Preparedness in the Pandemic Age

Planning, training, and exercises, as the foundational activities of preparedness, shouldn’t be stopping because of the pandemic. Preparedness is an ongoing activity which needs to forge ahead with little disruption – and there is always plenty to do! What must we do, though, to accommodate necessary precautions in the age of the Pandemic?

Let’s talk about planning first. The biggest relevant issue for planning is the conduct of stakeholder meetings. These may be larger group meetings to discuss and get buy-in on broader topics, or detailed small-group meetings to discuss very specific topics. Information, sometimes sensitive, is exchanged, presentations are given, and documents are reviewed. I’ve mentioned in various posts through the years the importance of properly preparing for meetings. Even for traditional in-person meetings, there are important things to consider, such as:

  1. Do you really need a meeting?
  2. Developing an agenda
  3. Having the right people in attendance
  4. Ensuring that all speakers and presenters are prepared
  5. Ensuring that all attendees are prepared to discuss the subject matter
  6. An adequate meeting space and support (technology, dry erase boards, etc)

All of these rules still apply in a virtual world, perhaps with even more emphasis. While we’ve obviously had video meeting technology for a long time, we’ve discovered this year that many people haven’t used it much or at all until earlier this year. The surge in use has also brought attention to the plethora of tools which can be facilitated through video conference platforms. While the simple sharing of video supports most of our meeting needs, we can share screens, conduct presentations, and use collaborative tools such as whiteboards and shared documents. Pretty much everything we do in an in-person meeting can be accomplished through video conference platforms – but those who arrange the calls need to take the time to become familiar with the tools and functionality; and if there is anything that needs to be done by participants (some of which are likely to be less tech-savvy) you need to be able to coach them through it. Some of these tools require integrations of other technology, such as cloud document storage or various apps. Remember that meetings should be interactive, so encourage people to use chatrooms to help queue up questions for presenters. If any documents or information are sensitive, be sure you are taking the appropriate precautions with how the meeting is set up, how participants are invited, and how documents are shared.

My tip… read reviews to determine which platform will best suit your needs and watch some tutorials on YouTube.

When it comes to remote training, so much of what I mentioned for stakeholder meetings will apply here. Being interactive is still incredibly important, as is the ability to integrate other technologies, such as videos, PowerPoint, and shared documents. When designing training that will be delivered remotely, if it helps, don’t think about the platform first – think about how you would do the training in person. Would you have breakout sessions for group work? That can be easily accomplished on video conference platforms, but it takes some preparation. Would you put things on a white board or chart paper? That can also be accomplished. Giving an exam? Having participants complete a survey or feedback form? Yes and yes. It can all be done, but preparation is key. Some instructors, especially in public safety, have gotten too used to simply showing up and delivering their material – not because they are lazy, but because they have done it dozens or hundreds of times. They have a routine. If you want participants to get a similar, or perhaps even better learning experience, some deliberate thought and preparation is required. Also, make sure you simply don’t become a talking head. Break things up and be dynamic. It’s easy for our own demeanor to elevate disinterest. I often stand (using a variable height standing desk) when giving presentations and conducting training. Being on my feet helps me push more energy into what I’m doing.

Tip… remember to give people breaks, just as you would in face-to-face training.

Lastly, exercises. A lot of this is a combination of the information I gave for planning and training. Exercise planning meetings need to be conducted, and every exercise has some extent of presentations, with discussion-based exercises having more emphasis on this obviously. To answer the big question – yes, most exercise can be conducted remotely! Obviously, discussion-based exercises are generally the lower-hanging fruit, so they can and should be happening remotely. Remember that exercises are supposed to be interactive experiences, so your exercise design absolutely must account for identifying the means and methods of engagement in the virtual environment. All the things I’ve mentioned already are prime options for this, such as breakout groups, shared documents, live polling, etc. Facilitators and evaluators can be assigned to specific breakout rooms or have access to all of them, allowing them to float from room to room.

What about operations-based exercises? Yes, there are options for conducting operations-based exercises remotely. First, we do need to acknowledge the obvious challenges associated with conducting drills and full-scale exercises via remote environments. Is it impossible? No, but it depends on what the focus of the exercise is. Something like a cyber-security or intelligence exercise may be more naturally brought into a virtual environment, depending on the exercise objectives or tasks. Games may be fully integrated into digital platforms already, which helps, but if they aren’t, these may need to be re-imagined and developed in a virtual environment. This can get expensive, so it really needs to be a properly thought through. Functional exercises, such as the typical command post exercise or emergency operations center (EOC) exercise, can absolutely be performed virtually. Many jurisdictions successfully ran their EOCs virtually during the height of the pandemic (many still are). If the actual activity can be performed virtually, it can (and should!) be exercised virtually. Again, preparation is key to ensuring that participants can do what they would normally do, while controllers and evaluators still have full access and visibility. Simulation Cells can be virtually integrated and most EOC management platforms are web-based. With some thought, we can bring most exercises into a virtual environment and still make them effective experiences while also meeting all HSEEP requirements.

Tip… For a virtual functional exercise, unless the time period of your exercise is set after the initial response, consider including an objective for the participants (and the tech support of their agencies, as needed) to set up everything that is needed in real time during the exercise – just like they would in real life. This would include all their video, file share, data tracking, etc. That set up is a considerable challenge of running a virtual EOC. If you didn’t want that activity to distract from your exercise, it’s also a great drill. Don’t let it just be tech support personnel, though, as EOC personnel should be expressing their needs.

Remote work environments have helped many organizations overcome challenges associated with the pandemic. Some organizations were better prepared than others to make it happen, but most seem to have achieved effective operational continuity. Hopefully your preparedness programs haven’t stalled out because people feel these activities can’t be done in a virtual environment. We also can’t use the excuse that we’re too busy because of the pandemic to not be preparing. While some niche organizations might still be quite busy, the pandemic response, for most, has become an integrated job duty for the medium term. We can’t let things fall to the wayside or we will never get back on track. The time is now!

