Author Tim Riecker, The Contrarian Emergency Manager

The Emergency Management Support Act – Update 1

Tim Riecker, The Contrarian Emergency Manager Leave a comment

My original post on this bill generated some great discussion on Twitter and LinkedIn.

The actual bill text was finally posted on Congress’ bill tracking website.

My observations and comments:

  1. The short title of the bill suggests that the bill can be cited as the ‘EMS Act’.

Ugh. Really? Thanks Rep. Thompson for continuing to perpetuate confusion related to emergency management.

2. The bill provides, as an amendment to PKEMRA, a definition of local emergency management director: ‘An official designated at the local level to coordinate local disaster response, emergency planning, emergency preparedness, disaster recovery, disaster mitigation, and related activities on a full-time or part-time basis.’

While this is a necessary definition to include in the bill, I think that since the bill is focused on EMPG-funded local emergency management programs, it should specify those are the only local EM directors this applies to. Depending on how states administer and distribute EMPG funds locally, there are some states with many local emergency management programs that are not EMPG funded.

3. The bill provides, as an amendment to PKEMRA, a condition for eligibility of EMPG grant funds, that states ‘require local emergency management directors to successfully complete Federal Emergency Management Agency provided baseline emergency management training developed in accordance with the National Incident Management System not later than 1 year after the date of enactment of this subsection and recurrently at an interval determined by the Administrator to strengthen local emergency management capacity.’

So as mentioned in my original post, there is still no actual identification of what topics are to be addressed in the training. While it states ‘in accordance with NIMS’, that’s still not at all specific. I suppose to one extent, it’s good that politicians aren’t assuming they know what ‘baseline emergency management training’ looks like, and it also allows this would-be provision of an amended PKEMRA some longevity and flexibility to address changing needs. On the other hand, we still don’t know what the actual intent of this training is. Of course, we want emergency managers to be trained to a baseline. That’s certainly a good thing. Though as mentioned in my original post, many states have developed their own local emergency manager training programs. I assume that most of these state-developed training programs meet identified needs within the state, including specific state emergency management processes and operations which would not be included in any FEMA-developed training. Will states be allowed to substitute this training for the ‘FEMA-provided’ training indicated in this provision? If not, this will be an additional training requirement, which superficially isn’t a bad thing, but it is one more thing that emergency managers need to do – and not just once, but annually.

The provision doesn’t state the delivery modality of the training, so I suppose FEMA has the option of this training being independent study, in-person, live remote, or any hybridization of the above. While independent study is certainly the most convenient for everyone, we all know that it has limitations on learning taxonomies. That said, the language states ‘FEMA-provided’, not FEMA-conducted. Since other language in the bill indicates that States are to report to FEMA on compliance, it seems the intent is to have FEMA develop said training for state delivery (i.e. G courses). I suppose this can provide an opportunity for state training officers to amend the FEMA-developed course to include state-specific information without taking away from the material FEMA developed.

But with all that, what of other training initiatives out there, such as the FEMA Basic Academy? While there is no federally-driven grant requirement for the Basic Academy, the materials could be included within this. But with that, while I continue being a big advocate for training and see the value of the Basic Academy, the number of courses and duration of training could be a barrier – especially for part-time directors. And with the refresher requirement, there obviously can’t be an expectation for people to re-take the academy, so a separate refresher training would have to be developed and delivered.

As a former state training officer, there are a lot of possibilities, but also a lot of logistical issues to be addressed.

4. The bill does provide language to address gaps in compliance, with states being required to identify barriers of all local emergency management directors completing training and an approach to overcome those barriers with a timeline for compliance.

I really do appreciate accountability in laws and grants, and while this provision is a good start, there is no provision for a penalty, so it really has no teeth to it. To me, this seems very much like the NIMS training requirements that came about following HSPD-5, which initially had a lot of complication in tracking but devolved into a simple statement of compliance in EMPG reporting.

