Tag Emergency Preparedness Solutions

The EOC Incident Support Model

Tim Riecker, The Contrarian Emergency Manager 8 Comments

Since the release of the NIMS Refresh in October 2017, a number of jurisdictions have made changes to the organizational structure of their emergency operations center.  While many jurisdictions use a traditional Incident Command System (ICS)-based structure, a structure aligned to the emergency support functions (ESFs), or a hybrid thereof, the NIMS Refresh seems to have popularized an alternative structure called the Incident Support Model.  I’ve been working with some clients who recently have, or are currently making a change to the Incident Support Model.  The general model of that structure can be found below.

ISM

The intent of this model is to provide an EOC with an organizational model that better fits what an EOC does… information management, planning, and resource support.  This model, unlike the more traditional ICS-based model or the ESF-based model really focuses on what EOCs do instead of potentially utilizing an organization and mission that are mis-matched.  As stated by the NIMS Refresh document, this model puts the EOC manager in direct contact with those doing situational awareness/information management, and streamlines resource sourcing, ordering, and tracking.

As someone who has worked in and long advocated for an ICS-based model for EOCs, I’ve grown increasingly comfortable with the Incident Support Model over time.  It certainly makes sense.  Appendix B of the NIMS Refresh document provides some additional detail on this model, but not much.

The Incident Support Model, most prominently, reorganizes some of the major ICS-centered functions we are used to seeing.  It pulls two key functions from the Planning Section, those being situational awareness and resource tracking.  Situational awareness in this model is established as a section.  Those who have managed large and fully staffed Situation Units in an ICS-based model know that the various responsibilities such as information tracking, developing situation reports, addressing requests for information, and information analysis and display can be significant.  Technical specialists, such as meteorologists and other sciences come into the fold of this section, as does Geographic Information Services (GIS).

The function of resource tracking, traditionally from the Resources Unit in the ICS model, is pulled together with all other resource-centered activities in the EOC under the Incident Support Model.  This includes the tasking and assignment of resources, as well as the support of those resources, which functionally has been handled by a combination of Operations and Logistics in the ICS-based model.  Reflecting on how many EOCs have grown comfortable organizing these functions previously, this section may be organized by ESF or other workable function.  The Resource Support Section is also to include Finance/Administration, which I’m not necessarily as keen on.  While I understand it from a contracting and procurement perspective, Finance/Administration is a function that may be best retained as their own section.

Separate from the Resource Support Section is the Center Support Section, which is focused on supporting the EOC itself with IT, admin staff, food, and other needs.  The Center Support Section may also be tasked with providing similar services to other defined facilities, such as a Joint Information Center (JIC) or Family Assistance Center (FAC).  I see this as a smart move as Logistics in the traditional ICS model had to juggle needs internal and external to the EOC.

Lastly is the Planning Support Section.  With information management resource tracking gutted from the Planning Section, you may be left wondering what is left for the Planning Section to do.  The Planning Support Section is still responsible for managing the planning process, which needs a bit of realignment under the Incident Support Model.  With this is overall responsibility to develop the Incident Action Plan (IAP), but there is more.  An astute planning function in an EOC in any sizeable incident should not only be managing the planning process for the next operational period, they should also looking ahead.  They may be pulling together a plan for something like debris management or utility restoration which is expected to be an operational focus in a few days, or perhaps planning for the transition to recovery operations, or even for demobilization.  As such, the Incident Support Model calls for the Planning Support Section to be divided between Current (and next operational period) Planning and Future Planning.  With an organization model underscoring this, we will hopefully see Planning Sections focused on future outcomes as much as they are focused on short-term processes.

The Incident Support Model is certainly a workable structure, which seems to remove some of the awkwardness of the tactically-built ICS-based structure from the EOC.  While we’ve certainly evolved the ICS-based structure to meet our needs in an EOC, I think many, myself included, were reluctant to make the changes needed to make it more functional in an EOC environment and still have it reflect ICS.

Now that jurisdictions are retooling and building this new model into their plans, however, we are in a bit of an awkward position in regard to training and utilization of staff. In the absence of national training program to support this model, jurisdictions are left on their own to train staff how to function in this structure.  Many jurisdictions have invested a great deal of time to have staff trained in the NIMS Position-specific courses.  While I don’t see that training as being wholly wasteful in light of a change to this model, there are obviously some adaptations to be made for those looking to utilize that training in an EOC using the Incident Support Model.  Even established Incident Management Teams (IMTs), which follow the ICS model, will need to determine how they will adjust their deployment to fit EOCs which may use the Incident Support Model.  The functions of this model certainly aren’t foreign, but may require a crosswalk of sorts for personnel who are otherwise trained or qualified to work in an ICS-based environment.

