A New CPG – 101 for Emergency Planning (v 3)

I know I’m a big nerd when it comes to this stuff, but I was really excited to receive the notice from FEMA that the new Comprehensive Preparedness Guide (CPG) 101: Developing and Maintaining Emergency Operations Plans has been published! This has been a long time coming. This update (version 3) replaces the previous version which was published in November 2010. The update process was also rather lengthy, with the first public review occurring in November 2019 and the second in November 2020.

Did a lot change? No.

Is it better? Yes.

Could it be even better? You bet.

The changes that are included in the new document are meaningful, with an emphasis on including accessibility concepts in plans; and references to current practices and standards, such as new and updated planning guides, CPG 201 (THIRA), Community Lifelines, and more. It even highlights a couple of lessons learned from the COVID 19 pandemic. I’m particularly pleased to see Appendix D: Enhancing Inclusiveness in EOPs, which I think is an excellent resource, though more links to other resources, of which there are many, should be provided in this appendix.

The format of the document is largely the same, with a lot of the content word-for-word the same. As a standard, a lot of change shouldn’t be expected. While we’ve seen some changes in our perspectives on emergency planning, there really hasn’t been anything drastic. Certainly “if it ain’t broke, don’t fix it”, but I think there could have been some better formatting choices, narrative, graphics, and job aids to enhance readability and implementation.  

There is some added content as well as a bit of highlighting of planning approaches, such as the District of Columbia’s services-based emergency operations plan. While I advocated for heavy reference to newer implementations and standards, such as THIRA, into the document (which was largely done) I also advocated for more user-friendly approaches, such as a hazard analysis matrix, to be included. My feedback from both public comment periods heavily emphasized the need to develop a document that will mostly benefit novice emergency planners. To me this means the inclusion of more graphic depictions of processes and tasks, as well as job aids, such as checklists and templates. The new CPG 101 does include more checklists. At first glance these are buried in the document which is not very user friendly. However, they did make a separate Compilation of Checklists document available, which I’m really happy about. It’s not highly apparent on the website nor is it included as part of the main document, so it could be easily missed.

I would have really liked to see a comprehensive library of job aids provided in the appendices to support implementation by new planners. We have other doctrine and related documents that provide rather extensive job aids to support implementation, such as HSEEP and NIMS (and not only the ICS component of NIMS). Not including that kind of supporting material in this update is very much a missed opportunity. Planning really is the cornerstone of preparedness, yet it doesn’t seem we are providing as much support for quality and consistent planning efforts. Given the extent of time between updates, I expected better. While being largely consistent in the format and content between versions is practically a necessity, there really should have been a parallel effort, separate from document revision, to outline practices and approaches to emergency plan development. Integrating that content into the update, ideally, would have done more to support HOW each step of the planning process is accomplished, as well as providing some job aids.

Speaking of implementation support, I’m curious about how EMI’s new Advanced Planning course, which I didn’t get into the pilot offering of, builds on the Emergency Planning course and compliments use of CPG 101.

Be sure to update your own personal reference library with this new version of CPG 101. If you are interested in a review with FEMA personnel, they are providing a series of one-hour webinars. What are your thoughts on the new CPG 101?

© 2021 Tim Riecker, CEDP

Emergency Preparedness Solutions, LLC®

ESFs Aren’t for Everyone

Through the years I’ve had numerous conversations with states, cities, and others about organizing their emergency operations plans (EOPs) around Emergency Support Functions (ESFs). In every conversation I’ve suggested against the use of ESFs. Why?

Let’s start with definitions. One definition of ESFs provided by FEMA states that ESFs ‘describe federal coordinating structures that group resources and capabilities into functional areas most frequently needed in a national response’.  Another states that ESFs are ‘a way to group functions that provide federal support to states and federal-to-federal support, both for Stafford Act declared disasters and emergencies and for non-Stafford Act incidents.’ The National Response Framework (NRF) states that ESFs are ‘response coordinating structures at the federal level’.

The key word in these definitions is ‘federal’. ESFs are a construct originally of the Federal Response Plan (FRP) which was in place from 1992 to 2004. The FRP was a signed agreement among 27 Federal departments and agencies as well as the America Red Cross that outlined how Federal assistance and resources would be provided to state and local governments during a disaster. The ESFs were carried into the National Response Plan in 2004 and the National Response Framework in 2008.

While the NRF, CPG 101, and other sources indicate that other levels of government may also organize their response structure utilizing ESFs, I think any attempts are awkward and confusing at best.

