Threat Levels and What They Mean To My Business - Agilient Security Consultants Australia

Terrorism is a growing concern and threat to our lifestyle in Australia. It impacts on our private life and how we do business.

Australia is not immune to terror attacks and as such our government are constantly assessing and reviewing our terror threat levels.

The Australian government uses the following 5 National Terrorism Threat Levels to indicate the threat environment.

CERTAIN – A terrorist attack will soon occur or is underway.

EXPECTED – Credible, specific intelligence indicates a current intention, capability and plan to attack. A terrorist attack is expected.

PROBABLE – Credible intelligence indicates a subject is the target of terrorists with an intention and capability to conduct an attack. A terrorist attack is probable and may occur.

POSSIBLE – Credible intelligence indicates that while a subject is a possible target of terrorists, there is limited intent or capability to conduct an attack. A terrorist attack is possible.

NOT EXPECTED – There is no indication of any terrorist threat. A terrorist attack is not expected.

The National Terrorism Threat Level has not changed since September 2014 when it was upgraded to PROBABLE.

There have been 4 actual terror incidents which have grabbed the nation’s attention but there have also been at least 12 thwarted attempts.

In the current environment with terrorism a real part of business life and we need to adopt a more proactive and holistic approach to the increase the security team’s effectiveness. In most cases organisations should already have plans in place to deal with elevated National Terrorism Threat Level.

Below is some guidance from the National Guidelines for Protecting Critical Infrastructure from Terrorism (Australian-New Zealand Counter Terrorism Committee). This guidance can be adapted and customised for a range of organisational types and risk.

Security situation	Security considerations
Terrorist attack is not expected	Identify the risks associated with the normal business operating environment, for example criminal activity, natural disasters and accidents. Ensure a security audit is undertaken and security plans are developed which include: procedures are in place to report any unusual activity or phone calls to police after-hours contact details of key personnel and a procedure to ensure that police have access to the contact details training staff, including contractors develop facility bomb threat and evacuation procedures designation of security controlled areas implement effective access and identification controls, and cleaning up facilities so they are easier to search and monitor establish and communicate a risk management philosophy including the development of a risk management plan that articulates the level of acceptable risk, beyond which risk must be managed ensure a business continuity plan has been developed comply with State and Territory regulations in relation to dangerous goods have the necessary systems, plans and processes in place to respond to increased levels of risk or threats.
Terrorist attack is possible	Includes considerations if an attack is possible, but not expected, plus: ensure all staff, including contractors are aware of the increased risk, particularly those with key responsibilities review delivery arrangements from suppliers reinforce security practices and policies check warning and evacuation procedures tighten access controls for people and vehicles, e.g. all visitors escorted identification checks on entry and exit points review location of, and access to, external rubbish skips, storage containers etc review buildings and activities in adjacent buildings have the necessary systems, plans and processes in place to respond to increased levels of risk or threats ensure the business continuity plan has been tested and apparent shortfalls rectified detect and respond to security breaches within 48 hours.
Terrorist attack is probable	Includes considerations if an attack is possible, plus: ensure all staff, including contractors are aware of the increased risk and measures being implemented review delivery arrangements from suppliers compulsory identification of staff, suppliers and visitors at all times activate operations centre as required and consider preliminary activation of the business continuity plan review response procedures for suspicious articles being found screening of packages, mail deliveries and external deliveries to facility facilitate closer liaison with emergency services have the necessary systems, plans and processes in place to respond to increased levels of risk or threats detect and respond to security breaches within 24 hours increase vigilance using existing resources for suspicious people, items or vehicles eg check facility each 24 hour period establish contact with police.
Terrorist attack is expected	Includes considerations if an attack is probable, plus: ensure all staff, including contractors are aware of the increased risk and measures being implemented review delivery arrangements from suppliers consider service alteration deploy resources to provide constant monitoring and guarding implement perimeter security and restrict parking in the near vicinity detect security breaches within 12 hours. heightened vigilance for unattended vehicles etc – eg check facility every 12 hours deploy additional security resources, particularly on entry/exit points.
Terrorist attack is certain	Includes considerations if an attack is expected, plus: continuous patrols of critical nodes and points of vulnerability restrict access to essential personnel only activate operations centre on a 24/7 basis activate the business continuity plan detect and respond to security breaches as soon as possible.

For further information or assistance in planning for an increased threat levels contact Agilient.

Mark Bezzina for the Agilient Team