What just happened?

Issue 3 2022 Editor's Choice, Security Services & Risk Management, Retail (Industry)

On the 9th of July 2021, South Africans woke up to images that resembled something out of the apocalypse, not real life. During the eight days of rioting and looting, 354 people lost their lives, an estimated R16 billion in damages were caused and 45 000 businesses were affected.

As a company we were the hardest hit and the first to have a store burned out. At the end of the eight days, we had 283 stores looted and 39 completely destroyed, equating to almost 10% of our total trading space. By December, however, we had reopened 236 stores to serve our remarkable customers in time for Christmas and the ‘Back to School’ period.


Adriaan Bosch.

Not only did the efforts of our department help to enable the business to provide essential goods and services in record time to our customers, but also job security to over 4000 employees and profit growth to our shareholders. Acting early on information in the weeks leading up to July, we had prepared our logistic network for a situation taking place and our 20 distribution centres and hubs were left unscathed.

Being forewarned prevented management from being overwhelmed by the events taking place on the ground and the team could focus on getting the business ready to reopen by securing materials to secure and rebuild our stores.

Critical to our success was the ability to collect relevant data, analyse the data to create intelligence and communicate the intelligence in a way to stakeholders, for them to make decisions and take decisive actions. Information management for us, as it is for everyone, is the pivot of Crisis Management and Response.

Information exchange management

The single most important function of any crisis management operation and the single most common cause of failure, is the ability to manage the flow of information. Timely and actionable intelligence can quickly build a trust relationship between the Crisis Response Team and decision makers, but the opposite is also true. Delayed and inaccurate information quickly erodes the trust of stakeholders that can paralyse the crisis response effort. Anything that creates blockages, delays or confusion within this process is likely to have a major and significant impact on the final outcome.

The problem in a crisis is not that there is not enough information, but that there is an overload of information, much of which will be contradictory and all of which needs to be assessed and judged as to its veracity, its relevance and its place in the overall picture.


Liana Bosch.

A crisis by its very definition will fall outside standard response and planned scenarios. Crisis Management Teams need to function under immense time pressure in an environment with constant threat escalation and quite often a lack of verified information. On top of that there is a constant need to transfer complex information under pressure between multiple stakeholders who need to make decisions, the lack of which could lead to catastrophic consequences.

The best tools to use in a crisis situation are the systems that are already available and familiar to everyone in the process. For us as a team, free instant messaging apps were critical to the teams in collecting, verifying and distributing information. The information was then easily compiled in a dashboard in a spreadsheet for the team to use and stakeholders to have a live view of changing events. (A template of the dashboard can be found at https://www.securitysa.com/ex/Crisis_Management_Dashboard.xlsx, or via the short link www.securitysa.com/*dashboard).

Your dashboard ideally needs to consist of the following aspects

1. Fact pattern

All information should be captured as and when it becomes available, to be verified by an eyewitness where possible. The minimum information of What, Where, When an event happened and Who reported is a good baseline of information.

2. Decision making

Crisis decision making is emergent not planned. Once the information has been verified and the real facts or problem is known, an effort can be made to anticipate consequences and solutions. Having a dynamic live dashboard enables a large number of people to come up with varied solutions looking at the same problem. Participants should also be encouraged to not only look at potential risk, but also any potential opportunities. A positive frame of mind goes a long way when days get long and situations darker.

3. Priorities

Solutions then need to be prioritised and delegated to a responsible person who needs to take ownership of the problem. It also helps to have specific deadlines to work towards and keep track of tasks that have been delegated.

4. Implementation

In the midst of the crisis the Crisis Response Team needs to be responsive and support operational teams on the ground, not direct them. As the crisis progresses and the overall picture becomes clearer, the Crisis Response Team can take a more active role in managing the sum of all the parts. Once priorities have been identified, the remedial actions can be categorised as: Immediate Actions; Delayed; Deferred; Omitted and Completed. Particularly in the beginning of the crisis, small victories should be celebrated. Being able to see even the small steps has a big impact on the morale of the Crisis Response Team and stakeholders alike.