I’d love to hear how you are using tech platforms to support preparedness efforts.

©2020 Timothy Riecker, CEDP

Emergency Preparedness Solutions, LLC

Updated NIMS Training Program

FEMA recently released an updated NIMS Training Program document. While the document addresses new emergency operations center (EOC) and provides recommendations for joint information system (JIS) and Multi Agency Coordination (MAC) Group training, it doesn’t give us anything really visionary, it simply captures what is. Granted, no where in the document introduction does it say that it’s intended to be a visionary document or something that is goal setting in regard to NIMS training, but to be honest, it should be. I’d like to see a more frequently updated document that not only establishes a current standard, but establishes goals for forward motion and focus.

I’m also disappointed with the insistence that that ICS 400 remains yet another ‘check-the-box’ style of course. As has been mentioned in the past, the ICS 400 is truly an advanced level course that needs to have a bit more context applied in terms of the target audience – not simply ‘incident personnel designated as leaders/supervisors’. Most people taking this course simply don’t need it. In further regard for the ICS 400 course, however, I would say that should also be included in the more advanced levels of training for EOC personnel. Similar to the true need that does exist at higher levels of ICS training, the ICS 400 does have similar value in this track, as EOCs are often key elements of these more complex incident management structures and relationships that are discussed in the ICS 400.

Speaking of training for EOC personnel, I’ll continue to rail against the ELG 2300 course. While it does have some value and may have a place in the training program for EOC personnel (mostly for those planning EOCs, not necessarily working in EOCs), it is not an equivalent of the ICS 300 course for an EOC environment. The ICS 300 course still stands as the course with the highest utility for incident management personnel, though still itself requires considerable improvements.

It’s great to see that the NIMS Training Program does recommend other training opportunities within both the ICS and EOC tracks, such as the Integrated Emergency Management Course (IEMC) and incident management team (IMT) courses, but as I’ve written before, there is still a significant gap in training to meet incident management needs for most local personnel. They require more than just the ICS or EOC courses to bring them the actual realm of application, yet aren’t likely to become part of a formal incident management team. Incident management training as a whole also seems to be missing an extremely important key element – management. It’s one thing to teach someone about the Incident Command System, but the lack of training and guidance to make them good managers of the incident and assigned personnel and resources is considerably lacking. I see this issue more and more, and it’s become very apparent during the Coronavirus response where jurisdictions have very limited ability to call on mutual aid systems for incident management support and are forced to use organic personnel and others who clearly lack in incident management, despite having checked the boxes of completing identified training courses.

I do appreciate that the document encourages development of an organizational training plan, and provides a bit of guidance on that, though even a standard referenced in their guidance is out of date, as it references a multiyear Training and Exercise Plan (TEP), which was replaced in the revised HSEEP doctrine earlier this year with the Integrated Preparedness Plan (IPP). Is it too much to ask that two houses within FEMA communicate with each other?

While the NIMS Training Program document only gives us a view of the training program as it currently exists, it’s not the best picture. It’s clear that certain decision-makers are unwilling to break from traditions that are largely rooted in the history of ICS and the way we have, for far too long, done things in emergency management training. What’s the plan? How are we moving forward? How are we meeting needs? Is anyone even paying attention to needs or are we just recycling much of the same courses and content, simply changing dates and pictures every few years? While some progress has been made, I still see far too much of emergency management and incident management training hung up in approaches that predate 9/11. Where is the vision?

What are your thoughts? What is your vision of incident management training?

© 2020 Timothy Riecker, CEDP

Emergency Preparedness Solutions, LLC®

It’s Not Too Late To Prepare

The phrase I’ve been using lately when I speak to people has been “It’s not too late to prepare”.  Many people perceive that in the middle of a disaster we are unable to prepare.  Quite the contrary, we have the potential to integrate all of our preparedness steps into a response.  Because we have problems in front of us that need to be addressed, we have an opportunity to continuously improve, ensuring that organizationally we are offering the very best we can. 

There is a reason why there isn’t a mission area for preparedness in the National Preparedness Goal.  This is because preparedness is ongoing.  It’s not a separate or distinct activity.  Rather it is comprised of activities that support all mission areas, no matter when they are actioned.  Preparedness is continuous.

Assessment

Assessment is a key activity within preparedness.  In fact, assessment is foundational in understanding what’s going on.  During a disaster, good management practices dictate that we should be monitoring our response and adjusting as needed.  What exactly should we be monitoring?  Similar to evaluating an exercise, consider the following:

  • What was the effectiveness of deliberate planning efforts? 
    • Were planning assumptions correct?
    • Was the concept of operations adequate in scope and detail? 
    • What was lacking?
    • What worked well?
  • What was the effectiveness of plan implementation?
    • If aspects of plan implementation need improvement, what was the reason for the shortfall?
      • A poor plan
      • Lack of job aids
      • Lack of/poor/infrequent training
      • Lack of practice
      • Lack of the proper resources or capabilities
      • The plan wasn’t followed
  • Did resources and capabilities meet needs?  If not, why?

Planning

While some planning gaps will require a longer time period to address, I’m aware of many jurisdictions and organizations which have been developing plans in the midst of the pandemic.  They recognized a need to have a plan and convened people to develop those plans.  While some of the planning is incident-specific, many of the plans can be utilized in the future we as well, either in the form they were written or adjusted to make them more generally applicable without the specific details of this pandemic.  I’d certainly suggest that any plans developed during the pandemic are reviewed afterwards to identify the same points listed above under ‘assessment’ before they are potentially included in your organization’s catalogue of plans. Also consider that we should be planning for contingencies, as other incidents are practically inevitable.