Jumping to present day, the following ESFs are identified in the NRF:

  1. Transportation
  2. Communications
  3. Public Works and Engineering
  4. Firefighting
  5. Information and Planning
  6. Mass Care, Emergency Assistance, Temporary Housing, and Human Assistance
  7. Logistics
  8. Public Health and Medical Services
  9. Search and Rescue
  10. Oil and Hazardous Materials Response
  11. Agriculture and Natural Resources
  12. Energy
  13. Public Safety and Security
  14. Cross-Sector Business and Infrastructure
  15. External Affairs

The ESFs work for the Federal government by providing organizations to address the legal, regulatory, and bureaucratic coordination that must take place across various agencies. These organizations are utilized before (preparedness), during (response and recovery… though ultimately most of these transition to the Recovery Support Functions per the National Disaster Recovery Framework), and after (AAR) a disaster as a cohesive means of maintaining relationships, continuity, and operational readiness. Each of the ESFs maintains a lead agency and has several supporting agencies which also have capabilities and responsibilities within the mission of that ESF.

Where does this fall apart for states and other jurisdictions? First of all, I view Emergency Support Function/ESF as a branded name. The ESF is a standard. When someone refers to ESFs, it’s often inferred that they are speaking of the Federal constructs. ESFs are defined by the Federal government in their current plans (presently the NRF). When co-opted by states or other jurisdictions, this is where it first starts to fall apart. This creates a type of ‘brand confusion’. i.e. Which ESFs are we speaking of? This is further exacerbated if names and definitions of their ESFs aren’t consistent with what is established by the Federal government.

Further, the utilization of ESFs may simply not be the correct tool. It may be the same agencies responsible for transportation as well as public works and engineering. So why have two teams comprised of personnel from the same agencies – especially if bench depth is small in those agencies. Related to this, I’ll say that many jurisdictions (which may even include smaller states, territories, or tribes) simply don’t have the depth to staff 15 ESFs. This is why an organization should be developed for each jurisdiction by each jurisdiction based on their needs and capabilities. It’s simply silly to try to apply the construct utilized by our rather massive Federal government to a jurisdiction much smaller.

Next, I suggest that the integration of ESFs into a response structure is simply awkward. I think in many ways this holds true for the Federal government as well. Is ESF 7 (Logistics) an emergency support function or is it a section in our EOC? The same goes for any of the other ESFs which are actually organizational components often found in response or coordination structures inspired by the Incident Command System.

All that said, the spirit of ESFs is valuable and should be utilized by other jurisdictions in other levels of government. These are often referred to as Functional Branches. Similar to ESFs, they can be used before, during, and after a disaster. Your pre-disaster planning teams become the core group implementing the plans they developed and improving the plans and associated capabilities after a disaster. As functional branches, there is no name confusion with ESFs, even though there is considerable similarity. You aren’t constrained to the list of Federal ESFs and don’t have to worry about how they define or construct them. You can do your own thing without any confusion. You are also able to build the functional branches based on your own needs and capabilities, not artificially trying to fit your needs into someone else’s construct. I’ve seen a lot of states use the term State Support Function or SSF, which is certainly fine.

I will make a nod here though to a best practice inspired by the ESFs, and that is having certain standing working groups for incident management organizational elements (i.e. communications, logistics, information and planning, and external affairs) that may not be organized under the operations section or whatever is analogous in your EOC. Expand beyond these as needed. Recall that the first step in CPG 101 for emergency planning calls for developing a planning team. There is a great deal of benefit to be had by utilizing stakeholder teams to establish standard operating guidelines, job aids, etc. in these functions or others in your EOC or other emergency organizational structure. Often it’s the emergency manager or a staff member doing this, expecting others to simply walk in and accept what has been developed. If people want to work in a Planning Section for your jurisdiction, let them own it (obviously with some input and guidance as needed).

I think ESFs are a valuable means for the US Federal government to organize, but don’t confuse the matter or develop something unnecessary by trying to carbon copy them into your jurisdiction. Examine your own needs and capabilities and form steady state working groups that become functional entities during disaster operations.

© 2021 Tim Riecker, CEDP

Emergency Preparedness Solutions, LLC®

A Few Thoughts on Emergency Planning

A conversation I find myself having fairly often is about people not using plans. It’s amazing that we invest so much time, money, and effort into building plans to never see them used, even if the opportunity presents itself. Why is this? I see four primary reasons:

1. People don’t know the plans exist. There is really no excuse for this one. I find it shameful and wasteful, especially if these people are identified as action agents within that plan. There was practically no point in even developing the plan no one knows about it and their respective roles identified within. Socialization of plans once they are developed is extremely important. Minimalist effort can be made by simply sending the plan or a link to the plan, but I consider this to be inadequate as many people will dismiss it, never get to reviewing it, or not understand what they are reading. Structured briefings are the best way to initially familiarize people with the plans and their roles. It helps to have refresher training as well as ensuring that new hires are similarly trained. This can even be done as a recorded presentation or webinar, though providing a contact for questions is important. Along with socializing, remember the importance of exercises, not only to validate plans but also to help people become more familiar with plans their respective roles by taking a scenario-drive dive into the content. Does everyone in your organization or jurisdiction who has a role in a plan know about it?

