpected or unfamiliar aspects of the next threat. Napolon once said uncertainty is the
probability, and in doing so managers need to accept that the lower probability events are invariably higher-impact ones. In developing and refining capabilities, managers need to be able to review flaws in their plans regularly - and spot the barriers to effective performance through security exercises. A preoccupation with failure is essential to combating the complacency that tends to set in, and it is an attitude that characterises high-reliability teams that require a near-perfectly synchronised and effective performance on every occasion. It requires a commitment to being proactive in the process of planning testing and reviewing, and this is central to organisational resilience. This must counter any tendency to over-simplify plans and procedures, as the threats are increasingly sophisticated. So defence needs to match the levels of innovation and sophistication that threat actors are introducing. If organisations are not running exercises, not refining plans, not preparing capabilities, or not anticipating future events, then their shareholders and customers cannot have any confidence in the organisations resilience to sophisticated attack, or ability to survive the consequences.
To plan how the organisation should defend, respond, recover, and ultimately prepare for multiple variants of sophisticated scenarios, is a complex process that exposes the natural weaknesses of organisations that struggle with complex problems, and integrated processes. However effective preparation for both defence and response, requires an integrated approach with the common aim of developing resilience, which cannot be broken down to a simple formula because it is becoming increasingly futile to consider the individual elements of a complex and persistent attack in isolation in order to construct defence against individual elements of advanced threats. This is particularly the case if the construction of an effective defence is not risk-informed and intelligence-led as far as possible, and this is especially short-sighted if the converged nature of enterprise security risk is not apparent to security planners that are required to assemble a converged response. To achieve high levels of security, the process of security is becoming increasingly complex and it must now integrate different elements of the organisations preparedness & planning into an overarching converged framework to include systems, processes, policy and management practices. The need for physical and cyber security domains to collaborate, challenges both functions to dovetail their capabilities effectively, and many organisations struggle with coordinating security planning and incident response. In the majority of cases, organisations rely heavily on well-developed business continuity plans and tend to neglect the development and exercising of defensive and response capabilities against different advanced scenarios and this has the potential to hamper their ability to handle the
essence of war, surprise its rule and preparation for serious security incidents, must be built on the assumption that there will be surprises, and the organisations response will have to tackle the unexpected. This raises two issues: Firstly the nature of the response and capabilities; Secondly the ability to deal with the unexpected which is founded in managerial ability & experience. Unfortunately experience is gained over a long period of time, and experience can also degrade over time, particularly with staff turnover. A critical gap exists where organisations need to exercise the ability to anticipate the unexpected, be able to identify uncertainties and factor them into their planning, and tackle them head-on. The process of simulating real-world attacks and analysing the performance of security apparatus forensically to determine its strengths and weaknesses is a key platform of organisational preparedness, not only because practice makes perfect but because it develops an organisational preoccupation with what if scenarios, and the failure to deal with them effectively. The essence of a pre-emptive approach should be based upon developing foresight. Applying a forensic approach to doing so, is key to developing insight into both probable, and plausible outcomes of a breach. The adage that being forewarned is forearmed is always the justification for investing in maintaining awareness and preparation. Good management practice and preparedness requires the ability to anticipate events long before they happen, and develop a planned response to each scenario. The essence of anticipation is to identify threats no matter what the levels of plausibility or
Author Profile
Dan Solomon is Director of Cyber Risk & Security Services at Optimal Risk Management Ltd. He is a leading proponent of a converged approach to security risk, and is a regular presenter and chair at leading cyber security conferences. He is an industrial espionage specialist and a practitioner of FAIR [Factor Analysis of Information Risk] methodology. He is a prominent advocate of red teaming, and a pioneer of cyber war games as an approach to developing organisational resilience. He joined Optimal Risk in 2013, after 3 years as a Senior Partner at Hawk ISM. During that time He also served as Director of the Homeland Security Program at The Atlantic Council UK, and has published & spoken around the world on Intelligence Analysis & National Security, Critical National Infrastructure Protection, Cyber Security and Enterprise Security Risk Management. Web: www.optimalrisk.com Tel: +44 870 766 8424
35
JOINT STATEMENT OF INTENT EMERGENCY PLANNING SOCIETY AND INSTITUTE OF CIVIL PROTECTION & EMERGENCY MANAGEMENT
Representatives from the EPS and ICPEM recently met in London (December 10) to discuss ways of representing the resilience profession in times of financial constraint and increasing privatisation within the field. The meeting was extremely positive with both organisations sharing a common passion to represent their members, and the wider profession, at the highest level in the most professional manner. Authorised by our respective governing bodies, the EPS and ICPEM wish to make the following joint statement of intent: Due to the unprecedented challenges now manifest within the resilience community; the continuing austerity savings measures, increased privatisation and changes in the threat environment, the EPS and ICPEM both feel strong and positive action is now required to ensure the profession is decisively represented in the future. Both organisations feel that a road map, which ultimately unites the two organisations, should now Signed: J J Little Chair, ICPEM December 16, 2013
be constructed and recommendations put before both memberships once a joint and forward looking vision has been clearly established. Merger will take place only after a full consultation and agreement of the majority of the respective memberships. The aim is to lead the profession and increase its influence, recognition and standing within the community, industry, Government and society at large. During 2014, the two organisations will seek to explore the benefits of merger for members and the profession by increasing their cooperation; initially by organising a joint event, managing a joint project and exploring the ramifications of creating a merged structure. In this way we will develop a series of clear objectives, goals and recommendations. We believe that the combined establishment would be stronger and more influential than simply the sum of the constituent parts and we look forward to working together in the future. H Hinds Chair, EPS
Local Resilience Forums
PRoTECT AnD PREPARE

By Roger Gomm QPM FICPEM FCMI FInstLM0
BoTH UnDER THE UmBRELLA of LoCAL RESILIEnCE FoRUmS
urrently the Prepare strand of CONTEST is developed and delivered by the local resilience forums as part of the aim
to plan and prepare emergencies as specified by the Civil Contingencies Act 2004. I would suggest that the Protect strand of CONTEST would equally sit very well within this structure and benefit from a holistic approach which would enhance UK resilience.
The Strategic Context

