Operational Readiness in Emergency Management

Back in 2017 I wrote a piece on defining operational readiness.  It’s a topic, which, after some recent discussion with a colleague, I think bears revisiting and expanding upon.  Specifically, how we apply it in emergency management, or not.  Readiness is really a final comprehensive perspective of preparedness.  That is, once you have reached a certain level of preparedness, you can be ready, but being prepared doesn’t necessarily make you ready.  Preparedness is generally perceived as an ongoing process, though a state of readiness is typically a snapshot in time.

It struck me that the military tends to have more of a focus on readiness, while emergency management has a focus on preparedness.  While you will find both concepts within the doctrine of emergency management and military, the actual applications are considerably skewed.  After my discussion, I began to wonder why there this difference exists and what we can learn from it.

Having worked a considerable amount with various National Guard elements, I’ve come to highly respect their processes and their endeavor for readiness.  Not that we don’t have similar rigor in emergency management, but the focus seems to be more on the processes of preparedness rather than a state of operational readiness.  Sometimes the differences are so subtle that I have to sit back and think them through, but they are certainly there, and they are meaningful.  Given the military’s focus on operational readiness, they serve as a good source of information, though it needs to be properly filtered for application to emergency management.

As I’ve applied more thought to this, I’ve assembled a refined definition of readiness as it applies to emergency management, that being:

[Readiness is the nexus of benchmark outcomes of preparedness matched with the needs of a specific kind and type of response. A state of operational readiness is achieved when all applicable preparedness benchmarks are met and the organization is willing and able to adequately leverage the resulting capabilities against a corresponding threat or hazard.]

I’ve put together a graphic I think reasonably represents this relationship below.  Readiness is represented by a cloud because, as I explore further in this writing, it is itself rather amorphic and complex.

Readiness

To explain the components of my definition…  Readiness comes from a culmination of outcomes from preparedness activities, but only when each of these outcomes achieves a specific benchmark state.  The achievement of benchmarked preparedness activities define a measure of capability.  These capabilities are associated with a specific threat(s) or hazard(s).  As such, that state of readiness is only applicable to a specific kind (threat or hazard) and type (size and complexity) incident.  To help illustrate my points, here are a couple of examples using field response scenarios:

We can assume that a volunteer fire department is prepared to handle a room and contents fire.  They should have all the elements needed to do so, and in fact, these elements have standards (benchmarks) defined by the NFPA and state fire marshals.  Does this mean they have achieved readiness?  Hopefully yes, but perhaps not.  Given the rather extensive crisis of low membership in volunteer fire departments, the department in question may not have adequate staff to respond to this fire if it occurs, for example, in the middle of a week day.  This gives them a measure of degraded, or even negligible readiness.

Similarly, if we take the same fire department, having accomplished the benchmarks of preparedness for response to a room and contents fire, and even given adequate staff to do so, they may not have a state of readiness to fully address a hazardous materials incident.  While many of the elements of preparedness apply to both types of incidents, there are some critical differences which they would have to overcome to establish a state of readiness for a different type of incident.  Likewise, we could revert back to the room and contents fire and make it bigger – say a fully involved structure fire. While the department might have operational readiness to address the room and contents fire, they may not have the operational readiness to address a structure fire.

I think it’s fair to say that we can be prepared for something without having operational readiness for it.  Years ago, when there was a planetary ‘near miss’ by a meteor, a news outlet contacted our state OEM PIO.  They asked if we had a plan for a meteor strike.  The PIO acknowledged that we didn’t have a plan specific to that, but we did have a comprehensive emergency management plan, through which, and supported by various functional annexes, we were prepared to respond to such an incident and its effects should it occur.  Was the PIO wrong?  Not at all.  Assuming the other elements of preparedness were reasonably in place (and they were), it would be fair to say we were generally ‘prepared for anything’.  Were we ready, however?  Absolutely not.  The operational readiness needs for such an extraordinary, high impact incident are near-impossible to achieve.

When we examine this, it’s important to identify that a state of readiness can wax and wane, based on our ability to apply the identified preparedness measures to the incident in question. Considering the first example of the fire department and the room and contents fire, the department has a state of operational readiness when, as included in the definition I gave, all the preparedness benchmarks are met and they are willing and able to adequately leverage the resulting capabilities against a corresponding threat or hazard.  Changes in capability and/or the willingness or ability to apply those capabilities will result in degradation of readiness.  Depending on the factor in question, it may fully disqualify their readiness, or it may decrease their readiness by some measure.

