A New CPG – 101 for Emergency Planning (v 3)

I know I’m a big nerd when it comes to this stuff, but I was really excited to receive the notice from FEMA that the new Comprehensive Preparedness Guide (CPG) 101: Developing and Maintaining Emergency Operations Plans has been published! This has been a long time coming. This update (version 3) replaces the previous version which was published in November 2010. The update process was also rather lengthy, with the first public review occurring in November 2019 and the second in November 2020.

Did a lot change? No.

Is it better? Yes.

Could it be even better? You bet.

The changes that are included in the new document are meaningful, with an emphasis on including accessibility concepts in plans; and references to current practices and standards, such as new and updated planning guides, CPG 201 (THIRA), Community Lifelines, and more. It even highlights a couple of lessons learned from the COVID 19 pandemic. I’m particularly pleased to see Appendix D: Enhancing Inclusiveness in EOPs, which I think is an excellent resource, though more links to other resources, of which there are many, should be provided in this appendix.

The format of the document is largely the same, with a lot of the content word-for-word the same. As a standard, a lot of change shouldn’t be expected. While we’ve seen some changes in our perspectives on emergency planning, there really hasn’t been anything drastic. Certainly “if it ain’t broke, don’t fix it”, but I think there could have been some better formatting choices, narrative, graphics, and job aids to enhance readability and implementation.  

There is some added content as well as a bit of highlighting of planning approaches, such as the District of Columbia’s services-based emergency operations plan. While I advocated for heavy reference to newer implementations and standards, such as THIRA, into the document (which was largely done) I also advocated for more user-friendly approaches, such as a hazard analysis matrix, to be included. My feedback from both public comment periods heavily emphasized the need to develop a document that will mostly benefit novice emergency planners. To me this means the inclusion of more graphic depictions of processes and tasks, as well as job aids, such as checklists and templates. The new CPG 101 does include more checklists. At first glance these are buried in the document which is not very user friendly. However, they did make a separate Compilation of Checklists document available, which I’m really happy about. It’s not highly apparent on the website nor is it included as part of the main document, so it could be easily missed.

I would have really liked to see a comprehensive library of job aids provided in the appendices to support implementation by new planners. We have other doctrine and related documents that provide rather extensive job aids to support implementation, such as HSEEP and NIMS (and not only the ICS component of NIMS). Not including that kind of supporting material in this update is very much a missed opportunity. Planning really is the cornerstone of preparedness, yet it doesn’t seem we are providing as much support for quality and consistent planning efforts. Given the extent of time between updates, I expected better. While being largely consistent in the format and content between versions is practically a necessity, there really should have been a parallel effort, separate from document revision, to outline practices and approaches to emergency plan development. Integrating that content into the update, ideally, would have done more to support HOW each step of the planning process is accomplished, as well as providing some job aids.

Speaking of implementation support, I’m curious about how EMI’s new Advanced Planning course, which I didn’t get into the pilot offering of, builds on the Emergency Planning course and compliments use of CPG 101.

Be sure to update your own personal reference library with this new version of CPG 101. If you are interested in a review with FEMA personnel, they are providing a series of one-hour webinars. What are your thoughts on the new CPG 101?

© 2021 Tim Riecker, CEDP

Emergency Preparedness Solutions, LLC®

Preparing for Disaster Deployments

I wrote last year about my trepidation over Community Emergency Response Teams (CERT) being considered as a deployable resource. The problem is that even most professionally trained emergency personnel aren’t prepared for deployment. We need to do better.

One of the key aspects of a disaster is that it overwhelms local resources. This often requires help from outside the impacted jurisdiction(s). Working outward from the center, like the bullseye of a dartboard, we are usually able to get near-immediate assistance from our neighbors (aka mutual aid), with additional assistance from those at greater distances. When I use the word ‘deployment’, I’m referring to the movement of resources from well outside the area and usually for a period of time of several days or longer.

The US and other places around the world have great mutual aid systems, many supported by laws and administrative procedures, identifying how requests are made, discerning the liability for the requesting organization and the fulfilling organization(s), and more. Most of these are intended for response vs deployment, but may have the flexibility to be applicable to deployment. Some, such as the Emergency Management Assistance Compact (EMAC) are specifically written for deployments. While all this is certainly important, most organizations haven’t spent the time to prepare their people for deployment, which is a need that many organizations seem to take for granted. Those organizations which are, practically be definition, resources which are designed to deploy, such as Type 1 and 2 incident management teams (IMTs), often have at least some preparations in place and can be a good resource from which others can learn.

What goes into preparing for deployment? First, the sponsoring organization needs to recognize that their resources might be requested for deployment and agree to take part in this. That said, some organizations, such as volunteer fire departments, might have little control over their personnel deploying across the country when a call for help goes out publicly. These types of requests, in my opinion, can be harmful as large numbers of well-intentioned people may abandon their home organization to a lack of even basic response resources – but this is really a topic to be explored separately.

Once an organization has made a commitment to consider future requests, leadership needs to develop a policy and procedure on how they will review and approve requests. Will requests only be accepted from certain organizations? What are the acceptable parameters of a request for consideration? What are the thresholds for resources which must be kept at home? 

Supporting much of this decision making is the typing of resources. In the US, this is often done in accordance with defined typing from FEMA. Resource typing, fundamentally, helps us to identify the capabilities, qualifications, and eligibility of our resources. This is good not only for your own internal tracking, but is vitally important to most deployment requests. Organizations should do the work now to type their resources and personnel.

If an organization’s leadership decides they are willing to support a request, there then needs to be a canvass and determination of interest to deploy personnel. This is yet another procedure and the one that has most of my focus in this article. Personnel must be advised of exactly what they are getting into and what is expected of them (Each resource request received should give information specific to the deployment, such as deployment duration, lodging conditions, and duties.). The organization may also determine a need to deny someone the ability to deploy based on critical need with the home organization or other reasons, and having a policy already established for this makes the decision easier to communicate and defend.

These organization-level policies and procedures, along with staff-level training and policies should be developed to support the personnel in their decision and their readiness for an effective deployment.