In a world of startling change, the first duty of the Government remains: the security of our country. The UK National Security Strategy A Strong Britain in an Age of Uncertainty (October 2010) describes how the UK needs structures in place to react quickly and effectively to new and evolving threats to our security covering both domestic and international risks. The National Security Strategy set out our core objectives that cover both domestic and international threats: ensuring a secure and resilient UK protecting our people, economy, infrastructure, territory and way of life from all major risks that can affect us directly; and shaping a stable world actions beyond our borders to reduce the likelihood of specific risks affecting the UK or our direct interests overseas. Specifically, the National Security Council judges that currently and for the next five years the four highest priority risks are those arising from: The UKs Counter-terrorism strategy (CONTEST) aims to reduce the risk to the UK and its interests overseas from terrorism, so that people can go about their lives freely with confidence. The strategy is organised around four workstreams which are as follows: Prevent Pursue Protect Prepare
The Thames Barrier
international terrorism, including through the use of chemical, biological, radiological or nuclear (CBRN) materials; and of terrorism related to Northern Ireland cyber attack, including by other states, and by organised crime and terrorists international military crises and major accidents or natural hazards.
UK Resilience Strategy is based on Improving the UKs ability to absorb, respond to and recover from emergencies (Cabinet Office Feb 2013). This means that throughout the UK, we need to be ready and able to deal with potential emergencies and disruptive events; these can range from natural disasters like the recent flooding or heavy snow to deliberate acts or attacks. Crises can happen suddenly (for example, a chemical plant explosion) or develop gradually (for example, a flu epidemic or widespread industrial action). UK Government work is based on 4 main actions: risk assessment preparation and planning response and recovery building a resilient society to ensure businesses and communities are better prepared for, and able to recover from, emergencies
37
The UK approach to resilience planning supports the National Security Strategy and broadly splits into two parts: 1. Work to prevent emergencies from occurring 2. Work to minimise the consequences of emergencies when they happen
Local resilience forums (LRFs)

Local resilience forums (LRFs) are multi-agency partnerships made up of representatives from local public services, including the emergency services, local authorities, Public Health, National Health Service (NHS), the Environment Agency and others. These agencies are known as Category 1 Responders, as defined by the Civil Contingencies Act. LRFs are supported by organisations, known as Category 2 responders, such as the Highways Agency and public utility companies. They have a responsibility to co-operate with Category 1 organisations and to share relevant
information with the LRF. The geographical area the forums cover is based on police areas. LRFs also work with other partners in the military and voluntary sectors who provide a valuable contribution to LRF work in emergency preparedness. The LRFs aim to plan and prepare for localised incidents and catastrophic emergencies. They work to identify potential risks and produce emergency plans to either prevent or mitigate the impact of any incident on their local communities. The Civil Contingencies Act 2004 definition of an emergency clearly covers a terrorist incident in its many potential forms and importantly provides the necessary framework to achieve the aim of Prepare of CONTEST i.e. Prepare: where an attack cannot be stopped, to mitigate its impact. The Prepare workstream seeks to minimise the impact of a terrorist attack where it cannot be stopped. This includes work
to manage an ongoing attack as well as recovery from its aftermath. An effective and efficient response saves lives and reduces injuries (Pursue Prevent Protect Prepare, Annual Report March 2010). This work is led by the local resilience forums (LRFs) and supports their core function plan and prepare for localised incidents and catastrophic emergencies. The aim of Protect is to reduce the vulnerability of the UK and its interests overseas to terrorist attacks. The CONTEST strategy outlined that our objectives for Protect are to further reduce the vulnerability of: our critical national infrastructure crowded places the transport system and our borders. All of the above requires a local understanding of the risks to support
Figure 1. Organisational Resilience
planning and preparation and risk mitigation. Very often they are the same agencies, people and processes that are involved in the LRFs work under the CCA.
Business approach
Government encourages public and private sector organisations of all sizes to build the resilience of their infrastructure, supply, and distribution systems to disruptions from all risks (hazards and threats) and to improve the security and resilience of their assets If we look at the business or corporate approach to Resilience it is generally based on four key areas; Risk, Threat and Impact Assessment Business Continuity Civil Protection: Crisis and Emergency Management Security
A corporate organisation must be able to deal effectively with the range of potential threats which can materialise and cause business failure or loss of profit. The responsibility for managing the threats and mitigating their impacts is an organisational one. But they need to be aware of other local issues and be able to share information! Organisations must attempt to look forward to what may be coming in the future to anticipate, respond and recover. The main bulk of planning should consider how to avoid or mitigate or minimise the effects of a threat, starting with the impact of the event (i.e. their alerting procedures) and looking at remedial actions that can be taken to reduce effects. Although the responsibility for managing an incident, may by its nature, be the responsibility of an external agency or various combinations of them, co-operation between organisations is
fundamental to the response and the whole concept of civil protection. A large number of organisations will need to co-operate when responding to emergencies, so it is right that organisations co-operate closely in preparedness and planning as well. This point is emphasised within the Civil Contingencies Act. The emergency services obviously co-ordinate closely when responding to emergencies, but the utilities and other key companies have close links with local authorities and the emergency services. Organisations should aim to cooperate locally, attend multi-agency forums to discuss joint approaches to the essential aspects of emergency preparedness - risk assessment, emergency planning, business continuity management, and arrangements to warn and inform the public. Where it is appropriate such forums should also consider producing multi-agency plans, exercises and other training events.
Figure 2. Suggested focus for the Local Resilience Forums
39
holistic approach to resilience which is demonstrated in Figure 1 below. The author believes that by incorporating security, the Protect strand of CONTEST within the structures of the Local Resilience Forums it would align the public and private sector approach and improve UK resilience see Figure 2 for a suggested model. It is pleasing to note that Buckinghamshire New University is currently developing an Organisational Resilience Masters Course, which will utilise these subject areas as course modules, which I hope will encourage
Runnymede, UK - 11 February, 2014: People being evacuated by dingy from buildings flooded by the River Thames when it burst its banks after prolonged heavy rain in the UK.
UK Resilience Strategy is based on Improving the UKs ability to absorb, respond to and recover from emergencies ... In a world of startling change, the first duty of the Government remains: the security of our country.