As mentioned, there was a lot of great discussion prompted by my last post. Most people agreed there were a lot of concerns absent seeing the bill itself. Now that we have, it still doesn’t really address most of those questions and concerns. There were some comments on the original post that at least this works to establish some kind of standard. I can only partially agree with that sentiment. The bill itself doesn’t define a standard at all. Let us be honest that this is not a standard for all emergency managers – it’s only for local emergency management directors funded by EMPG. Yes, that’s an important group, but it should not be confused with being a standard for the profession. Also, training should be based on an established standard; and generally speaking, training is not itself a standard.

Continued Thoughts on Training (for those who are interested)

Philosophically, there is a great opportunity here to develop a comprehensive baseline training course or program that includes elements of a lot of existing training as well as some new content, but that training, at least as developed by FEMA, can only address federal processes and fundamentals of emergency management from that perspective – it can’t speak to the unique approaches and nuances of each state, which means there is a critical component that would be missing from this training if the intent is for it to be truly ‘baseline’. I’d hope that whatever is developed provides room for states to incorporate locally specific information to make this training more worthwhile and valuable.

Will this be valuable, or will this become ‘one more thing’ for emergency managers to do? Will this be some pencil-whipped compliance item? While it leaves FEMA (and hopefully the emergency management community at large) to identifying what that standard will be (i.e. the content of the training), I expect that much of the EM community will want less instead of more. Again, as a former state training officer, I heard people complain every day about the duration of training and wanting to cut corners. I expect many current EMs will express this to be a waste of time for themselves, likely being shortsighted about the potential value to new personnel. That said, I’ll also suggest that if this is truly for local emergency management directors, these individuals should have the ‘baseline’ knowledge BEFORE being hired to the position of director – though we know that many, especially those who are current or retired fire and police who are often given these jobs actually know very little about emergency management beyond response.

The most comprehensive standard we have in emergency management is NFPA 1660, though I don’t feel that this, alone, is enough to provide the ‘baseline’ of training that local emergency management directors need as there are several other essential content areas, many covered by existing training. Also, while NFPA 1660 is a solid standard for emergency management and continuity programs, it doesn’t prescribe means and methods for the activities identified therein. That’s not a gap… that’s actually how standards should be developed which allows for innovation. So in figuring out what this ‘baseline’ training is to be, we also need to determine what the desired taxonomy is – what do we want them to know, to what extent, and what do we expect them to be able to do with that knowledge? (see my series of ICS Training Sucks articles for more discussion on Bloom’s Taxonomy and learning outcomes). If we want them to know how to do things, we need to provide implementation guidance for each area of NFPA 1660. Some of that we have, such as CPG 101 for emergency planning.

This is a rabbit I can chase for a long time down a lot of holes. If this bill passes, I’d love to be at the table with folks at EMI to help develop this.

© 2023 Timothy Riecker, CEDP

Emergency Preparedness Solutions, LLC®

The Emergency Management Support Act

Tim Riecker, The Contrarian Emergency Manager 3 Comments

First off, I certainly must acknowledge that it’s been a while since I’ve posted. I’m fortunate to have been and continue to be extremely busy managing and growing my firm, with a ton of great clients and projects around the country. I appreciate those who have reached out in the past couple of months expressing how much they have missed my blog posts. Fear not! There is plenty more to come.

I felt this post was rather timely to get out as I just heard about The Emergency Management Support Act (HR 3626), which amends the Post-Katrina Emergency Management Reform Act (PKEMRA) of 2006. This bill seeks to, among other items, set training requirements for local emergency managers. The bill was just introduced yesterday and has been referred to the House Committee on Transportation and Infrastructure.

As of the authoring of this post, the full language of the bill is not yet available on Congress.gov, though a summary is available here. In the summary, there are three components identified:

  1. Direct States, through the Emergency Management Performance Grant (EMPG), to require local emergency management directors to complete emergency management training within one year after the enactment of the bill
  2. Require local emergency management directors to complete recurrent training with certifications to be submitted to FEMA annually
  3. Require FEMA to report to Congress on compliance with this Act

My commentary:

Superficially, this proposal makes sense. We want emergency managers to be trained, right? Before I even get into the three components, I want to look at the premise of the bill.

