top of page

Managing Emergencies Part Three – LEARNING FROM EMERGENCIES

Updated: Mar 5, 2021

Managing Emergencies

A Three Part Series By Thomas Helmer, Senior Director, CS&A International Risk And Crisis Management

The blog posts focus on current best practices in emergency management and are designed to provide a roadmap towards improving corporate resilience:

  • Part One – PREVENTING AND PREPARING FOR EMERGENCIES, February 2015, focused on emergency prevention and preparedness

  • Part Two – MANAGING EMERGENCIES, March 2015, covered the main aspects of actually managing emergencies

  • Part Three – LEARNING FROM EMERGENCIES, April 2015, covers the processes and steps needed to learn from emergencies

Welcome to the third and last instalment of my three part series on Emergency Management!

Part Three


When tasked with managing emergencies in your company, the following steps will need to be in place to ensure that you have deployed proven best practice:

  1. Incident Reporting and Investigation

  2. Learning from Third-party Incidents

  3. Root Cause Analysis

  4. After Action Reviews

  5. Training and Exercises

1. Incident Reporting and Investigation

Each organisation must determine up front which types of incidents are reportable to the Authorities and/or Classification Society and what information must be provided. Typically, all accidents affecting members of the public, work related fatalities, major injuries, over seven-day lost time incidents, some occupational diseases, explosions, environmental spills and certain dangerous occurrences, are reportable. And requirements vary from country to country.

Companies do well by learning as much a possible from incidents happening in their own organisation as well as from incidents in the industry.

As soon as an emergency is under control, an investigation team with sufficient skills and sponsored by a company Director must be assigned to obtain the root cause of the incident.

Many companies have a policy in place stipulating that all incidents, violations and near misses must be investigated and have the associated procedures in place specifying how the investigation must be conducted and reported. An investigation must cover all aspects of an incident from its trigger point, contributing aspects and escalation events. It must identify the root cause(s) and provide recommendations to prevent and/or mitigate similar incidents from occurring in the future.

Recommendations must be SMART: Specific, Measurable, Achievable, Realistic and Time-based. These recommendations may include improvements to policies, standards, procedures, training, hardware, engineering controls, personal protective equipment and/or training of employees and contractors. The investigation report must include all relevant information and a history of the events.


  • Insufficient skills and time are allocated to conduct a proper incident investigation.

  • Time pressure to resume operations cause critical information to be lost.

  • Recommendations are not tracked, executed nor completed.

2. Learning from Third-party Incidents

Highly effective organisations experience fewer and fewer incidents themselves and do well by learning from third-party incidents to identify further improvement areas.

Every day the news is riddled with events and triggers that can help assess an organisation’s ability to respond to similar situations, e.g. floods, earthquakes, electrical outages, explosions, fires, etc. Some of those events are useful to trigger internal discussion with leadership teams, or within the HSSE (Health Safety Security and Environment function to assess the organisation’s ability to respond should that event occur. These questions can be used to kick-off the discussion:

  1. Could an event like this happen to us?

  2. Where would it have the biggest impact?

  3. Are we confident that we would be able to deal with it effectively?

  4. Which aspects need verification/testing?

However, significant incidents in a similar industry must trigger a much more thorough response. Assign a team-leader to lead the investigation and collect as much details of the event as possible as if the incident had happened in your organisation. Implement the learning from this investigation.


  • External events are not used to check internal response capabilities.

  • External incidents are not used to verify the organisations’ controls and response capabilities.

3. Root Cause Analysis

A root-cause is a condition or trigger that leads to the undesirable outcome or generates an escalation of further cause and effects leading to the incident. Often an incident occurs when a number of aspects happen at the same time or in short succession creating a causal chain of events in which each one could have been avoided by a simple intervention.

Establishing the root-cause is therefore not always as easy as it seems.

A variety of techniques have been developed across different industry to help seek out the root cause as efficiently as possible.

The fastest method is asking “Why” at least five times to a cross disciplinary team of experts. The first question can be: “Why did this incident happen? Elements of the answer are then used to develop the next “Why” question until a good understanding of what root causes were at play is established.

Specialist facilitators are sometimes needed in the event of a very complex incident.


  • Investigators jump to conclusions and miss finding the root-cause and therefore fail to address the underlying issues.