It is clear that the local multi-agency planning should not solely involve emergency services and governments, but must include business. Whilst they may be additional structures based on the location or industry sector, a clear and consistent policy of inclusion should be achieved across the UK, but kept within a LRF structure. However, what about security? Security and asset protection has a crucial role to play in limiting the impacts of threats upon organisations and the UK economy. Successful security planning and management will include a menu of options that provide protective layers to ensure minimal impact. Importantly, the organisation cannot produce a plan for management and recovery without a detailed analysis of the risks and the planning process must include consultation with stakeholders; this is what the LRFs provide! It is vital that corporate organisations develop a resilient organisation, which is flexible and able to respond and adapt to changes in the environment. The bottom line is that they need to be resilient: they need to be able to survive and thrive in order that they can make profit. Consequently, a good business will take a national and local government to reflect on the current position and consider a holistic approach to resilience.
Author Profile
Roger retired from the Metropolitan Police Service having successfully completed a thirty-four year career in 2012. His current roles include: running his own company as a Advisor, Consultant, Trainer in the areas of corporate resilience and security; Associate Lecturer, Cabinet Office Emergency Planning College; Associate Tutor, College of Policing; and Visiting Lecturer at Bournemouth, Portsmouth, Christ Church, and Huddersfield Universities
Decision Making
ComPLEXITY SCIEnCE
CYnEfIn AnD THE fIRES of CHAoS
By Ron Donaldson, knowledge ecologist
Back in August 1997 after almost two years of very dry weather there was a major Moorland fire in the Bleaklow area of the Peak District National Park. This area of peat is particularly hard to reach with conventional equipment and had been burning for more than two weeks. The local fire service had been unable to contain the fire so the person in charge at the time was told to do something, anything, to get control of this chaotic situation. He assembled volunteers and fire crews with equipment from across many adjoining administrative areas. They were allocated to teams according to their relevant expertise. As the newly formed teams ran towards the fire tenders they realised that there was an additional unpredicted issue to resolve. The hoses did not fit each others adaptors. Just like Darwin discovered in the Galapagos Islands, geographical separation for a long time leads to evolutionary divergence, until the two sides can no longer physically inter breed. This embarrassing situation was quickly resolved in the following months overseen by Sean Prendergast (2007) who commented afterwards that all it took was a simple measure, such as ensuring all partners switched to using the same series of fittings for pumps and hoses and that this then had a dramatic effect on the extent and interchangeability of this and the other equipment. The Group has now established fire fighting plans, methods of joint working, mutually compatible equipment standards and training. In doing so, it has sought not only to improve the response time to fires, but also the effectiveness in fighting them. It has recorded considerable success and achieved greatly improved ecosystem security. This I just love Seans own underplaying of the story that A lack of mutually compatible equipment was also seen as a hindrance. Sean achieved not only a series of common standards but he also used this as a catalyst for the formation of the Peak District Fires Operations Group, a partnership approach bringing together six different fire authorities, private and public landowners and national park rangers.
To GUIDE mAnAGERS THoUGHTS AnD ACTIonS
that did not fit proved a very useful metaphor throughout the rest of the day for illustrating a need for common standards and cooperation in knowledge sharing. I particularly like the fact that this story contains a key turning point in Fire Fighting history. The ecosystem was transformed by this story, this moment of realisation, a culmination of many years of separateness, generated responses which when nurtured by Sean, led to a burst of co-creation.
The Cynefin framework was developed by Dave Snowden of Cognitive Edge to make sense of a world in which the actions we take range from ordered and predictable outcomes through to the other extreme of being unordered, chaotic and unpredictable.