So why is readiness important?  Readiness is the green light.  If we accomplish a state of operational readiness, we increase our chances of success in addressing the threat or hazard in question.  If we haven’t achieved readiness, we still can obviously be successful, but that success may come at a greater cost, longer period of time, and/or increased error.

How do we achieve readiness?  The current approach we have in emergency management certainly isn’t enough.  While some efforts may culminate in operational readiness, there is, as a whole, a significant lack of focus on operational readiness.  This seems to largely be a cultural issue to overcome.  In general, we seem to have the attitude that preparedness equates to readiness, and that preparedness itself is an end state. Even though we intuitively, and doctrinally, know that preparedness is a cycle, we seem to take comfort in ‘completing’ certain tasks among the preparedness elements – planning, organizing, equipping, training, exercises, and improvement – and then assuming readiness.  Readiness itself is actually the end state, though it is a dynamic end state; one that we can easily lose and must constantly strive to maintain.  To accomplish and maintain operational readiness, it is imperative that we aggressively and rigorously pursue activity in each of the elements of preparedness.  We must also continually monitor our ability to execute the capabilities we are preparing.  That ability, ultimately, is our measure of readiness.

The scale and unit of measuring readiness is something I’m not exploring in depth here (it really warrants its own deliberate effort), but expect to revisit in the future.  I surmise that the factors may be different based upon the various capabilities, and types and kinds of threats/hazards we are trying to address.  We need to examine capability requirements at a granular (task) level to truly assess our current state of readiness and identify what we need to address to increase our readiness.  I also assume that there is a somewhat intangible factor to readiness, one that likely revolves around the human factor. Things like leadership, decision-making, confidence, and ability to improvise. The measure of readiness may also involve certain external factors, such as weather.  The measurement of readiness certainly is complex and involves numerous factors.

I do know that practice is a significant factor in operational readiness.  Earlier I mentioned my experience with the National Guard.  Much of that revolves around exercises, which is one of the best (though not the only) measures of readiness.  Operational military units seem to constantly exercise.  Sometimes small scale, sometimes large.  They exercise different aspects, different scenarios, and different approaches.  It’s the regular repetition that builds competence and confidence, along with identifying shortfalls within the capability such as planning gaps, equipment failures, and the need to anticipate and prepare for certain contingencies.  While we exercise a fair amount in emergency management, we still don’t exercise enough.  I see a lot of people in emergency management leadership develop a complacency and virtually declare that ‘close enough is enough’.  It’s absolutely not enough to exercise a plan or capability once a year, which is something we often see (and often at best).

Preparedness is not something we achieve, it’s something we do; but through it we strive to achieve and maintain readiness.

It’s interesting to note that at the level of federal doctrine, we have a National Preparedness Goal.  We need to recognize that preparedness isn’t the goal – Readiness is.  A possible starting point for change would be the assembly of a blue-ribbon panel, likely by FEMA, to explore this topic and provide recommendations on a unified way ahead for emergency management to recognize the need for operational readiness, including purposeful changes in doctrine and culture to emphasize this desired end state.  We need a solid definition, means of measurement, guidelines for implementation, and an identification of the barriers to success with recommendations on how to overcome them (yep, I already know money and staff are the big ones).

I hope I’ve given some food for thought in regard to readiness.  The simple act of writing this and the bit of associated reading and thinking I’ve done on the topic certainly has me thinking about things differently.  As always, I’m curious to hear your thoughts on operational readiness, what it means to you, and what we can do to achieve it.