  • Investigators focus on one root cause and miss the complementary causes that lead to the incident or caused it to escalate.

4. After Action Review

Over and above conducting the incident investigation, a thorough review of the response to the incident from the initial alarm until stand-down must be undertaken with all response providers.

Often it is best to use the After Action Review (AAR) methodology to assess the effectiveness of the incident response. As a minimum it must address the effectiveness of:

  • Raising the alarm

  • Assembling, Evacuating and Accounting for people

  • Mobilising Emergency Response services

  • Mitigating the risk of escalation

  • Demobilising of Emergency Response services

  • Clearing up the site

  • Resuming normal activities

The AAR was developed and effectively deployed by the US army during the “Desert Storm” campaign in the Middle East and is now widely used across industries to assess/debrief and event, incident or other major occurrences.

In a typical AAR, the following guiding questions are used:

  • What did we set out to do?

  • What did we actually do?

  • What could we have done better?

  • What did we learn?

  • Who are we going to tell?


  • Organisations revert to normal operations as quickly as possible and do not take the time to assess whether the response to the incident was timely and adequate, and whether corrective measures are required.

5. Training and Exercises

An organisation must have sufficient skills in-house or have access to those skills through contracts with service providers to cover the following aspects of Managing Emergencies:

  • Floor wardens

  • Assembly Checkers

  • First Aiders

  • Stretcher bearers

  • Incident Commanders

  • Emergency Response

  • Next-of-kin Responders

  • Incident Investigation Team Leader

  • After Action Review Team Leader

Without refreshers and regular practice, skills erode over time. Therefore, for each skill, it is essential to define if refreshers are required and at which frequency. It is also critical to verify annually that sufficient people have been nominated for each skill to provide adequate cover.

Just having a quick fire drill every month, is not sufficient. Each organisation must develop a catalogue of scenarios that serves as the basis for practical exercises. Research shows that companies that practice their top scenarios every now and then are better prepared than those that do not. Develop an annual calendar of exercises that cover Health, Safety, Environmental and Security based scenarios. Combine this with a related theme of the month and provide sufficient material for discussions at safety meetings. This is a way to keep major risks top of mind for staff and contractors. Conduct at least one major exercise every year involving the mobilisation of Emergency Response resources. Check that all critical resources have had an opportunity to practice at least once every year.

Each exercise must be carefully prepared to ensure that all critical steps are covered. A trigger event must be selected to allow the exercise to begin with something tangible and follow on with additional injects that provide sufficient realism and pressure. Facilitate the exercise to ensure that the learning objectives are achieved.

Conduct a post exercise After-Action-Review to gather any learning and share these with the appropriate parties for follow-up and closeout.


  • Companies conduct quick drills every month without using the opportunity to practice a variety of relevant and specific scenario.

  • Companies never practice the mobilisation of their Emergency Response resources.

This concludes the three-part mini series on Management of Emergencies. With the above guidelines, you are equipped to spearhead and support the management of emergencies for your organisation. For additional support or questions, please contact Thomas Helmer at

Thomas Helmer is Senior Director with CS&A International Risk, Crisis and Business Continuity Management, a specialist firm working globally with multi-national clients across industry sectors. Prior to CS&A, Thomas had a long and distinguished career in the oil and gas industry with particular expertise in HSE and extensive experience as an emergency coordinator.

CS&A’s emergency response experts have helped clients in the optimisation of their facilities, processes and competencies. From emergency personnel assessments, to the development of emergency management procedures, training and testing exercises, CS&A’s emergency response services include: control room and installation audits, self-assessment models, emergency communication planning, process and control room simulator training, assembling and evacuation procedures, telephone response and family assistance, scenario design, escalation drills and much more.

For more details on CS&A’s services in emergency response management, click HERE to get in touch.


ISO 22320:2011, Societal security – Emergency management – Requirements for incident response, designed to minimise the impact of disasters, terrorist attacks and other major incidents it will help save lives, mitigate harm and damage and ensure continuity of basic services such as health, rescue services, water and food supplies, and electricity and fuel delivery.

– BS 11200:2014 Crisis Management. Guidance and good practice. A capability to manage crises is one aspect of a more resilient organisation. Resilience requires effective crisis management, which needs to be understood, developed, applied and validated in the context of a range of risk related disciplines. These include risk, business continuity and security management.

8 views0 comments


bottom of page