It was also serendipity that this story emerged just at the point in the workshop I was to explain the Cynefin framework, which was why I was invited to write this article. The Cynefin framework was developed by Dave Snowden of Cognitive Edge to make sense of a world in which the actions we take range from ordered and predictable outcomes through to the other extreme of being unordered, chaotic and unpredictable. Where a certain problem or situation lies within the framework it can give you an insight into how you might intervene or which direction you might want to move
story was told at one of my recent workshops in October 2013 looking to build relationships and common approaches to data sharing in the Fire Sector. The concept of hoses
41
Decision Making
Figure 1. The Cynefin Framework
the situaton dynamicaly.The framework [Fig. 1] has five domains, given here, in order of hierarchy, with the diagnosis for how you should respond: 1. Obvious: Sense Categorise Respond 2. Complicated: Sense Analyse Respond 3. Complex: Probe Sense Respond 4. Chaotic: Act Sense Respond everything and fix it now. 5. Disorder: central zone : when you are not sure in which of the other domains the problem/situation lies The intention of the Cynefin framework is to introduce complexity science to guide managers thoughts and actions, = drop
contextualise situations, and suggest what actions they should take in response. It explores the relationship between man, experience, and context and proposes new approaches to communication, decisionmaking, policy-making, and knowledge management in complex social environments. Cynefin contrasts how situations are, with how we know them, with how we perceive them. The idea being that the more you allow these three levels of awareness to interact with each other the more likely it is that your actions with be appropriate to the situation.
defined by key narratives or metaphors from the organisations own history and its perception of the future. Over the years, the US Bush Administration has used Cynefin to analyse policy-making, the impact religion has upon it and the nature of response to bio-terrorism. The NHS in the UK has used it to look at aspects of measurement and I have personally used it to look at Innovation within Aerospace Companies, charity work at a Girl Guide camp and at the Friends of the Earth to review their recent Bee Campaign. We can use Cynefin to make sense of
As a Cognitive Edge practitioner of 11 years I facilitate groups in order that Cynefin is
what happened in the Peak District back in 1997 for example. In our wildfire story, when the fire was uncontrollable and
Decision Making
burning deep into the peat, no one knew what the outcome might be. There were few constraints controlling the fire. In this chaotic situation, the Cynefin framework says take control and move the situation into one of the other domains. This is what the fire crews did eventually. At the other extreme, the hoses did not fit. This is a rather obvious situation in hindsight. There is a single, obvious solution, to standardise hose sizes. We know that if this is done the effect will be that equipment could be shared and combined and this would make sure this does not happen again. In between Chaos and Obvious is Complex. Here there are a few constraints but anything you do influences the outcome and the outcome influences what you can do. The emergence of the Fire Operations Group is a great example. No one could have predicted that this fire or the hoses dont fit situation would trigger the formation of this group. There were a great many things that could have made it fail. The final constituent solution emerged almost by chance. This characteristic of the outcome emerging rather than being engineered is another key insight to understanding Complexity and Complex Systems. Dave Snowden regularly makes the point that in a Complex situation the response should be a series of safe to fail experiments. Each experiment, or probe, will provide a result that gives you a greater understanding of the situation without putting all your eggs in one basket. Then you can nurture the actions that deliver positive impacts and dampen the negative ones. Irene Ng (2011) who also works in Complexity puts it like this: We can determine complicated outcomes. We can only enable complex outcomes. We can specify complicated systems. We can only intervene in complex systems.
Figure 2. Cynefin Dynamics
I would then use participatory narrative This is quite a revelation to people and groups that take a mechanistic view of the world. The understandings that it gives about why financial systems fail, why targets damage systems like the NHS, why Government Information Technology Systems rarely achieve their goals but always cost so much more, are gaining momentum across the world. We must not assume linear cause and effect in the complex domain. Dave Snowden (2007) wrote an extensive award winning paper on the further implications of applying Cynefin for leadership (which I highly recommend). More recently, he has further enhanced the usefulness of the framework to include Cynefin dynamics rather than just categorisation or diagnosis. Fig 2. shows just one such dynamic. In a creative problem solving workshop, for example, a group might bring a serious issue. At this point they would be in the central disordered domain. As a facilitator inquiry techniques (designed for and ideal for exploring complex situations) to get them to self-explore the context, the past, the situation as it is felt today, converging on a group understanding of the problem or problems and what everyone hopes for from a solution. I would then take the group for a shallow dip into chaos. Here we would typically dissolve all of the constraints of time, money, knowledge etc. Divergent techniques would be used to trigger the group to generate ideas as wild and wacky as might even get them fired. I would then encourage the group out of chaos and into complex to look at those that gave the greatest benefits e.g. cost the least and caused minimal harm to the environment. These constraints would bring focus on a few powerful ideas. If these ideas were indeed complex they would then generate experiments (which should always include something nave, something oblique and just
43
Decision Making
for luck one long shot straight at the net, you never know it might just be on target). Where an idea had a definite, linear outcome but would take a long time to get there, through a lot of steps, it would move into the Complicated space which would require a stage-managed project or the bringing in of an expert from outside with the necessary skills eg an architect, wildlife lawyer or a plasterer. In order to sustain, adapt and avoid the dangers of complacency, the group, community or organisation should be taken through this cycle regularly. In 2005 I was still working for English Nature, The Government body for Nature Conservation. I was responsible for knowledge management and thought it a key part of my job to capture learnings from projects and make the insights more widely available. The Urban Heaths Life Project (2008) was one such project I helped to review. In 2001 English Nature and the county of Dorset had a problem. Serious incidents of wild-fires were breaking out across the Dorset Heaths but no one was certain what was causing them or what response might reduce their number and amount of irreversible damage. Fire services were called out to every incident, and did the best they could to put out the fire and minimise the damage. Wardens were appointed locally, with local knowledge (they would know exactly where this fire is), initially to capture consistent information on each incident. Boundaries of the burn area were mapped on the latest Geographical Information System to provide location and area data. Date, time and weather conditions were also recorded and stored. As the fires arose, they were being entered and appeared on the screen. One section was sent direct to the police database. A project called URBAN
HEATHS was set up to monitor and record what was happening with regard to the many uncontrolled and deliberately set fires that were a threat to the heathland areas of south east Dorset. We are talking about some very large, very resource intensive incidents with 20 or more tenders and a police helicopter involved. They lost a few fire engines in action. Heather, the appropriately named project manager was given the data that already existed and did the best she could to cross relate that data with Fire Service statistics. Spatially the data she had was poor as areas were always overestimated and locations rarely accurate. An area the size of Belgium was burned in one incident in Dorset. They had no way of recording or identifying Heath fires separately. Immediately a heathland fire incident was detected a pager message was sent out as to where they believed the incident to be. Their analysis was showing that on a Friday afternoon they had a fire on this heath, then that one, then another. So, next time, as soon as the first two in the sequence were set, they would get to the fourth one and the fire-starter would turn up and they would arrest him. Prior to this no-one had ever been arrested for heathland fire-starting, now there are 14-15 arrests per year. The system obviously supports evidence based policing. Let us look at how this story unfolded (in hindsight) through the lens of Cynefin. Wardens would naturally emerge as local experts as knowledge of data collection and being close to the situation would increase their insights as to what was going on and what was needed. (Complex). They would eventually be the curator of this key knowledge asset on heath fires. Wardens would provide heath fire and local feature knowledge to the fire fighting experts as soon as they arrived at the scene.
(Complicated). Wardens would collect and input data against improving standards with more drop down options and a check list of items of interest. (Complicated at first, then Obvious). The ultimate aim would be for this ecosystem including the landscape, wardens, emergency services, public, occasional fires to be self-aware via a series of feedback loops that would give it an anticipatory awareness by way of its ability to scan the entirety of available information for patterns. (Complex). The job of the council (on behalf of the entire ecosystem) would then be to manage the emergence of beneficial patterns rather than engineer their own solution. (Complex). By focussing in on the patterns of proximity incidents on a Friday afternoon evidence could be gathered enough to make the first ever arrests. This is a sequence of events that emerged in Complex domain but can now be exploited as a repeatable feedback loop sensor that will at least catch the repeat offenders. Other safe-to fail experiments that were initiated were: Clear signage on often burned heath areas to make sure the public were aware of the danger and how inflammable the heath can be in summer. (Obvious) Talks at schools (Complicated but Q&A afterwards is Complex) A new training program for wardens (parts Complex, parts Complicated) What this project did was make the invisible visible. The insights were previously inaccessible. Dave Snowden (2009) terms this sense making and has developed software (appropriately enough called Sensemaker) to capture stories and events at source which can be looked at for patterns, allowing for analysis without the need of an analyst. Such a system, if embedded within the process, rituals and normal practices of the individuals
Decision Making
concerned would be able to sense emerging risks and listen for any form of change, promoting mindsets and relationships that are essential to responding to every form of change. The Dorset Heaths was a classic probe, sense respond approach. At first they did not know what to collect. The project revealed what was achievable, what would be useful. They moved the recording through complicated almost into obvious. Coming right up to date, with my recent work with the Fire Sector and the NHS I have been trying, as much as a facilitator can achieve in one day, to prime the starting conditions for appropriate ecosystems to flourish. The group are taken through various storytelling based methods to reveal and make sense of the current narrative landscape. In doing so, connections are built with others, different perspectives are revealed and understood. From this starting point, constraints are reduced, linear thinking is disrupted, new patterns emerge and insights are triggered. These insights are the seeds of an emergent future and are encouraged, prioritised, cynefin diagnosed and made more robust with feedback from the rest of the group. Finally action plans are formed in the form of Duarte Spark-lines which contextualise the change proposed in the form of this is how it is now - but imagine how it could be. The Japanese call this Nemewashi and is all about preparing the ground and dampening any opposition for the idea before it has a chance to take root. My great hope is that this approach will produce an underlying system that has a capacity for creating trust, producing and restoring ecological integrity. Systems that ensure people access and engage with learning. The ecosystem might then develop further and have anticipatory awareness with the ability to scan all the available information for patterns then zoom in. Beneficial patterns can then be managed
Ng, I. (2011) Complicated vs Complex Outcomes (blogpost) http://value-basedservicesystem.blogspot.co.uk/2011/08/ complicated-vs-complex-outcomes.html last accessed 31/01/2014 Prendergast, S. (2007) The Peak District Fires Operation Group Seville Paper last accessed on 31/01/2014 http://www.fire.uni-freiburg.de/sevilla-2007/contributions/
rather than engineered as a solution. As the knowledge builds they might extract any generic learning and look to apply this knowledge in other areas, or even other disciplines as lessons learned/ emergent practice. By taking a whole ecosystem view rather than that of self centred, target driven, mechanistic greed we might (and we can never be certain, because it is complex) be able to: get the knowledge flowing get ideas generated to increase benefits and reduce costs and harms improve decision making build stronger communities. co-create with partners and customers build regenerative capability sense emergent risks respond to disruption learn and transform My ultimate aim with whichever group I am working with is that they will understand a little more about complexity while seeding at least some of the parts and behaviours that will lead to a sustainable ecosystem and ultimately planet. If you take away one insight from reading this article, take a glance back at the quote at the start and learn the new story. Stop applying linear solutions to complex problems. References
Berry, T. (2009) The Sacred Universe: Earth, Spirituality, and Religion in the 21st Century. Columbia University Press
doc/cd/REGIONALES/C_EUROPA/Prendergast_UK_ completo.pdf Snowden, D. and Boone, M. (2007). A Leaders Framework for Decision Making. Harvard Business Review: 6976. Snowden, D. (2009) Introducing Sensemaker (short video on Youtube) http://www.youtube.com/watch?v=SkRe7Xg7pk4 last accessed 31/01/2014 Various, (2014) Wikipedia entry on Cynefin Framework http://en.wikipedia.org/wiki/Cynefin last accessed on 31/01/2014 Various, (2008) Background and outcomes - Urban Heaths LIFE Project (UHLP) http://www.dorsetforyou.com/339465 last accessed on 31/01/2014
Author Profile
Ron Donaldson worked for English Nature (The Government Conservation Body) for 21 years mostly in Knowledge Management. He was one of the first Cognitive Edge practitioners. He has a passion for storytelling, especially participatory narrative inquiry methods and making sense of complex systems. He is now self employed and facilitates, advises and teaches organisations in how to take an ecological / open innovation ecosystem perspective of Strategy, Knowledge, Sustainability and Innovation Management. Email: ezrond@gmail.com Blogging at http://rondon.wordpress.com Twitter: @rondon .
45
Disaster Victim Identification
THE USE of DEoXYRIBonUCLEIC ACID (DNA) PRofILInG

