Sports and Special Event Security Planning: Best Practices

– [Steve Worona] You’re listening to Campus Public Safety Online from the National Center
for Campus Public Safety. Before I introduce today’s speaker, here’s a brief orientation to
the Adobe Connect interface we’re using. Your browser right now is showing the title slide for today’s talk. On the left side of
your screen, you’ll see a box labeled “Questions and Comments,” where you can read and type messages. There’s a tab labeled
“Everyone” at the bottom of this box, and that’s the tab you’ll use for all of you general messages, including questions and
comments for our speaker. We’ll be breaking for
questions several times during the presentation, so please do not hold your questions to the end. You can also send direct messages to a specific person
by hovering your cursor over a name in the attendee list. One of those names is Technical Help, and that’s the place to go if you run into technical problems. We’re also monitoring
Twitter for your questions and comments. Use #nccpswebinar on Twitter. That’s NCCPS Webinar. If you miss part of today’s conversation, or if you want to see
some or all of it again, this webinar is being recorded. The link will be available shortly after the webinar on the
NCCPS webinar’s webpage, and watch your email for a link to a brief evaluation survey requesting your reactions and comments
on today’s presentation. Please take a minute to
respond to that survey when the link arrives. We do appreciate your feedback. Now for our presentation. In less than a month, we’ll be recognizing the 14th anniversary of the terror attacks of September 11th, 2001. Along with an enormous
list of other changes, 9/11 has altered forever how we plan and manage security for
large on-campus events. It’s no longer enough
to think about traffic, parking, crowd management and an occasional
weather-related incident. It’s a different world
today, and that world continues to evolve. To help us understand the new meaning of large-event management and identify emerging best practices,
I’m happy to welcome Richard Morman, independent consultant and retired deputy chief of police at the Ohio State University. Richard, who holds CPP
and CSSP certifications, is a 35-year law enforcement veteran who served in his deputy chief position at Ohio State for 10 years. He currently serves on the ASIS National School Safety
and Security Council, and has vast special-event
security planning and management experience. He has presented at national conferences, and is considered a subject matter expert on the topics of fan behavior
and celebratory rioting, large-venue security,
special-event security planning and management, and executive protection. He attended Ohio State, graduated from the Police Executive
Leadership College and from the FBI National Academy, and holds a certificate in
law enforcement education from the University of Virginia. Richard Morman, welcome to Campus Public Safety Online. – [Richard] Steve, thank you very much for that great introduction. I would also like to take this opportunity to say thank you to the National Center for Campus Public Safety for asking me to present on this topic that I’m very passionate about. It is a very important topic. I wanna talk about our goals for today and, in essence, provide you with some current best practices for safely and effectively managing security for large on-campus events. But as we go along, I want
you to also keep in mind that these practices that
we’re going to talk about are scalable, they can be
applied to smaller events. Today we’re gonna give you a foundation for planning events and also provide you with some available resources. One final thing I’d like to mention before we get started, just a little disclaimer, I will mention NIMS ICS maybe two or three times, but this is not a NIMS ICS course. Hopefully when I do bring NIMS ICS up, you’ll see that it’s
actually an important part of planning. Our objectives for today is really to discuss the
importance of planning, but planning also includes threat and hazard assessment, so we’re going to cover that, also. I will even give you a
threat assessment tool that’s available to help
you form an assessment for your event. That will lead us into risk management. Then we’ll round it out by discussing event security itself and talk about physical security of the
venue and some other things that you can do to enhance your venue. We’ll conclude with some great resources. Steve’s mentioned already in his opening about the terrorism events on 9/11, and the way we all looked
at security planning and management. That really changed after 9/11. I know a lot of us struggled with how to manage that and what to do with it. As a result of those incidents
and other information that’s happened, Boston Marathon has happened since then. We continue to see every
day, it seems like, in the news, incidents
that have been circumvented by the FBI and some other federal agencies. Most of us that have these large venues on our campus already know that U.S. Department of Homeland Security has identified these sports stadiums and arenas as potential terrorist targets. But I wanna stress, this webinar is not all about terrorism. What we do need to think
about in our planning is taking that all-hazards approach. To get us started, it’s very important for us to start with some definitions. Special event can be defined as any event where a large number of people are brought together to
watch or participate. When ya think about it, those of us on these college campuses,
we have thousands of these types of events
all across the country every year. Almost any type of even you can think of is held on a college campus. Private and public
institutions are a resource for your communities,
and they all seem to go, want to have events. I know when I worked at Ohio State, it seemed like every
weekend there was one, two or maybe even three 5Ks, it seemed like. That’s a special event. Here’s another definition. This is the first resource I wanna point you to. It’s a FEMA course, IS-15
Special Events Contingency. There’s actually two
different versions of this. It’s available online. One version is geared toward law enforcement,
but I would encourage you, even if you’re in emergency management, fire service or just event planning, to maybe look at both versions. They are very similar. I put this slide up here only because the definition is a little bit different in that it places an emphasis on impact that the event brings to a community, not necessarily the number of people attending. Even though they’re two different definitions, I think
they’re both important to understand. Probably, the two terms that are, I would say, the most misunderstood,
you hear these used kinda synonymously all the time, and that’s event and incident. There’s a simple way to think of these. An event is something
that’s scheduled or planned. We’re going to be talking a lot today about event planning. An incident, the simple way
to think of an incident, really, is something that’s unplanned and requires some sort of emergency response. If you look at the slide, there’s a more in-depth definition, but just think of it event is planned, incident is unplanned. Your event may evolve into