2. People don’t remember the plans exist. This one is a bit more forgivable, especially for newer plans, rarely implemented plans, or for personnel who are used to “doing things the way they’ve always been done”. Still, I find these excuses to be weak at best. People’s inability to remember the plans, even granting them the distraction of the incident itself, means that the plans haven’t been socialized and reinforced enough (see item 1 above).

3. People don’t care if the plans exist. This one has been underscored considerably over the past year related to pandemic plans, point of distribution (POD) plans, and other related plans. We’ve seen many senior leaders and elected officials be completely dismissive of established plans, choosing instead to “do it their way” in an effort to exert greater control or to ensure that their name is front and center. Since this one involves a lot of ego, particularly of senior leaders and elected officials, it can be difficult to work around. That said, this underscores the importance of ensuring that elected officials and newly appointed senior leaders are adequately briefed on the existing plans when they take office, and given confidence in the plans and the people identified to implement them, as well as the important roles of elected and appointed officials.

4. People think the plans are faulty. This option is the likely more well-intentioned version of #3, where people are intentionally not using the plan because they feel (maybe true, maybe not) the plan is inadequate and feel that “winging it” is the better option. Part of this lack of confidence may be unfamiliarity with and/or validation of the plans (see item 1 above re socialization and exercises). This could be a difference of opinion or even something intentionally obstructionist. Along with socialization and exercises, I’ll also add the value of including key people in the planning process. This gives them a voice at the table and allows their input to be heard and considered for development of the plan. While you can’t include everyone in the planning process, consider that the people you do choose to involve can serve as representatives or proxies for others, especially if they are well respected, giving less reason for others to push back.

A separate, but somewhat related topic (mostly to #4 above) is about people being often dismissive of or lacking confidence in plans by expressing the saying of “No plan survives first contact with the enemy”. This saying is credited to nineteenth century Prussian military commander Helmuth van Moltke. We see this saying tossed around quite a bit in various circles, including emergency management. While I understand and respect the intent of the phrase, I don’t think this necessarily holds true. I’ve seen great plans fail and mediocre plans be reasonably successful. Why? Circumstances dictate a lot of it. Implementation as well (this is the human factor). What we need to understand is that plans provide a starting point and hopefully some relevant guidance along the way. If a plan is so detailed and rigid, it is more likely to fail. So should our plans not be detailed? No, we should put as much detail as possible into our plans as these will help guide us in the midst of the incident, especially if certain activities are highly technical or process-oriented; but we also need to allow for flexibility. Consider a plan to be a highway. Highways have exits which take us off to different places, but they also have on-ramps to help us return. A deviation from a plan does not mean we throw the plan away, as we can always get back onto the plan, if it’s appropriate. It’s also smart to build in options, as possible, within our plans to help minimize deviations. 

How we develop plans is strongly related to step 2 of CPG-101, and that is “Understand the Situation”. Without an understanding of the situation, we can’t account for the various factors involved and may not account for the circumstances for which we must develop contingencies or options. And while this assessment is part of the planning process, as well as training, exercises, and other facets of preparedness, I feel that a wholistic assessment also has value. I’ve written a lot about the POETE preparedness elements and have begun advocating for APOETE, with the A standing for Assessment. This assessment is broad based to help guide our overall preparedness activity but is not a replacement for the element-specific assessments.

My last thought is about pandemic and POD plans. I’m curious about who has used their plans during this pandemic, and if not, why not? Of course many of the assumptions we used for pandemic planning weren’t realized in this pandemic. Does this mean our pandemic plans were faulty? Not entirely. Clearly there should have been many content areas that were still useful, and even though some of the assumptions we had didn’t apply to this pandemic, they may still hold true for future public health emergencies. We’ve also learned a lot about our response that needs to be considered for plan updates, and we need to weigh how much of the reality of political blundering we should account for in our plans. In the end, what I caution against is developing a pandemic plan that centers on the COVID-19 pandemic. Preparing for the last disaster doesn’t necessarily prepare us for the next one.

Those are some of my thoughts for the morning. As always, I welcome your thoughts and feedback.

© 2021 Timothy Riecker, CEDP

Emergency Preparedness Solutions, LLC®

A New CPG 101 Draft

About a year ago, FEMA distributed a draft revision of Community Preparedness Guide 101: Developing and Maintaining Emergency Operations Plans (CPG 101). Since then we hadn’t heard much about the update progress, until yesterday. This latest draft, including in formation on how you can provide feedback, can be found here.

This latest draft incorporates some newer policies and programs not included in last year’s revision. I was pleased to see that some of the items from my feedback (and I’m certain from many others) was integrated into this draft. Some parts of the document were expanded or restructured, while other aspects were appropriately reduced (like excessive reiteration of national-level plans). It’s a much better draft than the one we saw a year ago. That said, there are some changes I’d still like to see.

