Tag emergency planning

The Force Awakens – A Potential Soft Target?

Tim Riecker, The Contrarian Emergency Manager 5 Comments

“There has been an awakening.  Have you felt it?”  This line from the first trailer of the new Star Wars movie is chilling.  Many of my readers are aware that I am a HUGE Star Wars fan.  As you would expect, I am incredibly excited about the release of Star Wars: The Force Awakens next week.

download

Image courtesy of Disney and Lucasfilm Ltd.

With the recent terror attacks and shootings, though, safety at the theater has certainly been on my mind.  We need to work together as a whole community – theater goers, theater owners/managers and staff, law enforcement, and municipalities.

When I first starting thinking about writing a post on this, I quickly realized that I needed some input from an expert in security.  I reached out to a colleague that not only has the qualifications, but is also a fellow blogger and consultant: Ralph Fisk.  You can find Ralph’s blog here: https://fiskconsultants.wordpress.com/.  He has some great insights on security and risk assessment matters – I strongly suggest you check out his blog, follow, participate, etc.  Ralph agreed to collaborate on a piece related to this global event.  He is also posting this same article on this blog.  Enjoy – and May the Force be With You!

– TR

~

(This article, cross-posted and co-authored by Ralph Fisk and Tim Riecker, draws collectively on our experiences and expertise to provide guidance to municipalities, theaters, and movie goers on awareness, preparedness, and response concerns as we look toward this global event.)

The rapidly approaching release of Star Wars: The Force Awakens stands to be the largest premiere in theater history.  It has already broken a multitude of pre-sale records, with more records certainly to be broken on opening day and opening weekend, both domestically and internationally.  Even if you aren’t a Star Wars fan, you must certainly be at least aware of a new movie being released.  But what does this have to do with emergency management and homeland security?

On July 20, 2012 James Eagan Holmes killed 12 and injured 70 others when opening fire on patrons in an Aurora, CO theater.  This mass murder took place at the midnight premiere of the Batman film The Dark Knight Rises. The recent terrorist attacks in Paris involved a music venue, in which nearly 100 people were killed.  Gathering places like movie theaters are just one more item on the list of potential soft targets for people wishing to do harm, be they terrorists, disgruntled, or disturbed.

IMDB provides a listing of international release dates for The Force Awakens here.  We caution that this list isn’t entirely accurate.  For example, while December 18th is the official release date of The Force Awakens in the US, thousands will be seeing the movie at a select list of theaters participating in a 7pm special premiere time on the 17th.  While you should certainly be aware of the date and time of this premiere at your local theaters, it should be emphasized that theaters will be packed with fans for some time.

While there are no credible threats involving this premiere that we are aware of, municipalities, theaters, and movie goers all need to be aware of the potential for an attack and what each can do.  Surprisingly, despite high visibility active shooter and terrorist events of the past few years, most municipalities still do not have appropriate preparedness measures in order.  While there isn’t time to assemble a solid response plan prior to the premiere of The Force Awakens, there is still plenty of time for beneficial, albeit ad-hoc preparedness efforts.

Our thoughts are below…

With the release of the much anticipated next chapter of the Star Wars Saga, The Force Awakens; theaters and local first responders need to have a heightened level of awareness. There are a number of potential threat indicators associated with this release:

1)            Of course the current terrorism threat situation is first and foremost in our minds

2)            The history of an Active Shooter Attacks on movie theaters goes back to 1989 during the screening of Harlem Nights in Chicago, Sacramento, and Richmond California; on 20 July 2012 during the midnight release, in Aurora, Colorado, of the much anticipated film – Batman: The Dark Knight Rises; another Active Shooter Incident that involved another movie theater in Lafayette, Louisiana on 23 July 2015 during the screening of Train Wreak.

3)            But also other considerations should be given to just the more than “normal” volume of theater goers, and which possible incidents could result from that.

Theaters are known to be soft targets and as such we need to be aware of the threat and how to address it.

We are going to cover the first two indicators listed above as they are not only the largest possible casualty producers, but also pose the greatest immediate impact.

Below are some suggestions and considerations for an ad hoc plan not just for the venues featuring these events; but also for those that maybe in attendance.

Introduction:

Most Active Shooter Incidents, an estimated 90%, are single actor attacks, meaning unless that person has been overt in their planning, little is known about the possibility of an Active Shooter Attack;

Unlike Terrorist Cells; which typically contain up to 4 – 6 members, not just for ease of control and planning, but also for the strict adherence to Operational Security, on the part of the Terrorists.

The difference between the two attacks may appear to be subtle to the uninitiated;

The main goal of an Active Shooter incident is to cause as much destruction as possible in a very short time span; Active Shooter incidents are different from other weapons related crimes in that they intend to commit mass murder.

Terrorist Attacks however have a very distant signature. They are commented for a number of political or ideological reasons; and may result in mass murder or hostage taking. Terrorist attacks may seem very methodical in nature of the execution.

Terrorism:

Terrorism is all around us, whether we chose to look for it or not. Terrorist Groups tend to fall into one of six different categories;

  • Nationalist/Separatist – Sometimes referred to as Freedom Fighters
  • Religious – and we are not just talking about Radical Islamic terrorists here
  • Political – which include; right and left-wing
  • Anarchist – Freedom without the burden of a Central Government
  • ECO/Animal Rights – Motivated by Environmental/Animal Political Policies
  • Single Issue Causes – involves the use of force and violence for the purpose of coercing a government and/or population to modify its behavior with respect to a specific area of concern. Typically, these types of organizations do not have an overall political agenda

Which any number of these groups with related or different causes are already operating in the heart of the Country. Terrorist Attacks could have one or more of these four main objectives;

  • Recognition of the groups’ cause or purpose
  • Coercion toward the populace and/or government to the groups’ ideology
  • Intimidation to cause fear or terror; to cause the populace to lose faith in their governments’ ability to protect them
  • Provocation: attacks are aimed to cause the ruling government to take repressive actions against the population; demonstrate the weakness of the government and the strength of the terror organization

It would be almost impossible to go into the ideology of every single group. Suffice it to say, that they all mean to get their points across, sometimes with protesting, sometimes with criminal destruction of property, and yes, sometimes they will introduce violence.