By Gary Silver, MSc Prof GCE LLS (QTLS) FCIPEM FEPS MIfL Introduction
In this, the fifth in the series of articles explaining the Disaster Victim Identification (DVI) process, we continue the study of the use of forensic sciences to afford investigators a positive identification of the deceased. Although the matter has been dealt with in some detail in previous articles in the series, it is probably worthwhile reminding us all that a positive identification is one that is scientifically provable and, as such, drives the search for primary identifiers. The term primary identifier, you may recall, refers to any evidence of identification which is used in cases of disaster and, which is, of necessity, scientifically sound, reliable, capable of both use in field conditions and being brought to bear within an acceptable timeframe. The primary identifiers which are commonly used to support the Disaster Victim Identification (DVI) process are: friction ridge detail (commonly referred to as fingerprints); odontology (or forensic dentistry), and; the use of Deoxyribonucleic Acid (DNA) profiling. The previous article in this series provided an exceptional insight into the use of fingerprints as a primary identifier (thank you Dan Perkins) and so it is now time to address the remaining elements in the list. We will start by examining the use of DNA profiling. The use of Forensic Odontology (sometimes referred to as unique dental features) and the additional element of unique medical features will be examined in articles that follow on at a later stage. Lets get underway As the journal in which I write today is not a scientific or medical journal I intend to adopt a deliberate tack of keeping my writings as simple as possible and at a level which, I hope, we can all understand without recourse to those dusty, dog-eared and crumbling scientific tomes placed high on the top shelves of our public libraries. Wherever possible, I will write from the perspective of the layman or practitioner. At this point it might be useful to think of the genotype as a personal computer (PC). What!? Yep, just bear with me here. Like human beings, computers are all pretty much the same size and shape and made out of the same materials. Like humans they are, in theory, pretty much capable of doing the same things. So, why are some personal computers only just about good enough for simple word-processing whilst some can give NASA a run for their money? The answer lies in the way that they are programmed and the components used in their construction. Now the chances are that we all have a personal computer at home or in the office. Imagine that your computer now represents your genotype. Likewise my computer represents my genotype. My computer is different to your computer. I know this because it comprises different components. My computer runs on Windows 8.1, yours might too, or, of course, it might run on Windows 8, Windows 7, Windows Vista, Linux, OS X and so on and so on. We may have further variations on the same basic design of our computers as a consequence of having installed additional software for, say, virus protection. I have Microsoft Security Essentials installed. You may have installed Bit Defender, McAffee, Norton, Avast, or any other reputable program such as these. So whilst we all started off on a level playing field with the same basic form of personal number of forms or alleles (Thompson and Black, 2007).
Deoxyribonucleic Acid (DNA)

Deoxyribonucleic Acid (DNA) is commonly referred to as the Blueprint of Life (Thompson and Black, 2007: 7). Deoxyribonucleic Acid (DNA) molecules contain all the data that is required for the survival of all the living cells in the human body. The same DNA also governs the inheritance of human characteristics from generation to generation. With the notable exception of identical twins, everybodys DNA is unique (Interpol, unknown). Put simply, a persons DNA is unique because of the fact that each persons genotype is created in a unique form at the time of their conception and it remains in this same format, without change, throughout their entire life. A persons genotype consists of genes and their associated alleles (uh-leel). In turn, genes are made up of DNA and contain the biochemical instructions that help determine a persons human characteristics blood type, eye colour, hair colour, skin colour etc. and any one particular gene can have one of a