Working with clients who are adopting this model, I’m looking forward to seeing it in action and further identifying pros and cons.  Knowing that some have been using this model for some time, I’m also interested in reviewing their lessons learned, particularly things like operational flow, adaptations to the Planning P, job action sheets, and other things.

© 2018 – Timothy Riecker, CEDP

Emergency Preparedness Solutions, LLC

 

EOC Skillsets and Position Task Books Finalized

Tim Riecker, The Contrarian Emergency Manager 1 Comment

Back in April, FEMA released the drafts of EOC skillset documents and position task books for public comment.  A few days ago, the final versions of these documents were released on FEMA’s National Qualification System (NQS) website: https://www.fema.gov/emergency-managers/nims/components#nqs

While the hub of emergency response is the incident command post, the hub of emergency coordination is the Emergency Operations Center.  While life saving tactics, directed from the ICP, are absolutely essential, a comprehensive and long-term response can’t be sustained without the activities of an EOC.  We have gone far too long in emergency management without having good national guidance on the organization and qualification of personnel in the EOC.

When you crack into the website you may be a bit overwhelmed by all the documents you find.  Don’t look to this as something that must be implemented 100% right away.  Take a deep breath and remember that most things done well in emergency management, ironically enough, are an evolution and take time.  Also remember that while this has been established as guidance, it’s not a requirement.  Implement what you can, when you can.  Focus on establishing a foundation you can build from and do what makes sense for your jurisdiction or organization.

The foundation of everything in emergency management is planning, so whatever you do decide to implement should find its way into plans, which may need to be supported by policy.  While implementing a qualification system with task books can be cumbersome, it can also solve some problems when it comes to having less than qualified personnel working in your EOC.  The position task books are a great way for individuals to see what standards they are being held to and allows them to track progress.  If you don’t feel that the use of position task books will work for your jurisdiction or you are on a slower track to implementation, it’s still worthwhile to examine the skillset documents for each position you have identified in your EOC.  These can support your own developed standards, expectations, and plans; serve as a foundation for training course development; and support exercise evaluation.

Lastly, talk about these with your committees and your peers.  It’s easy to forget about them so keep these visible.  These documents offer an abundance of solid guidance which can strongly support your operational coordination.

What are your thoughts on the EOC skillsets? Do you plan on implementing them in your system?  If so, how?  If not, why not?

Timothy Riecker, CEDP

Emergency Preparedness Solutions, LLC℠

How to Categorize a Hurricane?

Tim Riecker, The Contrarian Emergency Manager 4 Comments

There has been a lot of discussion lately on rethinking how we categorize hurricanes.  At present, we use the Saffir-Simpson Hurricane Wind Scale, which provides a category (numbered 1-5) based on the hurricane’s present sustained wind speed.  While this scale has served as the standard for several decades, it is based only upon one impact of hurricanes – wind.  As such, the Saffir-Simpson scale is not a good universal predictor of potential hurricane impacts.

To better consider how we can categorize hurricanes, we should understand those impacts.

  • Wind is an ever-present threat from hurricanes. The highest reaches of these winds can be utterly devastating, practically leveling an area of built infrastructure and foliage. Wind speeds can be measured throughout the entire life of the hurricane, and wind speeds can be predicted with reasonable accuracy.  While tornadoes are generally expected with hurricanes, their intensity is difficult to predict.
  • Storm Surge is the greatest threat to coastal areas from a hurricane. Storm surge is defined as the rising of the sea as a result of atmospheric pressure changes and wind associated with a storm.  Essentially, the winds of the hurricane push water up on to land creating sudden inundation.  The height and degree of inundation of storm surge is dependent upon several factors including wind speed, tide, natural and built barriers, and distance inland.
  • Rain, like wind, is a sustained threat from hurricanes, potentially causing flooding well inland. The geographic size of hurricanes tends to result in saturation from rain across a wide area, making the management of runoff incredibly difficult.  In coastal areas, rain will obviously contribute to the flooding conditions caused by storm surge.