Violence could be in almost any form imaginable. The most used form of violence directed towards a population tends to lean toward Armed Attacks and/or Bombings (Including suicide bombings); because for the most part these are relatively inexpensive approaches, the logistics to effect these types of attacks are relatively easy to obtain and these tend to produce the most casualties and incite the most fear in the general population. Between 1998 and 2007 out of the estimated 28000 terrorist attacks around the world, almost 21000 involved one of these two types of tactics.

Other terror techniques also used could include; Assassination, Arson, Hijacking, Hostage Taking, Kidnapping, Sabotage, Seizure, Sniper Attacks/Mass Shootings, Threats or Hoaxes, Cyber Terrorism, Agricultural Terrorism, Civil Disturbances and Weapons of Mass Destruction (WMD). WMD is the use of any weapon or device that is intended or has the capability to cause death or serious bodily injury to a significant number of people through the release; dissemination; or impact of one of the following means; Toxic or poisonous chemicals or their precursors; diseases, biological organisms; radiation or radioactivity.

Combined attacks of different types have also been used in the recent past. The attacks on the United States on 11 September 2001 included the use of Airplanes as Weapons of Mass Destruction; the Terrorists Hijacked the planes through the use of an armed attack, albeit the arms were box-cutters, and crashed the planes into buildings causing the planes themselves to be used as WMD’s

Terrorists seek to create public fear and anxiety in order to influence government policy. Through the randomness and unpredictability of their acts, terrorists attempt to undermine confidence in government’s ability to protect the public. Terrorists hope the resulting insecurity fuels public demands for government concessions in order to stop the terrorist acts.

Today, as has been evident with recent terror attacks and attempted attacks, terrorist target selection wants to affect the maximum number of innocent people, in order to generate the fear, they desire. As the government has mobilized to protect our infrastructure from attack, our less protected target; schools, universities, shopping malls, et al., become more attractive targets.

As other sites and venues are “hardened” for security, these measures cannot be implemented across all avenues of society. One, it would infringe on our basic constitutional rights, two, the potential cost associated with “hardening” every facility would surely bankrupt the organization or governmental body imposing such restrictions, and three, we would become a “jailed” society.

Planning for terror incidents doesn’t require you have access to CIA, FBI or other intelligence organizational files, it, for the most part, only requires Common Sense, Situational Awareness of your surroundings, and a Communications Plan.

Some things to take into consideration when you’re making your plans to be in these potential soft target environments:

  • Remain Alert
  • Develop an informed vigilance; meaning, know what possible terror threats could be in your area or the area you’re going to
  • Let someone, not going with you, know your plans; where you’re going; when you expect to return
  • Attempt to blend in with your surroundings, Don’t try to stand out
  • Know your surroundings; Know how to exit the area you will be in; what is the shortest way out; have an alternate plan should that not be a viable opinion should there be an issue
  • Communicate that information to your family and others with you
  • Identify a meeting place if you become separated

Report any suspicious activity. Again remember to use your common sense; examples of suspicious actions could include:

  • People loitering in the same general area without a recognizable legitimate reason; people who appear preoccupied with a specific building or area; electronic audio and video devices in unusual places
  • Just because someone seems to belong there, they might not be whom they seem especially if they are exhibiting any of the actions stated above
  • DO NOT TRY TO DEAL WITH ANY INDIVIDUAL YOURSELF contact the venue security or Law Enforcement Personnel
  • Look for things out-of-place; bags left unattended; packages; persons attempting to conceal items either on their person or receptacles

In threatening situations, take steps to reduce your exposure – leave the immediate area

If an incident does occur; follow the instructions of venue staff, emergency personnel and first responders.  If you are close to the incident walk away with your hands visible.  Walk, do not run as secondary injuries can occur to you or others; move toward the walls as people evacuating a building tend to gravitate in the center

Active Shooter:

Although mass killings have been around for some time, Active Shooter incidents have only relatively recently come into the main stream. I’m not going to mention them as most of you reading this post know the infamous locations of these horrific incidents.

 The National Tactical Officers Association defines an Active Shooter as:

  • One or more subjects who participate in a random or systematic shooting spree
  • Demonstrating their intent to continuously cause serious physical injury or death to others
  • Their overriding objective appears to be that of mass murder, rather than some other criminal conduct such as robbery, hostage taking, etc.
  • In most cases some type of firearm is used, however, the Active Shooter may use any weapon that may be available
  • A suspect is considered an active shooter if he or she is still actively shooting, has access to additional potential victims, and has a willingness to harm others until stopped by authorities or his/her own suicide

Most Active Shooter incidents are often over within 10 to 15 minutes, in a 2012 FBI Active Shooter report, 37% of Active Shooter incidents last under five minutes, before law enforcement arrived on the scene, individuals must be prepared both mentally and physically to deal with an active shooter.

We will cover some very basic steps to plan for, react to and recover from an Active Shooter Incident. As with every planning recommendation I give; this is not all inclusive, I would highly recommend you attend an Active Shooter Training Seminar or ask for a visit from your local law enforcement organization that can give you a block of instruction on Active Shooter.

No matter where you find yourself, at work, in a restaurant, or any other venue where people congregate, you could very well be a target for an individual or individuals’ intent on causing great harm.

First rule in any Emergency Situation, Active Shooter included;

YOU ARE THE MOST IMPORTANT PERSON IN THE EQUATION! YOUR SAFETY IS PARAMOUNT!

I have talked numerous times about maintaining your situational awareness. When you arrive at any venue take a few seconds to find the exits; which one is closest to you; how will you evacuate the area should you have too? What is around you that could protect you? I personally like sitting at booth tables in restaurants; with my back against a wall or other solid object: having a complete view of the whole restaurant if possible and facing the door.

Remember there are three basic fundamentals to reacting to an Active Shooter Incident;

RUN – Leave everything behind; find that exit and GET OUT! Encourage others to come with you, but if they don’t want to leave, REMEMBER YOU ARE THE MOST IMPORTANT PERSON IN THE EQUATION!