The summary points to the 2017 Hurricane Season FEMA After-Action Report (AAR) as the driving force behind the bill, citing an actually rather obscure comment on the twelfth page of the report that states “pre-disaster training and exercises proved to be critical in Florida’s ability to efficiently execute mutual aid agreements”. This quote is pretty isolated within the report, with the context of that particular section being gaps in Threat and Hazard Identification and Risk Assessment (THIRA) data. In fact, none of the recommendations for that section of the AAR mention anything about training, though you could stretch to a possible connection of an obscure mention of the creation of ‘preparedness products’. Second, the AAR quote’s specific mention of the execution of mutual aid agreements may or may not be a very niche topic, depending on how it’s being defined. Unfortunately, there is nothing in the AAR that provides any citation or context to this line. It makes me wonder why this one line is so specifically being referenced as it clearly was not a major point of the AAR.

Now, let’s get into the three components. For the first, requiring states to require local emergency management directors to complete emergency management training. OK, but on what topics? To what level of proficiency? There are no specifics provided. A multitude of state emergency management offices have created training requirements for local emergency managers which range from a single training course to several. Many are even tied to local EMPG allocations. It’s certainly an effective practice, but I still question this bill establishing an ill-defined requirement.

The second component requires recurrent training, with certifications to be submitted to FEMA annually. This little statement is loaded with landmines. Again, I must ask the question – recurrent training on what topics? My second comment is the use of the term ‘certifications’. I have an entire post on the significant difference between certificate and certification. Is this second component calling now for not just training but a certification? That’s a very different thing. And most certifications do not require annual refresher training, though they do often require some kind of continuing education. My last comment on this component is about the submission of said ‘certifications’ to FEMA annually. This is not something FEMA is set up to receive and manage. While they have a learning management system or content management system that works behind the scenes of their independent study program and also tracks completions of other courses delivered by their Emergency Management Institute (and other partner programs), they do not track third party training for emergency managers across the nation. It could be that the ‘certification’ they refer to here is an attestation by state emergency management offices that local emergency management directors are meeting training requirements. If such is the case, this would certainly be easier and could be accomplished within state EMPG reporting back to FEMA.

As with most legislation in emergency management (and I imagine other technical fields), this is ill informed and ill constructed (though I say this only from seeing the summary and not the bill itself). While the intentions are good, this could cause states to have to restructure their established training requirements for local emergency management directors, and, depending on the mechanism for receiving and managing this information, could put an unnecessary administrative burden on FEMA. I really do wish lawmakers would rely more on subject matter experts to identify needs for and crafting of legislation instead of the good idea fairy.

Thanks, as always, for reading.

TR

Tim Riecker, CEDP

Emergency Preparedness Solutions, LLC®

IPSA 2023 Conference

Tim Riecker, The Contrarian Emergency Manager Leave a comment

The International Public Safety Association (IPSA) is holding their annual conference on May 1 and 2 in beautiful Mesa, Arizona. With the understanding that large incidents and disasters require a team effort, the IPSA brings together all public safety professionals – law enforcement, fire service, EMS, telecommunications, emergency management, public health, and others – to collaborate and learn from each other in support of united preparedness, response, and recovery efforts. The annual conference is a great embodiment of that, providing in-person opportunities through two days of seminars and discussions.

This year’s conference has a great slate of presenters on topics such as active shooter/hostile event response and recovery, CBRNE, points of distribution, crowd psychology, emergency operations center management, responder wellness, and more. A light breakfast, beverages, and lunch are provided each day courtesy of our sponsors. We will also have several exhibitors at the conference.

More information on the conference is available here: https://www.joinipsa.org/Annual-Conference, including attendee registration, and additional opportunities for sponsorship and exhibitors. IPSA members receive a discount on conference registration (yes – you can become a member now to get the discount!).

As vice-chair of the IPSA board of directors, I’m looking forward to seeing you there!