Perhaps it was simply because this document is a draft, but a number of the graphics they have reused from other documents were grainy and low resolution. Clearly, they should have access to the source files for those graphics. If not, they need to redevelop them.  Aside from that aesthetic feedback, I’d like to see the document written less doctrinal and more as a tool – especially considering that most people referencing the document are likely to be less experienced planners. The document needs more references, job aids, and best practices identified. This draft does include quite a number of checklists, but those are only integrated within the text of the document. I feel those should also be included as an attachment that planners can ‘pull out’ of the main document and use as their primary reference. I’d also like to see clearer connections with other doctrine, policy, and practices, such as NIMS, THIRA, Community Lifelines, integrated preparedness plans, etc. While most of these are identified in the document, the contextualization needs to be amplified, reinforcing that these aren’t necessarily all ‘standalone’ applications or practices; that they are best utilized when specific linkages can be identified and exploited. It’s the utility for less experienced planners that I feel most strongly about.

All that said, I’m hopeful we don’t have to wait another year for this draft to become an official next version of CPG 101.

What do you think of this draft? What do you want to see included in CPG101?

© 2020 Timothy Riecker, CEDP

Emergency Preparedness Solutions, LLC®

EOC Mission Planning

I’ve been wrong. I used to teach and otherwise espouse that emergency operations centers didn’t actually do operations. I was bought in to the traditional perspective that EOCs ONLY provided resource support and information coordination. I’m not sure how or why I bought into this when on incidents I was actually involved in planning and directing certain operations. This mentality goes back, for me, about 15 years. It’s important to break this myth and acknowledge the role that EOCs can and should play in incident management.  

EOCs being involved in directing field operations is certainly nothing new. If you don’t want to take my word for it, it’s also doctrinal. Check out the EOC section of the NIMS document. “EOC staff may share the load with on-scene incident personnel by managing certain operations, such as emergency shelters or points of distribution. When on-scene incident command is not established, such as in a snow emergency, staff in EOCs may direct tactical operations.”

This post has been in the works for a while. Several months ago, I was developing structured guidance on EOC mission planning for a client and realized it would be a good topic to write about. I recently made some social media posts on the topic, with responses encouraging me to write more. So, it was clearly time to do so.

As I had posted on social media, if you don’t think an EOC actually does operations, I’d suggest that the EOCs you are familiar with either haven’t had the opportunity to properly apply mission support or they are doing something wrong. Certainly not every incident will require an EOC to provide mission support, but EOCs should be ready to do so.

EOC missions are typically initiated one of three ways:

  1. A request by incident command to handle a matter which is outside their present area of responsibility or capability,
  2. EOC personnel recognize an operational need that isn’t being addressed, or
  3. The EOC is directed to take certain action from an executive level.

As the NIMS doctrine states, operations that are prime candidates for EOC-directed missions could be emergency shelters or points of distribution. Other operations, such as debris management, or (something recently experienced by many jurisdictions) isolation and quarantine operations are also often EOC-directed.

What makes these EOC-directed missions? Typically, they are planned, executed, and managed by an EOC. This could be a multi-agency EOC or a departmental operations center. Of course, there are ‘field’ personnel involved to execute the missions, but unlike tactical activity under the command of an Incident Commander, the chain of command for EOC-directed missions goes to the EOC (typically the EOC’s Operations Section or equivalent).

Ideally, jurisdictions or agencies should be developing deliberate plans for EOC-directed missions. Many do, yet still don’t realize that execution of the plans is managed from the EOC. These are often functional or specifically emergency support function (ESF) plans or components of those plans. For context, consider a debris management plan. As with many deliberate plans, those plans typically need to be operationalized, meaning that the specific circumstances of the incident they are being applied to must be accounted for, typically through what I refer to as a mission plan. In developing a mission plan, with or without the existence of a deliberate plan, I encourage EOCs to use the 6-step planning process outlined in CPG-101. As a refresher:

  1. Form a planning team
  2. Understand the situation and intent of the plan
  3. Determine goals and objectives of the plan
  4. Develop the plan
  5. Plan review and approval
  6. Plan implementation

The planning team for an EOC-driven mission should consist, at the very least, of personnel in the EOC with responsibility for planning and operations. If several mission plans are expected to be developed, the EOC’s Planning Section may consider developing a ‘Mission Planning Unit’ or something similar. Depending on the technical aspects of the mission, technical specialists may be brought into the planning team, and it’s likely that personnel with responsibility for logistics, finance, and safety, may need to be consulted as well.

If a deliberate plan is already in place, that plan should help support the intent, goals, and objectives of the mission plan, with a need to apply specific situational information and context to develop the mission plan.