In recognition of the hazards, there have been proposals for categorizing hurricanes based upon hazards other than wind.  While I’m no meteorologist, I can certain identify that these will provide even less valuable data than wind alone.  While it’s true that storm surge is often the most impactful hazard of hurricanes, the extent of potential damage from storm surge varies so wildly based upon a variety of factors, there are few general statements that can be made about it to establish any kind of categorization.  Further, how will the storm threat be categorized to those too far inland to be impacted by storm surge?  Rating a hurricane based upon rain is even less of a full picture than those who argue against wind.

The Saffir-Simpson scale begins to approach the problem by also defining the types of damage that can be caused by hurricanes of different intensities.  These defined impacts, however, are limited to wind damages.  Certainly the ideal model provides categories which define expected levels of damage from wind, rain, and storm surge combined.  Such models may be more informative to the public, elected officials, first responders, and emergency managers.  There are efforts under way to examine some potential new models.  Be alert to what gets proposed and be sure to provide feedback.

Have I missed anything here?  Are there any other considerations for how we should be categorizing hurricanes?

Timothy Riecker, CEDP

Emergency Preparedness Solutions, LLC℠

 

The Disaster Recovery Reform Act of 2018

Tim Riecker, The Contrarian Emergency Manager Leave a comment

It’s challenging at times to keep track of legislation relevant to any industry, especially when unrelated items are included in bills.  HR 302 is titled the FAA Reauthorization Act of 2018, so logically it starts off with a section on sports medicine licensure.  Luckily, the bulk of the bill is centered on aviation, but also happens to include substantial content on emergency management, titled the Disaster Recovery Reform Act of 2018.

Sticking to the aviation side for a moment but also relevant to emergency management folks within that industry, there are a variety of provisions on both airport and airline safety.  There is also a small section on UAS/UAV.  Most notably a provision related to FAA emergency authorizations for drone use as well as one ordering the FAA to conduct a study on fire department and emergency service agency use of drones (§359).  The term for the study, as noted in the bill, is only 180 days, which isn’t a whole lot of time for government, directly or through a contract, to cover every one of the areas they are looking for in this study.  Hopefully the final time frame of this, if it passes, will be extended.

Most applicable to the emergency management community is Division D of this bill (§1201), titled the Disaster Recovery Reform Act of 2018.  This is an important piece of legislation as it is actually an amendment to the Stafford Act.  The Stafford Act has, of course, been amended many times, but it’s worth while for all of use to keep a keen eye on these planned changes to ensure that the writings of political staffers are grounded in reality.  A few of the key points:

  • Authorization for 404 mitigation funding absent a disaster declaration for wildfire mitigation efforts
  • Providing building code and floodplain ordinance support following a disaster (402). This seems to dovetail in with 1241 on post-disaster building safety assessments.  1241 also includes a provision for having NIMS typed resources for these activities.
  • Public and non-profit facilities receiving a contribution fully equal to the federal share of the federal estimate of repair/replacement costs (406)
  • Various provisions related to flood insurance (406)
  • (1208) An interesting provision on providing guidance and annual training to governments and first responders on ‘the need to prioritize assistance to hospitals, nursing homes, and other long-term care facilities…’ as a matter of what is essentially continuity of operations. This also includes guidance and training to these facilities on how they can prepare for their own continuity of operations, as well as a need to coordinate response plans across stakeholder organizations for same.
    • This seems partially to step on the toes of health care preparedness regulations from CMS, but also helps connect the dots necessarily to the whole community. I’m not sure about the need for ‘annual training’, as the administration and tracking of such is a nightmare (and likely unnecessary), but guidance would certainly be welcome.  Perhaps we will see a new Comprehensive Preparedness Guide come from this?
  • (1209) Guidance on evacuation routes in coordination with the Federal Highway Administration. The bill stresses consideration for resiliency of identified routes, special needs populations, public notification regarding these routes, and access to sheltering locations from the evacuation routes.
  • (1218) Establishes National Veterinary Emergency Teams based out of accredited veterinary colleges. Specifically, they are to deploy with USAR resources to provide care for canine search teams as well as animals impacted by the disaster.
  • (1228) Guidance to be issued in conjunction with the Federal Highway Administration on the repair, restoration, and replacement of inundated and submerged roads.
  • (1236) A training requirement for governments, first responders, and facilities that store hazardous materials on the coordination of emergency response plans in the event of a local disaster.
    • This is an interesting requirement that is also, perhaps intentionally vague. It seems this would be directed at regulated SARA Title III facilities, but doesn’t specify them.  Is this intended to include community locations like pool supply, auto part, and painting stores?  Hopefully this gets fleshed out more to better communicate who it is intended to apply to. 
  • Increasing efficiency and reducing duplication of grant programs
  • (1244) A relevant provision directing FEMA to contract with the National Academy of Medicine to conduct a study and submit a report regarding best practices in mortality counts as a result of major disasters.
  • There were also a variety of other provisions making adjustments to IA, PA, and Hazard Mitigation programs in addition to what I had already listed.