-Tim

Big City Emergency Management Audits

Tim Riecker, The Contrarian Emergency Manager Leave a comment

In October of 2022, audit reports were released for the emergency management offices for the two largest cities in the US – interestingly enough conducted by controller’s offices. New York State Comptroller Thomas DiNapoli’s office conducted an audit of NYC Emergency Management, while City of Los Angeles Controller Ron Galperin’s office conducted an audit of LA’s Emergency Management Department. While these audits were conducted by controller’s offices, they were not only financial. In fact, both audits contained considerable programmatic assessment.

Before I get into the findings of the audits, there are a few things I want to express. First off, I think third party audits are great. Organizations are supposed to be taking certain actions – either dictated by mandate, devised by their own commitment, or encouraged by demonstrated need – and so often fall short in execution. We can all make excuses, many of them justifiable and valid, as to why actions weren’t taken or completed, and while an external evaluation may lack important context, they can help keep us on track. All that said, I wonder who the people were conducting the audits. Do they have any backgrounds in emergency management? Is that even necessary? Certainly, emergency management is a complex system of systems, that non-emergency managers could understand, but did the auditors have that understanding? It seems to be a failure right off that only emergency management offices were audited and not emergency management programs of those jurisdictions. I think we have great precedent and understanding of that demonstrated by the Emergency Management Accreditation Program (EMAP), as their accreditation reviews are of programs, not just agencies. Those items expressed, let’s get to the meat of the audits. Feel free to dive into the audits for additional information.

The New York City audit zeroed in on three key areas:

  1. Hazard mitigation planning deficiencies
  2. Lack of updating evacuation plans
  3. Gaps in continuity of operations (COOP) planning and exercises

The LA audit listed these key findings:

  1. Gaps in planning for specific hazards, such as cyberattacks, climate change, and drought
  2. Lack of assistance provided to other city agencies for emergency planning and COOP planning
  3. Deficiencies in tracking qualifications and credentials of designed emergency operations center (EOC) staff
  4. An observation that training and exercises decreased during the pandemic, but noting that the department is reorganizing its training and exercise program
  5. Failure to adequately track all corrective actions from exercises, incidents, and events
  6. Lack of supply and equipment assessments to support city preparedness

Both audits identified needs to create or update plans, and also called on the emergency management offices to better support other city agencies in the development and maintenance of emergency plans and COOP plans. Given that planning is the foundation of emergency management, this should certainly be a priority for every emergency management agency and program. While these audits were not centered on emergency management programs for the jurisdictions, I did appreciate that they identified city-wide gaps in planning. While I feel that each agency should be responsible for its own plans – and certainly city agencies of that size should have their own emergency management specialists – they should still be able to count on some support from the city emergency management office.

I find it interesting that the NYC audit honed in considerably on deficiencies in hazard mitigation planning, while the LA audit cited the hazard mitigation plan but didn’t have any criticisms. Overall, the two audits provided some very different perspectives in their concerns, with the NYC audit focused on known issues (i.e. identified hazard mitigation measures, evacuation plans); while the LA audit had considerable focus on emerging matters. Neither audit was big on identifying what agencies did well, which I think is a deficiency of the audits.

The NYC audit included a rebuttal from OEM, though the LA audit did not include any rebuttal from EMD.

Overall, the audits identify deficiencies which I think are common across many local and state emergency management agencies, not just those of big cities. While there are excuses and justifications, the items listed seem fair. As mentioned, though, emergency management is a complex system of systems, opening a lot of opportunity for things to be missed or mishandled. Emergency management is also not just a responsibility of emergency management agencies. Further, when we get into response mode, we tend to forsake many other activities. This was exacerbated considerably by COVID-19 and other disasters that occurred during the pandemic. We all have room for improvement.

What have you learned from this that you can apply to your own agency or program? Are there any external entities that audit or review your emergency management agency or programs?

© 2023 Tim Riecker, CEDP

Emergency Preparedness Solutions, LLC®

The 2022 National Preparedness Report – Another Failure in Reporting

Tim Riecker, The Contrarian Emergency Manager 3 Comments

As with past years, FEMA gifts us the annual National Preparedness Report for the prior year around the holidays. Some reminders: 1) You can find my reviews of the reports of prior years here. 2) To get copies of the reports of prior years, FEMA archives these in the unrestricted side of the Homeland Security Digital Library. 3) Each report is derived from data from the year prior, so this December 2022 report actually covers the calendar year of 2021.