a full-blown incident, or you may have to manage small incidents along the way, just depending on the nature of your event. Now let’s get into planning and managing. Special event security is unique because when you think about it, it creates a temporary
workforce that comes together maybe just for one event a year. Maybe your university
or community’s having a country and western concert. It’s going to be one time. Most of the individuals
involved in the planning and managing of that event, oftentimes they don’t even know each other. They may meet for the first time, and you’re creating this
temporary workforce. The same holds true if you’re a NCAA Division I, II or III university and you have a football season. You’re gonna play six or eight home games. You’re still gonna have
that temporary workforce. It’s important that this workforce is able to function as a team at both planning and management of that event. It’s also important for
this team to be able to function if that
event suddenly turns into an incident. Looking at the slide here, hopefully most of us on here have seen this before. There is a lot of merit in this. If you fail to plan, you’re
really planning to fail. I have seen fairly large universities that have events year
after year after year, they don’t really have a plan. It’s just because they’ve
always do it that way. That’s going to cause them to fail pretty drastically at some point. Planning. Pre-event planning is
intended to assist you in developing your Game
Day Operations Plan. I wanna talk about Game
Day Operations Plan and also Incident Action Plan. They’re very similar. The real difference is that
Game Day Operations Plan, I’ve also heard it called
Event Operations Plan. If you go around the
country, different parts of the country, they
call if different things, but it’s your Game Day
or Event Operations Plan. That’s really developed, what you should be working on prior to your event to help you manage your event. That Incident Action Plan
is actually developed at the beginning of an
incident to help you manage that incident, but
they are very similar. I’ve seen some Game Day Operation Plans that look identical to
an Incident Action Plan. That’s why NIMS and ICS and event planning really go hand in hand. That Operations Plan really is an outline for managing your event and any incident that might occur. You have to think about occur just before the event, during the event or even at the end of the event. This plan should be developed for each individual event and should really be considered part of your overall, existing emergency operation plan, if your university has a large
emergency operations plan or maybe just the venue itself has an emergency operation plan. At the beginning of planning,
you have to identify the stakeholders. Regardless if this is a
collegiate sports event, maybe a community parade, a rock concert or a high school event, the sponsor or those that are really
responsible for hosting the event, it’s on them to bring together those responsible for public
safety in the community. Also included on the planning team should be any agency that
has a functional stake in the event. What I mean by function
stake in the event, if you’re a university, for example, and you have a public safety department and their staffing doesn’t allow them to cover the whole event themselves and they have to bring
in outside resources, whether it be police, fire or maybe county emergency management or other, maybe state police, county police, depending on your
location, those are folks that have a functional stake in the event. Also, you need to consider those surrounding communities that are going to be
impacted by your event. Also, to avoid confusion
and consternation, at the very beginning of the process, the lead agency needs to be identified. I’m here to tell ya that this oftentimes falls apart because
sometimes those entities that think they’re in charge,
are not really in charge or not responsible to be in charge. I’ve had the opportunity to go around the country and look at different special events and how they’re set up and how they’re managed. I’ll say this even though I was in law enforcement 35 years, oftentimes law enforcement comes in
and tries to take over. They don’t necessarily always have to be the lead agency, or should they be the lead agency. It could be a local
emergency management agency, could be a combination of college athletic department or a college
public safety department, or if it’s a high school event,
high school administration and a local police agency. It just depends on what the event is and where it’s located. The important thing is that once this team is together, there
needs to be a consensus. Consensus doesn’t necessarily mean there’s 100% agreement on
who the lead agency is, but it’s imperative that the lead agency or lead individuals be identified at the start of the planning process. Now I’m gonna talk a little bit about NIMS. It’s a good resource. Considered the best practice in planning and management. By now, most of us should be familiar with the National Incident
Management System, specifically ICS, Incident Command. What I wanna say here about NIMS is that at the start of
your planning process, you should be developing
ICS command structure just to assist you in your planning, to help you identify who needs to be on that team. Consideration should be given, maybe, even to using the ICS forms. If you’re not familiar with them, I would encourage you to check those out. What I found is prior to 9/11, I was in large-event planning. After 9/11, and NIMS
ICS started to evolve, and we’re all taking the training, we all stood back and
said, “Wait a minute. “We’re already doing this.” We had an incident commander, but we didn’t call them
an incident commander. They were the event commander. We had unified command because it was necessary for some large events that we had to use outside agencies. These ICS forms will force you to identify staffing levels, radio communications and that sorta thing. I just encourage you to take a look at ’em and see if maybe you can adapt them for your own event planning. Unified command. It’s for those events that need multiple agencies. Most of us around the country
that have large events do need to use outside agencies. That sometimes, just going back to what I previously
said about identifying the lead agency, sometimes you might have a university or a state university, and
the state police command think they should be the lead agency. I don’t really agree with that. If that university has
their own police department, public safety department, that’s who should be in charge, in conjunction with their athletic department. Little bit about command posts. Having the opportunity to go around the country, what I’ve noticed is that command posts are almost, probably 90% of the time,
located in the venue. That’s not a best practice. You think about, you
have your command post, whether it be a unified command post with your incident
commander and all the other command staff and maybe
your athletic staff all in that venue, and