HIDE – Put as many barriers/walls between you and the shooter as you can, turn off cell phones, radios, any device that could make a noise and give up your position! Lock or block the door; hide under a desk, remain quiet and claim!

FIGHT — AS A LAST RESORT, AND ONLY WHEN YOUR LIFE IS IN IMMINENT DANGER: Act as aggressively as possible against him/her; Throwing items and improvising weapons; Committing to your actions; Attempt to incapacitate the active shooter; (EXERCISE EXTREME PREJUDICE IN YOUR ACTIONS) That last part isn’t a fancy movie catch phrase; remember you are in a fight for your life!

Once police arrive on the scene here are a few do’s and don’ts;

DON’T:

  • Run up to the police; Their first priority will be to eliminate the threat(s) and secure the scene to allow EMS to come in and assess and treat casualties
  • Avoid making quick movements toward officers such as attempting to hold on to them for safety
  • Don’t stop to ask officers for help or direction when evacuating, just proceed in the direction from which officers are entering the premises.

DO:

  • Be VERY AWARE! That once Law Enforcement Personnel arrive on the scene you may very well be considered a suspect. That is normal response protocol
  • DO AS YOUR TOLD, it is BETTER YOU PLACE YOUR HANDS OVER TOP YOUR HEAD
  • YOU may be told to get on the ground…. Just do it…… Better to be treated like a criminal at first and then cleared, than being shot. You made it that far, go home at the end of the day

Active Shooter Preparedness is also becoming a very large part of Workplace Violence Planning and Training.

Although it is good to receive some rudimentary training on Active Shooter; each organization will need to tailor their response plans to fit into their building lay out.

Corporate Climates cannot afford to have a lackadaisical approach to workplace violence, emergency response or security, this is a leadership/management issue. Corporate Leadership must take ownership of safety, emergency response and workplace violence responsibilities for their organizations and require their First-tier leaders to stress the importance of these processes and procedures, one of the first things I learned about leadership was, led by example. You can direct more people into doing what you want if you first do it yourself! If you don’t, what makes you think that the employees will!

Active Shooter Awareness has to be incorporated with emergency response planning and work place violence planning; you are setting yourself and your company up for failure by not planning, training and conducting exercises.

This next point has greatly concerned me, I have seen some reports lately that companies are being sued for conducting Active Shooter Awareness Training and most, if not all claimants say they were traumatized by the training. Well I’ll simply put it this way, would you rather have some knowledge and a sense of what to expect should you ever have to act in an Active Shooter Situation; or would you rather be a victim. A 2012 FBI Active Shooter report indicated that over 50% of Active Shooter Incidents occurred at a business.

I’d also recommend that you receive some treatment for Post-Traumatic Stress (PTSD) after the incident, as you would have seen and experienced things that no person should every have too.

Recommendations both for Active Shooter and Terror Attacks for those that may not have a developed response plan

Municipalities;

  • Consider activating, even with minimum staffing, the local Emergency Operations Center
  • Consider “up-staffing” Law Enforcement, Fire and EMS Personnel, not only the first night but a number of consecutive nights as well
  • Consider a review of local mutual aid plans (Police, Fire, EMS)
  • Consider having a Public Safety Organizational meeting prior to release

Law Enforcement Organizations;

  • Consider high visibility patrols in theater areas, not only the first night, but a number of consecutive nights as well
  • Meet with theater owners/management to discuss awareness, protocols, and expectations
  • Consider reviewing your Active Shooter and Terrorism Response Plans
  • Act immediately on any reported perceived threats
  • Consider “Up-staffing” patrol personnel
  • Consider a review of local mutual aid plans
  • Check with local FBI Field office, Joint Terrorism Task Force, or if so supported, Fusion Center; prior to release night for any updates of possible threats

Fire/EMS

  • Consider having one medical and one fire unit “staged” close to the venue
  • Consider reviewing your Active Shooter and Terrorism Response Plans
  • Consider “up-staffing” the closet Engine/Ladder/EMS Companies
  • If possible, predesignate locations for Medical and Fire Staging Locations
  • Consider Review Local Mutual Aid Plans

Theater Company

  • Consider coordinating with local law enforcement for security
  • Brief Theater Staff that will be working those nights, on Emergency Response and Active Shooter Plans
  • Maintain a Passive Security Posture the entire night; Some Passive Security measure suggestions can be found above
  • Know the limitations of the theater rooms and know when they are close to capacity
  • Assign personnel with no other responsibility but to observe theater patrons; Only in an observe and report capacity
  • Consider review of local mutual aid plans
  • All theater staff must know where all the exits are and how to lead patrons to them; remind the staff the closest exit maybe behind them

Conclusion

As a sociality we have become increasingly dangerous, in that we have to worry about the seemingly random act of an Active Shooter; although most are not random at all, but go through as many as five phases before the shooter executes his/her actions. I fear that we will continue on this path of wanton violence and the better educated you are, not to these types of incidents, but any type, the better you will be to handle the situation.

As with any planning you do, whether you’re planning for a natural disaster or human initiated events/incidents, you need to take into account your own special considerations, also keep in mind that these planning and situational mindset ideas will not always be all inclusive. Your primary focus should be on personal safety, continued situational awareness and exercise your common sense.

The world has changed over the last few decades, more than anyone of us could have ever imagined. Thirty years ago, the only emergency-related thing we had to worry about at school was the surprise annual fire drill. The escalating violence in our world and attacks on soft targets like schools, churches, and hospitals has taught us that we are no longer safe in those places we once considered as morally protected sanctuaries. We must strive to provide a safe environment for all of us.

If You Aren’t Assessing Hazards, What Are You Basing Your Preparedness On?

Tim Riecker, The Contrarian Emergency Manager Leave a comment

I just read an article from Campus Safety Magazine which cited a report on college campus preparedness.  Some of the numbers are a bit disturbing.  To me, the most serious numbers are from this graphic, which came from the Margolis Healy 2015 Campus Safety Survey:

Hazard_Assessment_Margolis_Healy_2015

According to this graphic, 26.5% of college campuses surveyed have not conducted a hazard and vulnerability assessment and 18.8% do not know if they have conducted an assessment.  Given that this study identified that 86% of colleges have an emergency operations plan, there is a significant number within this study who have what I would consider baseless plans.