Many things that should be determined and addressed would include:

  • Matters of pay, expenses, and insurance
  • Liability of personal actions
  • Code of conduct
  • What personnel are expected to provide vs what the organization will provide (equipment, supplies, uniform, etc.)
  • Physical fitness requirements and inoculations
  • Accountability to the home organization

Personnel also need to be prepared to work in austere conditions. They may not have a hotel room; instead they could be sleeping on a cot, a floor, or in a tent. This alone can break certain people, physically and psychologically. Access to showers and even restrooms might be limited. Days will be long, the times of day they work may not be what they are used to, and they will be away from home. They must be ready, willing, and able to be away from their lives – their families, pets, homes, jobs, routines, and comforts – for the duration of the deployment. Their deployment activity can subject them to physical and psychological stresses they must be prepared for. These are all things that personnel must take into consideration if they choose to be on a deployment roster.

This is stuff not taught in police academies, fire academies, or nursing schools. FEMA, the Red Cross, and other organizations have policy, procedures, training, and other resources available for their personnel because this is part of their mission and they make these deployments regularly. The big problem comes from personnel with organizations which don’t do this as part of their core mission. People who are well intentioned, even highly trained and skilled in what they do, but simply aren’t prepared for the terms and conditions of deployment can become a liability to the response and to themselves.

Of course, organizational policy and procedure continues from here in regard to their methods for actually approving, briefing, and deploying personnel; accounting for them during the deployment; and processing their return home. The conditions of their deployment may necessitate follow up physical and mental health evaluations (and care, as needed) upon their return. They should also be prepared to formally present lessons learned to the organization’s leadership and their peers.

I’ll say that any organization interested in the potential of deploying personnel during a disaster is responsible for making these preparations, but a broader standard can go a long way in this effort. I’d suggest that guidance should be established at the state level, by state emergency management agencies and their peers, such as state fire administrators; state departments of health, transportation, criminal justice, and others. These state agencies often contribute to and are even signatories of state-wide mutual aid plans which apply to the constituents of their areas of practice. Guidance developed at the state level should also dovetail into EMAC, as it’s states that are the signatories to these agreements and often rely on the resources of local organizations when requests are received.

There is clearly a lot to consider for organizations and individuals in regard to disaster deployments. It’s something often taken for granted, with the assumption that any responder can be sent to a location hundreds of miles away and be fully prepared to live and function in that environment. We can do better and we owe our people better.

Has your organization developed policies, procedures, and training for deploying personnel?

© 2021 Tim Riecker, CEDP

Emergency Preparedness Solutions, LLC®

Metrics and Data Analytics in Emergency Management

I’ve lately seen some bad takes on data analytics in emergency management. For those not completely familiar, data analytics is a broad-based term applied to all manner of data organization, manipulation, and modeling to bring out the most valuable perspectives, insights, and conclusions which can better inform decision-making. Obviously, this can be something quite useful within emergency management.

Before we can even jump into the analysis of data, however, we need to identify the metrics we need. This is driven by decision-making, as stated above, but also by operational need, measurement of progress, and reporting to various audiences, which our own common operating picture, to elected officials, to the public. In identifying what we are measuring, we should regularly assess who the audience is for that information and why the information is needed.

Once we’ve identified the metrics, we need to further explore the intended use and the audience, as that influences what types of analysis must be performed with the metrics and how the resultant information will be displayed and communicated.

I read an article recently from someone who made themselves out to be the savior of a state emergency operations center (EOC) by simply collecting some raw data and putting it into a spreadsheet. While this is the precursor of pretty much all data analysis, I’d argue that the simple identification and listing of raw data is not analytics. It’s what I’ve come to call ‘superficial’ data, or what someone on Twitter recently remarked to me as ‘vanity metrics’. Examples: number of people sheltered, number of customers with utility outages, number of people trained, number of plans developed.

We see a lot of these kinds of data in FEMA’s annual National Preparedness Report and the Emergency Management Performance Grant (EMPG) ‘Return on Investment’ report generated by IAEM and NEMA. These reports provide figures on dollars spent on certain activities, assign numerical values to priorities, and state how much of a certain activity was accomplished within a time period (i.e. x number of exercises were conducted over the past year). While there is a place for this data, I’m always left asking ‘so what?’ after seeing these reports. What does that data actually mean? They simply provide a snapshot in time of mostly raw data, which isn’t very analytical or insightful. It’s certainly not something I’d use for decision-making. Both of these reports are released annually, giving no excuse to not provide some trends and comparative analysis over time, much less geography. Though even in the snapshot-of-time type of report, there can be a lot more analysis conducted that simply isn’t done.

The information we report should provide us with some kind of insight beyond the raw data. Remember the definition I provided in the first paragraph… it should support decision-making. This can be for the public, the operational level, or the executive level. Yes, there are some who simply want ‘information’ and that has its place, especially where political influence is concerned.

There are several types of data analytics, each suitable for examining certain types of data. What we use can also depend on our data being categorical (i.e. we can organize our data into topical ‘buckets’) or quantitative. Some data sets can be both categorical and quantitative. Some analysis examines a single set of data, while other types support comparative analysis between multiple sets of data. Data analytics can be as simple as common statistical analysis, such as range, mean, median, mode, and standard deviation; while more complex data analysis may use multiple steps and various formulas to identify things like patterns and correlation. Data visualization is then how we display and communicate that information, through charts, graphs, geographic information systems (GIS), or even infographics. Data visualization can be as important as the analysis itself, as this is how you are conveying what you have found.

Metrics and analytics can and should be used in all phases of emergency management. It’s also something that is best planned, which establishes consistency and your ability to efficiently engage in the activity. Your considerations for metrics to track and analyze, depending on the situation, may include:

  • Changes over time
    • Use of trend lines and moving averages may also be useful here
  • Cost, resources committed, resources expended, status of infrastructure, and measurable progress or effectiveness can all be important considerations
  • Demographics of data, which can be of populations or other distinctive features
  • Inclusion of capacities, such as with shelter data
  • Comparisons of multiple variables in examining influencing factors (i.e. loss of power influences the number of people in shelters)
    • Regression modeling, a more advanced application of analytics, can help identify what factors actually do have a correlation and what the impact of that relationship is.
  • Predictive analytics help us draw conclusions based on trends and/or historical data
    • This is a rabbit you can chase for a while, though you need to ensure your assumptions are correct. An example here: a hazard of certain intensity occurring in a certain location can expect certain impacts (which is much of what we do in hazard mitigation planning). But carry that further. Based on those impacts, we can estimate the capabilities and capacities that are needed to respond and protect the population, and the logistics needed to support those capabilities.
  • Consider that practically any data that is location-bound can and should be supported with GIS. It’s an incredible tool for not only visualization but analysis as well.
  • Data analytics in AARs can also be very insightful.

