Surveillance for high-demand environments like airports, data centres, casinos, and ports, requires streamlined incident management and effective decision-making to ensure operational efficiency and the safety and security of assets and people.

Being able to unify and interrogate data from critical systems makes this possible and is easily achieved by using integrated command and control software to collate disparate data streams, analyse them for single or combination events that warrant investigation, and alert operators accordingly.

How does being alerted to potential risks or threats translate to critical decision-making? The answer is increasingly through the use of automated and interactive workflows. 

What is a workflow?

A workflow is essentially a decision-making tool offered as a feature within command and control software. An intelligently integrated command and control solution can be programmed to look for key events and send alerts to operators. Working with data captured in real time, the system can also be programmed to associate the specific threats detected with reaction protocols. These generate on-screen instructions (a workflow) that guide operators through the most appropriate next steps for that particular situation.

Why are workflows so beneficial for incident detection and response?

Workflows are highly effective because they enable rapid, informed decision-making to eliminate the potential panic factor experienced by operators, which can hinder and delay response in a high-pressure situation.

Workflows follow a logical decision tree format and enable consistent decision analysis. Individual nodes call on surveillance operators to test certain attributes in relation to an event detected (like prompting them to carry out an investigative or procedural action), with the outcomes dictating the direction the next ‘branch’ will take until a final destination point is reached.

The power of a workflow is both in its simplicity of application and its fluidity. As a situation unfolds, the requirements of each threat change. Because the workflow responds to evolving data detected through the integrated surveillance system and in relation to prompted operator input, it adapts accordingly.

In critical settings – busy transport hubs, for example – where threat levels can change rapidly and minor events have the potential to cause major disruption, decisions always have to be based on the very latest information, so this flexibility is key.

Do rapidly changing events affect the consistency of the workflow process?

Absolutely not. While workflows adapt based on the information they receive – the rules they follow are developed with consistency in mind, usually to reflect an organisation’s Standard Operating Procedures (SOPs).

Essentially they will ensure that any prompted operator action in relation to an evolving scenario is approved for that specific set of circumstances. This is why upfront system set-up can be lengthy and complex as multiple scenarios are considered and reflected in the programming.

The subjective nature of human decision-making, and a finite capacity to process data, means that different operators faced with exactly the same scenarios can and do take different actions. Workflows remove the subjective factor from the equation.

What is an example of a situation that might benefit from workflows?

Imagine a surveillance operator at their workstation in the control room of a busy airport. Two on-screen alerts are displayed informing a secure service door to the baggage area is open when it should be closed and that smoke has been detected in a nearby room. This scenario will trigger a workflow.

The workflow will automatically prioritise live video from the cameras nearest the service door, and the control room operator will be asked to verify whether the door is open or closed. If the door is not closed, the operator is then asked if the door is being held open on purpose (possibly by a person or a wedge of some kind). If the door is not deliberately open, the system is prompted to send an SMS message to the nearest security team containing exact incident location details (via integrated mapping), asking them to investigate and report the status.

At the same time, the workflow also triggers a ‘shared incident management’ protocol to another member of the control room team, instigating further investigation of the smoke – asking for visual verification and review of data from the smoke detection system. This ensures that both responses to what could be significant issues are simultaneous, i.e. one does not have to be completed first, leaving the other susceptible to possible escalation due to delayed action.

If each event is found to be harmless, the incident is closed with all actions, and collected footage and data are logged and securely stored. Should any investigation find further suspicious activity, the workflow will continue with a mix of automated action and guided responses.

“Complex scenarios tend to be the most commonly used for workflows as they are where the most noticeable value can be delivered. They can also be highly effective single action triggers – just because workflows can be lengthy doesn’t mean they always are.”

Are delays caused when data that influence the next stage of the workflow is dependent on another party?

You have to remember that other parties will only be involved if that is deemed to be the best course of action in terms of safety, security and speed. Also, when used as part of an integrated system, data updates and responses can be carried out simultaneously via integrated communication.

For example, if part of the primary responder’s workflow is to direct a member of the security team to physically investigate an incident of unauthorised track access on a rail network, security personnel can send a text message back to the system with a pre-agreed code. Dependent on the situation and the code the security team uses, the system will immediately decide what ‘branch’ of the workflow to generate next. It’s not a case of Person A in the security team having to call Person B in the control room, who then has to physically input a whole message.

This usage of workflows, i.e. for dispatch and response, is also extremely useful for operational issues – for example, deployment of teams to review and fix equipment faults. As the worker finishes a task, they press a button on their phone screen, and a completion log is sent to the system, sending the worker the next set of tasks to complete in the workflow. All this is recorded within the management platform to review post-event and help inform future preventative maintenance activity.

Which type of scenarios are workflows best suited?

Complex scenarios are the most commonly used for workflows as they are where the most noticeable value can be delivered. They can also be highly effective single-action triggers – just because workflows can be lengthy doesn’t mean they always are.

In fact, on detecting certain threats, a workflow may trigger a simple, immediate and automated action such as a pre-recorded evacuation announcement if smoke/fire is detected, instructions to the maintenance crew if a clear operations fault is detected, or a notification to local emergency services in the event of pre-programmed security breach criteria is met.

How will the use and benefits of workflows develop in the future?

The only limit to the reach and efficacy of workflows is people’s creativity and imagination. When looking at an integrated system and the workflows it generates, the approach is not ‘what can this do’ but ‘what is it we want it to do.’ If you have the right approach, the technology is available to make it happen.