that venue goes down, there goes your entire command staff. Best practice is that command post is located away from the venue. That’s not to say that you do not need some sort of field command presence in the venue because you absolutely do, but that command post
should be located away. Then a little bit about
emergency operations center. That’s a big consideration
in the planning, too. Go ahead and set that
emergency operations center up. Have your EOC staffed
and fully functional. That’s just the resource
that will help you manage your event. Then they are in place if
you do have a large incident. I see some places will set up the EOC, but it won’t be staffed. That doesn’t really make any sense. Go ahead and set that up. If you can’t operationally
do that every time, do it one or two events a year just to make sure it’s working. That’s a great training opportunity during an actual event. Now as we wind up this first section in planning, I just wanna leave you with the following. You have to plan the plan, you have to staff the plan and you have to train the plan. Practice the plan, which is different than training the plan. Then review and adjust the plan. Hopefully, this’ll come
all together for ya in a little bit as we go along. Steve, I think this is a really good, natural place to stop and see if there’s any questions out there. – [Steve] Thanks, Richard. You are listening to Richard Morman on Campus Public Safety Online. Our topic today is
sports and special event security planning best practices. If you have questions or comments for Richard during today’s presentation, type them into that line at the bottom, that pod on the left side of your screen that says, “Questions and Comments.” We have several pauses
planned for questions. Don’t wait until the end. Just type them in immediately. Richard, can you give us some examples of who should be on a university’s
event planning team? – [Richard] Steve,
that’s gonna depend on what type of event it is. Obviously, if it’s an athletic event, you’re gonna have a representative from the athletic department, usually an assistant athletic director. You should have somebody
from the venue there. Some universities actually have events in venues that aren’t really theirs. They lease space off their campus. At a minimum, if it’s on campus, it should be your athletic department, somebody from public safety, emergency management if you have emergency management, and then again, those people that have a functional stake in it. If you’re using outside law enforcement, go ahead and incorporate them in. You may have some
initial planning meetings just with athletics and
other campus officials. If it’s some sorta other
special event on campus, it may be a sponsor you’re working with, a student organization. I would encourage you,
really, to reach out to those student organizations because it’s been my experience over the years that oftentimes security is kind of an afterthought for these student organizations. I would encourage those
that are listening in today, participating, to get to know
their student organizations and some of those leaders that have events all the time because you’ll find yourself
scrambling at the last second to try to do something. – [Steve] You’ve mentioned a number of different organizations, a number of different agencies that need to be involved in this activity. How do you decide who the lead agency is gonna be? – [Richard] Steve, obviously,
if it’s a university event, it’s your event. It may impact the outside community, and you hear that all the time, that hey, this large football
game is really impacting our community. They’re functional stakeholders. They should be involved
in there somewhere, but the lead agency is
going to be the university. It’s going to be athletics. It should be a joint partnership with athletics and public safety, whether it be public
safety law enforcement, public safety security. Emergency management, it should be part of that team also, if your university has an emergency manager. That university who’s having the event is the lead. If it’s somebody coming
into your university and leasing space or renting out your arena to hold some event, university still needs
to take the lead on that. Sure, they’re paying the
bill, whoever the sponsor is, and we have an election year
rolling around here soon. We always get hit with that a lot. That’s a whole nother seminar (laughs) on planning and managing those types of events, but the university needs to be really involved, more than just that student organization, because oftentimes these
political campaigns will approach a student organization as a sponsor. That way the get the
venue at a cheaper rate. But you need to get public
safety plugged in there as soon as possible. – [Steve] Thanks, Richard. We do have some questions coming in. We’re gonna save them for the next break. We will not lose them. Keep typing those questions in, but for now, in order
to stay on our timeline, Richard, I’ll let ya
continue the presentation at slide 16. – [Richard] Thank you, Steve. Although we’ve been discussing threats and hazards, this is still part of, excuse me. Although we’re now discussing threats and hazards, this is still
part of the planning process. We need to think an all-hazards approach, using that to determine what hazards, risk or threats merit
that special attention, and what actions we need to plan for. I have up on the slide the FEMA definition of all hazards. Natural, technological and human caused, but really, what does this really mean? Basically, threats and hazards to sports or special events are going to fall into three categories. That’s that natural, human or man-made, technological type of hazards. Natural hazards, we’ve probably all experienced them in the past. We’re talking about weather, such as maybe thunderstorms, lightning, could actually be a flood or a tornado. I know there was an NBA basketball game a couple years ago, it was impacted by a flood situation. Human-made hazards. That’s either gonna be,
that could be something caused on purpose. It could be even criminal or
it could be a human error, something like a fire or
some sort of explosion caused by human error or on purpose. Then technological hazards really can be defined as some type of incident that results from an accident or a failure of a system, maybe even like a bleacher collapsing or something along that line. The key to all-hazards approach is that you look at your
community’s vulnerability to specific hazards. If you’re in the state of Hawaii listening to this webinar, you’re most likely not gonna have to worry about a snow storm or a hail storm, I don’t think. Or if you’re in the state of Kansas, you’re not gonna have to
worry about a tsunami, but do you have to worry about tornadoes? Absolutely. Taking that all-hazards approach really allows you to plan your resources to be dedicated to those
risks that are most likely. That’s the key here. Most likely to impact your event. You also need to consider
the surrounding businesses and even the transportation
infrastructure. I had the opportunity to be at a venue a year or so ago that the majority of their spectators arrived
via public transportation. That’s not really too unusual in some of our larger cities. Also, events such as football, concerts, even motor sports,