Given these statistics, I’m left wondering WHY these campuses haven’t conducted a hazard analysis.  Potential reasons?

  • Didn’t know they needed to
  • Didn’t want to
  • Assumed they were aware of the hazards, impacts, etc.

I’m sure there are some other potential reasons for why they didn’t conduct a hazard analysis, but these are bound to be the big ones.  Regardless of the reason, I’m left assuming that, besides the plan being based upon no actual hazard information, the rest of the plan is BASELESS, INEFFECTUAL CRAP.

Forgive me for being blunt (you don’t have to), but if you aren’t assessing hazards, what are you basing your preparedness on?  Just as planning is the cornerstone of preparedness, a hazard analysis is the foundation of planning.  Therefore no (or a poor) hazard analysis will very likely result in a poor plan, and a poor plan will very likely result in poor preparedness efforts overall.

I’m not just picking on college campuses.  While this study targeted institutions of higher education, this same concern (likely with similar statistics) applies to EVERYONE – jurisdictions and government agencies, the private sector, and not for profits.

So what are we dealing with?  The parties responsible for creating these emergency plans are either UNINFORMED, LAZY, or UNDERFUNDED/UNDERSTAFFED.  To me, none of these are valid excuses.

  • Uninformed? Study up!  It’s not difficult to find out what the planning standards are.  (see the next paragraph)
  • LAZY? QUIT YOUR JOB! – you shouldn’t be in public safety.
  • Underfunded or understaffed? Welcome to public safety.  What could possibly help justify more funding or staff than a solid assessment?

If you need information on planning standards, check out these posts.  I talk about CPG-101, which is the foundation for emergency planning in the US; and a variety of other planning and hazard analysis related topics.

Need help?  It just so happens that I’m a well-qualified consultant.  Our website is linked below.

© 2015 – Timothy Riecker

Emergency Preparedness Solutions, LLC

Wanna be a Facilitator? Toughen up!

Tim Riecker, The Contrarian Emergency Manager Leave a comment

I just read a great post by Robert Burton on LinkedIn titled 5 Common Tabletop Exercise Mistakes.  Robert gives a good review of the common issues that can doom a TTX from the beginning.  Go check it out!

My addition to his post reflected on the need for good and strong facilitation.  I figured it would be worthwhile to develop a separate post and expand on that a bit.  Facilitation itself is certainly an art – be it for a meeting, a workshop, or a tabletop exercise.  I would offer that while there are similar skills, abilities, and traits that will lend to success for all these applications, there are also some differences.  Facilitation for all applications requires that one speak up, follow an agenda, clearly communicate, and give everyone a chance to participate.  Charisma helps carry things along.  In some instances, you also need to be tough.  In a meeting, you have to be tough to enforce sticking to the agenda.  In a table top exercise, you need to be a little tough with the participants.

We’ve certainly all witnessed poor exercise facilitation.  They facilitator doesn’t follow the MSEL, tells their own stories, leads participants to answers, and puts up with softball answers that don’t tell much of anything.  Remember, the ultimate purpose of an exercise is to test plans.  Plans are executed by people.  We are testing the plans through these people.  If we aren’t getting good answers, we aren’t meeting our goal of testing the plans.

In one of the best table top exercises I ever witnessed, the facilitator provided injects, as expected, to a group of agency department heads.  The facilitator had a very distinct position in the agency, though… he was their new director.  He requested that we put together a TTX focusing on agency response plans.  When we asked who he wanted to facilitate, he said he would do it.  Now there are certainly pros and cons to this, but he was the boss, and the results were quite eye opening.

As follow ups to the injects, participants were asked questions such as ‘What is your role?’ ‘How would you respond to this?’ and ‘What would you do next?’.  This is how participants should be drawn out to obtain good information.  Additionally, facilitators should consider asking ‘Why’ when participants give certain responses.  (Check out my post Ask Why 5 Times – I explore the power of this question a bit more).  Do they think their response was a good idea or is it actually called for in a plan?  ‘Who’ is another good question.  It’s easy for participants to throw out generalities in response to questions (i.e. We would do x.).  Well WHO specifically would do it?  And WHY? And what if they weren’t around?  What does the plan say?

After getting a few answers he wasn’t very comfortable with, the new director then lobbed in a heck of a hand grenade – Show me.  This threw participants for a loop.  Now, I will grant you that this is rather unorthodox in a TTX, although not completely unheard of.  Given his position, no one was going to challenge him, though.  Out scampered one person.  A few more questions, then the phrase again – Show me.  Out scampered another person in search of another binder.  In the end, some had supported their claims, others did not.  These were great lessons learned.  We found holes in plans, necessary connections between plans, and a need to update plans and train people on those plans.

After this exercise, I learned lessons myself and approached facilitation of future exercises very differently.  I began asking more questions as follow ups to participants’ responses.  We dug deeper and found out more – so did the participants.  Sometimes they don’t like it, and sometimes you feel like you are being antagonistic.  Obviously you don’t want to create an unpleasant experience for anyone, but if they aren’t able to handle a few tough questions from an exercise facilitator, they certainly won’t like handling them from their boss, their bosses boss, or the media.

Bottom line, if you are going to facilitate an exercise, toughen up.  Ask follow up questions.  Get clarity on the answers and don’t let participants get away with easy answers.  If participants squirm a bit, that’s OK.

What are your exercise facilitation experiences?  Any best practices to add?

© 2015 – Timothy Riecker

Emergency Preparedness Solutions, LLC

So Your AAR Says Bad Things… Now What?

Tim Riecker, The Contrarian Emergency Manager Leave a comment

There it is.  Your recently delivered after action report (AAR).  Uncomfortably sitting across the room from you.  You eye it like Tom Hanks looking at Wilson for the first time.

Wilson

Wilson!!!

You know what’s in it.  It says bad things.  Things you don’t like.  Things your boss really doesn’t like.  But what will you do?