Compared to last year’s report, this year’s follows much of the same format, with sections on risk, capabilities, and management opportunities. They appropriately moved some of the content in this year’s report to appendices, which helps each of the sections get more to the point.

Last year’s report was on a kick of catastrophic risk, committing what I think was an excessive amount of content to data on large-scale disasters. While we should certainly plan for the worst, most areas do a mediocre job at best with preparing for, mitigating against, responding to, and recovering from mid-sized disasters. If they can’t manage all aspects of these, it’s not even realistic for them to be able to manage the largest that nature, terrorists, or accidents can throw at us. This year’s report has a much better focus on risk, threat, and hazards; with some reflection on THIRA/SPR data from 2021, grounded realities of climate change, and some time given to cybersecurity and infrastructure. In line with the FEMA strategic plan (and continuing from last year’s report), this year’s report also discusses equity, social vulnerability, and risk exposure; with reference to social vulnerability measures (of which I’m a big fan).

Last year’s report covered risk associated with healthcare systems and the economy, which didn’t get much of a mention in this year’s report, which I think is unfortunate. The reality of surge and the shortage of hospital beds has been brought to the forefront over the past few years, with little to nothing being done to address it. Similarly, we’ve also had the fragility of organizations revealed over the past few years, yet have not seen as much of a push for continuity of operations as we should have seen. While thankfully this year’s report doesn’t have the focus on COVID that last year’s did, it seems people want to move on without addressing the glaring lessons learned.

In all, this year’s report spends about half the page volume on risk compared to last year’s report. While this year’s report provides better information, I still think there were some missed opportunities.

Looking into the assessment of capabilities, the first noted issue is that the capability targets for 2021 were the same as those for 2020. While consistency is important for long-term measurement, the lack of any alteration indicates to me that those who establish the capability targets are lacking some critical awareness of the emergency management landscape. While I don’t necessarily dispute the targets included, I think many of them could use some better refinement and specificity. The lack of inclusion of the cross-cutting Planning Core Capability (which is the foundation of all preparedness) is mind-blowing, as is the lack of the Recovery Mission Area’s Housing Core Capability (considered by many to be our greatest area of fragility). I’d really like to see the data substantiating the THIRA/SPR submissions that indicate such a high achievement of Unified Operations. Reflecting back on the necessity for long-term measurement, this year’s report offers none at all. This limits our ability to perceive preparedness gains or losses over time. As with last year’s report, which similarly did not provide this information, I feel this report has failed to meet its primary goal. It’s nothing more than a snapshot in time of very limited metrics – certainly not a comprehensive review of the state of the nation’s preparedness.

One particular graphic, identified as Figure 11 on page 24 of the report, is extremely telling. The chart identifies the non-disaster grant investments for FY21 across various grant programs. The grant distribution seems to not at all align with the established capability targets, which is good in some cases (we still need to invest in plans) but bad in other cases (fatality management is an established capability target that had minimal investment). By far, the greatest expenses are related to planning, as I feel they should be, yet the ground truth is that there are still a lot of horrible plans being generated. We have significant gaps in certain capabilities such as the aforementioned Fatality Management, along with Public Health/Healthcare/EMS, Housing, and Economic Recovery yet we see minimal investment in these. Lastly, for this section I’ll note that last year’s report highlighted some specific capabilities and provided some narrative and data on each, which, while it needed refinement, was a good direction for this report to go into. This year’s report dropped that depth of information completely.

The final section is Management Opportunities. The three opportunities identified in this section are:

  1. Building Community-Wide Resilience to Climate Change Impacts
  2. Reduce Physical and Technological Risks to Critical Infrastructure
  3. Increase Equity in Individual and Community Preparedness

I don’t argue at all with these three items, but the content, as usual, is lacking. What we should see here is a strategic approach to addressing these priority issues. Of course, to best do so, it would need to align with grant funding priorities and other efforts… which is something we’re just not seeing. They do provide some references and data within their analysis, but they do more for making a case for why these are priority issues and thumping their chest for what they have accomplished rather than laying a national roadmap for accomplishing these priorities. Reviewing last year’s management opportunities, I don’t recall many external products that really worked towards addressing these, nor does this year’s report reflect on any progress of these. Without doing so, this section is nothing but well-intentioned yet intangible statements.