they have other events going on kinda surrounding the main event, such as tailgating or camping. You have to take those
into consideration, too. Those are all vulnerabilities. I think it’s very important to be thinking about, as
you’re doing your planning, where do people gather before and after the event? This is something that
oftentimes overlooked in planning and threat assessment. Where do people get together prior to the event and after the event? Whether it be tailgating or some other gathering, where do they get together before and after? I mentioned in the beginning that I would give you a threat assessment tool to think about. This is the Threat Assessment
Hazard Identification and Risk Assessment Guide. It’s a Homeland Security product. It’s been revised, revised about two years ago. It’s now easier to use. This is a tool that’s out there. I would encourage everybody to at least take a look at this and evaluate it. It may not be right for you, but I think it would help you in guiding doing a risk assessment. This is commonly referred to, we all know the federal government likes to use acronyms. They call this the THIRA. It’s just a process to help you identify and understand risk. It really outlines a
four-step process for you. Got the four steps up there now, but what you really need to remember here, this process, it’ll help you with what you need to prepare for, it’ll give you the
resources that are required to be prepared and then it’ll give ya what actions
or mitigation activities you need to employ to lessen or eliminate the threat or hazard
that you’ve identified. Then it also helps you
identify what impacts need to be incorporated into your preparedness and planning. It’s really a four-step simple process. I would encourage you
to take a look at it. Now this next slide, I would almost bet, if I had some sort of feedback, that this risk formula that’s now up on the screen, everybody should be
somewhat familiar with this. You see this in different places. Risk equals threat times vulnerability times consequence. We used to see consequence
as a criticality, but in the last several
years, that’s really evolved into consequence. Once our all-hazards assessment has been completed for this event, our planning continues. The part of planning we’re on now is risk management strategy. We need to develop that. To simplify this, it’s
just important to give you some more definitions. Risk. What you need to remember here is really the unwanted outcome. It’s from something, and there’s that likelihood again,
I highlighted it for ya, and consequence. The definition of a risk, think of it as a potential of some
loss due to presence of a threat or vulnerability. Risk is a potential for
that unwanted outcome resulting from an incident, as determined by the likelihood and associated consequences. Just a reminder. A threat is that natural, human or technological- caused occurrence. Think of a threat as a person, place or an idea that poses some danger to an asset. That asset is your event
that you’re planning. Vulnerability really is
defined as a physical feature or operational attribute. Vulnerability is really
something that exposes you to a given hazard, a weakness or absence of a safeguard. You’re open to attack, basically. Consequence is really the effect of an incident or an occurrence. You’re gonna have to balance that threat and risk management. Through the all-hazard assessment process, you’re gonna have to gauge what your vulnerabilities may be. The threats may very
well often be unknown. Vulnerabilities, such as weather and that sorta thing, you’re
gonna know more about. Maybe through your intelligence gathering operation, you’re gonna
learn about some threats, but addressing vulnerabilities is really more in our control. You reduce the likelihood
of a vulnerability, harden a target. You’re gonna reduce that threat or thus reduce the risk. What we mean here, really, is ya may very well know, again,
about that weather hazard and be able to take actions to mitigate that, but if you have someone
planning a lone wolf attack, you may not know about that. Oftentimes, making your
target less vulnerable may dissuade other things. We’ll talk a little bit
more about that in a minute. Now I just wanna give you some risk management strategies. These I actually got from the Department of Homeland Security, but I’ve seen them other places. It’s very common. For example, risk avoidance, pertaining to sports or special events, think about maybe having a no-bag policy at your venue. Having this no-bag
policy removes that risk of patrons smuggling contraband into the venue. I’m here to tell ya that I know that the no-bag policy, they can
still smuggle things in, and they do. I’ve been at venues that
have no-bag policies. But this does help you avoid the risk. Risk control should be thought of really as deliberate action taken to reduce the potential for harm or maintain some acceptable level of risk. That could be that you’re allowed bags into the venue, but they’re searched and they can only be a certain size. Risk transfer. The most common thing thought of here is having an insurance policy. If you have somebody
that’s renting your venue for some event, they may very well have a large insurance policy in case their event doesn’t happen or something goes wrong. Also, risk transfer should be that you’ve hardened that target enough that when the bad guys
come and look at it, they say, “Oh, this is
too hard of a target. “Can’t penetrate this,
can’t smuggle things in.” You’ve successfully transferred
that risk elsewhere. You can think of that two different ways, but the most common one is having an insurance policy. Finally, risk acceptance. That’s really just clearly, you’ve made that decision
that you’re going to accept the risk. Oftentimes, organizations will determine that the cost of the
risk mitigation measures really are higher than the consequences of the risk. Steve, I think this another good place before we segue into event security that we can take some more questions. – [Steve] Tremendous. Thanks, Richard. For those of you who do have questions or comments, type them into the Questions and Comments area on the left side of your screen. We will get to them during this break or during our final break that’s coming up in a little while. Richard, Gary Crane
asks, “When tailgating, “et cetera, is occurring around an event “and most people arrive by vehicle “on streets not capable of handling “the volume of traffic,
what’s best practice “for staging for preparation
of emergency response? “Parking around and near
the event is, of course, “extremely limited.” I should point out that the previous National Center webinar by Kim Dude from last month covered exactly this area. You can find that webinar archived on the National Center webpage. But for now, Richard, what’s
your response to that? – [Richard] Tailgating is a problem. At the university I worked at, we made great strides in, for lack of better
terms, cleaning that up, but one thing we did notice, it really impacted the parking lot. One, you have to have a traffic and parking management plan to get cars into the venue. In tailgating, what we noticed is people would come very early, and the choice tailgate spots are around the perimeter of the parking lot because that includes the grass area, which they’re