Training

Training is another fairly easy and often essential preparedness activity which can performed in the midst of a disaster.  Many years ago FEMA embraced the concept of training during disasters.  FEMA Joint Field Offices mobilize with training personnel.  These personnel not only provide just in time training for new personnel or to introduce new systems and processes, but they provide continuing training a variety of topics throughout response and recovery, providing a more knowledgeable workforce.  I’ve seen some EOCs around the country do the same.  Recently, my firm has been contracted to provide remote training for the senior leadership of a jurisdiction on topics such as continuity of operations and multi-agency coordination, which are timely matters for them as they continue to address needs related to the pandemic. 

Exercises

While assessments, planning, and training are certainly activities that may take place during a disaster, exercises are probably less likely, but may, if properly scoped and conducted, still have a place.  Consider that the military will constantly conduct what they call battle drills, even in active theaters of war, to ensure that everyone is familiar with plans and protocols and practiced in their implementation.  Thinking back on new plans that are being written in the midst of the pandemic, it’s a good idea to validate that plan with a tabletop exercise.  We know that even the best written plans will still have gaps that during a blue-sky day we would often identify through an exercise.  Plans written in haste during a crisis are even more prone to have gaps simply because we probably don’t have the opportunity to think everything through and be as methodical and meticulous as we would like.  A tabletop exercise doesn’t have to be complex or long, but it’s good to do a talk through of the plan.  Depending on the scope of the plan and the depth of detail (such as a new procedure, conducting a walk-through of major movements of that plan (that’s a drill) can help ensure validity of the plan and identify any issues in implementation.  While you aren’t likely to go the extent of developing an ExPlan, an evaluator handbook, or exercise evaluation guides (yes, that’s totally OK), it’s still good to lay out a page of essential information to include objectives and methodology since taking the time to write these things down is one more step to ensure that you are doing everything you need for the validation to be effective.  Documentation is still important, and while it can be abbreviated, it shouldn’t be cut out entirely.  It’s also extremely important to isolate the exercise, ensuring that everyone is aware that what is being performed or discussed is not yet part of the response activity.  Evaluators should still give you written observations and documented feedback from participants.  You probably don’t need a full AAR, especially since the observations are going to be put into an immediate modification of the plan in question, but the documentation should still be kept together as there may still be some observations to record for further consideration. 

Evaluation and After Action

Lastly, incident evaluation is something we shouldn’t be missing.  We learn a lot about incident evaluation from exercise evaluation.   I’ve written on it before, which I encourage you to look at, but the fundamentals are ensuring that all actions and decisions are documented, that a hotwash is conducted (or multiple hotwashes to capture larger numbers of people or people who were engaged in very different functions), and that an after action report is developed.   Any incident should provide a lot of lessons learned for your organization, but the circumstances of a pandemic amplify that considerably.  Ensure that everyone in your organization, at all levels, is capturing observations and lessons learned daily.  Ensure that they are providing context to their observations as well, since once this is over, they may not recall the details needed for a recommendation. You may want to consider putting together a short form for people to capture and organize these observations – essentially identifying the issue, providing context, and putting forth a recommendation to address the issue. Don’t forget to encourage people to also identify best practices.  In the end, remember that if lessons learned aren’t actually applied, nothing will change. 

I welcome any insight on how we can continue to apply preparedness in the midst of a disaster. 

Be smart, stay safe, stay healthy, and be good to each other. 

©2020 Timothy Riecker, CEDP

Emergency Preparedness Solutions, LLC

Improving the HSEEP Templates

For years it has bothered me that the templates provided for the Homeland Security Exercise and Evaluation Program (HSEEP) are lacking.  The way the documents are formatted and the lack of some important content areas simply don’t do us any favors.  These templates go back to the origination of HSEEP in the early 2000s and they have seen little change since then.  It gives me concern that the people who developed these have struggled with concepts of document structuring and don’t understand the utility of these documents. 

I firmly believe that the documents we use in exercise design, conduct, and evaluation should be standardized.  Many of the benefits of standardization that we (should) practice in the Incident Command System (ICS) certainly apply to the world of exercises, especially when we have a variety of different people involved in each of these key phases of exercises and entering at different times.  Much like an incident, some people develop documents while others are users.  Both should count on a measure of standardization so they don’t have to figure out what they are looking at and how to navigate it before actually diving into the content.  That doesn’t mean, however, that standards can’t evolve to increase utility and function. 

I’ve written in the past about the dangers of templates.  While they are great guides and reminders of certain information that is needed and give us an established, consistent format in which to organize it, I still see too many people not applying some thinking to templates.  They get lost in plugging their information into the highlighted text areas and lose all sense of practicality about why the document is being developed, who the target audience for the document is, and the information they need to convey. 

Some of my bigger gripes…

  • Larger documents, such as ExPlans, SitMans, Controller/Evaluator Handbooks, and After-Action Reports MUST have a table of contents.  These documents can get lengthy and a TOC simply saves time in finding the section you are looking for. 
  • Some exercises are complex and nuanced.  As such, key documents such as ExPlans, SitMans, and Controller/Evaluation Handbooks must have designated space for identifying and explaining those situations.  This could be matters of multiple exercise sites and site-specific information such as different scopes of play for those sites, limited scopes of participation for some agencies, statements on the flow and execution of the exercise, and others.
  • Recognize that the first section of an EEG (Objective, Core Capability, Capability Target, Critical Tasks, and sources) is the only beneficial part of that document.  The next section for ‘observation notes’ is crap.  Evaluators should be writing up observation statements, an analysis of each observation, and recommendations associated with each observation.  The information provided by evaluators should be easily moved into the AAR.  The EEG simply does not facilitate capturing this information or transmitting it to whomever is writing the AAR. 
  • The AAR template, specifically, is riddled with issues. The structure of the document and hierarchy of headings is horrible.  The template only calls for documenting observations associated with observed strengths.  That doesn’t fly with me.  There should similarly be an analysis of each observed strength, as well as recommendations.  Yes, strengths can still be improved upon, or at least sustained.  Big missed opportunity to not include recommendations for strengths.  Further, the narrative space for areas of improvement don’t include space for recommendations.  I think a narrative of corrective actions is incredibly important, especially given the very limited space in the improvement plan; plus the improvement plan is simply intended to be an implementation tool of the AAR, so if recommendations aren’t included in the body of the AAR, a lot is missing for those who want to take a deeper dive and see specifically what recommendations correlate to which observations and with an analysis to support them. 

