Skip to content

RiskLogic and Johns Hopkins Centre for Health Security partner to deliver a COVID-19 workshop on cluster management for businesses. Explore the workshop and register here.

Incident Management Intelligence Brief
June 2018 edition


AIDR Major Incidents of 2016-2017

The Australian Institute for Disaster Resilience (AIDR) issued a report to provide an overview of major incidents that involved the fire and emergency services sector during the financial year 2016-17. Many of these were extreme weather events, as listed below.

  • This list of events highlights the frequency and widespread impact of severe weather and natural disasters which can severely affect communities, organisations and individuals indiscriminately.
  • The impacts of extreme weather events can be multifaceted causing injury or death, asset damage, loss of key services (power, water, communications, connectivity) and/or environmental damage as well as financial, operational and potentially reputational loss.

Intelligence Brief

Source for text and photos:

Managing extreme weather events

  • Your organisation’s extreme weather emergency response procedure should be activated as required, even in advance of a weather event occurring.
  • Weather sources should be monitored to gather information about upcoming and ongoing weather conditions (e.g. Bureau of Meteorology website). This information should be used to inform ongoing impact assessments including in advance of, and during, outdoor events.
  • The safety of staff, visitors and all stakeholders should always be prioritised.

Measles Outbreak in Sydney (May 2018)

  • A measles alert was issued by NSW Health in March 2018 after an infant who contracted the disease whilst overseas had visited various places throughout the Sydney CBD and Bankstown.
  • NSW Health listed the locations the infant had visited and encouraged the public to look out for signs and symptoms of the disease.
  • This outbreak follows a number of others in Australia including 11 cases which were connected through a workplace at the Melbourne Docklands in Oct 2017.

measles outbreak

Facts about measles

  • Measles is a highly contagious viral infection which can be spread in the air through coughing or sneezing and has an incubation period of up to 18 days.
  • Symptoms of measles include fever, sore eyes and a cough followed by a red, blotchy rash spreading from the head and neck to the rest of the body. Initial symptoms are often mistaken as the flu.
  • In 2014, the World Health Organisation (WHO) declared that Australia had eliminated measles, but recent outbreaks have been brought in from abroad e.g. Bali, Romania.
  • Those most likely to be susceptible to measles are infants under 12 months who are too young to be vaccinated and young adults, however adults who have not been vaccinated are also at risk.

Responding to an Outbreak of an Infectious Disease

  • All organisations should have a preparedness or crisis management plan in place to respond to an infectious disease outbreak.
  • If your organisation is made aware of a potential measles exposure risk, for example a staff member, contractor or visitor having visited your organisation’s locations or attending events while infected, the steps listed below should be followed.
  • The initial key step is to inform those who may have been exposed to an infectious disease of the risks, symptoms to look out for and steps to take if they think they may be at risk.
  • Those within your organisation should be encouraged to stay at home, or go home if they are experiencing symptoms and seek medical advice/treatment as required. It is important to remain aware of how many staff are absent and identify any potential impact to the ability to maintain business as usual operations.
  1. Educate staff and visitors so they are aware of symptoms and risks
  2. Encourage vaccination where appropriate
  3. Send sick employees home
  4. Communicate carefully eg. If identifying those affected
  5. File paperwork eg WHS

Suspected IED at North Melbourne Train Station & IED Guidelines for Crowded Places

Key facts:

  • North Melbourne train station was fully evacuated around 8am on 3 May 2018 after a suspicious package was identified on one of the platforms.
  • Trains were stopped from entering or leaving the station causing major delays to 5 key routes into the CBD and disrupting thousands of passengers.
  • The station was reopened by 9.30am once the Police had completed searches and declared the situation contained.
  • Police said the package “had the appearance of an explosive device”, but it was later deemed safe by the bomb response unit. A man subsequently came forward to admit that he had inadvertently left the package on the platform while travelling through the station at around 6am that morning.

Improvised Explosive Device

Threat of Improvised Explosive Device (IED) Attacks

  • An IED is defined as a device made or placed in an improvised way that incorporates destructive, lethal, noxious, pyrotechnic or incendiary chemicals and is designed to destroy, incapacitate, harass or distract.
  • The Australia-New Zealand Counter-Terrorism Committee (ANZCTC) states:

    ‘Explosives remain a favoured terrorist weapon globally. Terrorists favour explosives because of their proven ability to inflict mass casualties, destroy property, cause fear and disruption, and attract media attention. Explosives are generally within the financial and technical capabilities of terrorists – IEDs can be assembled with relative ease and used remotely’

  • The literature outlining the current national threat level, which is set at Probable, cautions that members of the public and locations where large crowds congregate could be targeted indiscriminately by individuals or groups intending to cause harm. Any suspicious activity, including suspicious packages, should be reported and caution exercised.