While a great many bills die on the vine, HR 302 is certainly expected to move forward as it contains some pretty critical legislation.  Modifications, of course, are expected as this bill moves through the House, its sister piece of legislation moves through the Senate, the two versions are resolved, then eventually signed by the President.  The DRRA is something to keep an eye on, though, as it seems to impact all facets of emergency management as well as our relationships with stakeholders.

What are your thoughts on this bill?

Timothy Riecker, CEDP

Emergency Preparedness Solutions, LLC℠

Airport Emergency Planning

Tim Riecker, The Contrarian Emergency Manager Leave a comment

Through my career I’ve had the opportunity to work with a number of airports on preparedness efforts.  In the past couple of years, that interaction has been greatly amplified through a contract my company successfully completed involving the development of exercises for airports.  As part of this effort, we designed, conducted, and evaluated exercises at ten airports of varying sizes across the nation, from Georgia to Alaska, Massachusetts to California.  Since the primary intent of exercises is to validate plans, we of course requested and reviewed airport emergency plans (AEPs) from each location as part of our preparation for each exercise.

For those not in the know, the requirement for AEPs originates with Federal Aviation Regulation 14 CFR Part 139, which wholly establishes the standards for the certification of airports.  The requirements for AEPs are further refined in DOT/FAA Advisory Circular 150-5200-31C published in May of 2010.   The Advisory Circular is largely implementation guidance.  It’s quite comprehensive and outlines a planning structure, references emergency management doctrine and standards of practice such as NIMS and the National Response Framework, and models a planning process, which mirrors that of CPG-101.  The NFPA also provides guidance in NFPA 424: Guide for Airport/Community Emergency Planning, which reflects on all these as well.

Just like any community emergency operations plan (EOP), AEPs I’ve reviewed run the full spectrum of quality.  Some plans are thorough and comprehensive, while other plans are so focused on meeting the letter of the regulation that they fall short of meeting real needs and being implementation-ready, even though they technically meet the requirements set forth in §139.325.  Regulated industries, which airports largely are, often have a challenge when it comes to emergency planning.  We see this same challenge in radiological emergency plans as well.  The laws and regulations seem to provide so much structure that it is perceived that local variables and subjective analysis aren’t allowed.  As an example, §139.325 states:

“the plan must contain instructions for response to:

  1. Aircraft incident and accidents
  2. Bomb incidents, including designation of parking areas for the aircraft involved
  3. Structural fires
  4. Fires at fuel farms or fuel storage areas
  5. Natural disaster
  6. Hazardous materials/dangerous goods incidents
  7. Sabotage, hijack, or other unlawful interference with operations
  8. Failure of power for movement area lighting
  9. Water rescue situations (as appropriate)”

While the planning process isn’t prescribed in §139.325, nor does it specify if other hazards can be included in the AEP, the Advisory Circular (AC) does expound on this and prescribes a planning process, including a hazard analysis.  The AC states “Through the hazards analysis program, guidance has been provided to assist in the identification of those hazards and disasters specific to an airport that warrant planning attention”.  That phrasing indicates that airports should be planning for hazards beyond what is required by §139.325, yet I’ve seen many that do not.

Obviously ‘natural disaster’ covers a considerable amount of proverbial territory.  Jurisdictions undergo extensive hazard analysis and hazard mitigation planning to identify the breadth and scope of these hazards (which should include all hazards, not just natural disasters).   Many jurisdictions develop very comprehensive EOPs and annexes to address the response needs of each of their primary hazards.  I saw this as a significantly missing component in many AEPs, which treated ‘natural disasters’ as a single hazard.  Further, as many airports stick to the minimum requirement for planning, they fail to address other hazards which could impact them, ranging from dam failure, and nuclear power facility incidents, to currently hot topics such as active shooter/hostile event response (ASHER) and communicable diseases.

Some airports have thankfully recognized the need for expanding beyond the required hazards and have developed plans that better address all of their needs.  On the unfortunate side, again as a regulated industry, I’ve also seen some airports having two sets of plans… one that meets regulation and the other that they feel is more practical for implementation.  Clearly this isn’t the way to go either.  A single, consolidated plan can be developed that meets all needs.