© 2020 Timothy Riecker, CEDP

Emergency Preparedness Solutions, LLC®

 

 

 

NEW: 2020 HSEEP Revision

Earlier today FEMA dropped the latest version of the Homeland Security Exercise and Evaluation Program (HSEEP) doctrine.  Doing a quick comparison between this new version and the previous (2013) version, I’ve identified the following significant changes:

  • They replaced the ‘Elected and Appointed Officials’ mentions within the document with ‘Senior Leaders’. This makes sense, since often the elected and appointed officials simply aren’t involved in many of these activities.  The previous terminology is also exclusionary of the private sector and NGOs.
  • The document specifically references the Preparedness Toolkit as a go-to resource.
  • A big emphasis through the document is on the Integrated Preparedness Cycle (see the graphic with this post). The Integrated Preparedness Cycle covers all POETE (Planning, Organizing, Equipping, Training, and Exercising) elements plus Evaluate/Improve.  The graphic also eludes to these activities not necessarily happing in a specific order, as well as the consideration of Preparedness Priorities and Threats, Hazards, and Risks.  Developing a preparedness plan is something I wrote about back in 2016.
  • Integrated Preparedness Cycle
    • Going along with the Integrated Preparedness Cycle, they have done away with the Training and Exercise Plan (TEP) and replaced it with the Integrated Preparedness Plan (IPP), which is developed through input obtained during an Integrated Preparedness Planning Workshop (IPPW). I serious HOPE this shift is successful, as I’ve mentioned in the past how often the training aspect of the TEP was ignored or phoned in.  This approach also does a lot to integrate planning, organizing, and equipping (but ESPECIALLY planning) into the effort.  This is all tied together even more if a jurisdiction has completed a THIRA.  The Integrated Preparedness Cycle and IPP are the things I’m happiest about with the updated document.
  • The new document provides easier to find and read layouts for information associated with exercise types and each of the planning meetings.
  • For years, HSEEP doctrine has suggested (though thankfully not required) an ICS-based organization for exercise planning. I’ve never used this as I found it awkward at best (though I know others often use it and have success in doing so).  The update provides a different suggestion (better, in my opinion) of a functionally organized planning team organization.  Consider that this is still a suggestion, and that you can use it, or a version of it, or an ICS-based one, or anything else you desire.
  • The update provides better delineation between the planning and conduct needs of discussion-based exercises vs those of operations-based exercises. Those of us who have been doing it for a while know, but for those who are new to exercises this should be very helpful.
  • Lastly, the document suggests making corrective actions SMART, as these are really objectives.

FEMA is hosting a series of webinars (listed on the HSEEP website) to discuss these changes.

I’m very happy with the changes made to the doctrine.  It’s a great continued evolution of HSEEP and preparedness as a whole.  For as much as I’m a champion of the Integrated Preparedness Plan, though, having it (thus far) only included in the HSEEP doctrine makes it easy to miss or dismiss by some.  I’m hopeful broader promotion of this concept, perhaps even including it as an emergency management performance grant requirement, will help adoption of this concept.

What are your thoughts?

© 2020 Timothy Riecker, CEDP

Emergency Preparedness Solutions, LLC®

ICS Training Sucks: A Revival

It’s sad to say that in the past four and a half years of stumping for changes in ICS training, we have seen little progress.  I was recently sent a response org chart developed by an agency that completely tore apart ICS and rebuilt it in a fundamentally different image.  ICS is a standard.  It shouldn’t be changed.  Once you change it, especially at fundamental levels, you no longer have a standard.  It has innate flexibility, but those are applied without changing the fundamentals.  I vented some of my frustration about this last night on Twitter, to a mix of celebration and naysayers, as expected.  Some of those naysayers think the system simply doesn’t work. Others think the system simply can’t accommodate their type of agency.

(note that I’m using the word ‘agency’ here to mean any type of government, non-government, or private sector organization.  I decided to use it since I’m also heavily using the term ‘organization’ in regard to the structure we apply for a response)

So let’s back up a bit.  Why is this happening?  It starts with people having some knowledge of ICS and, with good intentions, wanting to adapt it to their agency and their circumstances.  But there is simply no reason to do any adaptation.  The functions outlined in ICS are all you need in a field-level response.  I’ve heard all the excuses – “We need to make it work for us.”  “FEMA needs to build an ICS for our type of agency.”  “It’s not you, it’s me.” I’ve worked with a lot of stakeholders across a lot of sectors across the whole country, and I have yet to find a field-level response that I can’t organize without violating the fundamentals of ICS.

I’m sure I’ve said this before, but adhering to the standard is important because if we don’t adhere to a standard, we are out of the loop.  If enough people don’t adhere to a standard, it’s no longer a standard.  Either way, the benefits of having a standard are crumpled up and thrown away.

