When Kestrel is researching a tailor-made crisis scenario for an organisation it’s common to discover risks or gaps in business as usual, says Kestrel Director Karen Stephens.
“When we’re researching scenarios, we’re looking for possible failure points that may have been overlooked internally as we have a different focus, we go in to look at how we can use those vulnerabilities.”
Recently when researching a scenario for a client, Kestrel found they had very high security for their facility and consequently, overnight, the security system caused the main access gate to fail closed (rather than failing open) if there was a fire alarm.
Karen says that while this solved security concerns around access to the site if there was an unexpected incident at night, it increased the risk to the company in a fire situation as the emergency services wouldn’t be able to gain access to the site to put out the fire.
The downside of extra security
“When we are creating a scenario, we are looking to see if there are any single points of failure that may not have been identified and then we give the management team the ability to work it through and see if this is an acceptable risk or whether they need to put measures in place to mitigate the risk.
“In this case it didn’t mean the company needed to change the ‘fail close’ but they needed to look at better communication with emergency services after hours, so access could be gained to the site if this type of situation occurred.”
Being prepared
By highlighting this issue, the company has been able to implement a communications protocol with emergency services to avoid this situation if it occurs, says Karen.
“The last thing you want is to find out at 3am during a fire on site is that the emergency services are stuck outside the gate because they can’t get in to put out the fire. It’s much better to have that pointed out beforehand and do something about it.”