really not paying for. This displaces the rest of the people. They’re paying for that parking space, but they kinda start
encroaching in the drive lanes. We recognize that as being very dangerous. We would have, in our parking lots, we’ve used quite a few officers to do alcohol enforcement,
litter enforcement. We also enforce keeping
those drive lanes open. If they would see a
tailgate where somebody parks their car, they set up their canopy and now they have a whole gang of people around them and you can’t
get emergency vehicles in and out, you have to police that. You have to keep people, keep those drive lanes clear. I’ve seen some venues that will stage a fire apparatus at their
venue because of that, because it’s very difficult to keep those drive lanes open. That’s gonna depend on the environment of the parking lot, the environmental design, can you accommodate that. Hopefully that answers that question. You can stage that fire equipment right at the venue or as close
to the venue as possible. I know most places have emergency squads stationed there and fire trucks. – [Steve] I’m gonna
squeeze in one more question during this break, Richard. Adam Roof wonders, “How
much operational control “should or can the onsite “field command office have before “it becomes a liability? “How can you best
communicate the separation to your team?” – [Richard] You have
your incident command post. I’m sure they’re referring to the practice of having that incident command post away from the venue. That incident command post should still be monitoring the event, and everything should flow through that
incident command post. There’s not really a difference
when ya think about it. If that incident commander’s in the venue, do they have to see the event going on? Not necessarily, especially most venues now have CCTV systems where you don’t have to be there to see actually what’s going on. You have a better view watching that on CCTV. You still need to have
that incident commander that’s in charge of the overall event, but you have that field command person in the venue that’s gonna take direction from that. If it’s a command person,
they may have a team that, they’re not really
operating independently, but they’re able to make
decisions on their own. If they need assistance, they go back to the incident command post. Does that answer that question? – [Steve] We’ll find
out whether it does. The asker can ask for
clarification, if necessary, but for now, Richard, we’ll let you get on with your presentation at slide 27. – [Richard] Now we wanna segue into event security. Once your risk management
strategy’s been developed, the event security plan is starting now to take shape. This plan should be taking
a holistic approach, keeping in mind the components of personal security, meaning your staff,
your event participants and your spectators. Information security,
and what we mean by that, really is the value of information about your event could be compromised. The operational security of your event and the physical security of the venue and the surrounding area could even be compromised. Information security is very important. The venue should already
have a physical security plan in place for non-event hours. If none exists, I would encourage you to, highly recommend you to develop one for non-event hours. You have non-event hours,
but we’re talking here about event hours. This kinda goes hand in hand with what we were talking about earlier. Things to be thinking
about as you continue your planning is what are you protecting, why are you protecting it, how will you protect it and what’s the likelihood,
and there’s that, again, likelihood term, what’s the likelihood that something’s going to happen, and what’s the plan if
something does happen. This is just going to
assist you in developing your staffing plan as you proceed. Remember, the temporary workforce that we talked about. That’s very unique. Really, a key function when we talk about personnel security is that all personnel involved in working this
event should be screened, pre-employment backgrounds
should be completed. Having had, again, the
opportunity to go around and look at different venues and talk to different people, this is
really a hot topic right now, about how far do you go in screening and doing pre-employment background. You should go as far as you can. It’s imperative that
you know who’s working in your venue, especially when this temporary
workforce is coming together. Oftentimes, our concessions are contracted out. Oftentimes, those contractors use volunteers, say church groups or
different other groups. You don’t know who’s in your venue, so it’s imperative that you screen them and have some pre-employment
background done. I would recommend that
if you’re getting ready to renew a contract with
your concessions company for your venue, make that a stipulation of the contract, that everybody that works for them, including volunteers, have some sorta pre-employment background completed. Then you need job descriptions
for each position, including security positions. Part of that job description should also be post orders. What I mean by post
orders, if they’re assigned to a specific location, it should spell out in
that job description what are the duties of the person assigned to this position. I’ve even seen some venues, and this is a real good practice, is to make a little card
that just has an outline of what your post orders are while you’re at that position. That will help that person out, if they’re new there. It’s also important to conduct a training needs assessment. If you have these same events every year, and we can stay with the football example, of course, you have people coming back each year and maybe have worked in the same positions every year. Sometimes you’re gonna get new people in these positions, so it’s important that you do a training needs assessment. Make that part of your planning to train your employees. All employees working the event should receive a situational
awareness training to enable them to spot and report unusual or inappropriate behavior. Several years ago, we started teaching everybody at
the Ohio State University football training, the ushers and the ticket takers. We discovered there was 1,400 and some extra sets of eyes and ears. We would go in pre-season and teach them, basically,
to see something, say something. That paid dividends. They would call things in. Not necessarily what they
thought was terrorism, but just situational awareness of unusual behavior or something going on in the venue that they
thought they should report. Also, we share with you
what are their concerns. You get a lot of positive feedback. You should incorporate
that into their training. Training should stress that event security is really the responsibility
of all employees, all of your staff, just
not law enforcement and security. It’s the responsibility
of game day management, from game day management to the ushers to the ticket takers. You need to stress that. Event security is the
responsibility of everybody. Now let’s talk about