As I mentioned, preparing for data analysis is important, especially in response. Every plan should identify the critical metrics to be tracked. While many are intuitive, there is a trove of Essential Elements of Information (EEI) provided in FEMA’s Community Lifelines toolkit. How you will analyze the metrics will be driven by what information you ultimately are seeking to report. What should always go along with data analytics is some kind of narrative not only explaining and contextualizing what is being shown, but also making some inference from it (i.e. what does it mean, especially to the intended audience).

I’m not expecting that everyone can do these types of analysis. I completed a college certificate program in data analytics last year and it’s still challenging to determine the best types of analysis to use for what I want to accomplish, as well as the various formulas associated with things like regression models. Excel has a lot of built-in functionality for data analytics and there are plenty of templates and tutorials available online. It may be useful for select EOC staff as well as certain steady-state staff to get some training in analytics. Overall, think of the variables which can be measured: people, cost, status of infrastructure, resources… And think about what you want to see from that data now, historically, and predicted into the future. What relationships might different variables have that can make data even more meaningful. What do we need to know to better support decisions?

Analytics can be complex. It will take deliberate effort to identify needs, establish standards, and be prepared to conduct the analytics when needed.

How have you used data analytics in emergency management? What do you report? What decisions do your analytics support? What audiences receive that information and what can they do with it?

© 2021 Tim Riecker, CEDP

Emergency Preparedness Solutions, LLC®

ESFs Aren’t for Everyone

Through the years I’ve had numerous conversations with states, cities, and others about organizing their emergency operations plans (EOPs) around Emergency Support Functions (ESFs). In every conversation I’ve suggested against the use of ESFs. Why?

Let’s start with definitions. One definition of ESFs provided by FEMA states that ESFs ‘describe federal coordinating structures that group resources and capabilities into functional areas most frequently needed in a national response’.  Another states that ESFs are ‘a way to group functions that provide federal support to states and federal-to-federal support, both for Stafford Act declared disasters and emergencies and for non-Stafford Act incidents.’ The National Response Framework (NRF) states that ESFs are ‘response coordinating structures at the federal level’.

The key word in these definitions is ‘federal’. ESFs are a construct originally of the Federal Response Plan (FRP) which was in place from 1992 to 2004. The FRP was a signed agreement among 27 Federal departments and agencies as well as the America Red Cross that outlined how Federal assistance and resources would be provided to state and local governments during a disaster. The ESFs were carried into the National Response Plan in 2004 and the National Response Framework in 2008.

While the NRF, CPG 101, and other sources indicate that other levels of government may also organize their response structure utilizing ESFs, I think any attempts are awkward and confusing at best.

Jumping to present day, the following ESFs are identified in the NRF:

  1. Transportation
  2. Communications
  3. Public Works and Engineering
  4. Firefighting
  5. Information and Planning
  6. Mass Care, Emergency Assistance, Temporary Housing, and Human Assistance
  7. Logistics
  8. Public Health and Medical Services
  9. Search and Rescue
  10. Oil and Hazardous Materials Response
  11. Agriculture and Natural Resources
  12. Energy
  13. Public Safety and Security
  14. Cross-Sector Business and Infrastructure
  15. External Affairs

The ESFs work for the Federal government by providing organizations to address the legal, regulatory, and bureaucratic coordination that must take place across various agencies. These organizations are utilized before (preparedness), during (response and recovery… though ultimately most of these transition to the Recovery Support Functions per the National Disaster Recovery Framework), and after (AAR) a disaster as a cohesive means of maintaining relationships, continuity, and operational readiness. Each of the ESFs maintains a lead agency and has several supporting agencies which also have capabilities and responsibilities within the mission of that ESF.

Where does this fall apart for states and other jurisdictions? First of all, I view Emergency Support Function/ESF as a branded name. The ESF is a standard. When someone refers to ESFs, it’s often inferred that they are speaking of the Federal constructs. ESFs are defined by the Federal government in their current plans (presently the NRF). When co-opted by states or other jurisdictions, this is where it first starts to fall apart. This creates a type of ‘brand confusion’. i.e. Which ESFs are we speaking of? This is further exacerbated if names and definitions of their ESFs aren’t consistent with what is established by the Federal government.

Further, the utilization of ESFs may simply not be the correct tool. It may be the same agencies responsible for transportation as well as public works and engineering. So why have two teams comprised of personnel from the same agencies – especially if bench depth is small in those agencies. Related to this, I’ll say that many jurisdictions (which may even include smaller states, territories, or tribes) simply don’t have the depth to staff 15 ESFs. This is why an organization should be developed for each jurisdiction by each jurisdiction based on their needs and capabilities. It’s simply silly to try to apply the construct utilized by our rather massive Federal government to a jurisdiction much smaller.

Next, I suggest that the integration of ESFs into a response structure is simply awkward. I think in many ways this holds true for the Federal government as well. Is ESF 7 (Logistics) an emergency support function or is it a section in our EOC? The same goes for any of the other ESFs which are actually organizational components often found in response or coordination structures inspired by the Incident Command System.

All that said, the spirit of ESFs is valuable and should be utilized by other jurisdictions in other levels of government. These are often referred to as Functional Branches. Similar to ESFs, they can be used before, during, and after a disaster. Your pre-disaster planning teams become the core group implementing the plans they developed and improving the plans and associated capabilities after a disaster. As functional branches, there is no name confusion with ESFs, even though there is considerable similarity. You aren’t constrained to the list of Federal ESFs and don’t have to worry about how they define or construct them. You can do your own thing without any confusion. You are also able to build the functional branches based on your own needs and capabilities, not artificially trying to fit your needs into someone else’s construct. I’ve seen a lot of states use the term State Support Function or SSF, which is certainly fine.

I will make a nod here though to a best practice inspired by the ESFs, and that is having certain standing working groups for incident management organizational elements (i.e. communications, logistics, information and planning, and external affairs) that may not be organized under the operations section or whatever is analogous in your EOC. Expand beyond these as needed. Recall that the first step in CPG 101 for emergency planning calls for developing a planning team. There is a great deal of benefit to be had by utilizing stakeholder teams to establish standard operating guidelines, job aids, etc. in these functions or others in your EOC or other emergency organizational structure. Often it’s the emergency manager or a staff member doing this, expecting others to simply walk in and accept what has been developed. If people want to work in a Planning Section for your jurisdiction, let them own it (obviously with some input and guidance as needed).