First, let’s assume that, despite you being unhappy with the areas for improvement identified in the AAR, they are fair representations.  What will you do with the dreaded information now that you have it?  Your AAR may have come with a corrective action plan (CAP), but this is only guidance that still needs to be reviewed and acted upon.

First, each identified area for improvement should be prioritized.  After all, if everything is important, then nothing is important.  Even if the areas for improvement and/or corrective actions are already identified in the AAR (particularly if done by a third party or if the AAR is representative of a multi-agency exercise) you should review this prioritization with your own organization’s stakeholders.  This means pulling together a committee (sorry for cursing!) comprised of key areas within your organization.  This may even mean people from areas that may not have participated, such as information technology, as I’m betting there was something in the exercise about computer systems, programs, internet connection, data access, data continuity, etc.  Don’t forget the finance people, either… some fixes aren’t cheap!

Once everyone has had an opportunity to review the AAR, each identified area for improvement should prioritized, at least to the degrees of high, medium, and low; with a secondary filtering of short-term vs long-term projects.  While some may be relatively quick fixes, others can take months, if not years, to accomplish.  Activities should also be identified that are dependent upon others which may need to be completed first (i.e. a procedure needs to be written before it can be trained on).

That’s probably enough for one meeting.  But the people you gathered aren’t cut loose yet… in fact they are pretty much locked in, so you need to be sure that the people you bring together for this corrective action group have the knowledge, ability, and authority to commit resources within their respective areas of responsibility.  Now that activities have been prioritized, it’s time to assign them… this is why involvement of your boss (if you aren’t the boss) is so important.

Some individuals within your organization will be able to act on their own to make the corrective actions that are needed – while others will need to work together to make these happen.  Consider that there may be more activities than just those identified in the AAR.  For example, the AAR may identify a need for a resource management plan.  That’s good, but we all know you can’t just build a plan and expect it to be ready for action.

For those who are regular readers of my blog, you know I’m a big fan of the POETE elements.  (More on POETE here).  What is POETE?  POETE is an acronym that stands for:

  • Planning
  • Organizing
  • Equipping
  • Training
  • Exercising

What is the value of POETE and what does it all mean?  POETE is a great reminder of the key activities we need to do to enhance our preparedness.  Given that, when we look at an identified need for improvement, we need to consider how to properly address it.  So start at the top:

  • What plans, policies, and procedures are needed to implement and support this corrective action?
  • What organizational impact will occur? Do we need to change our organization in any way?  Do we need to form any special teams or committees to best implement this corrective action?
  • What equipment or systems are needed to support the corrective action?
  • What do people need to be trained in to support the corrective action? Do we need to train them in the plan, about a new policy or procedure?  Do they need training on organizational changes?  How about training in the use of equipment or systems?
  • Lastly, once you’ve made a corrective action, it’s a good idea to test it. Exercises are the best way to accomplish this.

There are obviously other considerations depending on the specific corrective actions and the circumstances of your organization.  Funding is often times one of the most significant.  If you need to obtain funding to make corrective actions, the AAR is one of the best documented investment justifications you can get.

From a project management perspective, the committee should regularly reconvene as a matter of checking in to see how the corrective actions are going.  On a continuing basis, the progress of corrections should be tracked (spreadsheets are great for this), along with who has been tasked with addressing it, timelines for completion, related finances, progress notes, etc.  Otherwise, in our otherwise busy days, these things get lost in the shuffle.

From a program management perspective, this is a process that should be engrained culturally into your organization.  Ideally, one person should be responsible in your organization for coordinating and tracking this corrective action process.  As additional exercises are conducted and actual incidents and events occur, corrective actions from these will be brought into the mix.  It is all too often that organizations complain of seeing the same remarks on every AAR or from experiencing the same issues for every response.  BREAK THE CYCLE!  Establishing a corrective action program for your organization will go a long way toward making these chronic issues go away.

By the way, the same concept can be applied to multi-organizational/agency efforts at any level – local, county, state, federal, regional, etc.  Since we respond jointly, there are great benefits to joint preparedness efforts.  We will likely find that even that we have our own house in order, working with someone else is a very different experience and will require a whole new list of corrective actions as we identify areas for improvement.  This process works great with multi-agency committees.

The bottom line – the biggest reason why we exercise is to test our capabilities.  When we test them, we find faults.  Those faults need to be corrected.  Capitalize on the investment you made in your exercise effort to address those identified deficiencies and improve your capabilities.

What ideas do you have for addressing corrective actions?

Need help with preparedness activities?  Be Proactive and Be Prepared™ – Reach out to Emergency Preparedness Solutions!  We’re always happy to help.

Thanks for reading!

© 2015 – Timothy Riecker

Emergency Preparedness Solutions, LLC

Facilities Management and ICS

Tim Riecker, The Contrarian Emergency Manager 2 Comments

Earlier in the year I posted a video (something I need to get back into doing) on the positioning of care facilities within the ICS structure (Operations, not Logistics).  I’m currently reviewing some standard operating guidelines created by a county government on the management of such a facility and have made some critical observations….

The biggest observation is that the management of the facility does not have to mirror the ICS organization.  What I mean here is that it really shouldn’t have its own Operations Section, Logistics Section, Planning Section, Finance/Admin Section, PIO, Safety Office, and Liaison Officer.  While I commend the folks who developed this SOG for trying to stick with ICS, I think they are trying too hard.  While the application of this type of organization CAN assist with management of a facility, it’s typically too much.  Yes, ICS is flexible and allows us to activate only the elements needed, but often people feel compelled to utilize the organization to its fullest extent – which in this case can mean the creation of positions which are not needed.  The application of ICS elements to the management of a facility can also be redundant and confusing.  Besides, most jurisdictions don’t have access to multiple Planning Section Chiefs (or persons qualified in other positions) to staff all these areas.

Let’s start at the top… Facilities, per ICS definition, are overseen by Managers.  Not directors or other such titles.  Most facilities have very specific functional activities which should drive their organization.  Yes, most of these would be considered ‘Operations’, and the support of these can be considered ‘Logistics’.  But we really need to look at the responsibilities of the facility and the relationship to the rest of the incident organization to help guide us in the development of how we organize our facility management.  Managers, in ICS, can have assistants, which may be all that’s needed to help address management-level issues that people may be associating with ICS positions.

