I heard in the news this week that the CIA had foiled an ‘underpants’ bomb plot which aimed to bring down an aeroplane. In the piece they were also talking about how Al-Qaeda in Yemen were getting more sophisticated in their bomb making, and that the Al-Qaeda as a whole appeared to be refocusing on attacking Western targets. The report claimed that Al-Qaeda felt that they had been distracted by the conflict in Iraq and Afghanistan, and had lost a lot of their support due to their involvement in local conflicts which were to blame for the deaths of many local people who Al-Qaeda were looking for support from. As a result, they were going to refocus their attacks on Western targets rather than being involved in local conflicts.

What does this mean for us?

This is likely to mean that in the future there will be more attacks, and although the security forces worldwide have been quite successful in foiling numerous attacks, I am always reminded of the IRA statement after the Brighton bombing when they failed to kill Margaret Thatcher “Today we were unlucky, but remember we only have to be lucky once. You will have to be lucky always.”

We therefore have to accept that there will be a successful attack sooner or later. One of the tasks of the business continuity manager is accounting for staff after a terrorist attack. This means that if there is a terrorist attack in a city that your staff members are visiting, you should be able to account for all your staff and make sure that they have not been caught up or injured in the attack. To do this I believe some preparation is required on the part of the business continuity manager.

1. Do you have protocols in place for knowing where your staff members are at any time? For instance, if there is a terrorist attack in Paris would you know whether you have staff in the city at the time? This may be easy if you book your international flights through a central travel agency, but it is more difficult if this is internal travel within your country as staff may travel by car or train where bookings are not centralised.
2. Do you have procedures in place for ensuring that if an incident occurs, staff members who may be nearby are able to phone in and say they are safe? This prevents lots of time wasted searching for them, but it is worthwhile remembering that when incidents occur, often the mobile phone system becomes overloaded and unusable so you may be unable to ring them on their mobile.
3. Do you have a crisis plans in place for dealing with an incident if your staff are caught up in it, especially if they are traumatised, injured or killed? Organisations have a duty of care to their staff and so should have plans in place for dealing with overseas incidents. If you are looking for training on crisis and incident management you may want to attend the Level 2 course which has two days training on the subject.

For me the 2008 Mumbai attacks, (11 coordinated shooting and bombing attacks across Mumbai, India’s largest city, by terrorists who allegedly came from Pakistan) brought home how easily it is to be caught up in an ongoing terrorist attack. If you received an email from an employee caught up in a terrorist attack on their hotel would your organisation know what to do?