One problem is that a lot of entities, particularly large agencies with multiple components, like to ensure that every function or department within their static structure is represented in an ICS model.  This isn’t what ICS is built for.  If you are seeking specific representation, you can assign agency representatives to the ICP or the EOC, or use a department-based EOC model, but the foundational ICS structure itself isn’t intended to reflect your static organization.  You have an animal control officer.  Do they need to be represented in your pre-planned ICS org chart?  No, they are brought in as a resource if needed, likely in Operations.  You have an IT department.  Do they need to be represented in your pre-planned ICS org chart?  Not as a department. But their capability is identified, likely for assignment within Logistics.  It’s not about recreating ICS to fit your static organization.  It’s about knowing the capabilities of your static organization and applying them within the established ICS structure when and how they are needed. 

Let’s put this out there… ICS isn’t just for you, it’s for everyone.  What I mean is that the greatest benefit of ICS (the prime reason it was actually devised) is for multi-agency operations.  In a local incident of any significance, your agency is likely to be part of a multi-agency response.  Depending on the type of incident, scope, location, and other factors, certain positions will be staffed with personnel selected from the agencies with primary responsibility and, hopefully, with qualified staff.  So that carefully crafted org chart you have developed for your agency’s response is largely irrelevant in a multi-agency operation.  Yes, your agency certainly should have a go-to model for single-agency responses, but consider that a single-agency response probably isn’t going to need a full-blown org chart.

There is a difference, though… and that’s for EOCs, or more specifically departmental emergency operations centers.  These are, by definition, not multi-agency, and established to support your own agency’s needs for deployment, sustainment, internal coordination, and matters that may not be addressed at the field-level.  EOCs have a variety of organizational models available to them, which don’t necessarily need to be ICS.   A problem I often see is agencies trying to accomplish everything in one org chart.  They are trying to fit executive level positions in with field response.  Stop.  Take a breath and figure out what you are trying to accomplish.  It’s OK (and perhaps necessary) for your agency to have two organizational models to accomplish what you need, depending, of course, on your agency’s role, responsibilities, and capabilities.  You may need a field-level organization that addresses a tactical response (this is ICS-based) and an EOC organization that supports that response and the needs of your agency as a whole in regard to the incident (again, lots of options for the EOC organization).  Also consider, depending on your agency, that a policy group may be necessary to guide things.  A policy group is non-operational and they essentially exist to make the broad-reaching decisions on behalf of the organization.

Why are we seeing such extensive mis-applications of ICS?  First, people still don’t understand ICS.  Second, they aren’t truly considering the needs of their agencies.  The irony is that many of the people doing this DO think they understand ICS and that they are making changes to it to better serve the needs of their agencies.  So… we’re still maintaining that ICS Training Sucks.  Do I have a total solution to that problem?  No. But in the articles you find in that link, I certainly have some ideas.  I’ve also found a great many kindred spirits in this whole crusade that agree with the need for change in how we train people in ICS.

What I do know is that the solution isn’t as straight forward as we would like it to be.  Considerations:

First, we are considerably tainted by our knowledge of current and past ICS curricula.  When talking with people about how to fix ICS training, I have to regularly remind myself to push that knowledge aside and look at the problem with fresh eyes.  Lessons learned aside; we can’t move forward when we are still planting ourselves in what is in use now.

Second, we need to consider that there may not be a single solution that fits all needs.  I still think we may need a curriculum structure similar to that used for HazMat training, which addresses the needs of different user groups (i.e. Awareness, Operations, Technician, Planner, Commander).

Third, we need to actually teach people how to apply ICS.  At present, with only a bit of exception, true application of ICS isn’t deliberately instructed until someone takes position-specific and incident management team training.  This in no way meets the needs of most agencies, many of which are volunteer, and have limited availability to go away for several weeks to get the training they need.

Fourth, recognize that if you aren’t using ICS regularly (and I mean at a large scale), your knowledge and skill degrades.  Refresher training should be required and scenario-based learning should be incorporated across the curriculum.

Fifth, stop trying to re-develop ICS.  Trust me, all the needed capabilities of your agency for a field-level response fit within an ICS org chart.  It’s not about your static organization, it’s about capabilities.  Identify and assign capabilities.

I love the continued dialog and attention this topic gets.  The only way we will see positive change is by continuing that dialog.  Please share these blogs and your ideas with colleagues.  Let’s keep spreading this and striving for change.