I think ESFs are a valuable means for the US Federal government to organize, but don’t confuse the matter or develop something unnecessary by trying to carbon copy them into your jurisdiction. Examine your own needs and capabilities and form steady state working groups that become functional entities during disaster operations.

© 2021 Tim Riecker, CEDP

Emergency Preparedness Solutions, LLC®

A Few Thoughts on Emergency Planning

A conversation I find myself having fairly often is about people not using plans. It’s amazing that we invest so much time, money, and effort into building plans to never see them used, even if the opportunity presents itself. Why is this? I see four primary reasons:

1. People don’t know the plans exist. There is really no excuse for this one. I find it shameful and wasteful, especially if these people are identified as action agents within that plan. There was practically no point in even developing the plan no one knows about it and their respective roles identified within. Socialization of plans once they are developed is extremely important. Minimalist effort can be made by simply sending the plan or a link to the plan, but I consider this to be inadequate as many people will dismiss it, never get to reviewing it, or not understand what they are reading. Structured briefings are the best way to initially familiarize people with the plans and their roles. It helps to have refresher training as well as ensuring that new hires are similarly trained. This can even be done as a recorded presentation or webinar, though providing a contact for questions is important. Along with socializing, remember the importance of exercises, not only to validate plans but also to help people become more familiar with plans their respective roles by taking a scenario-drive dive into the content. Does everyone in your organization or jurisdiction who has a role in a plan know about it?

2. People don’t remember the plans exist. This one is a bit more forgivable, especially for newer plans, rarely implemented plans, or for personnel who are used to “doing things the way they’ve always been done”. Still, I find these excuses to be weak at best. People’s inability to remember the plans, even granting them the distraction of the incident itself, means that the plans haven’t been socialized and reinforced enough (see item 1 above).

3. People don’t care if the plans exist. This one has been underscored considerably over the past year related to pandemic plans, point of distribution (POD) plans, and other related plans. We’ve seen many senior leaders and elected officials be completely dismissive of established plans, choosing instead to “do it their way” in an effort to exert greater control or to ensure that their name is front and center. Since this one involves a lot of ego, particularly of senior leaders and elected officials, it can be difficult to work around. That said, this underscores the importance of ensuring that elected officials and newly appointed senior leaders are adequately briefed on the existing plans when they take office, and given confidence in the plans and the people identified to implement them, as well as the important roles of elected and appointed officials.

4. People think the plans are faulty. This option is the likely more well-intentioned version of #3, where people are intentionally not using the plan because they feel (maybe true, maybe not) the plan is inadequate and feel that “winging it” is the better option. Part of this lack of confidence may be unfamiliarity with and/or validation of the plans (see item 1 above re socialization and exercises). This could be a difference of opinion or even something intentionally obstructionist. Along with socialization and exercises, I’ll also add the value of including key people in the planning process. This gives them a voice at the table and allows their input to be heard and considered for development of the plan. While you can’t include everyone in the planning process, consider that the people you do choose to involve can serve as representatives or proxies for others, especially if they are well respected, giving less reason for others to push back.

A separate, but somewhat related topic (mostly to #4 above) is about people being often dismissive of or lacking confidence in plans by expressing the saying of “No plan survives first contact with the enemy”. This saying is credited to nineteenth century Prussian military commander Helmuth van Moltke. We see this saying tossed around quite a bit in various circles, including emergency management. While I understand and respect the intent of the phrase, I don’t think this necessarily holds true. I’ve seen great plans fail and mediocre plans be reasonably successful. Why? Circumstances dictate a lot of it. Implementation as well (this is the human factor). What we need to understand is that plans provide a starting point and hopefully some relevant guidance along the way. If a plan is so detailed and rigid, it is more likely to fail. So should our plans not be detailed? No, we should put as much detail as possible into our plans as these will help guide us in the midst of the incident, especially if certain activities are highly technical or process-oriented; but we also need to allow for flexibility. Consider a plan to be a highway. Highways have exits which take us off to different places, but they also have on-ramps to help us return. A deviation from a plan does not mean we throw the plan away, as we can always get back onto the plan, if it’s appropriate. It’s also smart to build in options, as possible, within our plans to help minimize deviations. 

How we develop plans is strongly related to step 2 of CPG-101, and that is “Understand the Situation”. Without an understanding of the situation, we can’t account for the various factors involved and may not account for the circumstances for which we must develop contingencies or options. And while this assessment is part of the planning process, as well as training, exercises, and other facets of preparedness, I feel that a wholistic assessment also has value. I’ve written a lot about the POETE preparedness elements and have begun advocating for APOETE, with the A standing for Assessment. This assessment is broad based to help guide our overall preparedness activity but is not a replacement for the element-specific assessments.

My last thought is about pandemic and POD plans. I’m curious about who has used their plans during this pandemic, and if not, why not? Of course many of the assumptions we used for pandemic planning weren’t realized in this pandemic. Does this mean our pandemic plans were faulty? Not entirely. Clearly there should have been many content areas that were still useful, and even though some of the assumptions we had didn’t apply to this pandemic, they may still hold true for future public health emergencies. We’ve also learned a lot about our response that needs to be considered for plan updates, and we need to weigh how much of the reality of political blundering we should account for in our plans. In the end, what I caution against is developing a pandemic plan that centers on the COVID-19 pandemic. Preparing for the last disaster doesn’t necessarily prepare us for the next one.

Those are some of my thoughts for the morning. As always, I welcome your thoughts and feedback.

© 2021 Timothy Riecker, CEDP

Emergency Preparedness Solutions, LLC®

Integrating Emergency Management in Local Government

I think we’re all pretty familiar with and confident in the ability of typical emergency services organizations to properly and appropriately address ‘routine’ responses – that is, those that last a few minutes to a few hours. It’s the extended operations, those that last many hours, or even into days, weeks, and months that traditional response organizations have difficulty with.