Examples of IED Attacks in Crowded Places

Location Date Form of attack Injuries/Casualties
Manchester, UK 22 May 2017 A homemade bomb was detonated as crowds were leaving an Ariana Grande concert at Manchester Arena. 22 killed + 116 wounded
New York & New Jersey, USA 17 – 19 Sept 2016 Three bombs exploded (and others were founded unexploded) in metropolitan New York – targets included a 5k run event and a train station. 31 wounded
Boston, USA 15 April 2013 Two homemade bombs were detonated near the finish line of Boston marathon. 3 deaths + 260 wounded (incl. 14 amputations)


ANZCTC IED Guidelines for Crowded Places

  • The Australia-New Zealand Counter-Terrorism Committee (ANZCTC) published the ‘Improvised Explosive Device (IED) Guidelines for Crowded Places’ in 2017.
  • The guidelines aim to help those who own or operate crowded places to be more aware of the threat posed by IEDs. They also provide guidance on the issues and options to consider during risk mitigation and contingency planning activities.
  • Two key principles are emphasised:
    1. Prevention and preparedness arrangements should be underpinned by an intelligence-led, risk management approach; and
    2. Effective security outcomes in complex environments where large crowds gather require cooperation and coordination between all stakeholders.

Assessing Unattended or Suspicious Items

  • A potential IED attack is often identified via discovery of an unattended or suspicious item. Staff, contractors and other third parties should be made aware of the threat of IEDs and advised how to assess any suspicious items discovered.
  • The IED Guidelines outline basic questions to ask when assessing an unattended or suspicious item;


  • If the item is considered suspicious it should not be touched, tilted or moved. Call Triple Zero ‘000’ and advise security immediately. The area around the item should be cordoned off (100m, or 500m for suspicious vehicle) and a record made of any physical characteristics, location, etc.

IED Response Priorities for Management

The primary response objectives for incident management in the event of an IED detonation are highlighted below. These steps should be practised so that key managers and staff clearly understand the priority actions and are able to respond in a high stress and dynamic environment.

  1. Saving and protecting life
  2. Evacuating those at risk
  3. Containing the incident or threat
  4. Supporting emergency response and investigation activities


Notifiable Data Breach (NDB) Scheme – February 2018

Notifiable data breach schemes

  • The Notifiable Data Breach (NDB) scheme, which came into effect on 22 February 2018, introduced an obligation on organisations to notify individuals if their personal information is involved in a data breach that is likely to result in serious harm.
  • Any data breach notification to individuals must include recommendations about the steps individuals should take in response to the breach.
  • All organisations that already have obligations under the Privacy Act 1988 (Cth) (Privacy Act) to secure personal information must comply with the Notifiable Data Breaches (NDB) scheme.

What classifies as a Data Breach?

  • A data breach is an unauthorised access or disclosure of personal information, or loss of personal information.
  • Examples include: loss or theft of physical devices (such as laptops and storage devices) or paper records that contain personal information; unauthorised access to personal information by an employee; or, inadvertent disclosure of personal information due to ‘human error’, e.g. an email sent to the wrong person.

Responsibility & Notification

  • The Privacy Act’s Australian Privacy Principles (APP) APP 11 requires entities to take ‘reasonable steps to protect the personal information they hold from misuse, interference and loss, and from unauthorised access, modification or disclosure.’
  • If a data breach is suspected, a risk assessment should be conducted to determine whether it could likely result in serious harm, and as a result require notification to individuals and/or the Commissioner
  • Four keys steps to take are:
    1. Contain the data breach to prevent any further compromise of personal information.
    2. Assess the data breach to evaluate the risks and assess potential harm, taking action to remediate any risk of harm where possible.
    3. Notify individuals and the Commissioner if required. If the breach is an ‘eligible data breach’ under the NDB scheme, it may be mandatory for the entity to notify.
    4. Review the cyber incident to identify actions which may prevent future breaches.

Further information:

  • Notifiable Data Breaches scheme:
  • A guide to managing data breaches in accordance with the Privacy Act 1988 (Cth);

Leave a Reply