Fortunately, strict adherence to the HSEEP templates is not required, so some people do make modifications to accommodate greater function.  So long as the intent of each document and general organization remains the same, I applaud the effort.  We can achieve better execution while also staying reasonably close to the standardization of the templates.  But why settle for sub-par templates?  I’m hopeful that FEMA’s National Exercise Division will soon take a look at these valuable documents and obtain insight from benchmark practitioners on how to improve them.  Fundamentally, these are good templates and they have helped further standardization and quality implementation of exercises across the nation.  We should never get so comfortable, though, as to let tools such as these become stagnant, as obsolesce is a regular concern. 

I’m interested in hearing what you have done to increase the value and utility of HSEEP templates.  How would you improve these?  What are your pet peeves? 

© 2020 Timothy Riecker, CEDP

Emergency Preparedness Solutions, LLC®

We’re Off on the Road to Central City

FEMA Training Bulletin number 1580 announced the publication of the Emergency Management Institute’s (EMI) Online Exercise System Simulation Document (ESSD).  The ESSD, quoted from the website is ‘a compilation of information and resources that would typically be available in any community as they respond to and manage an emergency or disaster in a local community.’  The purpose of the ESSD, essentially, is to provide all the information needed for a fictional jurisdiction for use in exercises.  If you’ve taken some classes at EMI, the HSEEP course, ICS courses, or other programs from FEMA/EMI, you are probably already familiar with the magical place called Central City.

Central City, Liberty County, and other jurisdictions that are part of this fictional area have been in use for decades.  Much of the information published in the ESSD has been available at one point or another, developed to serve the needs of different scenario-based training.  The ESSD packages it all conveniently in one place.

While in some training programs, there is direct benefit to developing a scenario grounded in a real location, we often have course participants who come from different areas.  While you can still certainly develop a scenario in a real location for use in a class like this, the use of Central City (et al) can be an ideal option.  With all the resources and supporting information provided in the ESSD, you likely have everything you need.

Speaking of all that material, what’s in the ESSD?  A sampling:

  • Community profiles
  • Hazard Vulnerability Analysis
  • Laws and Ordinances
  • Emergency Plans
  • Resource and Capability Lists
  • Critical Infrastructure

Having used these jurisdictions and much of this material in courses in the past, course managers do need to expect that it will take time for participants to find some information they are looking for.  In real life, they may or may not be familiar with certain information sets.  The ESSD system was developed to be searchable, which is a huge help, though it’s always good to have one or two paper copies as back ups (note… depending on what you are providing, that may be hundreds of pages).  Since many participants are bringing tablets and laptops to class, all that’s needed is internet service to access all this great information.

I do have a couple of noted observations for improvement.

  1. Having just mentioned printing, I’ll state that first. There doesn’t seem to be a way from within the site to print the material or export it to a PDF.  Yes, you can print from your browser, but formatting is drastically thrown off.
  2. The maps are still horrible. While most of the maps are better than what we’ve had in many of the training materials they have been included in, they are still not high def or zoomable. In fact, many of them are still blurry on my computer screen.  For detailed areas, such as the urban Central City, users (and even scenario designers) may have a need to get much closer to the information.  The Central City map itself, is still difficult to read, especially the myriad of small icons strewn throughout the map.  I would have hoped that re-working this map would have been a priority in the ESSD, as it’s a regular complaint in the classes it’s used in.

Another resource I’ve used in the past (2007 or 2008?) was Zenith City, which was provided by the EPA.  Similar to the FEMA ESSD, the EPA provided a wide array of information for the fictional Zenith City and surrounding jurisdictions.  While the EPA still has a significant exercise program (if you haven’t checked out their stuff, you should), I don’t know whatever happened to the Zenith City information… it’s no where to be found.  (Note: if anyone happens to have the Zenith City material, please let me know!  I’d love to add it back into my library of resources!)

I’m thrilled that FEMA pulled all the Central City material together in this collection, and even added new information.  Central City has always provided us with a great location to unleash hell on, and allow responders and emergency managers to solve so many problems.  I’m just glad I don’t live there!

© 2020 Timothy Riecker, CEDP

Emergency Preparedness Solutions, LLC

ICS Training Sucks: A Revival

It’s sad to say that in the past four and a half years of stumping for changes in ICS training, we have seen little progress.  I was recently sent a response org chart developed by an agency that completely tore apart ICS and rebuilt it in a fundamentally different image.  ICS is a standard.  It shouldn’t be changed.  Once you change it, especially at fundamental levels, you no longer have a standard.  It has innate flexibility, but those are applied without changing the fundamentals.  I vented some of my frustration about this last night on Twitter, to a mix of celebration and naysayers, as expected.  Some of those naysayers think the system simply doesn’t work. Others think the system simply can’t accommodate their type of agency.

(note that I’m using the word ‘agency’ here to mean any type of government, non-government, or private sector organization.  I decided to use it since I’m also heavily using the term ‘organization’ in regard to the structure we apply for a response)

So let’s back up a bit.  Why is this happening?  It starts with people having some knowledge of ICS and, with good intentions, wanting to adapt it to their agency and their circumstances.  But there is simply no reason to do any adaptation.  The functions outlined in ICS are all you need in a field-level response.  I’ve heard all the excuses – “We need to make it work for us.”  “FEMA needs to build an ICS for our type of agency.”  “It’s not you, it’s me.” I’ve worked with a lot of stakeholders across a lot of sectors across the whole country, and I have yet to find a field-level response that I can’t organize without violating the fundamentals of ICS.

I’m sure I’ve said this before, but adhering to the standard is important because if we don’t adhere to a standard, we are out of the loop.  If enough people don’t adhere to a standard, it’s no longer a standard.  Either way, the benefits of having a standard are crumpled up and thrown away.