Does a facility need a Public Information Office (PIO)?  Probably not.  ICS guidelines prescribe one PIO per incident to help ensure coordination and integrity of public information.  If the facility has a need to communicate information to the pubic, they should be working through THE incident PIO.  If the scope of the facilities operations are complicated enough, perhaps that function may have a designated assistant PIO to ensure proper handling of the information, but they are not the incident PIO.

Certainly facilities can have safety issues.  Does they mean they should have a Safety Officer?  Again, ICS prescribes that we have one incident Safety Officer.  Typically the facility manager (or perhaps an assistant facility manager) will have safety included as an additional duty, in coordination with the incident Safety Officer to ensure adherence to all applicable safety standards.  As with the PIO matter, if the facility for some reason has some serious safety concerns, it may warrant the placement of an assistant safety officer by the incident Safety Officer.

The function of a Liaison Officer is fairly high level, with the primary intent of supporting the Incident Commander with the coordination of various organizations involved in the response.  Of course many facilities are likely to be supported by several organizations, but the participation of these organizations has already been addressed by Command, likely with the assistance of the Liaison Officer.  An added Liaison Officer is simply redundant and confusing.

Logistics – while there are certainly support matters that need to be tended to in facilities – such as security, parking, sanitation, etc., this doesn’t warrant a position in the capacity of a Logistics Section Chief.  Yes, they do require some oversight which may be beyond the span of control of the Facility Manager to provide.  This is a good opportunity to assign a Support Services Leader or some other similarly titled position who reports to the Facility Manager.  Additionally, most facilities should not be the ordering point for resources.  If they need resources, the request should be sent up to the incident Logistics Section.  Similarly, there is no need for a facility to have its own Finance/Admin section.

Having an incident action plan is always a critical element of organization.  A care facility should certainly be included in the Incident Action Plan; reflected in objectives and organization, and tasked in a form ICS 204.  That said, I certainly acknowledge that some facilities can be rather complex, with a multitude of personnel and activities and thus can benefit from having more than just an ICS 204 to run by.  Select elements of an IAP can be very helpful, but a full blown IAP is generally not needed.  The development of such a document for a facility generally won’t require a full time position, much less an actual Planning Section Chief.  This is another opportunity to use an assistant facility manager.  The check in function should be coordinated with the incident Planning Section who will either assign someone or the task will be addressed internally by the Facility Manager.

As with most things, there are always exceptions to the rule.  Very large facilities with extensive operations can certainly benefit from having an overhead team.  I’ve seen ‘short teams’ (these are compact versions of Incident Management Teams) assigned to manage everything from staging areas to family assistance centers in very large (Type 1) incidents.  As such this is not something I would generally plan for since it would be an exception to the rule.  Organizationally, a short team/overhead team would become a layer between the facility manager and the task leads/unit leaders to better allow them to focus on their functional jobs while the overhead team addressed the broader management and coordination matters.  If introduced to the organization of the facility, the overhead team must have a carefully defined scope of operations to ensure they were not redundant to functions of the incident’s actual management team.  Also, an overhead team such as this would likely not have a PIO or Liaison Officer.

While we try to introduce ‘hard and fast’ rules to incident management, the reality is that these things are quite fluid and determined by need.  While our general preparedness should support a credible worst-case scenario, we also need to be careful with our planning assumptions.  Otherwise a full-blown plan for a small community could call for a need for a dozen Liaison Officers, which we aren’t likely to get under most any circumstance.  Yes, ICS is flexible, but we need to have a realistic approach.  Similarly, we can use that flexibility of ICS to introduce elements into our organization that might not have been addressed in the plan with a fair amount of ease.  We’re looking at the difference between a shelter in an average high school vs a shelter in a large sports stadium.  All that said, if your catastrophic plan identifies the use of the large sports stadium as a shelter, you should certainly include the provision in that plan for an overhead team to assist in the management of that shelter.

Of course I’m interested in your thoughts on this.

© 2015 – Timothy Riecker

Emergency Preparedness Solutions, LLC

WWW.EPSLLC.BIZ

Gauging Return on Investment in Preparedness: Planning

Tim Riecker, The Contrarian Emergency Manager 5 Comments

Inspired a bit by my previous post Measuring Return on Investment in Emergency Management and Homeland Security: Improving State Preparedness Reports, I’ve decided upon writing a series of posts picking apart our primary activities in emergency management and homeland security preparedness to identify ways to gauge our Return on Investment (ROI).  To encapsulate our primary activities, I’m using the five POETE capability elements:

  • Planning
  • Organizing
  • Equipping
  • Training
  • Exercises

Most preparedness activities within emergency management and homeland security fall within one or more of the POETE capability elements.  The capability element of Planning is the foundational activity on which all preparedness is built and will be the topic of this post.  Here’s what I’m covering:

  • What is Return on Investment?
  • What planning efforts are involved in preparedness?
  • What organizational investments are involved in Planning?
  • Does the planning effort comply with applicable standards?
  • Can the plan be implemented?
  • What will exercises tell you?
  • Is there a need to maintain plans?

Return on Investment, or ROI, is a business term used to identify the profitability of certain investments or actions.  While preparedness is certainly done to protect against losses, for public and private sector alike, we generally don’t see preparedness activities as generating revenue.  However, when most entities INVEST time, money, and other resources into preparedness activities, they often want a reasonable assurance that their investment has paid off.  How do we gauge ROI for planning efforts?

First off, what planning efforts might we see in public or private organizations?  Obviously emergency and disaster plans are the big ones.  These plans are designed to identify key processes, such as alert and notification, response organization and incident management, and others which are intended to save lives and protect property.  These plans are likely to have annexes and appendices which address uniqueness of certain hazards, response circumstances, and support activities.  Continuity plans – usually business continuity or government continuity – identify how the organization will survive as an entity in the face of disaster.  Planning activities also involve the creation, review, and maintenance of policies and procedures.  We also create plans for hazard mitigation, long term recovery, specific events, and other needs.