Developing the plan must be comprehensive to account for all personnel, facilities, resources, operational parameters, safety, support, reporting, documentation, and chain of command. These may need to be highly detailed to support implementation. The mission may be organized at whatever organizational level is appropriate to the incident. This is likely to be a group within EOC Operations (or equivalent). Obviously having a deliberate plan in place can help address a fair amount of this proactively. Outlining processes and position descriptions, and providing job aids will support implementation considerably.

Plan review often seems an easy thing to do, but this needs to be more than an editorial review. The review should be comprehensive, considering the operations from every possible perspective. Consider various scenarios, notionally walking through processes, and even using a red team concept to validate the plan. While this is likely going into immediate implementation, it’s best to spend some time validating it in the review stages instead of having it fail in implementation. Approval will come at whatever level is appropriate within your organization.

Plan implementation should certainly include an operational briefing for the staff executing the plan, and it should ideally be supported through an incident action plan (IAP) or EOC action plan, or a part thereof. As with any implementation, it needs to be properly managed, meaning that progress must be monitored and feedback provided to ensure that the mission is being executed according to plan and that the plan itself is effective. Understand that complex missions, especially those of longer duration, may need to be adjusted as lessons are learned during implementation.

As is typically said in ICS courses, we should begin demobilization planning as early as possible. Missions may have a completion in whole, where the entire mission is demobilized at once, or there may be a phased demobilization. Many EOCs aren’t used to developing tactical-level demobilization plans, so they need to be prepared for this.

As with any operation, identifying and documenting lessons learned is important. Deliberate plans should be updated to reflect lessons learned (and even a copy of the mission plan as a template or sample), or if a deliberate plan didn’t exist prior to the mission, one should be developed based upon the implementation.

EOCs can, in fact, run operations. I’m sure a lot of you have seen this if you have been involved in responses such as the current Coronavirus pandemic, a hurricane response, and more. Sometimes in emergency management we aren’t good at actually acknowledging what’s going on, for better or for worse. We get stuck with old definitions and don’t realize that we need to evolve, or even already have evolved; or we don’t recognize that current ways of doing things simply don’t work as intended. We seem, sometimes, to be our own worst enemy.

How does your EOC execute mission planning?

© 2020 Timothy Riecker, CEDP

Emergency Preparedness Solutions, LLC®

Thoughts on How to Improve the Planning Standard

I hope everyone is settling into the new year nicely.  One of the things I started off this year doing was going through CPG 101 and providing input to FEMA for the update of this foundational document.  (note: if you haven’t yet, get your comments in now as the deadline is soon approaching!)  CPG 101, and its predecessors, are time tested and well honed in the guidance provided on the process used for planning.  While it’s frustrating to see and hear that some people still don’t use it, that’s no fault of the document itself, but rather one of human implementation, or lack thereof.

I thought I’d share some of the feedback I sent along to FEMA on what I would like to see in the CPG 101 update.  Looking over my submission, there were two main themes I followed:

  1. Integration of other doctrine and standards
  2. Development of job aids to support use and implementation

I feel that integration of other relevant doctrine and standards into CPG 101 is incredibly important.  We know that preparedness covers an array of activities, but planning is the foundational activity, which all other activities reflect upon.  In past articles I’ve addressed the need to identify these various standards collectively, to show that while these are individual activities with their own outputs, identifying how they can and should be interconnected, offering greater value if used together.  Things like Community Lifelines, THIRA/SPR, HSEEP, and Core Capabilities need to not only be mentioned often, but with examples of how they interconnect and support planning and even each other.

Job aids are tools that support implementation.  I think job aids can and should be developed and included in the updated CPG 101 for each step of the planning process.  While some of us write plans fairly often, there are many who don’t or are going into it for the first time.  These are essentially the ideal conditions for job aids.  They help guide people through the key activities, provide them with reminders, and ultimately support better outcomes. Not only would I like to see job aids, such as check lists and work sheets, for each step, I’d also think that something that covers the whole process comprehensively, essentially a project management perspective, would be incredibly helpful to many people.

There were a couple of one-off suggestions that might not fit the categories mentioned above.  One of which was having more emphasis on the value of data from the jurisdiction’s hazard mitigation plan.  The hazard analysis conducted for hazard mitigation planning is considerably thorough, and can provide great information to support a hazard analysis (or even a THIRA for those brave enough) for purposes of emergency planning.  To be honest, this was something I didn’t really learn until about ten years into my career.  Many of the people I learned from in Emergency Management often leaned so far into response that they disregarded the value of things like mitigation or recovery.  I still find this a lot in our profession.  Once I finally took the time to go through a hazard mitigation plan, I realized the incredible amount of information contained within.  In many cases, there is more information than what is needed for the hazard analysis of an emergency plan, as the narrative and analysis in a hazard mitigation plan often goes into a measure of scientific detail, but this, too, can certainly have value for emergency planning.  Similarly, I also suggested that FP 104-009-2 (the Public Assistance Program and Policy Guide) be included as a reference in CPG 101.  Jurisdictions will strongly benefit from having plans, such as those on debris management, meeting FEMA’s reimbursement guidelines.