positions directly involved in providing event security. After I’ve told ya it’s everybody, but really, law enforcement, fire, medical and private and proprietary security. Additionally, game day management, from the event operations manager to ushers, ticket takers. They all need to be part
of your security planning. It’s also important that all levels of security positions train together and know their mission. I’ll give a quote from an individual that does a lotta risk
management-type of training. That’s Gordon Graham. I think Gordon, not too long ago, for probably the fifth or sixth time, he’s a very good presenter. He stresses every day is a training day. I think you can take
this and carry it over to your event, also. Every event is really an opportunity to do some sort of training. It might be something as simple as recording the date and
the time of your event, what the weather is like
and how long it takes for your arena, for people to leave at the end of the event. That’s gonna help you in
your evacuation planning. I’ve been at venues
before when you ask them, “How long does it take
people to leave here?” They don’t know. Then you think, do they
even have a stadium evacuation plan or a venue,
arena evacuation plan. You can do other types of training, on-the-job training. You can take your incident command post, that hopefully is not in your venue, but you can simulate the radio system going down. I think most of the districts around the country, they went out and bought this radio
operability equipment. It was to patch all
radios and stuff together. Bring that onsite and
use it, see if it works. Every day is a training
day, and you should incorporate that into your training plan. The greatest vulnerability
in information security really is your staff. Education, training and awareness program must be developed to
ensure that all employees really understand what
information security is. This program has to cover
information security policies and procedures. If you don’t have some,
you need to develop some. In addition to training and awareness, the different types of
information, the vulnerability, that information. This could be just your
event operations plan. You don’t want that thing out and about. If you’re a public institution, some of that stuff may
very well be public record, but I would encourage
you to find out if it is, and have your legal
departments research that. It’s very important that you encourage and train your individuals on security of information, or operations security. Access control. Access control starts
outside of the venue, but it also pertains to inside the venue and also to restricted areas inside and outside the venue. It also applies to
vehicles and individuals. Why do I say vehicles? Because there are some
venues around the country that have parking either connected to the venue or actually
underneath the venue, so either inside or outside the venue. Access control does pertain to vehicles and people. Now let’s talk about physical security as it applies to sports
and special events. It really meets the same definition of security of other industries. Your physical security access control plan should consist of at
least three perimeters. You have an outer perimeter,
a middle perimeter and a inner perimeter. These three perimeters should create what we call concentric circles or concentric rings of security. Within those concentric
circles of security should be several different
layers of security. This concept is also known as defense in depth. We’ll come back to that term here in a minute and I’ll
give ya a great example of what I mean. Hopefully it will all
come together for ya. Let’s start with the outer perimeter. The outer perimeter could be something such as a buffer zone should be established around the venue to the maximum extent possible. Oftentimes, you’re gonna be constricted by your
environmental design of your venue, but the purpose of this outer perimeter really is
to deter vehicle traffic, keep vehicles away from the. This’ll actually assist you in your traffic management plan, also. When you think about
it, I know at Ohio State when we established our
buffer zone years ago, that actually forced those officers that were directing traffic to screen traffic a little better. Only certain vehicles are allowed inside that buffer zone. The best practices
suggest that you maintain a distance of at least 100
feet from the venue out. That’s, again, gonna
vary from venue to venue and by environmental design. Best case scenario, you
don’t have a parking lot within 100 feet and
you’re almost good to go. But I’ve still seen
venues set up like that, but they still allow VIP parking close by. If you do that, that’s not right or wrong. The preference for me would be not to allow it, but if ya
have to allow vehicles to park up close, and I understand the importance of donors
and that sorta stuff, having been involved in campus for a long time, but those vehicles need to be screened in some manner. Ya need to be able to identify that they have been screened. Back to the outer perimeter, though. Temporary block off roads, a lotta barricades,
different types of barricades are available. If you’re strapped for resources, consider using some of your campus trucks. When we first started at Ohio State, we used our campus dump trucks to set up a barrier. They had quite a few different concrete decorative planters to set up. They even looked nice. I’ve seen buses used. I’ve actually even seen
tractor-trailers used with alcohol advertisement on the side. That was some professional sports leagues that were doing that. Anything to kinda block that to create that outer perimeter. Middle perimeter. This is going to be your first level of access control for staff and spectators and the property that they might be trying to bring into your venue. To gain access through this perimeter, individuals must have either
a ticket or a credential. Something I want you to remember here is a ticket is for entry into the event. A credential is intended for access to a restricted space. I’m here to tell ya, I know a lotta times credentials are given out to maybe, as a special friend or a favor, but really, you need to be involved in the credentialing process as part of the planning process. Here I’m talking to anybody involved in the event management, specifically public safety. Get involved in that
credentialing process. It is really an important part
of the access control plan. This middle perimeter, once the venue has had a bomb sweep or other safety and security check
complete, it’s important that this middle perimeter’s established. That just helps you maintain the integrity of that security check
that’s been completed. I’ll talk about the inner perimeter. This will vary depending on the type of the venue and the type of the event. Let’s talk about a sports
event here for a minute. Inner perimeter really is going to be some restricted space,
such as a locker room, the field of play, obviously, whether it be a field or a court. For concerts, the inner perimeter may be a backstage or a dressing room and a stage. Access to the inner perimeter is restricted to individuals that possess that credential. We’re talking about,
and I can’t say enough about the importance of just being included in the planning process. Access to the inner
