Month December 2020

Contingency Planning

Tim Riecker, The Contrarian Emergency Manager 3 Comments

I’m going to wrap up 2020 by discussing contingency planning, which is a practice not seen often enough. Before I get started, I should contextualize my use of the term ‘contingency plan’. My general use of the term, at least in emergency management applications, is intended to refer to a plan which may be needed to address the disruption of current event management, incident response, or recovery operations. Essentially, it’s the emergency plan to use while dealing with an emergency, in the event that something bad occurs.

When might you need a contingency plan? Contingency plans should be developed for the kind of situations that have you looking over your shoulder or asking ‘what if…’. Weather events are often good examples, such as a response taking place during some very active tornado weather. You might be responding to the impacts of an earlier tornado, or something completely unrelated, but a tornado warning is in effect, meaning that one could materialize at any time. This could also be a response taking place in a low-lying area during a flash flood warning. We sometimes build contingency plans into our standard operating guidelines or procedures (SOPs/SOGs) by having back-up teams, such as rapid intervention teams (RITs) in the fire service, which are standing by to rescue firefighters in trouble during an interior firefighting operation. Assessing risks on an ongoing basis and developing contingency plans should be part of your incident management battle rhythm.

Where to start with contingency planning? Let’s fall back to the CPG 101 planning process. Yep, that works here, too. The first step is to build your planning team. Contingency planning is a responsibility of the Planning Section, but others need to be involved. Working from a traditional ICS structure, I’d certainly suggest involving Safety and Operations, at a minimum, but depending on circumstances, you may wish to expand this, such as considerations for failures in the supply chain (thus Logistics and Finance/Admin), which may be less of a life safety matter, but can heavily impact operational continuity.

With consideration to the Safety Officer, I’d argue that tactical safety is the primary focus of the Safety Officer; while things that can have much broader impact to the incident, while still a concern of the Safety Officer, may require more in-depth and coordinated planning, thus why I tag the Planning Section to lead contingency planning efforts. My experience has always had the Planning Section taking the lead in this. That said, your incident management organization may decide to assign this to the Safety Officer or an assistant Safety Officer. That’s totally fine in my book, so long as it’s being addressed.

Step two of the planning process is to understand the situation. Some of your risks might be really apparent, such as the tornado warning, but others may require a bit more assessment and discussion. If you need to dig deeper, or are looking at a potential need for a variety of contingency plans, I’d recommend using a risk assessment matrix to help assess the likelihood and impacts of the risks you are examining. Here’s an example of a risk assessment matrix from the United States Marine Corps. Sadly, the risk assessment matrix is not yet a common tool in our incident management doctrine and practices in the US, though I do see it referenced elsewhere. In looking at the tool, obviously those with higher probabilities and severity of impact are the priorities on which to focus. Be sure to consider cascading impacts! Keep in mind that this risk assessment, depending on the duration and kinetics of your response and the dynamics of the environment, may need to be performed more than once throughout your operations. It should at least be considered every operational period.

Step three is to identify goals and objectives. Of course, in the broadest sense, our operational priority is always life safety, but we need to refine this a bit based on the specific hazard we are planning for. Second to life safety, we should also be considering operational continuity, ensuring that we can return to current operations with the least disruption possible OR be able to immediately respond to emergent needs created by the hazard in the event of the hazard creating a more kinetic environment. Your plan may also need to address impacts to the public at large (essentially anyone not part of your incident management organization). Depending on your operational scope and the area of responsibility, this may actually exceed the capacity and mandate of your incident management organization. You will need to determine how to ‘right size’ the scope of your planning efforts. This is perhaps a good opportunity to consult the local emergency manager. Don’t lose focus, though. The contingency plan is not intended to save the world. Remember, responder safety is our number one priority.