The incidents – generally categorized as Type 3 or higher – have very different dynamics. The requirements of these incidents are different. We can’t just roll our usual response, or even throw everything we have at it at one time. We need to rotate resources. We often need resources which are not used to using. We need to provide close support to our resources. Typical emergency services are practically all Command and Operations. Planning and Logistics, much less Finance, are virtually non-existent in the first responder world. Of course, this applies to not just response, but emergency management activities comprehensively.

A true integration of emergency management is absolutely necessary at the local level. Every jurisdiction should identify, and with the approval of the chief executive, how this will happen. What will the triggers be for this? There should be a recognition that this isn’t about taking anything away from the fire chief or police chief – in fact this is about giving them access to greater resources. These chief officers and the leaders beneath them are expected to be experts at the things they deal with 97% of the time. It needs to be accepted that someone else can help guide them through the other three percent.

Again, this is just within the realm of response. Most agencies have little to no active role in mitigation, recovery, or other emergency management tasks – much less the knowledge to take them on. Granted, some don’t explicitly have those activities as part of their agency’s charter, but all do go beyond response to some extent. Emergency management needs to permeate the activities of every agency. Someone should be thinking about it, coordinating with the jurisdiction’s emergency manager, and advising their own agency’s leadership. Of course, this transcends response; it applies to all phases and mission areas of emergency management, with focal points appropriate to the mission of each respective agency.

Planning

This is one of our biggest gaps in preparedness at the local government level. Sure, some first responder organizations have plans for extended and complex incidents – but how well are the plans written? Are they up to date with contemporary practices? Are leaders at every level familiar with them and ready to implement them? Are these activities exercised? The answers to these questions tend to lean toward the negative.

Organizing

<This point is really the crux of my thoughts on this topic. Properly staffing emergency management functions is a considerable path to success.>

Deliberate planning efforts need to include emergency managers, who must be given proper authority by the chief executive to take action and access needed resources. This also means that to be most effective, an emergency manager should absolutely not be placed within another organization. Absent good and confident leadership from that organization, their actions will almost always result in bias filtered through the leadership of the home organization. The emergency manager, during an extended response, becomes a considerable asset to Command and to the jurisdiction as a whole. While they are not there to assume Command, they are there to coordinate internal and external resources to support Command, as well as being familiar with the plans to an extent Command may not be and to support thinking beyond the initial response.

As mentioned earlier, I also believe that most government agencies should have someone responsible for emergency management in their own agency. For smaller jurisdictions this is likely not going to be a full time job, but with an individual tasked and responsible for emergency management at the agency or department level, that helps ensure proper attention to the matter – across all phases and mission areas. Certainly, mid-sized towns and larger should have less difficulty with this, beyond establishing protocol and incentivizing. We already have common practice in various agencies for personnel that hold certain qualifications, such as fire department personnel becoming paramedics. This is often incentivized with a stipend or an altogether higher rate of pay, along with time being given for maintaining the certification and other related professional development. Think about how effective agencies would be if each had someone responsible for emergency management. As well as benefits to the jurisdiction. And yes, even volunteer EMS and fire departments can do this (I served as the designated ‘crisis and emergency manager’ for a volunteer EMS organization for a period of time).

Training

This needs to cover a broad span of things we might consider training. The softest is more at an awareness level – socializing the plan. Making sure that people are familiar with it to the extent necessary. This isn’t just chief officers and department heads, either. Often, they aren’t the ones who need to have early recognition of a situation’s applicability to plan. This socialization needs to take place all levels of leadership.

Being familiar with a plan isn’t enough, though. Being able to implement the plan is largely contingent on targeted, effective, and persistent training – and certainly beyond the awareness level. What training is needed to implement the plan? Who needs to be trained? To what extent of proficiency?

Exercises

If you follow my blog, you know I’ve written on the benefits, ways, and means of exercising to a considerable extent. ‘nuff said. If not: lots of information here.

Let’s be honest, nothing here is a novel approach. A good number of local jurisdictions (I’ll also include counties and parishes in this definition) already implement some version of this. It certainly is a best practice that a lot of jurisdictions are missing out on. Sure, it takes some work, and proper authority, and meetings, and buy in, and training, and more meetings… but what in our world doesn’t require these things?  I think one disaster should clearly show the benefits of this to any jurisdiction.  It’s interesting though, that despite being aware of other practices, so many jurisdictions are stuck doing the same thing they’ve always done. In many ways we are hurt by tradition, apathy, and indifference as much as any disaster. If jurisdictions aren’t prepared to effectively deal with disasters, how well do you think they will do? This doesn’t even require that much structure change or direct cost – just deliberate action.

© 2020 Timothy Riecker, CEDP

Emergency Preparedness Solutions, LLC®

A New CPG 101 Draft

About a year ago, FEMA distributed a draft revision of Community Preparedness Guide 101: Developing and Maintaining Emergency Operations Plans (CPG 101). Since then we hadn’t heard much about the update progress, until yesterday. This latest draft, including in formation on how you can provide feedback, can be found here.

This latest draft incorporates some newer policies and programs not included in last year’s revision. I was pleased to see that some of the items from my feedback (and I’m certain from many others) was integrated into this draft. Some parts of the document were expanded or restructured, while other aspects were appropriately reduced (like excessive reiteration of national-level plans). It’s a much better draft than the one we saw a year ago. That said, there are some changes I’d still like to see.

Perhaps it was simply because this document is a draft, but a number of the graphics they have reused from other documents were grainy and low resolution. Clearly, they should have access to the source files for those graphics. If not, they need to redevelop them.  Aside from that aesthetic feedback, I’d like to see the document written less doctrinal and more as a tool – especially considering that most people referencing the document are likely to be less experienced planners. The document needs more references, job aids, and best practices identified. This draft does include quite a number of checklists, but those are only integrated within the text of the document. I feel those should also be included as an attachment that planners can ‘pull out’ of the main document and use as their primary reference. I’d also like to see clearer connections with other doctrine, policy, and practices, such as NIMS, THIRA, Community Lifelines, integrated preparedness plans, etc. While most of these are identified in the document, the contextualization needs to be amplified, reinforcing that these aren’t necessarily all ‘standalone’ applications or practices; that they are best utilized when specific linkages can be identified and exploited. It’s the utility for less experienced planners that I feel most strongly about.

All that said, I’m hopeful we don’t have to wait another year for this draft to become an official next version of CPG 101.

What do you think of this draft? What do you want to see included in CPG101?