Lastly, I encouraged FEMA to include any content that will support plan writers in developing plans that are simply more useful.  So many plans are just a lot of boilerplate narrative, that in the end don’t tell me WHO is responsible for WHAT and HOW things will get done.  It’s so easy for us to be dismissive of action steps when writing a plan, assuming that people will know who has the authority to issue a public alert or the steps involved in activating an EOC.  CPG 101 should reinforce the need for plans to define processes and actions, identify authority, and assign responsibility.  Flow charts, decision trees, maps, charts, and other graphics and job aids are incredibly helpful to ensure that a plan is thorough while also being useful.

That’s the feedback I provided to FEMA, along with a bit of narrative as to why those things are important for inclusion in an updated CPG 101.  I’m curious to hear about the feedback that others provided.  We all tackle these documents from different perspectives, and that’s why I truly appreciate the efforts FEMA makes in these public calls for comment when they are updating certain key documents.

© 2020 – Timothy Riecker, CEDP

Emergency Preparedness Solutions, LLC®℠

 

A New CPG-101 is Coming

FEMA has recently announced an upcoming update to CPG-101.  CPG-101 is short hand for the “Community Preparedness Guide 101: Developing and Maintaining Emergency Operations Plans” document.  CPG 101 is a legacy document, which through its own versions and previous iterations has for decades has served as the standard guidance for emergency operations planning in the US.  The last update to CPG 101 was released in November of 2010.  That update introduced some best practices and lessons learned of the time, but with more recent changes to NIMS, better inclusion of EOC structures and function, the addition of Community Lifelines, updates to the National Preparedness Goal, National Response Plan, National Recovery Plan, and other lessons learned and best practices realized, an update to CPG 101 will be significant.  If you are looking for more information on CPG 101, here are a few articles I’ve written that reference it.

FEMA is soliciting input through direct feedback and a series of webinars.  Information on that can be found here: https://www.fema.gov/plan.  The deadline for feedback is January 14, 2020.  I heavily encourage participation in this effort by stakeholders across all of emergency management, public safety, and homeland security.

  • TR

EOC Management Organization

FEMA recently released a draft Operational Period Shift Brief Template for EOCs, open to public comment.  The document is fine, though there was one glaring issue… it assumes an ICS-based model is in use in the EOC.

With the release of the NIMS refresh, we were given some ‘official’ options for EOC management structures.  Unfortunately, we aren’t seeing much material that supports anything other than an ICS-based structure.  An ICS-based structure may certainly be fine, but every organization should examine their own needs to identify what works best for them.  Story time…

We recently completed a contract that included the development of a plan for a departmental operations center for a state agency.  The plan had to accommodate several considerations, including interaction with regional offices and operations, interaction with the State EOC, and integration of a call center.  When we talked to people, examined form and function, and looked at fundamental needs, the end result was an ICS-based organization.  While accommodations had to be made for translating their own agency structure and mission, it fit rather well.

For a contract we are currently working on, we are developing an EOC plan for a private utility.  Again, we reviewed documents, talked to people, and identified the fundamental needs of the company and the EOC organization.  The end result is shaking out to be something a little different.  At a glance, it’s largely ICS-based, but has some aspects of the Incident Support Model, while also having its own unique twists.  One particular observation was that their company’s daily structure has functions combined that we would normally break up in traditional ICS.  Breaking these functions up for an incident would be awkward, disruptive, and frankly, rather absurd.  Not only would personnel be dealing with something out of the ordinary, they would be changing the flow of corporate elements that have been placed together by necessity in their daily operations, which would detract from their efficiency during the incident.

My third example is a contract we are just getting started on.  This project involves developing an EOC plan for a municipality.  While we’ve had some initial discussions, we aren’t sure what the end result will be just yet.  The client isn’t set on any particular structure and is open to the process of discovery that we will be embarking on.  As I’ve thought about their circumstances and the recent and current work we’ve done on this topic, there are a few things that have come to mind.

  1. While NIMS is all about standardization and interoperability, the range of utility of emergency operations centers, in any form, and the mission, organization, an innate bureaucracy of the ‘home agency’ have a heavy influence on what the EOC’s organization will look like.
  2. While there still should be some standard elements to an EOC’s organization, there is generally less fluidity to the composition of an EOC, especially as it compares to a field-level incident command where the composition of the responding cadre of organizations can radically differ.
  3. Consider the doctrinal core concepts of ICS as really core concepts of incident management, thus we can apply them to any structure. These concepts are fundamental and should exist regardless of the organization used.  Some examples…
    1. Unity of Command
    2. Modular organization
    3. Manageable span of control
    4. Consolidated action plans
    5. Comprehensive resource management
  4. We need to acknowledge that the full benefit of organization standardization, exhibited by the ability of incident management personnel to be assigned to a new EOC and be able to immediately function, is potentially compromised to an extent, but that can be largely mitigated by adherence to the core concepts of ICS as mentioned previous. Why?  Because the system and processes of incident management are still largely the same.  These new personnel need just a bit of an orientation to the organizational structure being used (particularly if they are to be assigned in a leadership capacity at any level).