What investments are involved in planning activities?  Organizations can and should allocate staff time and physical space and infrastructure to planning efforts.  The dedication of staff (full or part time) and/or consultants is often required, especially when planning efforts are viewed as a continual process and a critical part of preparedness.  The organization itself must make a commitment to the planning effort.  This commitment isn’t just in concept, but also practical involvement of staff throughout the organization, access to information, and even an involvement of third parties.

Certainly a first step in assessing return on investment of planning is to evaluate compliance with applicable rules, regulations, and guidelines.  These requirements can be hard (legally binding) or soft (general guidance) and can differ from industry to industry, nation to nation, and state to state.  Here in the US, FEMA provides guidance on emergency planning through Comprehensive Preparedness Guide (CPG) 101.  Some states may have requirements for emergency planning, such as New York State’s Executive Law Article 2-bNFPA 1600: The Standard on Disaster/Emergency Management and Business Continuity Programs is often referenced by public and private entities alike, while the International Standards Organization (ISO), has many industry-specific requirements for emergency planning.  If grant funding is being used for the planning effort, the grant may also have specific requirements.  Regardless of what the requirements are, planning efforts, plans, and associated documents should be audited to ensure that requirements are met.

Compliance, however, isn’t necessarily indicative of a good planning effort.  I’ve seen many plans which may meet requirements but the content itself was severely lacking.  Far too often planners get caught up in the world of checking boxes and fail to consider implementation.  If a plan cannot be implemented, it is useless to the organization.  Many plans exist now that meet applicable requirements but are still yet vacant of any meaningful direction or guidance in the event of an emergency.  These types of ‘plans’ are really better seen as policy documents.  A plan should identify what will be done, when, how, and by who.  If your ‘plan’ simply contains a statement on the requirement to use NIMS/ICS, but doesn’t provide detail on who will be in charge of what, when, and how; it is a policy document, not a plan.  Plans and their associated documents (i.e. procedures, guidelines, and job aids) need to chase down the lifespan of each critical step, especially early in a response.  They must identify who is responsible to make key decisions, who will be notified (how and by who), and who will take what actions.  A logical review of planning documents by the planning committee or perhaps even a third party is another good means of assessing your return on investment.

Does the plan work?  This is, perhaps, the ultimate factor in determining return on investment.  Usually our best means for identifying if a plan works is to exercise it.  Exercises provide a controlled and focused environment for testing plans or components of plans.  They will also help us in identifying if the plan can truly be implemented.  I’ve written a lot on exercises: articles can be found here.  (I also anticipate writing about assessing ROI for exercises as part of this series).  Generally, an incremental exercise program is usually recommended, beginning with discussion-based exercises – such as table tops and workshops – and progressing to operations-based (hands on) exercises.  A well written and honestly evaluated exercise will go a long way toward identifying the return on investment of your planning efforts.

Are we there yet?  Nope.  Planning, like all other preparedness efforts, requires maintenance.  If you create a plan then walk away, even if it’s a good plan, your plan’s value will diminish over time – and we’re talking months, not decades.  Think about how often something changes in your organization.  Staffing.  Equipment.  Technology.  Procedures.  Insurance policies.  All of these things, and more, influence your plans in some way.  Over time these changes not only occur, but also compound and move the present reality of your organization further from the assumptions of your planning efforts.  This is why plans must be maintained and updated on a regular basis.

Is there some mathematical formula for identifying the return on investment of preparedness efforts?  Given all the factors involved and their fluidity, I don’t think so.  It’s not cut and dry like a traditional business investment.  As you can see, though, there are a number of steps we can take to assess the utility of our investment.  I’ve seen organizations pay a lot for bad plans, and others pay much less for great plans.  Not only do organizations need to ensure that their planners know what they are doing, but the organization itself needs to have a commitment to success.  Without it, the planning effort is doomed to fail.

As always, feedback is appreciated.  What are your thoughts on assessing the return on investment of planning efforts?  What do you think is a good measure?

Does your organization need a new plan or need to update a plan?  Do you need help with the planning process or evaluating your organization’s preparedness?  How about exercises?  Emergency Preparedness Solutions can help!  Email to consultants@epsllc.biz or visit www.epsllc.biz.

© 2015 – Timothy Riecker

Emergency Preparedness Solutions, LLC

WWW.EPSLLC.BIZ

Emergency planning – A linear approach or ‘choose your own adventure’?

Tim Riecker, The Contrarian Emergency Manager 2 Comments

When creating deliberate emergency operations plans, and especially the associated standard operating procedures/guidelines (SOPs/SOGs) that accompany them (you do develop these, right?) there is always a consideration for how to progress through the written plan – chronologically or topically.  There are pros and cons to both approaches you should be aware of.

Chronological progression of your planning efforts assume that an incident starts at A and progresses to Z, in a particular order.  At a glance, this is a lot of structure for emergency management, but an analysis of most incidents will show that they generally tend to progress in this fashion.  It’s human nature for us to like order and to try to put things into a logical progression.  There are, of course, the outliers – those incidents which have tangential or cascading impacts which don’t necessarily have a linear progression.  It’s these unknown factors that make us stumble a bit.  How do we account for these disruptions of our orderly progression?  We have to skip around in the plan.  If our plan isn’t designed for skipping around, it can be rather awkward and not easy to use.

A Choose Your Own Adventure book

A Choose Your Own Adventure book

The other side of the coin argues that if you are likely to skip around in the plan anyway, why not build a topical, or ‘choose your own adventure’ style, plan?  Remember choose your own adventure books?  The story always starts the same, building a foundation for the adventure you will face, but you, the reader, eventually get to decide what the main character will do.  At some point, you will be faced with a choice.  Should your hero take the left tunnel or the right?  If you take the left, go to page X, if you go right, turn to page Y.

Non-linear planning will chunk the content of your plan so individual sections focus on each potential impact and major activity – be it hazard-specific or function-specific – with reference back to a core plan, kind of a hub and spoke approach.  (By the way, ‘chunking’ is an actual term.  We use it primarily in instructional design).  It can make for some flipping around through the plan, and sometimes a bit of redundancy if each section starts with the same concept of operations (thus the need to reference back to a core plan), but it more easily accommodates the unknowns of an incident by looking at separate impacts or major activities as individual components related to a central response.