Airports are an interesting animal.  Regardless of governance structure, they are part of the communities which surround them.  Larger airports are also communities of their own, having significant capability, sometimes more than the surrounding jurisdictions.  Airport emergency planning should acknowledge and involve their community relationships and must address all hazards, not just the ones required by Part 139.  Just as with any other type of emergency plan, they must be implementation-ready.  To do so typically requires the added development of standard operating guidelines (SOGs) and job aids, such as check lists and forms.  Plans should also be developed to address recovery issues and business continuity, not just response.  An airport, regardless of governance structure, operates like a business, with many other stakeholders dependent upon their stability and ability to address and rapidly recover from incidents.  They are also obviously transportation hubs, dealing with large volumes of people and significant dollar figures in freight and commerce.

Airport emergency managers have many of the same challenges as the emergency managers of any other community.  Staffing and funding rarely line up with requirements and other priority matters.  I encourage community emergency managers to reach out to their local airports and coordinate, as many hands make easier work for everyone.  Of course, if any airports are seeking assistance in enhancing their preparedness, please contact us as we would love to work with you!

© 2018 – Timothy Riecker, CEDP

Emergency Preparedness Solutions, LLC™

 

 

Emergency Management and Succession

Tim Riecker, The Contrarian Emergency Manager Leave a comment

Earlier this month, Emergency Management Magazine posted an article by Jim McKay titled ‘Is a Lack of Institutional Knowledge Plaguing Emergency Management?’.  It’s a thought-provoking article on a topic that is relevant to a great many professions.  This is an issue that deals primarily with retirements, but broadly any matter that involves a line of succession.  Not only might someone retire, which is usually, but not always an anticipated event, but they may take or get transferred to a new position, require an extended sick leave, get fired, or even have an untimely death.  In any event, I’m a firm believer that succession should be planned for any situation, and for nearly every position – especially one that’s grown and evolved over time with the individual occupying that position.

If it’s anticipated that someone will be retiring or otherwise leaving, organizations may have the ability to hire or identify a replacement while the person is still there, providing an opportunity for a mentorship.  For as rare as this is, it’s even more rare for that mentorship to be structured or anything but throwing a bunch of paperwork, files, and brain-dumping knowledge at the replacement.  If the departure of the individual isn’t planned, the organization can be left in the lurch.  People hopefully know what that person does, but likely not how they do it.  What are the priority tasks?  How often do they need to be completed?  What is the standard of performance for these tasks?  Who are the primary contacts?  Where can critical files be found?  What do I do if…???

Organizations have an opportunity to hedge against this.  Just as we prepare for disasters, we can prepare for someone vacating a position.  We know it will inevitably happen, so there is no excuse to not prepare for it.  Organizational leadership should promote this effort, spearheaded by human resources.  Checklists and guidance should be developed that cover all aspects of transferring institutional knowledge – from the mundane and practical, to the applied work.  This is a deliberate effort, just like developing an emergency operations plan, and an effort that nearly all positions should be involved in.

For a planned departure, two viable options are a job-share or a structured mentorship.  Both obviously require the organization to commit to overlapping staffing for this position for a period of time since the outgoing and incoming individuals need to work together.  This provides the most effective means of transferring institutional knowledge.  As indicated earlier, these efforts need to be structured, not just a daily data dump.  Use the ‘crawl, walk, run’ concept, giving the incumbent foundational information at first and building from there.  While process is important, there may be some processes that really fall to individual style, so the focus should be more on intent, sources of information, deliverables, and collaboration.  Hands-on experience, as many of us know, is extremely valuable.  The new individual should be going to meetings with the outgoing person, conducting site visits, and participating in other activities.  This also offers an opportunity for introductions to be made to important colleagues and other contacts.

The incumbent should also have face time with their new boss, direct reports, and other interested parties.  This is important to ensuring that expectations of these important stakeholders are communicated directly to the person who will be working with them.

An important tool that should be developed by almost every position is a job book.  This is a written document that outlines every critical aspects of a position.  Starting with the job description and working forward from there.  Fundamentally, this is a simple task, but can take some time over a period of months to develop, and of course it should be kept up to date.  It should identify priority tasks and how they are accomplished, key interactions and contacts, reporting relationships, standards and templates, information sources, deliverables, and due dates.  Each individual should step outside their position and imagine that someone new, who knows little about the position, will walk in tomorrow to take over.  This document should take that person through all important tasks.