One problem is that a lot of entities, particularly large agencies with multiple components, like to ensure that every function or department within their static structure is represented in an ICS model.  This isn’t what ICS is built for.  If you are seeking specific representation, you can assign agency representatives to the ICP or the EOC, or use a department-based EOC model, but the foundational ICS structure itself isn’t intended to reflect your static organization.  You have an animal control officer.  Do they need to be represented in your pre-planned ICS org chart?  No, they are brought in as a resource if needed, likely in Operations.  You have an IT department.  Do they need to be represented in your pre-planned ICS org chart?  Not as a department. But their capability is identified, likely for assignment within Logistics.  It’s not about recreating ICS to fit your static organization.  It’s about knowing the capabilities of your static organization and applying them within the established ICS structure when and how they are needed. 

Let’s put this out there… ICS isn’t just for you, it’s for everyone.  What I mean is that the greatest benefit of ICS (the prime reason it was actually devised) is for multi-agency operations.  In a local incident of any significance, your agency is likely to be part of a multi-agency response.  Depending on the type of incident, scope, location, and other factors, certain positions will be staffed with personnel selected from the agencies with primary responsibility and, hopefully, with qualified staff.  So that carefully crafted org chart you have developed for your agency’s response is largely irrelevant in a multi-agency operation.  Yes, your agency certainly should have a go-to model for single-agency responses, but consider that a single-agency response probably isn’t going to need a full-blown org chart.

There is a difference, though… and that’s for EOCs, or more specifically departmental emergency operations centers.  These are, by definition, not multi-agency, and established to support your own agency’s needs for deployment, sustainment, internal coordination, and matters that may not be addressed at the field-level.  EOCs have a variety of organizational models available to them, which don’t necessarily need to be ICS.   A problem I often see is agencies trying to accomplish everything in one org chart.  They are trying to fit executive level positions in with field response.  Stop.  Take a breath and figure out what you are trying to accomplish.  It’s OK (and perhaps necessary) for your agency to have two organizational models to accomplish what you need, depending, of course, on your agency’s role, responsibilities, and capabilities.  You may need a field-level organization that addresses a tactical response (this is ICS-based) and an EOC organization that supports that response and the needs of your agency as a whole in regard to the incident (again, lots of options for the EOC organization).  Also consider, depending on your agency, that a policy group may be necessary to guide things.  A policy group is non-operational and they essentially exist to make the broad-reaching decisions on behalf of the organization.

Why are we seeing such extensive mis-applications of ICS?  First, people still don’t understand ICS.  Second, they aren’t truly considering the needs of their agencies.  The irony is that many of the people doing this DO think they understand ICS and that they are making changes to it to better serve the needs of their agencies.  So… we’re still maintaining that ICS Training Sucks.  Do I have a total solution to that problem?  No. But in the articles you find in that link, I certainly have some ideas.  I’ve also found a great many kindred spirits in this whole crusade that agree with the need for change in how we train people in ICS.

What I do know is that the solution isn’t as straight forward as we would like it to be.  Considerations:

First, we are considerably tainted by our knowledge of current and past ICS curricula.  When talking with people about how to fix ICS training, I have to regularly remind myself to push that knowledge aside and look at the problem with fresh eyes.  Lessons learned aside; we can’t move forward when we are still planting ourselves in what is in use now.

Second, we need to consider that there may not be a single solution that fits all needs.  I still think we may need a curriculum structure similar to that used for HazMat training, which addresses the needs of different user groups (i.e. Awareness, Operations, Technician, Planner, Commander).

Third, we need to actually teach people how to apply ICS.  At present, with only a bit of exception, true application of ICS isn’t deliberately instructed until someone takes position-specific and incident management team training.  This in no way meets the needs of most agencies, many of which are volunteer, and have limited availability to go away for several weeks to get the training they need.

Fourth, recognize that if you aren’t using ICS regularly (and I mean at a large scale), your knowledge and skill degrades.  Refresher training should be required and scenario-based learning should be incorporated across the curriculum.

Fifth, stop trying to re-develop ICS.  Trust me, all the needed capabilities of your agency for a field-level response fit within an ICS org chart.  It’s not about your static organization, it’s about capabilities.  Identify and assign capabilities.

I love the continued dialog and attention this topic gets.  The only way we will see positive change is by continuing that dialog.  Please share these blogs and your ideas with colleagues.  Let’s keep spreading this and striving for change.

© 2020 Timothy Riecker, CEPD

Emergency Preparedness Solutions, LLC

~~

In memoriam: I humbly dedicate this post to a friend and colleague who recently lost a battle with cancer.  Phil Politano is known by many for his good nature, his gregarious laugh, and his incredible knowledge as a Public Information Officer.  I’ve known Phil since about 2002, and had worked with him on incidents, taught classes with him, and learned a lot from him.  Phil eventually left Central NY and moved his family a bit south, taking a job with FEMA’s Emergency Management Institute.  There, his talents were applied to their greatest extent.  He reshaped PIO training, spread that gospel to people from all around the world, and supported large scale responses with his knowledge, skills, and abilities.  He was a master in his craft and shared his mastery with anyone who wanted to learn.  He was an incredible practitioner, a great friend, and a wonderful person.  He made us all better simply by knowing him.   He is missed by so many.  Rest well.

 

 

An Updated Community Lifelines Toolkit and Relationships to Incident Management

Earlier this year, FEMA released guidance on the Community Lifelines.  I wrote a piece in the spring about integrating the concept into our preparedness and response activities.  Last month, FEMA issued updated guidance for Community Lifeline Implementation through Toolkit 2.0.  In this update, FEMA cites some lessons learned in actually applying the Lifeline concept in multiple exercises across the nation, as well as from feedback received by stakeholders. Based on these lessons learned and feedback, they have made some adjustments to their toolkit to reflect how they understand, prioritize, and communicate incident impacts; the structure and format for decision-making support products. And planning for these impacts and stabilization prior to and during incidents.  They have also made some changes based upon the updated National Response Framework.  The documents associated with the updated Community Lifelines all seem to reflect an inclusion in the efforts of the National Response Framework.  It’s great to see FEMA actually tying various efforts together and seeking to provide grounded guidance on application of concepts mentioned in doctrine-level documents.