computer (the basic genotype), we have changed the make-up or characteristics of our respective machines as a consequence of individual programming brought about through the software we have installed (the gene). To take the analogy further, in making up a personal computer (the genotype) it is both perfectly acceptable and common practice to store software in many different forms. For example we may store our software (the gene) on a hard disk drive, a CD, a DVD, a USB pen, a Solid State Disk etc. Thus, on each computer, the software (the gene) is stored and transmitted differently as a consequence of the electronic media they are stored on. The same principle applies to the genotype in which the gene (the software) is stored and transmitted differently because of the form of the allele (the hard disk drive, CD, DVD etc.). In order to complete this examination of the genotype through this particular analogy, we should note that the information stored by the gene (the software) is, in the most part, a set of instructions (computer programming language) to create a particular protein and, it is this protein that ultimately governs the resultant characteristics of any individual human being (Jackson and Jackson, 2008) but this is more for your information only rather than something which is key to understanding the make-up of the genotype. Returning to a more scientific form of language, all being well, this analogy has helped you get to the point whereby you can see that a persons genotype is made up of the genes they carry along with the genes corresponding allele. Now for the next step. Genes are physically made up of the material we refer to as Deoxyribonucleic Acid or DNA. DNA itself is a long complex molecule which, Now, if we untwist the helix, it takes the form of a ladder. The rungs of the ladder are now made up of what we call the base pairs present in DNA. The term base pairs refers to the way in which the bases mentioned above have paired with one another. It is
Figure 1. A schematic representation of a double helix strand of DNA
in turn, is made up of a polymer (a chemical compound or mixture of compounds) of simpler molecules called nucleotides. There are four types of these nucleotides present in DNA and each type has a different base. The four types of base are identified as adenine, cytosine, guanine and thymine. These labels are universally abbreviated to A, C, G and T respectively. This allows the language of genes to be written in an alphabet and format derived from these four bases. This language enables us to both visualise and delineate the genetic code. Bear with me, hold on to this bit, were almost there.
worth noting that adenine (A) can only pair with thymine (T), and guanine (G) can only pair with cytosine (C) and that this is a fixed rule (Jackson and Jackson, 2008). The order of the base pairs along the molecule leads us to the genetic code or, as it is more commonly known, the DNA sequence. The length of the DNA helix is dependent on the gene itself along with the size of the protein it is encoding. It is measured (and expressed) in base pairs (bp). The diagram below shows a sequence of DNA just 8bp long but in reality the length of the sequence can easily reach the hundreds of millions bp: 5 3
C ------ G T ------ A A ------ T G ------ C C ------ G T ------ A A ------ T G ------ C 3 5 (Jackson and Jackson, 2008: 143) The reading of the DNA helix is facilitated by the identification of a polarity (or direction) in the aspect of the base pairs which is aligned to their uneven molecular structure. In the diagram above this unevenness, and thus the polarity, is modelled using the standard expressions 5 and 3. A DNA sequence is always read from 5 to 3 (note: the chains of the DNA helix run in opposite directions). In this instance you can see that, reading from top to bottom, the left hand chain reads CTAG CTAG. This pattern of repeated base pairs is referred to as a tandem repeat (repeating one after the other) and it is the number of tandem repeats in a chain that gives us a DNA sequence. In the
We probably all know that DNA takes the form of a double-helix (see Figure 1). What we are all less likely to know is that this helix is made up of two polymeric (having many parts) chains of the abovementioned nucleotides held together by sugar phosphates wound around each other to form the helix (Jackson and Jackson, 2008) or twist.
47
example shown here the DNA sequence is represented by CTAG which is 4bp long whilst the tandem repeat is represented here as CTAG CTAG i.e. CTAG x 2. Whilst this limited example is provided purely for the purpose of illustration, in reality the length of the tandem repeat will vary and will, almost certainly, be much longer. The longer the series of repeats, the longer the DNA sequence (Jackson and Jackson, 2008).
trillion (100 million million) cells, the scale of the pool of DNA that remains available for analysis can be appreciated (Thompson and Black, 2007). To contextualise the value of the remaining pool, it might be useful to know that it has been approximated that, in any two arbitrarily chosen human individuals, DNA sequences will differ in about a million different ways (Jackson and Jackson, 2008). Today, for the purposes of forensic
PM DNA Samples Mortuary
AM DNA Samples Home, work, car, doctors, hospital, etc
Matching
Identification
Process of DVI using DNA
DNA profiling, as we know and use it today, is founded on the analysis of these tandem repeats in the DNA sequence. Lets see what this means.
investigations related to crimes and DVI, the identification of the unique pattern in the polymorphic DNA is predominantly achieved through the examination of the placement of the tandem repeats (mentioned in the preceding text) in groupings called Short Tandem Repeats or STRs (Thompson and Black, 2007). These are so called because the length of the repeat is normally limited to between 1 and 4bp. The predominant means of quantifying STRs is through the use of a process called gel electrophoresis. This process, put simply, separates DNA particles according to their length and this, in turn, allows for their measurement in the form of the now familiar base pairs (bp). Measuring the number of repeats in this fashion allows us to establish the matchless genotype (see above) of an individual at any given locus in the DNA sample (Jackson and Jackson, 2008).
DNA Profiling in Disaster Victim Identification (DVI)