The job book has several benefits.  First, it helps provide structure to any possible mentorship or job share that might take place for a planned departure.  It strongly supports an unplanned departure as well as an organization that might not be able to provide for any type of overlap between the outgoing and incoming individuals.  Job books are something I recommend not just for managers, but for most staff, even administrative support staff – It’s amazing how many organizations come to a screeching halt when a key administrative specialist leaves.

Lastly, beyond the process-driven and official things, never underestimate the value of social interactions.  There is a great deal of knowledge transfer that comes from the time of enjoying a meal or a beverage with someone.  While this time might be ‘off the books’, it should absolutely be encouraged and shouldn’t be a single occurrence.  These offer good opportunity for some ‘war stories’ and open conversations outside of the office environment in which a great deal can be learned.

Bottom line – organizational succession should be viewed as an aspect of continuity of operations.  It requires planned and deliberate activities to be most successful.

What kind of program does your organization have?

© 2018 – Timothy Riecker, CEDP

Emergency Preparedness Solutions, LLC™

FEMA’s 2017 Hurricane Season AAR

Tim Riecker, The Contrarian Emergency Manager Leave a comment

A few days ago, FEMA published its after action report (AAR) for the 2017 hurricane season.  Unless you’ve been living under a rock, you probably know that last year was nothing short of devastating.  The major hurricane activity revolved around Hurricane Harvey (Texas), Hurricane Irma (Caribbean/South Atlantic coast), and Hurricane Maria (Caribbean), but domestic response efforts were also significantly dedicated to a rough season of wildfires in California.  While each of these major disasters was bad enough on its own, the overlap of incident operations between them is what was most crippling to the federal response.  Along with these major incidents were the multitude of typical localized incidents that local, state, and some federal resources manage throughout the year.  2017 was a bad year for disasters.  I don’t think any nation could have supported disaster response as well as the US did.

No response is ever perfect, however, and there were certainly plenty of issues associated with last year’s hurricane responses. Politicians and media outlets made issues in Texas and Puerto Rico very apparent.  While some of these issues may rest on the shoulders of FEMA and other federal agencies, state and local governments hold the major responsibility for them.

This FEMA AAR contains good information, perspective, and reflections.  There are a lot of successes and failures to address.  While I’m not going to write a review of the entire document, which you can read for yourself, but I will discuss a few big-picture items and highlight a few specifics.

First, is the overall organization of the document.  The document is organized through reflection across each of five ‘focus areas’.  I’m not sure why this was the chosen approach.  The doctrinal approach should be a reflection on Core Capabilities, as outlined in the National Preparedness Goal.  Some of these focus areas seem to easily align with a Core Capability, such as ‘Sustained Whole Community Logistics Operations’, which gives me reason to wonder why Core Capabilities were not referenced.  While we use Core Capabilities as a standard in exercises, the purpose for them being part of the National Preparedness Goal is so that we have a standard of reference throughout all preparedness activities.  Any AAR – incident, event, or exercise – should bring us back to preparedness activities.

The second issue I have with the document is the focus.  While it’s understood that this is FEMA’s AAR, not a wholistic federal government AAR, it’s almost too FEMA-centric.  The essence of emergency management is that emergency management agencies are coordination bodies, as such, most of their work gets accomplished through coordinating with other agencies.  While it’s true that FEMA certainly has a significant work force and resources, the AAR seems to stop at the inside threshold of FEMA headquarters, without taking the additional step to acknowledge follow-on actions from a FEMA-rooted issue that may involve other agencies.

Among the positive takeaways were some of the planning assumptions outlined in the report.  There is a short list of planning assumptions on page 9, for example, that provide some encouraging comparisons between planning assumptions and reality.  This is a great reminder for local and state plans to not only include numbers and percentages in their planning assumptions, which will directly lead to identifying capability and resource gaps, but to also reality check those numbers after incidents.

Page 10 of the repost highlights the success of FEMA’s Crisis Action Planning groups.  These groups identified future issues and developed strategies to address these issues.  This is actually an adaptation of an underutilized function within the ICS Planning Section to examine potential medium and long-term issues.

Pages 11 and 12 highlight how Threat and Hazard Identification and Risk Assessment (THIRA) data from states and UASIs can inform response.  It’s encouraging to see preparedness data directly inform response.  I hope this is something that will continue to evolve.