Step four is developing the plan. This is largely an outline of the essential elements. There are a number of components to consider for your plan. First, with consideration of cascading impacts, we should identify what aspects of the hazard we can mitigate and how. If there are hasty mitigation steps we can take, those may help limit the risk to life, resources, and operations. Next, consider your concept of operations for the life safety aspect of this plan. As with any other emergency operations type of plan, we need to maintain situational awareness and have protocols for notification and warning. Using the tornado warning (during an active response) as an example, who is responsible for maintaining a watchful eye on the skies and keeping tabs on dynamic weather products? If they see something of concern, who do they notify and how? Is there an emergency radio frequency that everyone’s radio will automatically go to if used? Perhaps three blasts of an air horn? Identify what will work for your operating environment. Keep in mind that if the matter is of urgent life safety, you want to minimize the number of steps and the amount of time taken between awareness and notification to responders. Next, upon notification, what is the emergency action plan – i.e., what needs to take place? Evacuation? Shelter in place? Some other action? A great reference for this from the wildfire incident management community is Lookouts, Communications, Escape Routes, and Safety Zones (LCES), which is part of their incident safety analysis.

What happens after those protective actions? Ideally some kind of status check-in of the impacted personnel for accountability and continued situational awareness. Who is responsible for communicating that and to whom is it communicated? Is it wise to have some sort of rescue team standing by incase anyone is in trouble? If so, what resources need to be tasked to it, what is its organization, and what are their operating protocols? Can you reasonably keep the rescue team out of harm’s way to help ensure continuity of their capability?

You may also have a continuity of operations (COOP) aspect to this plan, to address how the incident management organization will minimize down time, restore prior operations, and possibly even identify alternate methods of operations. Depending on the hazard, a reassessment of the operation may need to take place to see if objectives will change to address a new situation created by impacts from this secondary incident.

Consider the current operational environment that every jurisdiction is facing at this moment. Jurisdictions, EOCs, and others should certainly have a contingency plan in place right now that addresses things like potential Coronavirus exposures, symptomatic personnel, and personnel that test positive. Many have been dealing with it, but do they have their protocols in writing? Most do not. In New York State, all public employers are now required to develop a plan to address these and other factors for public health emergencies.

Step 5 is plan preparation, review, and approval. This is the actual writing of the plan. Of course, you are in the middle of an incident, and it’s likely that the contingency(ies) you are planning for is breathing down your neck. Depending on how much haste is needed, your plan might be a few bullet points, or it could be a few pages long with more detail. Obviously do whatever is appropriate. Have the planning team members review the plan to ensure that it addresses all critical points and accurately reflects the necessary steps. Have you identified what will trigger the plan? Who is responsible for monitoring the situation? Who is responsible or activating the plan? How will they activate it and notify others? What are the responsibilities of others once they are notified?  Once you and the planning team are satisfied that you’ve addressed all the important points, the plan should be forwarded to the appropriate authority for approval, such as the incident commander, EOC manager, agency administrator, etc.

I’ll also note here that if you have multiple threats and/or hazards for which you are developing contingency plans, try to keep your contingency operations as similar as possible. The more complexity you have, especially to deal with different hazards, the more problems can occur during implementation. For example, your means and methods for notifying personnel of a tornado and a flash flood can likely be the same if their protective actions are also the same.

Lastly, step 6 is implementation of the plan. This is where someone should be working on any mitigation actions that you identified and personnel should be briefed on the plan, so they know what they are responsible for and what they need to do, when, and how.

It seems like a long process, but it can be done in a few minutes for urgent hazards. Some contingency plans may certainly be longer and more complex, especially if you are preparing for something that has a lower risk factor or something that isn’t yet a hazard, like a distant weather front. Several years back, I was part of the overhead team for a state-wide months-long debris removal initiative in the aftermath of a late season hurricane. As operations went on, we eventually entered the next hurricane season, and with that we identified the threat of future tropical storms to our area of operations (an entire state) and the operations we were responsible for. We needed to identify who and how systems would be monitored, trigger points for activation of the plan, and how to communicate emergency actions to several debris removal and debris monitoring contractors. We had time leading into hurricane season and were able to develop a well-crafted plan to meet this need. Fortunately, we didn’t have to use it.

Have you written contingency plans for incidents and events? What lessons have you learned from contingency planning?

~~

As a final bit on 2020, we are all certainly happy to see it pass. Keep in mind that while the new year offers a mental benchmark, we still have months ahead of us continuing to manage the consequences of the pandemic and our response to it. We have learned a lot of lessons from this response, which every organization should be capturing, if you haven’t already. As we go into the new year, resolve to do something meaningful with those lessons learned. Don’t just let them languish in yet another after-action report. Implement those corrective actions!