perimeter is restricted to that individual that
has that proper credential. Then, anybody that is staffed, either the outer
perimeter, middle perimeter or that inner perimeter, it’s important that those individuals
tasked with checking that credential have training. I would suggest maybe having a board made up with the different
levels of credentials. Credentialing, probably, could be a whole nother presentation for another day. The best practice I’ve seen is you basically have two separate credentials. You have a day-of-event credential and you might have a season credential. Then that individual credential will have different levels of hierarchy or different levels of
access that you can gain. It might be simple, just
punching the level of access that credential could
be, but it’s important that those staff that
are tasked with checking those credentials know
what they’re looking at and know what to look for. I said I’d come back to an example. of defense in depth. I want you to think of the gate security and look at the graphic that’s up there. We start at the top on
counter surveillance. Say your intelligence has told you that there’s some bad guy out there or somebody that’s gonna
try to bring something into your venue. We’ll keep it simple. Counter surveillance is somebody that’s out there, is looking for maybe somebody that’s doing
surveillance on the venue. They’re gonna be out kinda
in that outer perimeter, looking back toward the gate. That’s one level of security. Another level of security
you’re gonna have is that security officer
that might be doing your bag checks. I know some of the
professional sports leagues, like Major League Baseball,
are doing metal detectors. That’s just another level of security. Your ticket taker, that’s
also a level of security. That’s why it’s important they’re involved in the security planning and have that situational awareness. Next you’re gonna have a police officer. That police officer at the gate should be back away from the ticket taker and the security person, observing everything and being there to support them, and
intervene, if necessary. Then another level of security, if you’re fortunate enough
to have CCTV system, that’s another level of security. Defense in depth is really
that coordinated use of all that multiple
security counter measures to protect your asset. As we get ready to wind up here, I’d like to bring a couple things back up. We talked about earlier, to summarize, you have to have that plan. You plan the plan, staff the plan, train the plan, practice the plan, and then review and adjust that plan. During your planning process,
you’re thinking about what are we protecting, why are we protecting it, how you protect it. Then what’s the likelihood
that something’s gonna happen. That’s gonna be through
that risk threat assessment. Then what’s the plan if
something does happen. I wanna give you some
resources to start with. Program I got involved
with a long, long time ago, discovered this is a great resource if you have one in your area and if you do, I would encourage you
to reach out to identify if you do have this, but that’s the Protective Security Advisor Program. It’s with the Department
of Homeland Security. They can come in and help you do a threat and risk assessment on your venue. A very good asset. It doesn’t look like
there’s a lot of grant money available right now. We did use this program
two different times to procure money to enhance our security presence at Ohio State. The last one was a buffer
zone protection plan in 2010. Hopefully some of that
money will come back, but I know they’re still available, even if the funding is not there to get the federal grant for you,
they’re still a great asset to help you do that
security and risk assessment for your venue. We’re talking about physical
security things there. Also, the National Center
for Spectator Sports Safety and Security,
they have best practices, guides, including one for
intercollegiate athletics safety and security. You’ll see in there a lotta things that we talked about today. A little bit more in depth than I was able to go in the allotted time. NCS4 also offers training and other security-related services
for professional sports, interscholastic athletics,
intercollegiate sports and even marathons. There’s their website,
or you could just Google NCS4. Another great resource is TEEX at Texas A&M. Texas A&M University system has the Texas Extension Service, also commonly referred to as TEEX. Also, the National Emergency Response and Rescue Training Center, NERRTC, as we like to use those acronyms. It offers extensive training on emergency and response and rescue training. Then there’s a partnership that was formed a few years ago between TEEX and the NCS4. They offer three training courses. I would encourage you, if
you have not had these, seeks them out. You can actually bring them to you. These are coordinated through NCS4, but again, it’s a partnership between NCS4 and TEEX. They’re free, that’s the best thing, and they’re designed for your entire team to go through it as a team. If you’re a university,
I would encourage you to get your athletics people onboard, police, fire, other
public safety entities, public health, all together and go through this training together. They have a sequence that you can go through, all three. It’s Sport Event Risk Management, Sports and Special Event Evacuation Training Exercise, and Sports and Special Events Incident Management. Again, that’s provided by a partnership between the three. Steve, I think we’re at the point now we’re gonna take some more questions. – [Steve] Tremendous, thanks, Richard. At the end of the last break, you answered a question from Adam Roof about field command offices, and wondered if you had answered the question. I thought I’d let you know that Adam says, “It was a great answer, thank you.” We have some other
questions that we’re gonna take care of now. Here’s one that might be answered by some of the resources
that you just listed, or perhaps something else. Someone asks, “Is there
a class that trains “in event best practices
that you would suggest “on the East Coast?” – [Richard] Yes. You can bring the three
that I just mentioned, you could bring any of those three to you. Oftentimes, the county
emergency management agency may host this training. These three courses, I’ve got the slide back up there again with the NCS4 if you can see it. It’s kinda blue on blue. Definitely, you could
bring them to your venue. If you’re on the East Coast,
bring it to your city. Talk to your university or whoever venue manager is. It doesn’t have to be a university, it’s whoever has special events could bring any three of these. – [Steve] There was
an interesting dialogue going on in the chat room about emergency notification systems. I’ll list their names. Steve asked, “Does anyone offer “an emergency notification
text message availability “during events only to mitigate possible “live active shooter-type notifications “to contain possible panic? “Or do they merely rely on PA systems?” Then Jennifer Keegan pointed to a resource at Birmingham University,
which Steve looked at and reviewed and said was great. I wondered, Richard, if you have anything to add to that general dialogue? – [Richard] What was