© 2020 Timothy Riecker, CEDP

Emergency Preparedness Solutions, LLC®

Don’t Plan Yourself into a Corner

I’ve long been an advocate for detailed planning. Plans should identify who (by position or title) are decision-makers, who are action agents, and how things are to be done. Without identifying these responsible parties and the processes necessary to execute planned actions, plans will generally lack the ability to be successfully implemented. Context is also important. To address this, plans have a preamble that identifies the scope and objectives of the plan. All of this tells us what circumstances the plan is intended to apply to and what it expects to accomplish. Details matter. That said, making plans too specific can also spell trouble.

(I figured putting up the cover Michael McCaul’s Failures of Imagination was suitable for this post, as it’s all about emergency management suffering from a lack of imagination.)

In terms of context, only some plans need to be very precise about when and how they are used. Give yourself some wiggle room. If you don’t provide a proper and wide enough scope and objectives to the plan, you are already poisoning the well. Case in point – a lot of entities have realized that their pandemic plans have failed them, and as such are re-writing their plans. I’m hearing of many totally scrapping their old pandemic plans and writing the new ones as if all future infectious disease outbreaks will behave exactly as Coronavirus has. The old plans largely failed not necessarily because our assumptions were wrong, but because they were too narrow. Don’t make the same mistake. A proper scope and objectives will help properly define what you want to address. If these are too focused or narrow, you leave out a lot of possibilities.

When it comes to strategies and procedures, plans often fail because they don’t have enough detail. But plans can also fail if they are too restrictive or if the strategies and procedures don’t align with the scope and objectives. Restrictive plans define rigid circumstances under which approaches are taken, and/or those approaches are so rigidly defined that they will only work under certain circumstances or with all the right personnel and resources. You’ve been through disasters, right? You realize that disasters impose extreme circumstances upon us; impacting health, safety, and infrastructure; and we rarely ever have all the resources we would like to have in resolving that disaster. In fact, I’d argue that if disasters only impacted us the way we want them to, it would be more of an inconvenience rather than a disaster.

So unless you expect your title to change to Inconvenience Manager, remember that all preparedness starts with planning. Do your research and know your hazards, threats, and vulnerabilities, but don’t be totally encumbered by them either. Broaden your planning assumptions where you can, which will open your scope. Ensure that your planning objectives truly define what you intend for the plan to accomplish. Plan with greater detail and fewer restrictions. Ensure that succession and chain of command are addressed, so it’s not just a certain title or position that has authority over certain actions. Ensure that people are cross trained and that both people and plans are exercised with a certain extent of random factors in scenarios. Our plans and our resources must be agile to be successful.

Sure, we can improvise and get out of a corner that our plans back us into or don’t address, but we are better prepared if we can acknowledge the possibility of other scenarios. This is why planning teams contribute to successful plans. It’s the different perspectives they bring, with a lot of ‘what ifs’ and different viewpoints. Open your eyes and look around. One of the biggest enemies of emergency management is tradition. Is it any wonder why the same corrective actions keep rising to the surface?  Do better. Be better.

Thoughts?

© 2020 Timothy Riecker, CEDP

Emergency Preparedness Solutions, LLC®

A NEW NYS Public Employer Emergency Planning Requirement

On Labor Day, NYS Governor Cuomo signed a bill requiring public employers to develop a very specific emergency plan for future public health emergencies. This may include a continuation of the Coronavirus pandemic, or another emergency. Some details and guidance below…

WHO

The requirement applies to public employers, including:

  • State, county, and local governments
  • Public authorities (bridge, water, airport, etc.)
  • Commissions
  • Public corporations
  • Agencies
  • School districts
    • It’s important to note that the requirement for school districts has also been codified into state education law through this bill, to be included in school safety plans.

WHAT

The new law requires these plans to include the following:

  • A list and description of positions and titles considered essential
    • Note that the definition of ‘essential’ in the bill means employees who must work on site.
  • Protocols which will enable non-essential employees to work remotely
  • A description of how work shifts can be staggered to reduce overcrowding on public transportation and in the workplace
  • Protocols for procuring, storing, and distributing PPE
  • Protocols to prevent the spread of disease if an employee is exposed, symptomatic, or tests positive for the disease in question
  • Protocols for documenting hours and work locations of all employees for contract tracing
  • Protocols for coordinating with applicable government entities for emergency housing for employees, if needed

WHEN

Though there were no timeframes included in the bill itself, the Governor’s website provided two benchmarks of time. It states that plans are to be submitted to unions and labor management committees within 150 days, and all plans must be finalized by April 1, 2021.

The 150-day timeframe is obviously a bit confusing, as it doesn’t give a start date (i.e. 150 days from when?). I’ve sent inquiries to the Governor’s office, as well as my State Assemblyman and State Senator for clarification. Once I have an answer, I’ll provide it as a comment to this post. I will note that if the 150 day clock started on Labor Day, that alarm will go off on Friday February 4, 2021.

Once finalized, the plan must be included in any existing employee handbook and made otherwise available to employees. In terms of any kind of oversight or audit, there is no provision for such identified in the legislation. Aside from the requirement for school districts to meet this requirement being appended to state education law, this bill appends state labor law. As such, the NYS Department of Labor would have enforcement oversight, if they chose to or are directed to do so. That said, the bill does direct the NYS Department of Labor to establish procedures to allow for public employees to contact and inform the Department of any alleged or believed violations of the provisions of the law. Further, they are directed to establish a webpage and hotline to facilitate such.

HOW

Unfortunately, no existing planning requirement or standard will meet this requirement. While there are elements of continuity of operations planning in this, the focus is shifted and hits some very specific elements which are likely not included in many continuity of operations plans. That said, a new plan needs to be developed to meet this requirement. These elements certainly can be appended into a continuity of operations plan, but it’s important to note that these provisions are intended for future public health emergencies (not that some couldn’t be used for other hazards), and that, should any kind of audit occur, for those purposes it’s usually better to meet requirements through stand-alone documents.

As most public employees are members of labor organizations (unions), and the bill itself was endorsed by the AFL-CIO, there is a requirement for employers to submit the plans to unions and labor management committees for review. These entities have an option to provide comment, to which the employer is required to provide written responses prior to finalizing the plan.