5. De-escalation/re-escalation

Ultimately the aim is not to manage the crisis, but manage the organisation through a crisis. As soon as the situation warrants it, the de-escalation of the response should start and be suitably managed. There is often a threat of re-escalation during the crisis and sufficient resources should be kept in place until the crisis has passed.

Good record-keeping also adds great value in the after-action review. (What was done well, what could have been done better). Should there be a need to testify to a committee or a court, the information is precise and readily available to show the workings of the organisation during the crisis.

Information is worthless if it doesn’t lead to actions

“Real crisis management does not start when a crisis is discovered, but is an embodied value intrinsic to every aspect of an effective organisation’s operations. Risk attitude and culture will have the greatest impact on the ability of the organisation to identify potential crises at the earliest opportunity, to respond in a timely and appropriate manner and to embody the concepts of organisational resilience.” - Dr David Rubens, 2020, Institute of Strategic Risk Management.

The real loss of the July unrest would be if we don’t take the opportunity to learn from the event and improve our preparation and response. In a world of uncertainty, we can be certain of one thing, that there is a crisis over the horizon waiting for us. Take action now. Build mutually beneficial relationships, get consensus on working methods, but above all, ensure that you have a strategy and a structure in place to manage the exchange of information.

Adriaan Bosch is a member of ASIS SA. For more information on ASIS, go to www.asissa.co.za




Share this article:
Share via emailShare via LinkedInPrint this page



Further reading:

Deepfakes and digital trust
Editor's Choice
By securing the video right from the specific camera that captured it, there is no need to prove the chain of custody for the video, you can verify the authenticity at every step.

Read more...
A new generational framework
Editor's Choice Training & Education
Beyond Generation X, and Millennials, Dr Chris Blair discusses the seven decades of technological evolution and the generations they defined, from the 1960’s Mainframe Cohort, to the 2020’s AI Navigators.

Read more...
Chubbsafes celebrates 190 years
Gunnebo Safe Storage Africa News & Events Security Services & Risk Management
Chubbsafes marks its 190th anniversary in 2025 and as a highlight of the anniversary celebrations it is launching the Chubbsafes 1835, a limited edition 190th-anniversary collector’s safe.

Read more...
New law enforcement request portal
News & Events Security Services & Risk Management
inDrive launches law enforcement request portal in South Africa to support safety investigations. New portal allows authorised South African law enforcement officials to securely request user data related to safety incidents.

Read more...
Continuous AML risk monitoring
Access Control & Identity Management Security Services & Risk Management Financial (Industry)
AU10TIX, launched continuous risk monitoring as part of its advanced anti-money laundering (AML) solution, empowering businesses to detect behavioural anomalies and emerging threats as they arise.

Read more...
Back-up securely and restore in seconds
Betatrac Telematic Solutions Editor's Choice Information Security Infrastructure
Betatrac has a solution that enables companies to back-up up to 8 TB of data onto a device and restore it in 30 seconds in an emergency, called Rapid Access Data Recovery (RADR).

Read more...
Key design considerations for a control room
Leaderware Editor's Choice Surveillance Training & Education
If you are designing or upgrading a control room, or even reviewing or auditing an existing control room, there are a number of design factors that one would need to consider.

Read more...
Axis secures the Waterfront
Surveillance Entertainment and Hospitality (Industry) Retail (Industry)
Axis Communications shares insight into its longstanding partnership with the V&A Waterfront, one of Africa’s premier retail and mixed-use precincts, through its latest, updated customer success story.

Read more...
CCTV control room operator job description
Leaderware Editor's Choice Surveillance Training & Education
Control room operators are still critical components of security operations and will remain so for the foreseeable future, despite the advances of AI, which serves as a vital enhancement to the human operator.

Read more...
SAFPS issues SAPS impersonation scam warning
News & Events Security Services & Risk Management
The Southern African Fraud Prevention Service (SAFPS) is warning the public against a scam in which scammers pose as members of the South African Police Service (SAPS) and trick and intimidate individuals into handing over personal and financial information.

Read more...