© 2020 Timothy Riecker, CEPD

Emergency Preparedness Solutions, LLC

~~

In memoriam: I humbly dedicate this post to a friend and colleague who recently lost a battle with cancer.  Phil Politano is known by many for his good nature, his gregarious laugh, and his incredible knowledge as a Public Information Officer.  I’ve known Phil since about 2002, and had worked with him on incidents, taught classes with him, and learned a lot from him.  Phil eventually left Central NY and moved his family a bit south, taking a job with FEMA’s Emergency Management Institute.  There, his talents were applied to their greatest extent.  He reshaped PIO training, spread that gospel to people from all around the world, and supported large scale responses with his knowledge, skills, and abilities.  He was a master in his craft and shared his mastery with anyone who wanted to learn.  He was an incredible practitioner, a great friend, and a wonderful person.  He made us all better simply by knowing him.   He is missed by so many.  Rest well.

 

 

Public-Private Partnerships Should be a Two-Way Relationship

Public-private partnerships are not a new concept to emergency management.  There are municipalities, regional areas, and states that have formed committees and strategized how the private sector can provide support during a disaster.  Certainly we have seen a lot of support, on both a large scale and locally, from the ‘big box’ stores, such as Wal-Mart, Lowes, and Home Depot.  Tide’s Loads of Hope program, something so simple but extraordinarily impactful, provides a means for disaster victims to have clean clothing.  Insurance companies have established a response capability to expedite their assessments and services to their clients.  Private sector partners know that these things are not just good public relations, but that they have a means of supporting communities that government and relief organizations may not.

There is another aspect to public-private partnerships that doesn’t seem to be widely addressed, and that’s the community business.  How can they help the community in a disaster?  First, business continuity is essential, since they may also be impacted by the disaster.  Small businesses don’t have the level of capability to leverage that large companies do.  Yes, the SBA can help them with long-term recovery, but the ability of some small businesses to get back to operations quickly can directly help a community recover.  I work with a lot of small communities, many of them serviced by small shops and independent grocers.  There are no big box stores for many, many miles.  For grocers, power outages result in spoiled food.  Road closures result in crippling supply chain problems.  While we’d like all businesses to have mitigation measures and preparedness for disasters, many small businesses simply don’t have the capitol to invest in things like generators and they obviously can’t control road closures.

What’s to be done?  Local municipalities absolutely need to bring these small business owners to the table, establish relationships, identify their needs, and consider identifying them as part of the community’s critical infrastructure.  The resilience of small grocers, lumber companies, and other purveyors is essential to the resilience and recovery of so many small towns.  The impacts are easy to see… if a store can keep running, they are not only providing essential goods and services to the community, they are also supporting the economy by keeping their employees working. What do they need?  Things like power and access, obviously, but tangential things like the availability of child care is huge.  Following disasters schools usually close and often become community shelters. Many parents work when their kids are in school.  If school is closed, they need access to child care.

How far can government go in supporting the private sector?  Many governments tend to avoid supporting the private sector as if it were some kind of disease.  It took many months to convince FEMA in the aftermath of Sandy to make dredging of private marinas eligible for disaster cost recovery.  These marinas (mostly small businesses themselves) support capabilities of fire and police watercraft, recreation (which has economic impact), and a significant fishing and crabbing industry, which is the livelihood of many off and on shore.  Obviously, FEMA needs to maintain accountability of funds and ensure they are being spent appropriately, but a big part of this was resistance to the idea of government providing direct support to the private sector.

While I agree that there are many nuances to this situation, it seems that in many cases the impact of small, local businesses in short-term recovery are disregarded, especially by state and federal governments, and that there exists a one-way door for business participation, where in this ‘partnership’ they are asked to provide goods and services, but how is government contributing to that partnership?  With the big box stores and other large companies, local governments certainly help with some permit expediting and perhaps physical space to set up and access to utilities, there is typically not much support required beyond that.  Small businesses may need more direct support to recover.  They may need help clearing their private access road or parking lot.  They may need the public road they are located on to be cleared for traffic sooner.  They may need a generator that can power their building.  They may need quantities of potable water brought on-site.  Their employees may need child care or public transportation.  These are things they either can’t immediately afford or simply don’t have access to. Local government may have better access to these resources, though, and with the justification of these small businesses providing essential goods and services to the community, the choice is easy.