The biggest addition to the Community Lifelines update is the inclusion of the FEMA Incident Stabilization Guide.  The ‘operational draft’ is intended to serve as a reference to FEMA staff and a resource to state, local, and tribal governments on how “FEMA approaches and conducts response operations”.  It’s a 77-page document the obviously leans heavily into the Community Lifelines as a standard for assessing the impacts to critical infrastructure and progress toward restoration, not only in response, but also into recovery operations.  It even reflects on bolstering Community Lifelines in resilience efforts, and ties in the THIRA and capability analysis efforts that states, UASIs, and other governments conduct.  I’m not sure the document is really a review of how FEMA conducts operations, as they say, but it does review the ideology of a portion of those operations.  Overall, there is some very useful information and references contained in the document, but this brings me to a couple of important thoughts:

  1. The utility of this document, as with the entire Community Lifelines concept, at the state and local level is only realized through integration of these concepts at the state and local levels.
  2. We finally have guidance on what ‘incident stabilization’ really entails.

To address the first item… In my first piece on Community Lifelines, I had already mentioned that if states or communities are interested in adopting the concept of Community Lifelines, that all starts with planning.  An important early step of planning is conducting assessments, and the most pertinent assessment relative to this initiative would be to identify and catalog the lifelines in your community.  From there the assessment furthers to examine their present condition, vulnerabilities, and align standards for determining their operational condition aligned with the Community Lifelines guidelines.  I would also suggest identifying resiliency efforts (hopefully these are already identified in your hazard mitigation plan) which can help prevent damages or limit impacts.  As part of your response and short-term recovery lexicon, procedures should be developed to outline how lifeline assessments will be performed, when, and by who, as well as where that information will be collected during an incident.

As for my second item, the concept of incident stabilization has an interesting intersection with a meeting I was invited to last week.  I was afforded the opportunity to provide input to an ICS curriculum update (not in the US – more on this at a later time), and as part of this we discussed the standard three incident priorities (Life Safety, Incident Stabilization, and Property Conservation).  We identified in our discussions that incident stabilization is incredibly broad and can ultimately mean different things to different communities, even though the fundamental premise of it is to prevent further impacts.  This Incident Stabilization Guide is focused exclusively on that topic.  In our endeavor to make ICS training better, more grounded, less conceptual, and more applicable; there is a great deal of foundational information that could be distilled from this new document for inclusion in ICS training to discuss HOW we actually accomplish incident stabilization instead of making a one-off mention of it.

Going a bit into my continued crusade against the current state of ICS training… I acknowledge that any inclusion of this subject matter in ICS training would still be generally brief, and really more of a framework, as implementation still needs to be grounded in community-level plans, but this document is a great resource.  This also underscores that “learning ICS” isn’t just about taking classes.  It’s about being a professional and studying up on how to be a more effective incident manager.  ICS is simply a tool we use to organize our response… ICS is NOT inclusive of incident management.  Not only are we teaching ICS poorly, we are barely teaching incident management.

While I’ve been away for a while working on some large client projects, I’m looking forward to ending the year with a bang, and getting in a few more posts.  It’s great that in my travels and interactions with colleagues, they regularly mention my articles, which often bring about some great discussion.  I’m always interested in hearing the thoughts of other professionals on these topics.

© 2019 Timothy Riecker, CEDP

Emergency Preparedness Solutions, LLC®

A Deeper Review of FEMA’s E/L/G 2300 EOC Intermediate Course

A couple months ago I got my hands on the materials for the ELG 2300 EOC Intermediate course.  Back in early June I gave an initial review of this course, based on information from a webinar and the course’s plan of instruction.   Unfortunately, upon reviewing the actual course materials, my initial concerns have been reinforced.

First, I’ll start off with what I think are the positives of this course. The course doesn’t stray from NIMS, and applies a practical integration of the NIMS management concepts, which we are mostly used to seeing in ICS, into the EOC environment.  This is 100% appropriate and should always be reinforced.  The course also references the EOC National Qualification System skillsets.  It’s great to see the NQS referenced in training as they otherwise receive very little attention, which actually brings about a lot of concern as to their overall adoption.  Two units within the course provide some incredibly valuable information.  Those are Unit 5 (Information and Intelligence Management) and Unit 7 (EOC Transition to Recovery).

On to the down side of things… As mentioned in my review a couple months back, the course objectives simply don’t line up with what this course needs to do – that is, it needs to be teaching people how to work in an EOC.  So much of the content is actually related to planning and other preparedness activities, specifically Units 3, 4, and 8. Unit 3 dives into topics such as position tack books, organizational models, EOC design, staff training and qualifications, exercises and more.  Though, ironically enough, there is little to no emphasis on deliberate PLANNING, which is what all this relates to.  This isn’t stuff to be thinking about during an EOC activation, but rather before an activation.  Unit 4, similarly, gets into triggers for activation, how to deactivate the EOC, and other topics that are planning considerations.  Unit 8 dives more into design, technology, and equipment.  While it’s valuable for people to know what’s available, this is, again, preparedness content.

