Complex Attack Incident Management

Incident Management Guidelines

A hostile person or group may use several forms of attack against a target concurrently. The complex attack typically aims to kill or injure as many people as possible, significantly damage critical infrastructures, or enable instigators to effect a kidnapping. Such attacks are usually more thoroughly planned than other forms of risk, and are typically aimed at a specific target rather than being opportunistic in nature due to the complexity of planning required and the resources required. Effective risk mitigation and security planning will form the basis for responding to complex attacks.

In the event of a complex attack incident occurring, the following points should be addressed:

Action Points

1. Stand up the Incident Management and Crisis Response Teams using the SAD CHALETS system.
2. Mobilize all security personnel, and implement security response protocols.
3. Notify all employees, and move staff to safe areas/havens if possible.
4. Lock down all access control points and facilities to restrict unauthorized movements.
5. Raise the alert status and security posture of the facility to the predefined state and mobilize security staff, closing down access control points and securing buildings.
6. Notify supporting military or police agencies; nominate an incident control point (ICP) and safe route into the area.
7. Locate aggressors and establish a cordon with security response groups.
8. Determine the size and composition of the aggressor group, and relay the information to security response personnel.
9. Determine the agenda and objectives of the aggressor group, and instigate countermeasures.
10. Implement other aspects of the IMP as they relate to the incident.
11. Provide an IMP Risk Assessment Report as soon as possible.
12. Provide a postincident report when the crisis is over.

Chemical, Biological, or Radiological Attack Incident Management

Incident Management Guidelines

The likelihood of a chemical, biological, or radiological (CBR) attack is remote. However, the probability of such threats, whether delivered through advanced delivery mechanisms or through radioactive dirty bombs, will likely increase over time as terrorist organizations seek to obtain weapons of mass destruction. In addition, common explosives mixed with toxic chemicals can create makeshift chemical threats. There are a number of indicators that a chemical or biological attack has taken place, such as groups of people displaying unusual behavior or dead birds or animals in close proximity. Mist, clouds or pools of unusual liquid, or abnormal smells should be treated with suspicion; in places that have sensor equipment, an alarm may sound.

In the event of a CBR incident occurring, the following points should be addressed:

Action Points

1. Stand up the Incident Management and Crisis Response Teams using the SAD CHALETS system.
2. Determine the scope and nature of the threat.
3. Determine where the center of the incident is, as well as any downwind hazards.
4. Instruct personnel to cover their mouths and noses with wet cloths to avoid breathing in contaminants.
5. Seal buildings or rooms by closing air vents, windows, and doors using adhesive tape to prevent contaminants from entering.
6. If safe to do so, move personnel to higher ground, as dust and gaseous toxins will settle.
7. Instruct personnel to drink only bottled water and protected food.
8. If in vehicles, personnel should be instructed to close all windows and vents, and turn off air‐conditioning.
9. Personnel should move upwind of any event location as soon as safely possible.
10. Personnel outside of an affected area should be notified so they will not be exposed to avoidable risk.
11. Casualty and other risk hazards or effects should be managed according to the IMP.
12. Provide an IMP Risk Assessment Report as soon as possible.