Does this open government to potential criticism?  Absolutely.  Some business owners may claim discriminatory practices of government supporting some businesses and not others.  Some tax payers may even complain about the use of tax dollars in such a fashion.  While people may always complain, legal consequences and public relations problems should certainly be mitigated.  The road to addressing this is preparedness.  Engage your local attorney and the legal council for the state’s emergency management agency.  Municipal laws and state laws regarding authorities that can be enacted during a state of emergency need to be explored to not only make sure that local government has the legal ability to provide this support, but the conditions and procedures required for doing so.  The legal sources and procedures and standards for providing this support should be documented and made part of the local emergency plan. The municipality should have a criteria for determining what types of businesses could be included in such direct support (what is regarded as the municipality’s privately owned critical infrastructure?), and even outline requirements for those businesses, such as having a business continuity plan, implementing certain resiliency measures, or participating in coordination activities prior to a disaster.  Memoranda of understanding may be required, or other legal tools to identify the terms and conditions of support.

While this type of support from government to the private sector isn’t common, there are some municipalities who do it well.  I’m certainly interested in hearing what you’ve implemented and what best practices you’ve identified.

© 2020 Timothy Riecker, CEDP

Emergency Preparedness Solutions, LLC®℠

Thoughts on How to Improve the Planning Standard

I hope everyone is settling into the new year nicely.  One of the things I started off this year doing was going through CPG 101 and providing input to FEMA for the update of this foundational document.  (note: if you haven’t yet, get your comments in now as the deadline is soon approaching!)  CPG 101, and its predecessors, are time tested and well honed in the guidance provided on the process used for planning.  While it’s frustrating to see and hear that some people still don’t use it, that’s no fault of the document itself, but rather one of human implementation, or lack thereof.

I thought I’d share some of the feedback I sent along to FEMA on what I would like to see in the CPG 101 update.  Looking over my submission, there were two main themes I followed:

  1. Integration of other doctrine and standards
  2. Development of job aids to support use and implementation

I feel that integration of other relevant doctrine and standards into CPG 101 is incredibly important.  We know that preparedness covers an array of activities, but planning is the foundational activity, which all other activities reflect upon.  In past articles I’ve addressed the need to identify these various standards collectively, to show that while these are individual activities with their own outputs, identifying how they can and should be interconnected, offering greater value if used together.  Things like Community Lifelines, THIRA/SPR, HSEEP, and Core Capabilities need to not only be mentioned often, but with examples of how they interconnect and support planning and even each other.

Job aids are tools that support implementation.  I think job aids can and should be developed and included in the updated CPG 101 for each step of the planning process.  While some of us write plans fairly often, there are many who don’t or are going into it for the first time.  These are essentially the ideal conditions for job aids.  They help guide people through the key activities, provide them with reminders, and ultimately support better outcomes. Not only would I like to see job aids, such as check lists and work sheets, for each step, I’d also think that something that covers the whole process comprehensively, essentially a project management perspective, would be incredibly helpful to many people.

There were a couple of one-off suggestions that might not fit the categories mentioned above.  One of which was having more emphasis on the value of data from the jurisdiction’s hazard mitigation plan.  The hazard analysis conducted for hazard mitigation planning is considerably thorough, and can provide great information to support a hazard analysis (or even a THIRA for those brave enough) for purposes of emergency planning.  To be honest, this was something I didn’t really learn until about ten years into my career.  Many of the people I learned from in Emergency Management often leaned so far into response that they disregarded the value of things like mitigation or recovery.  I still find this a lot in our profession.  Once I finally took the time to go through a hazard mitigation plan, I realized the incredible amount of information contained within.  In many cases, there is more information than what is needed for the hazard analysis of an emergency plan, as the narrative and analysis in a hazard mitigation plan often goes into a measure of scientific detail, but this, too, can certainly have value for emergency planning.  Similarly, I also suggested that FP 104-009-2 (the Public Assistance Program and Policy Guide) be included as a reference in CPG 101.  Jurisdictions will strongly benefit from having plans, such as those on debris management, meeting FEMA’s reimbursement guidelines.