What are your thoughts?  Do we try to keep things orderly, or do we give in to a modular, ‘choose your own adventure’ approach?  Which do you think is more complex?  Which do you think is more effective?

© 2015 – Timothy Riecker

Emergency Preparedness Solutions, LLC

WWW.EPSLLC.BIZ

Best Practices for the New Year – Resolve to be Responsible, Realistic, and Resourceful

Tim Riecker, The Contrarian Emergency Manager Leave a comment

As I work with jurisdictions and discuss their capabilities I find a broad range of perception among emergency managers about their jurisdictions’ capabilities and limitations.  Some overestimate their capability, thinking that they can handle anything and don’t need any outside assistance.  Others underestimate their capabilities, with their emergency plans defaulting to calling for help or making someone else responsible for nearly every scenario.  Fortunately some jurisdictions are spot on and have an informed and realistic perception of their capabilities.  Having the wrong awareness of what your jurisdiction can and cannot do can be dangerous.

Be Responsible

First of all, jurisdictions need to be responsible for their people.  Far too often I see an automatic assumption that someone else will handle an incident or a certain aspect of an incident, apparently abrogating the jurisdiction of all responsibility.  One of the more common occurrences of this is with sheltering where I rather often hear ‘The Red Cross will take care of that.’ with no further discussion even considered on the subject.  With no slight intended toward the Red Cross, relying on one entity to provide an absolutely critical capability is simply foolish.  If the Red Cross or any other outside entity is for some reason unable to provide these services for the jurisdiction, the jurisdiction is still left with the responsibility to provide this care for its citizens.  A jurisdiction without a plan to address this need is not being responsible for the welfare of its citizens.

The primary goal of a jurisdiction is to provide for its citizens.  Take this seriously and remember that you can’t assign this responsibility to others.

Be Realistic

Know your capabilities and your capacity.  In other words, know what you can and can’t do; and for what you can do, know how well and how long you can do it for.  Know what your limitations and dependencies are.  If your jurisdiction’s ability to provide advanced life support (ALS) care is dependent upon the only paramedic you have as a member of your ambulance service, you have very little capacity and quite a bit of vulnerability.

A good start to having a realistic view of your jurisdiction’s capabilities is conducting and regularly updating a comprehensive threat and hazard identification and risk assessment (THIRA).  THIRA is an in depth assessment which combines a traditional hazard analysis with a reference to DHS’ 31 Core Capabilities in the context of the threats specific to a jurisdiction.  I strongly suggest that a jurisdiction conducting a THIRA extend this assessment into an analysis of five key elements (Planning, Organizing, Equipping, Training, and Exercising – POETE) for each of their capabilities.  Go here for my post on the POETE analysis which explains the benefits and the process a little more.

A good THIRA helps jurisdictions identify not only their hazards but also the potential worst-case scenario impacts of these hazards.  It then provides an opportunity for the stakeholders of the jurisdiction to take an honest look at their capabilities and their ability to leverage these capabilities against those impacts.  Being honest in this assessment will help jurisdictions see what can hurt them most and identify the gaps and limitations they have in their capabilities.

Bottom line – be realistic in what you can do, how well, and how long you can do it.

Be Resourceful

The ability to endure the impacts of a disaster and, at a minimum, address the critical objectives of life safety, incident stabilization, and property conservation can require a jurisdiction to be creative and resourceful.  This is a key aspect of resiliency.  While assistance may still be needed from outside sources, a jurisdiction’s ability to survive and provide lifeline services for its citizens in the interim is extremely important.  Being resourceful can help a jurisdiction shore up its capabilities in times of need.  Key to being resourceful are good contacts and connections within the whole community.  Religious groups and social organizations, private companies, and even individual citizens can all provide services which can aid a jurisdiction in shoring up capabilities – at least in the short term.  Incorporate these as options within your emergency plans.  While these entities may have issues and commitments of their own during a disaster, they may also be able to help.

Use all available resources to get the job done and to sustain for as long as you can.  It can absolutely be the difference between life and death.

Emergency Management Grants – Promoting Planning Standards

Tim Riecker, The Contrarian Emergency Manager Leave a comment

We know that good emergency plans are the cornerstone of preparedness.  Often times it is local governments that have difficulty putting quality plans in place because they don’t have knowledgeable personnel or funds available to make this happen.  This gap is critical since we know that all disasters begin and end locally, so quality local plans are an imperative.

States provide financial assistance to local governments through a local allocation of the Emergency Management Performance Grant (EMPG), which is an annual grant program through FEMA/DHS as a component of the Homeland Security Grant Program (HSGP).  While there is always some variance in the goals or focus of EMPG, the overall concept and allowable costs are fairly static and the emphasis is always on preparedness.

Preparedness, however, encompasses a lot of activities.  The best breakdown is POETE – Planning, Organizing, Equipping, Training, and Exercising.  Just from this we can see a lot of opportunity to spend money on a lot of needed activities.  Planning, however, regularly needs to be revisited.  While funding the other activities may be important, they mean very little without a quality, up to date plan.  All preparedness activities should relate somehow back to the plan, such as equipment and training efforts to shore up capabilities identified for need through the planning process.  This applies to everyone by the way – federal, state, and local governments; private sector; and not for profits.

How can states (or any other grant or budget managers) continue to emphasize the importance of planning?  I’ve recently seen a best practice by the State of New Hampshire which is similar to the federal administration of the Community Development Block Grant (CDBG) programs.  First, they make funds available for, and only for, planning.  This includes new plans and plan updates.  Once plans have been developed that meet their standards, then additional funds can be requested for supporting preparedness activities.  This building block preparedness approach helps provide targeted funds solely for plan improvements while helping to ensure that subsequent funds are provided for activities that associate with the plan and addressing or identifying (by way of exercises) gaps.  While it can be a bit cumbersome, I think it’s a great model for promoting preparedness the right way.

Thoughts?

©2014 – Timothy Riecker