There is some thought and coordination required to make this an effective and meaningful plan which also meets the legal requirements. Detail will need to be developed, specific to each public employer and their circumstances, for the protocols required in the plan. When developing procedure and protocol, be sure to:

  1. identify specifically what needs to be done,
  2. who the action agents are,
  3. what the ideal end state is,
  4. the timeframe in which it should be accomplished, and
  5. who has decision-making authority over those actions

Of course, in developing the plan, the best guidance I can give is to follow the planning process identified in FEMA’s CPG 101. Lastly, be sure to consider that the specific actions we have taken in response to the Coronavirus pandemic may not be the actions we take for another disease. Plans must maintain this flexibility.

NEED HELP?

Recognizing the challenges associated with developing this plan for small and large entities alike, my company – Emergency Preparedness Solutions (EPS) – has developed a template to support these planning requirements. We are making this template free for use by NYS public employers. I continue to have concerns with templates, cautioning against people simply ‘pencil whipping’ the document, but the developed template includes a lot of guidance and identifies content areas which need to be specifically developed by the public employer, so if the planning process is properly followed, I don’t expect that will be a problem with this template.

A BIT OF AN AD

Further, if jurisdictions want assistance in developing these plans, EPS is available to assist (contractually, of course). We’ve spent a lot of time reviewing these new requirements since they were signed and we’re already slated to discuss these in some webinars for specific public employer groups in New York State. Knowing that some small jurisdictions may be in a bit of a bind to meet this requirement, we are offering our services relative to this plan at not cost for the first 10 NYS public employers which employ between 1 and 10 full time employees if we have an executed contract by November 30th of this year – so be sure to contact us soon!

© 2020 Timothy Riecker, CEDP

Emergency Preparedness Solutions, LLC®

Different Perspectives on Disaster Recovery

It seems a lot of the things we have been dealing with relative to the Coronavirus pandemic have brought us a different perspective, or at least have revealed a perspective that public health and emergency management have been concerned about for a while.  The pandemic given us a more accurate perspective on the impacts of a truly major public health event and the things we need to do to manage it.  We also find ourselves looking ahead to recovery and needing to view that through a different lens as well. 

Most disaster recovery, and in fact the way the Stafford Act is written, reflects physical damage from disasters such as floods, earthquakes, tornadoes, or hurricanes.  We are dealing with debris, damaged infrastructure, displaced masses, and the like.  The pandemic is something completely different.  While we may see shades of some more traditional recovery activity, recovery from the pandemic is giving us a very different way of seeing things. 

Before we get into the details, one of the biggest factors in all this is trying to determine where recovery fits in.  It’s long been a conundrum for people who want to make emergency management an exact science to be able to stick a pin in the exact spot where response ends and recovery begins.  Not only does the lack of that delineation persist for the pandemic, it’s exacerbated.  But that’s not all.  While some recovery activity has already started (more about that in a bit), the big push may not be able to start until society can at least begin to intermingle (though likely with some continued precautions).  Further, true recovery arguably can’t take place until we have a vaccine.  Until we reach that point, recovery efforts are likely to have a stutter, as we start, then have to stop or at least slow down when infection rates increase again, then resume once they subside.  This is simply not a formula we are used to working by. 

I suppose the best way to examine this is to look at it through the Recovery Mission Area Core Capabilities:

  • Planning
  • Operational Coordination
  • Public Information and Warning
  • Infrastructure Systems
  • Economic Recovery
  • Health and Social Services
  • Housing
  • Natural and Cultural Resources

Planning, Operational Coordination, and Public Information and Warning – I’m initially lumping these three together as they are the ‘common’ Core Capabilities and we generally see these in recovery having eventually transitioned over from the response focus.  The challenge with the pandemic is that we see the overlap of response and recovery, in some circumstances, more than we are used to compared to other disasters.  Also, a lot of the recovery we currently see is coming in the form of direct services from the Federal government, with little to no connection to state or local governments.  This is heavily emphasized in matters of Economic Recovery (more on this later).  The overall sense I’m getting is that the fundamentals of these three common Core Capabilities haven’t substantially changed (obviously some of the tasks have), though the experience different jurisdictions are having varies.  Consider that most jurisdictions aren’t used to dealing with prolonged incidents such as this.  In fact, many jurisdictions have decided to no longer operate EOCs (hopefully these were virtual!) as the impacts within their jurisdictions have been minimal and what problems do exist are largely being addressed by an emergency manager supported by a multi-agency coordination group.  Other jurisdictions, obviously, are being hit much harder and their management of this incident has continued to grow as they address the myriad issues that rise up and prepare for what they expect to see next.  There are some of the differences in Operational Coordination. 

Looking a little closer at Planning, this should still be taking place regardless of the volume of work your jurisdiction is experiencing, and even if your jurisdiction doesn’t have a public health department.  There is a lot of planning that still needs to take place to account for recovery, continuity of operations, and contingencies.  This one really permeates the other Core Capabilities the most. 

Lastly within this group, Public Information and Warning.  Absent jurisdictions that are used to dealing with more prolonged responses and recovery, most haven’t had to address a need for persistent public messaging.  While a lot of it is echoing guidance coming from certain authorities like the CDC or state health departments, more localized matters still need to be addressed in terms of what local services are or are not available (or how they now need to be accessed), providing information on planned events, and addressing rumors and mis-information. 

Infrastructure Systems – Restoration of infrastructure is often a big emphasis in most disasters.  Roads, bridges, water and waste water systems, electricity, and other systems are often damaged or destroyed as the result of the disaster of the day.  In the matter of the pandemic, generally the most impact we see in these systems is delays in maintenance because of some decreased capacity among those that are responsible for them.  Perhaps the one significant exception, through from a very different perspective, is internet services.  While internet services weren’t damaged by the pandemic, they were heavily impacted with many organizations directing staff to work from home.  College students are now engaged in classes from home instead of the campus.  Families and friends are connecting more often via video calling. Even on-line gaming has seen a surge with people spending more time at home.  All this changed the dynamic of internet use.  Most businesses are provided with dedicated lines by internet service providers, designed to handle the concentrated surge of internet use demanded by a facility or collection of facilities.  Much of that use has dwindled, shifting to a drastic increase on residential services.  We also see increased demands on either end of this, with attention being drawn to entire areas that have no internet service as well as the need for increased server capacity of companies that host video calling and gaming platforms.  Even organizations and their employees have had to scramble to ensure that employees (and students) have internet access at home, the hardware required to access the internet, and the ability to connect to the organization’s servers and services. 