There is a lot of repetitive content, especially in the first few units, along with some typos, which is really disappointing to see.  There are also some statements and areas of content which I wholeheartedly disagree with.  Here are a few:

  • There is ‘no common EOC structure’.   There are actually a few.  Hint: they are discussed in the NIMS document.  I think what they are getting at with this statement is that there is no fixed EOC structure.
  • ‘EOC leaders determine the structure that best meets their needs’. False. Plans determine the structure to be used.  While that organizational model is flexible in terms of size of staff and specific delegations, the lack of context for this statement seems to indicate that the EOC Manager or Director will determine on the fly if they will use the ICS-based model, the Incident Support Model, or another model.
  • One slide indicates that use of the ICS-based model doesn’t require any additional EOC training beyond ICS for EOC staff. Absolutely false!  In fact, this sets you up for nothing but failure.  Even if the model being applied is based on ICS, the actual implementation in an EOC is considerably different.  I’ve written about this in the past.
  • The Incident Support Model ‘is not organized to manage response/recovery efforts’. Wrong again.  With the integration of operations functions within the Resource Support Section, response and recovery efforts can absolutely be managed from the EOC.

There is another area of content I take particular exception with.  One slide describes ‘incident command teams’, and goes on to describe the Incident Command Post (which is a facility, not a team), and an Incident Management Team, with the formal description of a rostered group of qualified personnel.  Not only is this slide wrong to include an Incident Command Post as a ‘team’, they are fundamentally ignoring the fact that ‘incident command teams’ are comprised every damn day on the fly from among responders deploying to an incident.  These are the exact people I espouse the need to train and support in my discussions on ICS.

My conclusions… First of all, this course does not do as it needs to do, which is training people how to work in an EOC.  While the preparedness information it gives is great, operators (people assigned to work in an EOC) will be taking this course expecting to learn how to do their jobs.  They will not learn that.  I’ve advocated before for most training to be set up similar to HazMat training, utilizing a structure of Awareness, Operations, Technician, Management, and Planning focused courses which are designed to TEACH PEOPLE WHAT THEY NEED TO KNOW based upon their function.  Largely, this course is a great Planning level course, that is it’s ideal for people who will be developing EOC operational plans, standard operating guidelines, position qualification standards, and other preparedness material.  I think that Operations, Technician, and Management level training is going to be left to jurisdictions to develop and implement, as it certainly isn’t found here.

I urge a lot of caution to everyone before you decide to teach this course.  Take a look at the material and decide if it’s really what your audience needs.

What are your thoughts on this course?  Will your jurisdiction get use out of it?

© 2019 – Timothy Riecker, CEDP

Emergency Preparedness Solutions, LLC®

A New Vision for ICS Training

Yep, I’m still at it.  It seems with every post about the condition of Incident Command System training as we know it, I’m able to draw more people into our cause (aka the Crusade).  While I’ve never espoused there to be an easy solution, the training that we currently provide for ICS falls well short of doing us any favors.  People walk out of each subsequent training course with a marginally increased understanding of the system and how to use it.  And that’s really the fundamental problem, isn’t it?

Perhaps at some point, someone had the idea of developing ICS 100-400 to be knowledge-based courses, with position-specific training to be more about application.  Unfortunately, that’s a significant disservice to responders and the populations they serve, which was further exacerbated by the NIMS training requirements, creating a type of a false sense of security in which people believed that they have ‘been trained in ICS’, therefore all is well in the world.  Responders, in the broadest sense, at supervisory levels within every community should be trained not only in what ICS is but also how to implement it.  Not every community, for a variety of reasons, has reasonable access to position-specific training, so the core ICS curriculum absolutely MUST do a better job in teaching them how to implement the system.

This also goes further than just training.  ICS, like so many other things, is a knowledgebase that tends to degrade over time.  Without practice, you tend to lose the skills.  This is how people who are on Incident Management Teams or those who work regularly in an ICS-based Emergency Operations Center are so well practiced in the system.  In the absence (hopefully!) of actual incidents, planned events and exercises go a long way to keeping skills sharp.  Even those, however, can get costly and time-consuming to design and conduct.  Enter the hybridization of scenario-based training, which is something I’ve written on in the past.  Not only do we need to include more scenario-based training in everything, we need to include a scenario-based ICS skills refresher course as part of the core ICS curriculum.

While I continue to have various thoughts on what there is to be done with the ICS curriculum as a whole, here is my current vision…

ICS-100: (What is ICS?)  Pretty much keep this as is, with options for on-line and classroom delivery.  The purpose of this course is to serve as an introduction to ICS concepts for those who are likely to come into contact with it and work in lower levels within the system.  This is levels one (knowledge) and two (comprehension) of Bloom’s taxonomy.  It shall serve as a prerequisite to further ICS classes as it provides much of the fundamental terminology.

ICS-200: (How do I work within the system?)  Tear down/burn down/nuke the on-line version and never look back.  Simply making it ‘more accessible’ doesn’t mean that it’s good (it’s not).  The purpose of this course is to expand on knowledge and begin to approach functionality.  I expect content to reach deeper than what is currently within the course.  Without looking at specific content areas, I envision this course to be mostly level two (comprehension) of Bloom’s taxonomy with some touches on level three (application).  Perhaps the only level one content that should be introduced in this course are some fundamentals of emergency management.  Some of the content areas currently in the ICS 300 absolutely need to be moved into the ICS 200 to not only make the ICS 200 more impactful, but to also set up the ICS 300 as being fully focused on implementation of the system.  Expanded content may mean taking this course to a duration of up to three days (it even feels taboo writing it!). ICS 100 (taken within six months) is a prerequisite.

ICS-300: (How do I manage the system?) The most recent update of the ICS 300 course begins to approach the vision for what we need, but more work needs to be done.  This course needs to be much less about the system and more about how to IMPLEMENT and MANAGE the system.  This course is firmly rooted in level three (application) of Bloom’s taxonomy, with perhaps some level four objectives, which gets into analysis (troubleshooting and creative solutions… because that’s what emergency management is really all about!).  Much of this course is scenario-based learning centered on implementation and management of an incident through the use of ICS.  Less instruction, more guidance.  And because, at this point, ICS isn’t the only thing at play in real life, concepts of broader incident management are also applied.  ICS 200 is naturally a prerequisite, and should have been taken within a year.

ICS Implementation Refresher Course: This would be designed as a post- ICS 300 course, taken every year or two.  Reasonably, this can be accomplished in a day of intensive scenario-based training.