Pages 22 and 23 discuss the staffing issues FEMA had with massive overlapping deployments.  Along with their regular full time workforce, FEMA also deployed a huge volume of their cadre personnel.  They also tapped into a pilot program called State Supplemental Staffing.  While there were some administrative and bureaucratic difficulties, it seems to have been considerably successful.

Overall, this is a good document citing realistic observations and recommendations.  While the document is FEMA-centric, the way of FEMA is the way of emergency management in the US, so it’s always worth keeping an eye on what they are doing, as many of their activities have reach to state and local governments we as other federal agencies.

What important concepts jumped out at you?

© 2018 Timothy Riecker, CEDP

Emergency Preparedness Solutions, LLC™

Changing The Lexicon on Terrorism Preparedness, Response, and Recovery

Tim Riecker, The Contrarian Emergency Manager Leave a comment

A couple months ago I posted about NFPA 3000: Standard for Active Shooter/Hostile Event Response Program.  Soon after posting, I ended up purchasing a copy of the standard and, combined with other readings and discussions, am fully bought into not only this standard but a change in our lexicon for this type of incident.

NFPA3000

First off, in regard to NFPA 3000, it’s not rocket science.  There is nothing in this standard that is earth shattering or itself wholly changing to what we do or how we do it.  But that’s not the intent of NFPA standards.  NFPA technical committees compile standards based upon best practices in the field. The standards they create are just that – standards.  They are a benchmark for reference as we apply the principles contained therein.  NFPA 3000 provides solid guidance that everyone in EM/HS should be paying attention to.

What NFPA 3000 has helped me realize is that our focus has been wrong for a while.  Terrorism isn’t necessarily the thing we need to be preparing for.  Why?

First, let’s look at what is generally referenced definition of terrorism in the United States.  This comes from Title 22 Chapter 38 US Code § 2656f.  It states that terrorism is “premeditated, politically motivated violence perpetrated against noncombatant targets by subnational groups or clandestine agents’.  Note that the definition focuses on motive more than action or consequence.  While motive is very important in prevention/intelligence and prosecution, it is far less important to most preparedness, response, and recovery activities.

The term ‘active shooter’ has been used quite a bit, yet it’s not a good description of what communities and responders can face when we consider that perpetrators could use means and methods instead of or in addition to firearms.  We’ve seen a wide variety of these instances that involve knives, vehicles, improvised explosives, and more.

This is why I prefer the term ‘active shooter/hostile event response’ or ASHER.  While the term has been around for a bit (a quick internet search shows references going back to at least 2013), NFPA 3000 has essentially canonized it in our lexicon.  The definition provided in NFPA 3000 is focused on the incident, rather than the motivation, and is comprehensive of any means or methods which could be used.  That definition is – Active Shooter/Hostile Event Response (ASHER): An incident where one or more individuals are or have been active engaged in harming, killing, or attempting to kill people in a populated area by means such as firearms, explosives, toxic substances, vehicles, edged weapons, fire, or a combination thereof.

When it comes to preparedness, response, and recovery ASHER is the focus we need to have.  Motivations generally make little difference in how we should respond.  We should always be looking for secondary devices or other attackers – these are not features unique to terrorist attacks.  As we do with any crime scene, we should always be mindful of evidence that can lead us to the motives and potential co-conspirators of an attacker.  That’s important for investigation, prosecution, and the prevention of further attacks.  Does the term ‘terrorism’ still have a place?  Of course it does.  In our legal system, that’s an important definition.  Philosophically, we can argue that all attacks are acts of terror, but because of the legal definition that exists of terrorism, we can’t – at least in the US.

I encourage everyone to start making the move to changing the lexicon to ASHER where appropriate.  It makes sense and gives us the proper perspective.

© 2018 – Timothy Riecker, CEDP

Emergency Preparedness Solutions, LLC ™

An Updated Comprehensive Preparedness Guide 201 (THIRA/SPR)

Tim Riecker, The Contrarian Emergency Manager 3 Comments

In late May, FEMA/DHS released an updated version of Comprehensive Preparedness Guide (CPG) 201.  For those not familiar, CPG 201 is designed to guide communities and organizations through the process of the Threat and Hazard Identification and Risk Assessment (THIRA).  This is the third edition of a document that was originally released in April 2012.  This third edition integrates the Stakeholder Preparedness Review (SPR) into the process.  Note that ‘SPR’ has commonly been an acronym for State Preparedness Report, which is also associated with the THIRA.  The goal of the Stakeholder Preparedness Review appears to be fundamentally similar to that of the State Preparedness Report which some of you may be familiar with.