Stay safe.

© 2020 Timothy Riecker, CEDP

Emergency Preparedness Solutions, LLC

FEMA’s 2020 National Preparedness Report – A Review

Tim Riecker, The Contrarian Emergency Manager 1 Comment

It seems an annual tradition for me to be reviewing the National Preparedness Report. I’ve endeavored to provide constructive criticism of these documents, which are compilations of data from state and federal agencies, national-level responses, and other sources.

This year’s National Preparedness Report emphasizes that it is based on data from the 2019 calendar year. In looking back on past reports (note: they are no longer on the FEMA site – I was able to find them in the Homeland Security Digital Library) this has been the past practice. Perhaps I never realized it before, but a report talking about data from practically a full year ago seems to hold even less relevance. That means that enacting changes on a national level based on this data may not even begin to occur until two years have passed. Even taking into consideration that states and UASIs are compiling their reports early in a year for the previous year, it still seems a long time to wait for the national level report. This extent of lag is further emphasized by the document’s foreword, written by the FEMA Administrator, which makes many references to COVID-19 and how much different next year’s report will be, while not really speaking at all about the current report. This speaks a lot to how much we, as a practice, are attracted by the shiny objects dangled in front of us, seemingly ignoring all else.

My first pass of the 2020 report brought two primary impressions: 1) The instructive content of the document is some of the best I’ve seen out of FEMA, and 2) There is a considerable lack of data, with a low value for much of what they have included.

In regard to my first impression, the discussion of concepts such as risk (including emerging risk and systemic risk), capabilities, cascading impacts, community lifelines, public-private partnerships, and vulnerable populations has the perfect level of depth and detail. Not only do they discuss each of these concepts, but they also identify how they each connect to each other. This is EXACTLY the kind of consolidation of information we have needed for a long time. This lends itself to truly integrated preparedness and the kinds of information I’ve mentioned many times as being needed, including in the next version of CPG-101. I’m truly impressed with this content, the examples they provide, and how they demonstrate the interconnectedness of it all. I’ll certainly be using this document as a great source of this consolidated information. Now that I’ve extolled my love and adoration for that content, I’m left wondering why it’s in the National Preparedness Report. It’s great content for instructional material and doctrinal material on integrated preparedness, but it really has no place, at least to this extent of detail in the National Preparedness Report. Aside from the few examples they use, there isn’t much value in this format as a report.

This brings me to my next early observation: that of very little actual data contained in the report. Given the extent to which states, territories, UASIs, and other stakeholders provide data to FEMA each year by way of their Threat and Hazard Identification and Risk Assessments (THIRAs) and Stakeholder Preparedness Reviews (SPRs), along with various other sources of data, this document doesn’t contain a fraction of what is being reported. There are two map products contained in the entire report, one showing the number of federal disaster declarations for the year, the other showing low-income housing availability across the nation. Given the wide array of information provided by state and UASI, and compiled by FEMA region, surely there must be some really insightful trends and other analysis to provide. There are a few other data sets included in the report showing either raw numbers or percentages – nothing I would really consider analytics. Much of the data is also presented as a snapshot in time, without any comparison to previous years.

Any attempt to view this document as a timely, meaningful, and relevant report on the current state of preparedness in the nation, much less an examination of preparedness over time, is simply an exercise in frustration. The previous year’s report at least had a section titled ‘findings’, even though any real analysis of data there was largely non-existent. This year’s report doesn’t even feign providing a section on findings. To draw on one consistently frustrating example, I’ll use the Core Capability of housing. While this report dances around doctrine and concepts, and even has a section on housing, it’s not addressing why so little preparedness funding or even moderate effort is directed toward addressing the issue of emergency housing, which has arguably been the biggest preparedness gap for time eternal in every state of the nation. Looking broadly at all Core Capabilities, this year’s report provides a chart similar to what we’ve seen in previous years’ reports, identifying how much preparedness funding has gone toward each Core Capability. In relative numbers, very little has changed; even though we know that issues like housing, long-term vulnerability reduction, infrastructure systems, and supply chains have huge gaps. All these reports are telling me is that we’re doing the same things over and over again with little meaningful change.