ICS-400: (A prerequisite for position-specific training).  Eliminate this from the core curriculum.  Seriously.  Most of the current content of this course is not needed in the core ICS curriculum.  Time is better spent in a more intensive ICS 300 course than teaching people about some (largely) obscure applications of ICS which are usually only ever performed by incident management teams.  The current content is largely fine, it just has such little impact on local implementation of ICS and is really rather awkward within the continuity of the curriculum.

Thoughts and feedback are always appreciated.  If we are to succeed and build a better mouse trap, it will be through dialogue and sharing of ideas.

© 2019 – Timothy Riecker, CEDP

Emergency Preparedness Solutions, LLC®

Conduct of the New ICS 300 and 400 Courses

Last month a colleague and I delivered the new ICS 300 and 400 courses for a client.  If you’ve missed them, I have some early review notes and overall thoughts posted.  Nothing gets you into the curriculum like teaching it, though.

First, some credit to our course participants, who were extremely supportive in this delivery.  They were patient with our occasional need to double check the instructor guide and even helped to point out some inconsistencies.  While we each have about fifteen years of experience in teaching the courses, the first few times out with a new flow and format, along with new activities takes a bit of getting used to.  The courses also offered some challenges that had to be overcome in our course prep and delivery.

Leading off with the good foot, both courses reflect a positive direction of change.  It’s not the wholesale change that I’ve been stumping for, so expect to continue to see me championing more changes, but we are seeing positive movement in the right direction, at least with the ICS 300 course.  (I still hold out that most of the content of the ICS 400 course isn’t necessary for most who take it.  Time would be far better spent with grounding the concepts of ICS and supporting implementation of the aspects that are most likely to be used.)

Both courses continue a trend of scenario-based learning reinforcement, with the ability to utilize a progressive scenario threaded throughout the ICS 300 course and scenarios within the ICS 400 that help demonstrate when and how these concepts might be used.  While the ICS 300 materials provide several new scenarios for use, we actually didn’t use their progressive scenarios as our client had some specific needs, requiring us to build a localized scenario for them.  That said, the scenarios provided in the ICS 300 are easily adaptable to meet your needs.  Just be aware of the intent of each phase of the scenario and don’t alter the overall concept.

The endeavor to ground ICS as an operational tool is emphasized in Unit 4 of the ICS 300, Implementing an Operational Process.  This unit really seems to pull together the whole reason for being for ICS, especially in an extended operation, and is a good introduction to the Planning Process.  This unit was very well designed and is one of the most progressive changes in the course.

Not a lot was substantially changed in the ICS 400.  Aside from my earlier comment on the questionable necessity for most of the content, the course, as designed, is good enough to address what is intended, even if that intent seems misguided.  Much of the course was kept the same as the previous version, but there were a few tweaks and adjustments throughout.  The activity in Unit 2, the Fundamentals Review is multi-tiered and is very effective.  Unit 5 provides a lot of content on EOCs which wasn’t previously included as much, as well as introducing disaster recovery topics, which at this level incident the leadership of organizations (i.e. those taking this course) need to be aware of.  This is largely ‘bonus content’ which I had provided in the course off script in the past, as it wasn’t included.  I’m very happy to see this as part of the course now. The capstone exercise is the same as the previous version of ICS 400 and is still very well structured and produces great outcomes for participants.

On the down side… well, there is some substantial down side. I provided a fairly detailed list (of both positives and areas for improvement) to EMI.  Taking the course at face value – that is looking at what we have, not what I think it should be, most of the issues I had with this course have to do with faulty instructional design.  There is no way around saying that it was done very poorly.  There was significant lack of attention to detail… so many mis-spellings (spell check is a free feature included in every word processing program – FYI), inconsistencies between the Student Manual and Instructor Guide, problems with scenarios which are not part of the progressive scenario, graphics so small they are not visible for participants in the student manual, and some issues of course flow and organization.

Unit 3 in the ICS 300 course is titled Initial Actions for Unified Command.  So much of the unit is built on the premise that a unified command is formed in the initial response of an incident, practically exclusive of even the possibility of a single command.  This is insanely misleading and required some significant extended explanation on the part of our instructional team to temper that content.

Earlier I complemented unit 5 of the ICS 400, particularly for the additional material provided on various types of EOCs and extending the discussion into recovery.  While these are great, the unit should be organized earlier in the material, especially with several earlier references to EOCs without explanation of what they are.  Practically speaking, the concept of the EOC has far more actual use than any of the other concepts discussed in the course.  There is also way too much material on federal-level EOCs, most of which are so far removed from incident management that most emergency managers have no interaction at all with them.  I think this content should speak about EOCs in general terms.

I think Central City needs to be erased from all memory, and a new fictional jurisdiction developed.  The maps for Central City, et al, keep getting recycled and are small in print, confusing in design, and clearly dated.

The final exams for both courses were very bad.  They each had questions that our instructional team agreed to throw out, as they were poorly worded or ambiguous and nearly every participant got them wrong.  Even most of the valid questions and answers simply aren’t suitable for short-duration training, and certainly not with a closed book exam.

In all, I provided three pages of comments back to EMI. I’m appreciative of EMI being so receptive to the feedback and candid about certain issues they had in the development of these courses.  In respecting their candor, I’m not going to get into some of the points brought up, but it certainly appears as though they are disappointed with the condition in which these courses went out the door and they have a desire to improve them.  Hopefully it won’t be too long until you see another update of the course materials with most of these issues addressed.

I look forward to hearing from others about their experiences with delivering these updated courses.  As such a central topic to the greater public safety and emergency management community, we need to do better with teaching incident management and ICS as the primary tool we use for incident management.  As a community of practice, we need to get behind this initiative and support the need for significant improvement.  Of course if you aren’t familiar with my crusade on the matter, check out the series of ICS Training Sucks articles I’ve posted over the past few years.

© 2019 – Timothy Riecker, CEDP

Emergency Preparedness Solutions, LLC®