My last statement pretty much sums up the entirety of the report… nothing but well intentioned yet intangible statements. This continues on a trend of previous National Preparedness Reports providing a few good data points but certainly NOT reporting on our nation’s preparedness in any meaningful, much less comprehensive, manner. I stand by my statements from last year that we, the emergency management community, should not be accepting this type of reporting. FEMA receives THIRA and SPR data from states, UASIs, and territories; all of which have years of legacy data. Similarly, FEMA receives regular reports on the grants they provide to jurisdictions, all with metrics that should tie back to a common foundation – the National Preparedness Goal’s Core Capabilities. Yet they fail every year to connect these dots and provide tangible, grounded reports with actionable recommendations. This effort, investment, and the FEMA Administrator’s endorsement is both disappointing and concerning. I continue to feel these reports do not meet the intent of the PPD8 requirements.

Happy New Year one and all!

© 2023 Tim Riecker, CEDP

Emergency Preparedness Solutions, LLC®

Federal Coordination of All-Hazard Incident Management Teams

Tim Riecker, The Contrarian Emergency Manager 9 Comments

A few months ago the FEMA administration decided that the US Fire Administration (USFA) would discontinue their management of the All-Hazards Incident Management Team (AHIMT) program, which they have developed and managed for years. While I was never in favor of the USFA managing the program (AHIMTs are not fire-service specific), the staff assigned to the program did an admirable job of growing the AHIMT concept to what we have today.

The All-Hazards Incident Management Team Association (AHIMTA), which has been a vocal proponent of the development of AHIMTs, has thankfully been working to make people aware of this change. As part of their advocacy, they also wrote to FEMA Administrator Deanne Criswell regarding their concerns with the dissolution of this formal program. Administrator Criswell responded to AHIMTA, indicating that despite successes, the AHIMT program has “not been able to establish a sustainable or robust AHIMT program with long-term viability.” She did indicate that the USFA will continue providing related training to state, local, tribal, and territorial (SLTT) partners (though she specified that USFA training efforts will apply to fire and EMS agencies) and that she has directed the USFA to collaborate with the FEMA Field Operations Directorate to continue support to AHIMTs.

This change and some of the wording in the Administrator’s response is obviously very concerning for the future of AHIMTs. I first question the Administrator’s statement about the AHIMT program not being sustainable long-term. Not that I’m doubting her, but I’m curious as to what measures of sustainability she is referring. I’m guessing most of the issue is that of funding, along with this never having fully been part of the USFA’s mission. Everything really does boil down to funding, but how much funding can a small program office really need? I’m also concerned about the USFA continuing with the AHIMT training mission (as I always have been), and even more so with the Administrator’s specification of fire and EMS (only?) being supported. While I have no issue at all with the USFA, and think they have done a great job with IMT and related training, their primary focus on fire and EMS (even absent the Administrator’s statement) can be a barrier (real or perceived) to other disciplines obtaining or even being aware of the training.

I firmly believe that a federal-level program office to continue managing, promoting, and administering a national AHIMT program is necessary. I do not think it should be in the USFA, however, as it has been, as their mission is not comprehensive in nature. It’s a program that should be managed properly within FEMA, though not by the FEMA Field Operations Directorate, which is primarily charged with FEMA’s own field operations. While this does include FEMA’s own IMATs, their focus is internal and with a very different purpose. My biggest inclination is for the program to be placed within the NIMS Integration Center, which already does a great deal of work that intersects with AHIMTs. On the training side of things, I’d like to see AHIMT training moved to FEMA’s Emergency Management Institute (EMI), to emphasize the inclusion of SLTT participants regardless of discipline. Incident management, as a comprehensive response function, is inclusive of all hazards and all disciplines and practices, just like emergency management.

