The tragic Resorts World Manila incident on 02 June 2017 started a series of so-called security summits and seminars around the country. I assume that LGUs and PNP have been assembling security managers of hotels and resort (and even malls) for these gatherings. I will collectively refer to the hotels, resorts, and other accommodation establishments here as “property or properties.” To ensure that multi-stakeholders of the different properties will attend these gatherings not just for compliance, I suggest the following projects to be discussed.
If the reason for these gatherings is to ensure that the RWM incident will not happen again, then they should get an official authorized copy of the investigation report done by government agency first.
1. What are the findings that contributed to the following?
a. Non-detection of intelligence units and PNP of the suspect having such plan and on his way on a taxi with such regulated weapons?
b. Entry of gunman to the property
c. Failure to confront the gunman at inspection area
d. Failure of any security personnel to physically subdue the gunman within the first minute of the breach
e. Failure to extract smoke from the areas in question
f. Failure to detect immediately the location of the gunman as a subject of active video surveillance
g. Failure to detect, see, respond, rescue the fatalities or relay to rescuers the presence of suffocating people during the sweep of the SWAT or SRUs
h. Declaration of “All Clear” when there were still fatalities inside the building
2. What are the findings and implications with regard to the following?
a. Security plans. SOSIA requires agencies to make security plans. But for corporations, it’s the company that makes its security plan with the help of the agency.
b. Execution of the security plan by the security agency guards.
c. Performance of the other guard posts during the entire incident
d. RWM Emergency response plans. For me, critical incident response procedures should have been performed. Anyone talking about crisis management plans during unfolding events needs to understand the meaning of crisis.
e. Timelines related to communications among internal units of RWM and external units like the local or nearest PNP. These were shown in the congressional probe by the PNP.
f. Timelines of arrivals of responding units
g. Location of other RWM ERTs and staff
h. Turnover of command and control from RWM to PNP or LGU critical incident team
i. RWM command and control, communication systems (use of mobile phones, radios, working frequencies, public address system ,etc.)
j. Command and control, communication systems (use of mobile phones, radios, working frequencies, etc.) of responding units like the PNP and BFP.
k. Performance of the responding units. From PNP, BFP, AFP and other volunteer organizations.
l. Preservation of the crime scene
m. Evacuation of the 12,000 other guests in the property
n. Hotel staff to guest ratio
o. Security manpower to guest and staff ratio
p. CCTV or video surveillance coverage, system design, and performance
q. Architectural design of RWM, other properties, and the Newport City
r. Conduct of forensics
If the reason for the gatherings is only to have a comfort level after the RWM incident, then I suggest that the topics should be on understanding basic terms and establishing institutionalized protocols between the tourism stakeholders, PNP, AFP, DOT, LGUs, and PAGCOR.
1. The conduct of credible security (and safety) risk assessment. The key word here is credibility – of the risk assessors and the standards used in the assessment. There should also be a 3rd party assessor or auditor to validate the findings or and ensure the reinforcement of security operations and emergency response guidelines, commonly called as plans or manuals.
2. Understand the concepts of threats, hazards, vulnerability, criticality, and risk. This way, the property will not just post two guards at a particular post.
3. Plans, policies, procedures, protocols, and manuals or guidelines should be based on the risk assessment. It’s like having a wellness program based on a comprehensive medical check.
4. Crisis management is different from crisis communications. But crisis communications is part of the bigger crisis management plan.
5. Business Continuity programs or plans (BCP) are not the security or emergency plans. If your plans do not have RA and BIA, then they are not BCP.
6. Agree on policies and procedures on when the property should turn over the command and control to responders, whether PNP, BFP, or LGU. When I was with the Shangri-La group, the crisis manager of Makati businesses or buildings is the city mayor.
7. Conduct realistic drills on realistic scenarios like:
a. Active shooting + fire + mass casualties
b. Bomb explosion + fire + mass casualties + mass evacuation
What else I missed?