In addition to the sources listed above, the requirement to identify the dead necessitates that DNA samples are collected from all practical sources such as teeth, bones, muscle, skin and more. Whilst many of these additional sources are usually easily obtained in the mortuary as post-mortem samples, it must be remembered that there is an equal drive or imperative to collect ante-mortem samples for comparison. Ante-mortem samples might be obtained from a victims home, workplace, car, doctors surgery, hospital etc. once this becomes known or suspected of being so. Antemortem samples can thus be taken from personal affects which have not been shared with others (such as a toothbrush, hairbrush/ comb, a razor, deodorant sticks, pillowcases, ear phones, motorcycle helmets and/or unwashed clothing, particularly underwear), medical specimens (such as cervical smear samples, retained placenta, bloodspots, biopsies etc.) and the like (Black et al., 2010). The seizure of such items provides the opportunity to extract reference DNA samples so that they might be compared to the post-mortem DNA samples collected from the body or body parts at the mortuary.
DNA Profiling
DNA profiling (initially known as DNA fingerprinting) first appeared as a proven scientific procedure in 1984 having been pioneered at that time by Dr Alec Jeffreys at the University of Leicester in the UK. Since that time, the procedure has undergone much amelioration and refinement until, as it is today, it represents one of the most powerful tools in forensic science (Thompson and Black, 2007: 6). It needs to be for, in the majority of cases, approximately 99.5% of DNA is identical between human individualsi (Thompson and Black, 2007: 8).
i
To get round this major hurdle, the process known as DNA profiling endeavours to identify a unique and unalterable pattern (Jackson and Jackson, 2008: 141) in the 0.5% of DNA that remains. In opposition to the majority 99.5% of a persons genetic make-up, this small percentage of DNA is highly polymorphic (occurring in various forms see my discussion of alleles above) and this favours the identification of uniqueness in the individual. This use of a mere 0.5% of the available DNA sounds like a severe restriction but when I tell you that the average human body contains about 100 Generally speaking, DNA samples can be obtained from various sources. In crime cases the samples are normally obtained from blood, semen, hair, faeces and saliva from the crime scene, the suspect and/or the victim (if appropriate) and are generally used to in support of proving or disproving guilt. In incidents requiring the implementation of DVI processes, however, the focus of the use of DNA profiling changes to one of identifying the dead.
Should, however, ante-mortem samples not be available in the form discussed above, it is possible (and, depending on circumstances, even desirable) that DNA identifications can be made through the comparison of postmortem DNA samples with those obtained from individuals thought to be immediate family members of the deceased. This is referred to as the collection of familial DNA and, in order of preference, such samples can be collected from: 1. Identical twin siblings (who provide an identical DNA profile) 2. Parents (both mothers and fathers should each provide their offspring with 50% of the latters DNA profile) 3. Spouse and child (both)iii 4. Siblings (not half-siblings) 5. Grandparents (if possible DNA should be taken from both complete pairs of maternal and paternal grandparents) (Black et al., 2010) Practically speaking, when the necessary samples have been collected, the comparison function is carried out by a team of specialist scientists who, whilst in name, make up part of the Reconciliation Unit or Matching Team (see article in Alert of Spring 2012) are likely to be sourced from outside service providers in any DVI investigation. Regardless of the source of this team, it will provide specialist advisors to both the pathologist(s) collecting post-mortem samples via autopsy procedures and the officer in charge of the police officers and staff collecting all forms of ante-mortem samples. In this way the team is able to ensure the maintenance of the highest of scientific standards and forensic considerations in the collection, transportation, tracking and analysis of the DNA data (Black et al., 2010).
ii
Additional Considerations
By those who are inexperienced in the pros and cons of DNA as a primary identifier in the DVI process, the method can be seen as a scientific panacea. The reality is, however, that this is not quite the case. Like with anything else, DNA profiling does have benefits huge benefits in fact and these should be acknowledged. DNA profiling is of particular value when other means of identification are not possible - such as when the deceased is disrupted (fragmented) or suffering from severe putrefaction. Similarly, DNA is a tool of immeasurable value when attempting to reunite a fragmented limb or other body part with its rightful owner. There are, however, downsides to its use. The taking of samples is invasive and can cause further destruction or damaging of the remains of the deceased (or fractions thereof). It is costly both in terms of finances and in terms of the turn-around period required for scientific analysis. Any delay caused in this way will almost certainly be unpalatable to the victims surviving families and this causes another element of the fallout from any disaster that needs to be effectively and sensitively managed. Finally, on the practical front, DNA does not like fire nor does it like water and thus, the chances of obtaining a viable sample in incidents involving these elements can be significantly reduced or rendered beyond our current capabilities.
References
Black, S., Walker, G., Hackman, L. and Brooks, C. (2010) Disaster Victim Identification: The Practitioners Guide, Dundee: Dundee University Press. Interpol (unknown) Interpol Fact Sheet: DNA Profiling, Lyon: Interpol Secretariat. Jackson, A. R. W. and Jackson, J. M. (2008) (2nd ed.) Forensic Science, Harlow: Pearson Education Limited. Thompson, T. and Black, S. (2007) (eds) Forensic Human Identification, Baco Raton: CRC Press i There are some instances where human DNA is known not to be unique, for examples, identical twins carry the same DNA on a permanent basis. In addition, where a person receives a blood transfusion, their DNA profile can be mutated by the donors for a in the region of 3 months (until the recipients own DNA profile establishes total dominance once more). Cancer patients may also, on occasions, produce mutated DNA profiles. Rare individuals called chimeras are naturally made up of two distinct groups of cells and are consequently likely to produce different DNA profiles from different parts of the body. ii The procedure of collecting familial DNA can highlight issues of non-paternity not previously known by all parties and, as such, requires a great deal of sensitivity in any communication of findings iii See ii above
Author Profile
Gary Silver served with the Metropolitan Police Service (MPS) for 30 years. During this time he fulfilled specialist roles with the Home Office, the National Policing Centre of Excellence (NCPE), the Government Office for London (GOL) and, finally, the MPS Crime Academy. A qualified teacher and authority on disaster management and resilience planning, Gary now provides his services as an Independent Resilience Pracademic to various universities and organisations throughout the UK.
Conclusion
As ever, I earnestly hope that this article and the series to date has served to enlighten you. If you have any questions, queries or comments please feel free to contact me and I will do my best to ensure that the answers are made available to the widest audience so that we might all learn together.
49
Announcements
CommUnITY RESILIEnCE UK APPoInTS nEw CEO

By Joanna Cupial-Jones
David Cloake has been appointed Chief Executive Officer of Community Resilience UK cic, succeeding founder George Cook, who will take on the new honorary role of President. The roles will become official on the 25th November 2013. A former Emergency Planner of the Year, Cloake, 43, has been with CR since November 2012 as their Chief Operating Officer, after leaving Kent County Council as Head of Emergency Planning. He is also a former head of emergency planning at the London Borough of Southwark, and is currently Finance Director for the Emergency Planning Society. As a not-for-profit social enterprise, CR is dedicated to helping people and communities prepare for, and recover from major emergencies. The company is also partnered with Business in the Community (BITC), one of HRH Prince Charless business-led charities, and is an active member of its Business Emergency Recovery Group (BERG). George Cook said: David has been instrumental in developing our working relationship with Business in the Community, and its Business Emergency Recovery Group, a personal initiative of HRH the Prince of Wales. We are very proud to be building a new capability to help small businesses badly affected by disasters, learning the lessons of the work we have already done on their behalf in Hebden Bridge, St Asaph, Braunton and Herne Hill. David Cloake said: This is a great time to be taking the reins at CR. I am proud to be leading us in a very positive direction, and I want to thank George for this fantastic opportunity. We have an exciting agenda ahead of us, and I am looking forward to continue building on our support for BITC, the Voluntary Sector, and all those in Emergency Planning and Response. CR chairman Mike Granatt said: We are delighted that David Cloake is stepping up to lead the CR team at this vital moment for the company. He is highly respected throughout the professional emergency planning community, and has been instrumental in forging new links and mapping new directions at CR. His new appointment is the next step in strengthening CR as the leading notfor-profit, social enterprise working to strengthen communities against disaster. We will shortly announce new board appointments which will ensure that CR has the benefit of exceptional experience in both its operations and governance. CR also works with both Category 1 and Voluntary Sector responders to provide advice, assistance and training services, and their network of experienced on-call regional advisors can be deployed in the event of any major emergencies across the United Kingdom. For more information about Community Resilience UK cic, please visit the website: www.communityresilience.cc or contact the media department on 0300 999 2004.
Announcements
OUTSOURCING PRIVATE SECURITY IN COMPLEX ENVIRONMENTS

Private Security Companies (PSCs) provide vital support and security for humanitarian, peace and stability, and development activities. Yet, the multifaceted relationship between private security companies, donors, civil society, non-governmental organisations and governments is often misunderstood. The focus for this short course is on examining various aspects of this relationship, difficulties encountered by contracting parties and how these can be dealt with through a process of professionalization which ultimately will enhance wider statebuilding processes. This course will explore the complexity and implications of outsourcing private security in complex environments through three core topics: Why has outsourcing private security in complex environments become so prevalent? The first part of the course will examine contemporary security issues in order to understand the privatisation of security phenomenon in an increasingly globalised world. Issues relating international conflict and humanitarian action, and an analysis of conflict resolution approaches will also be explored. What makes the relationship between security providers and customers complex? The second part of the course will look at the regulatory framework and law surrounding the relationship between To register your interest and receive further details of this course, please visit www. cranfield.ac.uk/courses/training/outsourcingsecurity-in-complex-environments.html Alternatively, email: courses.shrivenham@ cranfield.ac.uk or call: +44 (0)1793 785810 security providers and customers. Cases studies will offer insights into various stakeholder perspectives and will depict practical aspects of the security function and its outsourcing. What are sound and practicable principles for good practice? This part of the course looks at ways to improve the relationship through good practice, governance and management strategies (including risk management). This will include examination of recent development of common international principles and subsequently industry standards applicable to the Private Security Companies operations in complex
COURSE DATE: 30 June 2 July 2014 COURSE FEE: 960
51
Interested in becoming a member of the Institute?