The most important consideration is to develop a plan.  That will provide extensive benefit, especially when done properly.  Follow the CPG 101 guidance, build a team, do some research, and weigh all options.  The end goal is to identify an organizational structure that will work for you, not one that you need to be forced into.  Bringing this around full circle, we need to know that with whatever system you decide to use, expect that you will need to develop your own training, job aids, and other support mechanisms since they largely don’t exist for anything outside of an ICS-based structure.  Note that even for an ICS-based model, there are needs… consider that there is no ‘official’ planning P for EOCs (one that is less tactics-focused), and, of course, that ICS training alone isn’t enough to run your EOC by.

I don’t place any blame for this need… consider that FEMA, with finite resources just like the rest of us, tries to produce things that are of the greatest utility to as much of the nation as possible, and right now, most EOCs are run on an ICS-based model.  While I hope this will expand over time, every entity will still be responsible for developing their own training on how they will organize and respond.  No training developed by a third party for a mass audience can ever replace the value of training designed specifically to address your plans.

I’m interested in hearing what changes are being made to your EOC organizations and how you are addressing needs.

© 2019 Timothy Riecker, CEDP

Emergency Preparedness Solutions, LLC

Preparedness: Integrating Community Lifeline Considerations

Much of preparedness is about getting us ready to conduct situational assessment and prioritization of actions.  We train people and develop resources, such as drones, field-deployed apps, and geographic information systems (GIS) to support situational assessment.  The information we obtain from these assessments help in the development and maintenance of situational awareness and, when shared across disciplines, agencies, and jurisdictions, a common operating picture.  Based upon this information, leaders at all levels make decisions.  These decisions often involve the prioritization of our response and recovery actions.  Ideally, we should have plans in place that establish standards for how we collect, analyze, and share information, and also to support the decision making we must do in prioritizing our actions.  Exercises, of course, help us to validate those plans and practice associated tasks.

One significant hurdle for us is how overwhelming disasters can be.  With just slight increases in the complexity of a disaster, we experience factors such as large geography, extensive damages, high numbers of lives at risk, hazardous materials, and others.  Certainly, we know from Incident Command System training that our broad priorities are life safety, incident stabilization, and property conservation – but with all that’s happening, where do we start?

One thing that can help us both assessment and prioritization are community lifelines.  From FEMA: “Community lifelines reframe incident information to provide decision-makers with impact statements and root causes.”  By changing how we frame our data collection, analysis, thinking, and decision-making, we can maximize the effectiveness of our efforts.  This shouldn’t necessitate a change in our processes, but we should incorporate community lifelines into our preparedness activities.

The community lifelines, as identified by FEMA, are:

  • Safety and Security
  • Food, Water, and Sheltering
  • Health and Medical
  • Energy
  • Communications
  • Transportation
  • Hazardous Materials

If this is your first time looking at community lifelines, they certainly shouldn’t be so foreign to you.  In many ways, these are identified components of our critical infrastructure.  By focusing our attention on this list of items, we can affect a more concerted response and recovery.

FEMA guidance goes on to identify essential elements of information (EEI) we should be examining for each community lifeline.  For example, the lifeline of Health and Medical includes the EEIs of:

  • Medical Care
  • Patient Movement
  • Public Health
  • Fatality Management
  • Health Care Supply Chain

Of course, you can dig even deeper when analyzing any of these EEIs to identify the status and root cause of failure, which will then support the prioritization of actions to address the identified failures.  First we seek to stabilize, then restore.  For example, within just the EEI of Fatality Management, you can examine components such as:

  • Mortuary and post-mortuary services
  • Transportation, storage, and disposal resources
  • Body recovery and processing
  • Family assistance

The organization of situation reports, particularly those shared with the media, public, and other external partners might benefit from being organized by community lifelines.  These are concepts that are generally tangible to many people, and highlight many of the top factors we examine in emergency management.

Back in March of this year, FEMA released the Community Lifelines Implementation Toolkit, which provides some great information on the lifelines and some information on how to integrate them into your preparedness.  These can go a long way, but I’d also like to see some more direct application as an addendum to CPG-101 to demonstrate how community lifelines can be integrated into planning.  Further, while I understanding that FEMA is using the community lifeline concept for its own assessments and reporting, the community aspect of these should be better emphasized, and as such identifying some of the very FEMA- and IMAT-centric materials on this page as being mostly for federal application.

Has your jurisdiction already integrated community lifelines into your preparedness?  What best practices have you identified?