Another interesting perspective on infrastructure, however, comes from the emphasis on essential services and essential employees that we hear of every day.  While definitions of this have existed for some time, in this disaster alone we have seen that definition change a few times as we realize the connectivity between certain services and organizations.  Some important lessons to be documented and applied to future planning efforts. 

Economic Recovery – For as much as Infrastructure Systems (largely) haven’t been impacted, Economic Recovery has needed to be significantly re-imagined.  With businesses being forced to close and employees being furloughed or laid off, the global economy has taken a significant hit.  This is certainly a prime example, perhaps our first, of how deep a disaster of a global scale can cut us.  As a result, many nations around the planet have been pushing out some sort of economic stimulus, helping those that are unemployed as well as those businesses that are still open yet struggling with decreases in revenue.  The economic hit from the pandemic will take years to recover from and will require some very different ways of solving the problem.  Governments have only so much money to give.  Many jurisdictions are also examining the association between infrastructure and economic recovery in a different light, especially as thought is being put into when and how to re-open our communities and economies. 

As a related side note, we were recently awarded a contract to provide guidance on the reopening of transportation and transit in major cities.  Continued preventative measures as well as human behaviors are going to apply some interesting demands on urban planning, prompting cities to respond appropriately to these changes if they want to see businesses rebound, or even thrive as we move further into recovery. 

Health and Social Services – Rarely does public health lead the way through a major disaster.  Though we realize that just with other disasters where we might like to think that people are in charge, the disaster itself still remains in the driver’s seat and we are really just along for the ride, trying to address problems the best we can. Our health system is stretched, yet we see an interesting irony of hospitals laying off staff, as elective surgeries and other non-emergency services are presently suspended.   Obviously public health will continue to lead the way through our recovery.  Even with others seemingly in charge of other recovery functions, it is public health markers which will become the decision points that dictate our overall recovery.  On the social services side of this Core Capability, we also see a change in dynamics.  While the pandemic doesn’t have the physical impacts of a more traditional disaster, we are also seeing fewer people being displaced overall due to emergency legal protections being put in place to prevent evictions and utility service disconnections from lack of payment.  That said, we are still seeing traditional social service issues related to food, medicine, and mental health exacerbated due to the pandemic, the economic impact from the pandemic, and the mental stresses imposed by the pandemic as a whole, as well as social distancing, deaths, and other factors.  While many social services have traditionally been very hands-on and face-to-face, many of these services have moved to remote models, though others, by necessity, are still physically operating.  Social services recovery, linked to economic recovery as well as psychological matters like PTSD, will persist long after the pandemic.  Recovery plans must be re-imagined to address this.  Public health recovery, similarly, will last long after the pandemic as we need to take an honest look at the gaps in our system and work to address them. 

Housing – As mentioned earlier, there are few displacements (that should be) happening as a result of the pandemic.  Houses haven’t been destroyed as a direct result of the pandemic. Though how long will landlords be able to reasonably wait for back rents to be paid to them?  While those that own large apartment complexes may be able to absorb these losses, landlords with small properties will not.  They are small businesses, with bills to pay and mouths to feed.  While it’s great for tenants to get a reprieve, this also has impacts.  Local economies will likely need to figure out how to address this. 

Natural and Cultural Resources – Similar to infrastructure and housing, our natural resources have seen, overall, limited impact from the pandemic.  In fact, by many reports, many of our natural resources have seen marked and measurable improvement due to decreases in pollution and other impacts of ‘normal’ human activity.  Many cultural resources, on the other hand, have been impacted. I speak not of historical sites, which are often considered in the reconstruction activities associated with disaster recovery, but of museums and performance centers.  Museums, as with any other organization, rely on income to survive.  Many are non-profits, and generally put revenue into improving the facility and its collections, leaving not much of a ‘rainy day’ fund.  Similarly, collections haven’t been damaged, as they might have in another disaster, so there is no insurance claim to cover losses.  Similarly, performance centers, such as the 1930s era theater where I perform improv, haven’t seen revenue in weeks.  Here, we blur the lines between a different perspective on cultural preservation with economic recovery.  Another challenge local economies will have. 

So where does this leave us?  Clearly we are seeing different perspectives of each of these Core Capabilities, requiring us to approach them in ways different than we have in the past.  While the easy solution to many of them is money, an economy globally impacted has little funding to adequately do so.  We also see the interconnectivity of these Core Capabilities.  For many, there is reliance on others to make progress before another can see tangible improvement.  That said, planning is still the crux of it all. We must make deliberate planning efforts to address each of these.  Sure, we can reference current plans, but I argue that most current plans are inadequate, as the problems and the resultant solutions were not anticipated to look like this.  Planning also needs to occur at all levels, and there absolutely must be an emphasis on the first step of the CPG 101 planning process… Form a Team.  Our recovery from a global, national, and community level requires people working together.  We see now, more than ever, how interconnected things are.  This is no time to be insular.  We must consider all stakeholders, including citizens, organizations, and businesses, as part of our planning teams.  And by the way, we’re already behind. 

A couple more items before I close this rather long post.  First of all, consideration should be given to Continuity being added to the Core Capabilities.  Perhaps as a common Core Capability, but at least as one that is included in more than one mission area.  It’s a specific effort that, yes, does include planning (as should any other Core Capability), but has a very specific function and implementations. 

Second (and lastly), you absolutely must be capturing and documenting lessons learned (strengths and areas for improvement).  In fact, don’t wait to hotwash.  If you haven’t already, do one now.  You will do another later.  And likely one or more after that.  The duration of this disaster, and the different focal points and phases of it will constantly shift our attention and cause people to forget what they have learned.  Lessons learned must be captured in phases, allowing us to focus on sets of activities.  Be sure to document your lessons learned, share them far and wide, and set a timeline for implementing improvements.  There is so much to learn from this disaster, but it’s a waste if we ignore it or expect someone else to tell us what to do.   

I hope I delivered in this piece, highlighting the different perspectives of disaster recovery we are dealing with.  Are all disaster recovery activities fully turned on their heads?  Of course not.  We are still able to apply the standards we have been for decades, though some of them do need to be looked at and approached from a different perspective.  I’m very interested in feedback and thoughts. 

Stay safe. 

© 2020 Timothy Riecker, CEDP

Emergency Preparedness Solutions, LLC