The dissolution of the AHIMT program at the federal level makes no sense to me at all. The absence of a program office not only degrades the importance of incident management teams, but of incident management as a concept and a skillset – which I think also needs some vision beyond the current IMT model to support local incident management capabilities. I’m appreciative of the AHIMTA and their advocacy for a federal AHIMT program office, and I’m hopeful that they will be able to convince FEMA of this need and that a program office is properly restored.

© 2022 Timothy Riecker, CEDP

Emergency Preparedness Solutions, LLC®

Incident Management is a Technical Skill

Tim Riecker, The Contrarian Emergency Manager 1 Comment

Last week I had the pleasure of speaking with Rob Burton on his Tea and Chaos webinar. We talked about the Incident Command System (ICS) and what can make it successful. Since our conversation, I’ve had some continued thoughts about ICS and the complaints people have about it. One of the complaints I hear more often is that it is the system that is flawed because it’s too challenging for people to use. They argue that it should be easier to implement with little training.

I believe I mentioned in the webinar that using ICS is not like riding a bike or tying a shoelace. It’s not something you can be trained on then expect to be able to perform years later (with no interim training and application) with little to no difficulty. ICS, a tool of incident management. Incident management is not only a perishable skill, but also a technical skill.

A technical skill is something you are trained on and hone with practice over time. Technical skills are typically industry specific and require a specialized knowledge set. It could be anything from video editing to surgery. In either of these examples, people learn the knowledge needed and acquire the skills to implement. They learn and perform every detail, becoming proficient in the practice, processes, and associated tools. If they want to stay current and relevant, they take opportunities for continuing education. They learn about new approaches and tools. They maintain proficiency through repetition and application of new knowledge.

Incident management is no different. ICS is just one of the tools we use in incident management, and as such it is something we must learn, practice, hone, and maintain. If you aren’t using it and learning more about it, those skillsets will diminish.

Let’s continue to change our perspective on preparedness for incident management. If you aren’t familiar with my years-long crusade to improve ICS training (ICS Training Sucks), here is some background reading. It’s not only the curriculum we need to change, but also our expectations of learners. What do we want learners to be able to do? Continuing on with one of the examples… not every doctor is a surgeon. So not every responder or emergency manager is an incident manager. They should know the fundamentals, just as most doctors are trained in the fundamentals such as anatomy and physiology, cell biology, etc. We certainly want our responders and emergency managers to have awareness of incident management concepts, as they may certainly be called upon to play a role in a greater organization, though if incident management isn’t their specialization, they likely won’t actually be part of the core ICS or emergency operations center (EOC) staff, even though they will be functioning within the system.

Some will need to learn more, though. Which means they need training – not just on WHAT incident management is, but HOW we manage incidents. Much of our core ICS training is focused on what ICS is, with very little on how to use it. Expecting people to become good incident managers just by taking ICS courses is foolish. It would be like expecting a doctor to become a proficient surgeon because they have learned about the tools in the operating room. So before we even get to the tool (ICS), we need to be teaching about the function (incident management). Incident management is composed of a variety of capabilities and skillsets, such as leadership and project management, which are barely touched upon in existing training. Once those are learned, then we can teach the tools, such as ICS.  

Most who are candidates for incident management should become generalists before they become specialists. General surgeons have a broad knowledge and perform the vast majority of surgeries. Some go on to be specialists. In incident management that specialization could be subject matter expertise in the management of certain hazards or impacts, or performing in a specific function. I see this as being the difference between local incident management capabilities and formal incident management teams. Specialization is supported by position-specific training, among other mechanisms. Yet we don’t really have anything to support incident management generalists.

For all that we’re accomplishing with building incident management capability, we still have a significant gap at the local level across the nation. To expect specialization within most local jurisdictions simply isn’t realistic. We define a lot of the practice through NIMS position descriptions and task books, yet we are skipping some critical steps. We are going right to focusing on the tool instead of the practice, yet at the foundational levels we aren’t teaching enough about how to implement the tool – and in fact spending far too much time on higher level implementations of the tools that most will never see (that’s the ICS 400 course, by the way). We are wasting time and resources by training people in position specific courses when what they really need for their jurisdiction is to become good incident management generalists.