the name of that resource? There’s a lotta commercial resources out there for notification. One thing that we all struggle with is, if you’re a university,
you may have faculty and staff and students
attending your event that have signed up for your university’s emergency notification, but the other several thousand people coming in, how do you notify them? There’s a resource that I became aware of that’s available
through Homeland Security, but I don’t think that’s quite out there yet. I would encourage, if
any of our other people listening in today know of resources. Quite a few commercial resources, lotta texting systems, but again, how do you get that information out there. Then the struggle’s also
how do you get it out to the tailgating and camping areas. I think a major way to do that is through radios. What I mean, the old AM/FM radios, over IP, maybe, and over TV because everybody has their satellite receivers out in the parking lots and
TVs and that sorta stuff. It looks like there’s some
information coming in now. I see Rave Mobile Security, definitely have heard of that. Anything else on that, Steve? – [Steve] You’re seeing
what’s coming up there, and if you have no other, if you can sorta glance at some of those as they come along to see if anything catches your eye. Let me get to a couple of other questions. You mentioned taking a holistic approach to security planning. Can you say a little bit more about that? – [Richard] What I mean
by a holistic approach is really an all-encompassing approach. We talked a lot about, and this is a great question, too, we talked about how we used to only have to worry about parking and traffic and crowd management. We still have to worry about parking, traffic and crowd
management, but we’re taking that holistic approach. How does traffic and
parking affect security? I mentioned earlier about how at Ohio State, we started doing the buffer zone protection plan. It seemed like that actually streamlined our traffic management process because what we used to
get close to the stadium were cars that shouldn’t have been there because they weren’t
being properly screened as they come in. Taking that holistic approach is looking at the whole thing. Just not how do you maintain security at your stadium or arena,
but how does parking play into that? I mentioned that everybody should remember to figure
out where do people, where they gather before your event and after your event. That’s very important to think about. How do you secure that? We’ve hardened the target, the venue, most of us, very well, but now the softer target is outside
that venue somewhere. It could be out in your tailgating area. It could be a local street near the venue where everybody congregates to have an adult beverage before or after your event. You need to think about that also. – [Steve] We’ve only
got a few seconds left. I wonder if you can squeeze
a quick answer to this in. “Can you further explain what you mean “by every event should
be a training event?” – [Richard] As I quoted Gordon Graham, and I encourage everybody to kinda Google Gordon if you’ve never heard him, if you have the opportunity to do that, but everyday’s a training day. Every event, you should
take an opportunity to practice what you’ve planned for. You can simulate things. Say you simulate your
command post going down. You should have some redundancy built into your plan. If you have an incident commander, in the unified command,
every command person from other agencies, police, fire, emergency management, who is their backup? If that command post goes down, who do you call, who steps up and where do they go? For instance, you could train, just make an announcement, the incident command post is now down. You should have in your plan already what to do. If you’re the backup person, and if the instructions are you go to the emergency operations center, you go to your backup command post or you call somebody or somewhere, you can simulate that during a game. It’s not gonna hurt anything. It’s all in the timing. Obviously, if you have an event that’s very, very busy and there’s a lotta little incidents going
on that you’re having to look at. Steve, this is a good place to wind up. I didn’t really get into after-actions and that sorta stuff, but
you should absolutely, after every event, regardless of the size, have a debriefing. Have your supervisors
debrief with your staff. That’s commonly called a hot wash. Then bring that back and have an after-action debriefing
of all the supervisors. Then make a formal after-action report. You should get that out every year as you’re starting your
new planning phase, and look at that after-action
from the year before. – [Steve] Thanks, Richard. Thanks to all of our
viewers and questioners from around the Internet. Check the NCCPS webinar’s webpage for a link to the recording
of today’s webinar, as well as a link to our speaker’s slides and information about future webinars. Watch your email for that
brief evaluation survey on today’s session. We read and act on your comments. You can mark your calendar now for our next Campus Public
Safety Online webinar from 2 to 3 p.m. Eastern time on Tuesday, September 22nd. Gary Margolis will
discuss the implications of social media on campus
safety and security, the role of social media threat alerts. Watch your mail or visit
the NCCPS webinar’s webpage for registration details. In addition to our Campus Public Safety Online webinars, the National Center for
Campus Public Safety lists a wide range of
other events and resources. You’ll find details on the web at Again, that’s I wanna call your
attention to one particular upcoming event that many of you will want to attend. From October 19th to 21st, the University of Vermont will present its 25th annual “Legal
Issues in Higher Education” conference, which includes a Campus Public Safety track, produced in collaboration with the National Center. Campus safety topics will include fair and impartial policing,
trauma-informed investigations, crafting a campus prevention program, and social media and campus public safety. Conference speakers include some of the nation’s leading
experts in the field, such as Alison Kiss, executive director of the Clery Center
for Security on Campus, Lyn Hammer, sexual
assault prevention manager for the U.S. Naval Academy,
Dr. Gary J. Margolis, co-founder of Margolis Healy and president and CEO of Social
Sentinel, and Steven Healy, managing partner and co-founder of Margolis Healy. Make a difference on your campus, and take part in this annual conference at the University of Vermont Davis Center in beautiful Burlington, Vermont, or join online via the
live webstreaming option. For details and to register, link to That’s Campus Public Safety
Online is brought to you by the National Center
for Campus Public Safety, with support from the
University of Vermont Continuing and Distance Education, and the U.S. Department of Justice. Special thanks today to
Andrea Young and Dan Cardella. This is Steve Worona. See you next time on Campus Public Safety Online.

Michael Martin

Leave a Reply

Your email address will not be published. Required fields are marked *

Post comment