© 2019 – Timothy Riecker, CEDP

Emergency Preparedness Solutions, LLC℠®

Airport Emergency Planning

Through my career I’ve had the opportunity to work with a number of airports on preparedness efforts.  In the past couple of years, that interaction has been greatly amplified through a contract my company successfully completed involving the development of exercises for airports.  As part of this effort, we designed, conducted, and evaluated exercises at ten airports of varying sizes across the nation, from Georgia to Alaska, Massachusetts to California.  Since the primary intent of exercises is to validate plans, we of course requested and reviewed airport emergency plans (AEPs) from each location as part of our preparation for each exercise.

For those not in the know, the requirement for AEPs originates with Federal Aviation Regulation 14 CFR Part 139, which wholly establishes the standards for the certification of airports.  The requirements for AEPs are further refined in DOT/FAA Advisory Circular 150-5200-31C published in May of 2010.   The Advisory Circular is largely implementation guidance.  It’s quite comprehensive and outlines a planning structure, references emergency management doctrine and standards of practice such as NIMS and the National Response Framework, and models a planning process, which mirrors that of CPG-101.  The NFPA also provides guidance in NFPA 424: Guide for Airport/Community Emergency Planning, which reflects on all these as well.

Just like any community emergency operations plan (EOP), AEPs I’ve reviewed run the full spectrum of quality.  Some plans are thorough and comprehensive, while other plans are so focused on meeting the letter of the regulation that they fall short of meeting real needs and being implementation-ready, even though they technically meet the requirements set forth in §139.325.  Regulated industries, which airports largely are, often have a challenge when it comes to emergency planning.  We see this same challenge in radiological emergency plans as well.  The laws and regulations seem to provide so much structure that it is perceived that local variables and subjective analysis aren’t allowed.  As an example, §139.325 states:

“the plan must contain instructions for response to:

  1. Aircraft incident and accidents
  2. Bomb incidents, including designation of parking areas for the aircraft involved
  3. Structural fires
  4. Fires at fuel farms or fuel storage areas
  5. Natural disaster
  6. Hazardous materials/dangerous goods incidents
  7. Sabotage, hijack, or other unlawful interference with operations
  8. Failure of power for movement area lighting
  9. Water rescue situations (as appropriate)”

While the planning process isn’t prescribed in §139.325, nor does it specify if other hazards can be included in the AEP, the Advisory Circular (AC) does expound on this and prescribes a planning process, including a hazard analysis.  The AC states “Through the hazards analysis program, guidance has been provided to assist in the identification of those hazards and disasters specific to an airport that warrant planning attention”.  That phrasing indicates that airports should be planning for hazards beyond what is required by §139.325, yet I’ve seen many that do not.

Obviously ‘natural disaster’ covers a considerable amount of proverbial territory.  Jurisdictions undergo extensive hazard analysis and hazard mitigation planning to identify the breadth and scope of these hazards (which should include all hazards, not just natural disasters).   Many jurisdictions develop very comprehensive EOPs and annexes to address the response needs of each of their primary hazards.  I saw this as a significantly missing component in many AEPs, which treated ‘natural disasters’ as a single hazard.  Further, as many airports stick to the minimum requirement for planning, they fail to address other hazards which could impact them, ranging from dam failure, and nuclear power facility incidents, to currently hot topics such as active shooter/hostile event response (ASHER) and communicable diseases.

Some airports have thankfully recognized the need for expanding beyond the required hazards and have developed plans that better address all of their needs.  On the unfortunate side, again as a regulated industry, I’ve also seen some airports having two sets of plans… one that meets regulation and the other that they feel is more practical for implementation.  Clearly this isn’t the way to go either.  A single, consolidated plan can be developed that meets all needs.

Airports are an interesting animal.  Regardless of governance structure, they are part of the communities which surround them.  Larger airports are also communities of their own, having significant capability, sometimes more than the surrounding jurisdictions.  Airport emergency planning should acknowledge and involve their community relationships and must address all hazards, not just the ones required by Part 139.  Just as with any other type of emergency plan, they must be implementation-ready.  To do so typically requires the added development of standard operating guidelines (SOGs) and job aids, such as check lists and forms.  Plans should also be developed to address recovery issues and business continuity, not just response.  An airport, regardless of governance structure, operates like a business, with many other stakeholders dependent upon their stability and ability to address and rapidly recover from incidents.  They are also obviously transportation hubs, dealing with large volumes of people and significant dollar figures in freight and commerce.

Airport emergency managers have many of the same challenges as the emergency managers of any other community.  Staffing and funding rarely line up with requirements and other priority matters.  I encourage community emergency managers to reach out to their local airports and coordinate, as many hands make easier work for everyone.  Of course, if any airports are seeking assistance in enhancing their preparedness, please contact us as we would love to work with you!

© 2018 – Timothy Riecker, CEDP

Emergency Preparedness Solutions, LLC™