Lastly, I encouraged FEMA to include any content that will support plan writers in developing plans that are simply more useful.  So many plans are just a lot of boilerplate narrative, that in the end don’t tell me WHO is responsible for WHAT and HOW things will get done.  It’s so easy for us to be dismissive of action steps when writing a plan, assuming that people will know who has the authority to issue a public alert or the steps involved in activating an EOC.  CPG 101 should reinforce the need for plans to define processes and actions, identify authority, and assign responsibility.  Flow charts, decision trees, maps, charts, and other graphics and job aids are incredibly helpful to ensure that a plan is thorough while also being useful.

That’s the feedback I provided to FEMA, along with a bit of narrative as to why those things are important for inclusion in an updated CPG 101.  I’m curious to hear about the feedback that others provided.  We all tackle these documents from different perspectives, and that’s why I truly appreciate the efforts FEMA makes in these public calls for comment when they are updating certain key documents.

© 2020 – Timothy Riecker, CEDP

Emergency Preparedness Solutions, LLC®℠

 

The 2019 National Preparedness Report, or ‘How Are We Measuring Preparedness?’

FEMA recently released the 2019 National Preparedness Report.  Simply put, I’m confused.  Nothing in the report actually lines up with doctrine.  It leaves me wondering how we are actually measuring preparedness.  So what’s the issue?

While the National Preparedness Report is initially structured around the five mission areas (Prevention, Protection, Mitigation, Response, and Recovery), the only full inclusion of the Core Capabilities in the report is a table on page 9, outlining usage of grant funds per Core Capability.  After this, the Core Capabilities for each mission are listed in the title page for each mission area within the detailed findings for those mission areas.  No detail of progress within these Core Capabilities is provided, however.  With the absence of this analysis, we are not seeing data on the progression of preparedness, which, per the National Preparedness Report, is measured through the lens of each of the Core Capabilities.

This is further confused on pages 45 and 48, in particular, where tables list the Community Lifelines with some sort of correlated ‘capabilities’ (noted with a lowercase ‘c’… thus not the Core Capabilities).  These capabilities are not from any doctrine that I can find or recall, including the components and subcomponents for each Community Lifeline provided in the Community Lifelines Toolkit.  For each of these they provide some analytical data, but it’s unclear what this is based upon.  The methodology provided early in the document does nothing to identify why this change in format has occurred or where these specific data sets come from, much less why they are deviating from the previous format and the standards provided through the National Preparedness Goal.

Some perspective… It would seem logical that the National Preparedness Report would be assessing our national state of preparedness relative to the National Preparedness Goal, as it has since its inception.  The National Preparedness Goal is structured around the five mission areas and the 32 Core Capabilities.  With the emergence of the Community Lifelines and their inclusion in the recent update of the National Response Framework, it makes sense that we will see Community Lifelines further integrated into standards, doctrine, and reports, but they have yet to be integrated into the National Preparedness Goal (the current version is dated 2015).  We have not yet seen a comprehensive crosswalk between the Community Lifelines and the Core Capabilities, but it should be recognized that there are certain aspects, even if you just examine the Response Mission Area, that don’t match up.

In an unrelated observation on the National Preparedness Report, the trend continues with citing after action reports from the year, but not actually providing any analysis of lessons learned and how those are being applied across the nation.

Bottom line… while there are some valuable nuggets of information included in this report, I find most of it to be confusing, as it lacks a consistent format on its own, as well as inconsistency with the existing standard of measurement as defined by the National Preparedness Goal.  Why is this a big deal?  First, it’s a deviation from the established standard.  While the standard may certainly have room for improvement, the standard must first be changed before the metrics in the reporting can be changed.  Second, with the deviation from the standard, we aren’t able to measure progress over time.  All previous National Preparedness Reports have provided data within the scope of Core Capabilities, while this one largely does not.  This breaks the possibility of any trend analysis.  Third, there is no reasoning provided behind the capabilities (lowercase ‘c’) associated with each of the Community Lifelines in the report.  It’s simply confusing to the extent that it becomes irrelevant because the information provided is not within the existing lexicon which is used for measurement of practically everything in preparedness.

Simply put, this year’s report is even more disappointing than those provided in previous years.  In fact, since it doesn’t conform with the current standard, I’d suggest it’s not even valid.  This should be far better.

Thoughts?