Wish to receive regular copies of Alert?
Membership rates from 1.1.2014 Student 35 (30 if paid by Direct Debit) Associate 40 (35 if paid by Direct Debit) Member 50 (45 if paid by Direct Debit) Fellow 60 (55 if paid by Direct Debit)
Membership request
PLEASE COMPLETE IN BLOCK CAPITALS
Student: This is available to undergraduate and postgraduate students reading for a disaster management related subject. Such applications will require verification from the Director of Studies.
Member: Membership is for practitioners, former practitioners and academics of civil protection and disaster management (which includes all related fields such as business continuity, emergency planning, risk management, legal, medical, insurance etc.)
Name Address
Fellow: Members may be recommended for upgrading to Fellow if they have either: been in the Grade of Member for at least six months of membership or
City/Town County/State Postal /Zip code Country Telephone Number Fax Number Email Address
- have provided evidence of relevant achievement.
Afliate: Departments and agencies of central government, local authorities, public utilities, companies in industry and commerce, educational establishments and non-governmental organisations, based in the UK or abroad, are welcome to apply for Affiliate membership.
Note: All applications for Fellow and Member will be required to provide two references as to character and status. The institute reserves the right to refuse admission without a requirement to provide reason.
Instructions 1) If you have internet access: Go to www.icpem.net and download the relevant application form. Standing Order mandate and Gift Aid declaration, where applicable, and send with initial cheque for relevant subscription or via secure online payment. OR: 2) Fill out the form on the left and send to: Hon Registrar, ICPEM, PO Box 16248, Birmingham, B30 9EJ You will be sent a relevant application form and advice regarding payment required and method.
Published by
The Institute of Civil Protection and Emergency Management. Registered Charity No. 1127226
President Major General Tim Cross, OBE Deputy President

Tony Moore President Emeritus Professor Eric Dykes Bill Blake Chair Jeff Little, OBE Vice-Chairs External Affairs: Les Chapman Internal Affairs: Gordon Macdonald General Secretary Gary Silver Treasurer Alan Clarke Director of Communications Stephen Elliott-Hunter Director of Training and Development
Roger Gomm, QPM Academic Advisor Professor David Alexander Librarian & archivist
John Lawal Legal Advisor Charlotte Waters Members Services Richard Cocks Editor Dave Dowling
Graphic Design & Print Management Wayne Freeman (07900 893023 or wayne@fractalcreative.co.uk) CONTACT ICPEM Membership enquiries: Malcolm Parker E: membership@icpem.net Media enquiries: E: pr@icpem.net Alert enquiries: E: alert@icpem.net Address:
Institute of Civil Protection and Emergency Management, PO Box 16248, Birmingham, B30 9EJ, UK.
Website: www.icpem.net The Institute of Civil Protection and Emergency Management does not accept responsibility for, or necessarily acquiesce in, any statement made in articles or communications from correspondents; publication does not entitle the author of any contribution or photograph to a fee unless previously arranged.

Alert Spring 2014

Uploaded by

Document Information

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Alert Spring 2014

Uploaded by

Copyright:

Available Formats

Journal of the Institute of Civil Protection and Emergency Management

ICPEM ICPEM // // Alert Alert // // Spring Spring 2014 2014 2

Thoughts from the Chair

ICPEM // Alert // Spring 2014 2

Thoughts from the Chair

CALL FOR PAPERS

ALERT: JoURnAL of THE InSTITUTE of CIVIL PRoTECTIon AnD EmERGEnCY MAnAGEmEnT

ICPEM // Alert // Spring 2014 4

NEw EURoPEAn LEGISLATIon

CoLLAPSED SUPERmARKET In RIGA

ICPEM // Alert // Spring 2014 6

Special Interest Group

FoRmATIon of THE UK BLUE LIGHT SPECIAL InTEREST GRoUP

ICPEM // Alert // Spring 2014 8

ICPEM Annual Conference 2014

d te e bl ise ra la a l s ai fin te av s g a n er le tio ak d e ra e st S p n & o gi re and dati e in e o nl m m O am om r c og ac P r ia l s

ICPEM // Alert // Spring 2014 10

ICPEM Annual Conference 2014

ICPEM // Alert // Spring 2014 12

ICPEM // Alert // Spring 2014 14

Diagram 1: Joint Decision Making Model: JESIP October 2013

About the author

ICPEM // Alert // Spring 2014 16

Jomo KEnYATTA InTERnATIonAL AIRPoRT (JKIA)

ICPEM // Alert // Spring 2014 18

About the author

ICPEM // Alert // Spring 2014 20

GLASGow HELICoPTER CRASH

About the author

ICPEM // Alert // Spring 2014 22

Carole with colleagues from the UK fire and rescue service

ICPEM // Alert // Spring 2014 24

Advertise with Alert

216mm x 303mm 216mm x 303mm

ICPEM // Alert // Spring 2014 26

Education and Training

THE EmERGEnCY PLAnnInG CoLLEGE

Education and Training

ICPEM // Alert // Spring 2014 28

Education and Training

Brief overview of work carried out in 2013

Associate Lecturers and Consultants

Education and Training

ICPEM // Alert // Spring 2014 30

Cyber Attack Crisis Management

Cyber Attack Crisis Management

ICPEM // Alert // Spring 2014 32

Cyber Attack Crisis Management

The Attack Evolution

Cyber Attack Crisis Management

Preparing for the Future

ICPEM // Alert // Spring 2014 34

Cyber Attack Crisis Management

ICPEM // Alert // Spring 2014 36

Local Resilience Forums

PRoTECT AnD PREPARE

BoTH UnDER THE UmBRELLA of LoCAL RESILIEnCE FoRUmS

The Strategic Context

The Thames Barrier

Local Resilience Forums

Local resilience forums (LRFs)

Figure 1. Organisational Resilience

ICPEM // Alert // Spring 2014 38

Local Resilience Forums