So there it is… while I really am thoroughly impressed with some of the content of the report, much of that content really doesn’t have a place in this report (at least to such an extent), and for what little data is provided in the report, most of it has very little value. The introduction to the document states that “this year’s report is the product of rigorous research, analysis, and input from stakeholders”. To be blunt, I call bullshit on this statement. I expect a report to have data and various analysis of that data, not only telling us what is, but examining why it is. We aren’t getting that. The National Preparedness Report is an annual requirement per the Post Katrina Emergency Management Reform Act. I challenge that FEMA is not meeting the intent of that law with the reports they have been providing. How can we be expected, as a nation, to improve our state of readiness when we aren’t provided with the data needed to support and justify those improvements?

© 2020 Timothy Riecker, CEDP

Emergency Preparedness Solutions, LLC®

EOC Toolkit: National Comment Period

Tim Riecker, The Contrarian Emergency Manager 2 Comments

Yesterday FEMA’s National Integration Center distributed notice of a national engagement period on two new Emergency Operations Center (EOC) related documents: EOC References and Resources Tool and the EOC How-To Quick Reference Guide. This seems to be the initiation of an EOC Toolkit, which I conceptually think is a great idea. My first impression of these documents is that they both have good information and are logically organized. The documents are good, but I’m also not particularly impressed by them.

First up is the EOC References and Resources Tool. The document indicates that the audience is ‘EOC leaders and staff’, and the intent is to provide them with ‘a set of best practices, checklists, references, links, and essential guidance related to EOC operations and administration’. This is a two-page document, seemingly formatted for printing (It’s a PDF), but mostly useless in print form as it has an abundance of internet links to sites and documents which provide much more information. The document itself isn’t really a ‘tool’, per se. It doesn’t have, on its own, any intrinsic utility other than referring you to other sources of information. While the description indicates that this document has checklists, it does not, though several of the documents linked from this document do have checklists. The center of the first page provides a link to the EOC Toolkit website, but it’s not particularly highlighted. To be honest, I think this document should, in essence, be the format and content of the EOC Toolkit site.

The second document is the EOC How-To Quick Reference Guide. This is an 80 page document. I’m not sure I’ve ever seen anything labeled a ‘quick reference guide’ be that long. If anything, the EOC References and Resources Tool document (discussed previous) is really the ‘quick reference guide’, while this document is more of a ‘tool’. There is solid information in this document, nothing that from a quick review I have any quarrel with. The content areas are fairly comprehensive, giving information on hazard, vulnerability, and capability assessment; EOC site selection; EOC capabilities and physical design; information management; and preparedness. That said, it doesn’t give you much content within any of the topic areas. It almost feels like a literature review.

As with the other document, this document is formatted for printing, but is full of hyperlinks to sites that expand greatly on the information provided. So it’s not really anything I would recommend printing and putting in a binder. Electronically, it does make it a good compendium of resources, but with how rapidly things change and the frequency of new sources of good information becoming available, I think this document is also best organized as a website that can be updated in real time as new information comes available. As soon as one link changes, the document becomes obsolete. That said, the resources they link to are all good and worthwhile. An attachment to this document provides a fairly comprehensive EOC self-assessment tool; though the tool doesn’t really address partially or fully virtual EOC operations and remote access; and while it goes to an extent of detail asking about certain things (such as a helicopter landing pad), it completely misses some functional things (such as dry erase boards) and is far from comprehensive in the realm of security.

As with most national comment periods, the NIC has provided the documents (though without numbered lines) and a comment form. These, along with information on webinars they are conducting, are posted here: https://www.fema.gov/media-collection/emergency-operations-center-eoc-toolkit-how-quick-reference-references-and-tools.

All in all, I feel like these documents hit the outer ring of a dart board. They are fine, but not really close to the bullseye. It seems these were assembled by a NIC employee or consultant who has spent little to no time in an EOC, much less having any role in the design or preparedness activities for an EOC. As I mentioned earlier, they feel a lot like a literature review – providing a summary of sources but themselves providing very little information. Not that that’s a bad thing – but I’d rather see this in a website format.

What are your thoughts on the documents? 

© 2020 Timothy Riecker, CEDP

Emergency Preparedness Solutions, LLC®