© 2019 – Timothy Riecker, CEDP

Emergency Preparedness Solutions, LLC

 

 

An Updated Community Lifelines Toolkit and Relationships to Incident Management

Earlier this year, FEMA released guidance on the Community Lifelines.  I wrote a piece in the spring about integrating the concept into our preparedness and response activities.  Last month, FEMA issued updated guidance for Community Lifeline Implementation through Toolkit 2.0.  In this update, FEMA cites some lessons learned in actually applying the Lifeline concept in multiple exercises across the nation, as well as from feedback received by stakeholders. Based on these lessons learned and feedback, they have made some adjustments to their toolkit to reflect how they understand, prioritize, and communicate incident impacts; the structure and format for decision-making support products. And planning for these impacts and stabilization prior to and during incidents.  They have also made some changes based upon the updated National Response Framework.  The documents associated with the updated Community Lifelines all seem to reflect an inclusion in the efforts of the National Response Framework.  It’s great to see FEMA actually tying various efforts together and seeking to provide grounded guidance on application of concepts mentioned in doctrine-level documents.

The biggest addition to the Community Lifelines update is the inclusion of the FEMA Incident Stabilization Guide.  The ‘operational draft’ is intended to serve as a reference to FEMA staff and a resource to state, local, and tribal governments on how “FEMA approaches and conducts response operations”.  It’s a 77-page document the obviously leans heavily into the Community Lifelines as a standard for assessing the impacts to critical infrastructure and progress toward restoration, not only in response, but also into recovery operations.  It even reflects on bolstering Community Lifelines in resilience efforts, and ties in the THIRA and capability analysis efforts that states, UASIs, and other governments conduct.  I’m not sure the document is really a review of how FEMA conducts operations, as they say, but it does review the ideology of a portion of those operations.  Overall, there is some very useful information and references contained in the document, but this brings me to a couple of important thoughts:

  1. The utility of this document, as with the entire Community Lifelines concept, at the state and local level is only realized through integration of these concepts at the state and local levels.
  2. We finally have guidance on what ‘incident stabilization’ really entails.

To address the first item… In my first piece on Community Lifelines, I had already mentioned that if states or communities are interested in adopting the concept of Community Lifelines, that all starts with planning.  An important early step of planning is conducting assessments, and the most pertinent assessment relative to this initiative would be to identify and catalog the lifelines in your community.  From there the assessment furthers to examine their present condition, vulnerabilities, and align standards for determining their operational condition aligned with the Community Lifelines guidelines.  I would also suggest identifying resiliency efforts (hopefully these are already identified in your hazard mitigation plan) which can help prevent damages or limit impacts.  As part of your response and short-term recovery lexicon, procedures should be developed to outline how lifeline assessments will be performed, when, and by who, as well as where that information will be collected during an incident.

As for my second item, the concept of incident stabilization has an interesting intersection with a meeting I was invited to last week.  I was afforded the opportunity to provide input to an ICS curriculum update (not in the US – more on this at a later time), and as part of this we discussed the standard three incident priorities (Life Safety, Incident Stabilization, and Property Conservation).  We identified in our discussions that incident stabilization is incredibly broad and can ultimately mean different things to different communities, even though the fundamental premise of it is to prevent further impacts.  This Incident Stabilization Guide is focused exclusively on that topic.  In our endeavor to make ICS training better, more grounded, less conceptual, and more applicable; there is a great deal of foundational information that could be distilled from this new document for inclusion in ICS training to discuss HOW we actually accomplish incident stabilization instead of making a one-off mention of it.

Going a bit into my continued crusade against the current state of ICS training… I acknowledge that any inclusion of this subject matter in ICS training would still be generally brief, and really more of a framework, as implementation still needs to be grounded in community-level plans, but this document is a great resource.  This also underscores that “learning ICS” isn’t just about taking classes.  It’s about being a professional and studying up on how to be a more effective incident manager.  ICS is simply a tool we use to organize our response… ICS is NOT inclusive of incident management.  Not only are we teaching ICS poorly, we are barely teaching incident management.

While I’ve been away for a while working on some large client projects, I’m looking forward to ending the year with a bang, and getting in a few more posts.  It’s great that in my travels and interactions with colleagues, they regularly mention my articles, which often bring about some great discussion.  I’m always interested in hearing the thoughts of other professionals on these topics.

© 2019 Timothy Riecker, CEDP

Emergency Preparedness Solutions, LLC®