Those complaining that ICS is too difficult, are failing to see the bigger picture the technical skills needed to build professions. Professionals must keep up on the rigors and requirements of their technical skills. If you don’t want to keep up on these things, then I’ll argue that you aren’t dedicated to the profession.

While I feel that what we are doing to build formal incident management teams is great and largely on target, it’s everything that comes before that which needs to be completely reimagined. We need a group of incident management professionals to come together on this. Professionals who understand the gaps that exist and are willing to deviate from current practices and expectations to build what is needed to address those gaps. They can’t be afraid of the traditionalists or those who are only focused on building high-level capability. All disasters begin and end locally, and we are ignoring the incident management needs of most local jurisdictions. We are also building a system focused on high-level capability that doesn’t have a firm foundation, which makes me question sustainability. We can do better. We must do better.

© 2022 Tim Riecker, CEDP

Emergency Preparedness Solutions, LLC®

NIMS Change – Information and Communications Technology Branch

Tim Riecker, The Contrarian Emergency Manager 4 Comments

FEMA recently released a draft for the National Incident Management System (NIMS) Information and Communications Technology (ICT) guidance, providing a framework for incorporating ICT into the Incident Command System (ICS). The draft guidance in many ways formalizes many of the functional changes ICS practitioners have been incorporating for quite a while.

Essentially, the guidance creates an ICT branch within the Logistics Section. That branch can include the traditional Communications Unit as well as an Information Technology (IT) Service Unit. They also make allowances for a Cybersecurity Unit to be included the branch – not as an operational element for a cyber incident, but largely in a network security capacity. The creation of an ICT branch is also recommended for emergency operations centers (EOCs), regardless of the organizational model followed.

The IT Service Unit includes staffing for a leader, support specialists, and a help desk function, while the Cybersecurity Unit includes staffing for a leader, a cybersecurity planner, a cybersecurity coordinator, and a cyber support specialist. The position descriptions and associated task books are already identified pending final approvals and publication of this guidance, with the Cybersecurity and Infrastructure Security Agency (CISA) seemingly ready to support training needs for many of the new positions.

I’m fully in support of this change. FEMA is accepting feedback through October 20, 2022, with instructions available on the website provided previous.

Not being a communications or IT specialist myself, I’m interested in the perspectives of others on this.

© 2022 Tim Riecker, CEDP

Emergency Preparedness Solutions, LLC®

Certificates and Certifications

Tim Riecker, The Contrarian Emergency Manager 4 Comments

There seem to be regular misunderstandings between words and their meanings. The words ‘certified’, ‘certificate’, and ‘certification’ are words I see regularly misused, especially in requests for proposals, LinkedIn profiles, and resumes.  Unfortunately, as with so much in the English language, there are no easy boxes to put these in, but the differences are really important.

One of the things I regularly see is in reference to something like the Homeland Security Exercise and Evaluation Program (HSEEP). Far too often, RFPs request personnel who are ‘HSEEP certified’. There is no certification for HSEEP. To be certified, according to Oxford, means that someone is ‘officially recognized as possessing certain qualifications or meeting certain standards’. People who complete HSEEP training are provided with a certificate of completion. A certificate of completion is simply documentation given by a training provider indicating that someone has completed the requirements of a course (attendance, participation, maybe an exam), but is not intended to speak to their qualifications, therefore it is not a certification.

Certifications are credentials that should be provided by independent bodies indicating that someone has met a certain slate of standards. To be certified in something digs deeper. I am a Certified Emergency Disaster Professional (CEDP), which is a credential provided by the International Board for Certification Services and Management (IBFCSM). To become certified I had to demonstrate experience, education, and competence; and I must affirm continued competence through continuing education.

Colleges also have certificate programs, such as the one I’ve helped develop and have recently started teaching for Herkimer College. A certificate program is a specific type of academic program with a more concise set of requirements compared to a degree program.

If you are writing RFPs, developing your LinkedIn profile, or updating your resume, please be sure to properly represent credentials and qualifications.

© 2022 Tim Riecker, CEDP