Picture1

First of all, a few noted changes in the THIRA portion of CPG 201.  First, FEMA now recommends that communities complete the THIRA every three years instead of annually.  Given the complexity and depth of a properly executed THIRA, this makes much more sense and I fully applaud this change.  Over the past several years many jurisdictions have watered down the process because it was so time consuming, with many THIRAs completed being more of an update to the previous year’s than really being a new independent assessment.  While it’s always good to reflect on the progress relative to the previous year, it’s human nature to get stuck in the box created by your reference material, so I think the annual assessment also stagnated progress in many areas.

The other big change to the THIRA process is elimination of the fourth step (Apply Results).  Along with some other streamlining of activities within the THIRA process, the application of results has been extended into the SPR process.  The goal of the SPR is to assess the community’s capability levels based on the capability targets identified in the THIRA.  Despite the THIRA being changed to a three-year cycle, CPG 201 states that the SPR should be conducted annually.  Since capabilities are more prone to change (often through deliberate activities of communities) this absolutely makes sense. The SPR process centers on three main activities, all informed by the THIRA:

  1. Assess Capabilities
  2. Identify and Address Gaps
  3. Describe Impacts and Funding Sources

The assessment of capabilities is intended to be a legacy function, with the first assessment establishing a baseline, which is then continually reflected on in subsequent years.  The capability assessment contributes to needs identification for a community, which is then further analyzed for the impacts of that change in capability and the identification of funding sources to sustain or improve capabilities, as needed.

An aspect of this new document which I’m excited about is that the POETE analysis is finally firmly established in doctrine.  If you aren’t familiar with the POETE analysis, you can find a few articles I’ve written on it here.  POETE is reflected on several times in the SPR process.

So who should be doing this?   The document references all the usual suspects: state, local, tribal, territorial, and UASI jurisdictions.  I think it’s great that everyone is being encouraged to do this, but we also need to identify who must do it.  Traditionally, the state preparedness report was required of states, territories, and UASIs as the initial recipients of Homeland Security Grant Program (HSGP) sub-grants.  In 2018, recipients of Tribal Homeland Security Grant Program funds will be required to complete this as well.  While other jurisdictions seem to be encouraged to use the processes of CPG 201, they aren’t being empowered to do so.

Here lies my biggest criticism…  as stated earlier, the THIRA and SPR processes are quite in-depth and the guidance provided in CPG 201 is supported by an assessment tool designed by FEMA for these purposes.  The CPG 201 website unfortunately does not include the tool, nor does CPG 201 itself even make direct reference to it.  There are vague indirect references, seeming to indicate what kind of data can be used in certain steps, but never actually stating that a tool is available.  The tool, called the Universal Reporting Tool, provides structure to the great deal of information being collected and analyzed through these processes.  Refined over the past several years as the THIRA/SPR process has evolved, the Universal Reporting Tool is a great way to complete this.  As part of the State Preparedness Report, the completed tool was submitted to the FEMA regional office who would provide feedback and submit it to HQ to contribute to the National Preparedness Report.  But what of the jurisdictions who are not required to do this and wish to do this of their own accord?  It doesn’t seem to be discouraged, as jurisdictions can request a copy from FEMA-SPR@fema.dhs.gov, but it seems that as a best practice, as well as a companion to CPG 201, the tool should be directly available on the FEMA website.  That said, if the THIRA/SPR is being conducted by a jurisdiction not required to do so, the tool would then not be required – although it would help.

Overall, I’m very happy with this evolution of CPG 201.  It’s clear that FEMA is paying attention to feedback received on the process to streamline it as best they can, while maximizing the utility of the data derived from the analysis.  A completed THIRA/SPR is an excellent foundation for planning and grant funding requests, and can inform training needs assessments and exercise program management (it should be used as a direct reference to development of a Training and Exercise Plan).

For those interested, EPS’ personnel have experience conducting the THIRA/SPR process in past years for a variety of jurisdictions and would be happy to assist yours with this updated process.  Head to the link below for more information!

© 2018 – Timothy Riecker, CEDP

Emergency Preparedness Solutions, LLC ™

Hurricane Harvey AAR – Lessons for Us All

Tim Riecker, The Contrarian Emergency Manager Leave a comment

Harris County, Texas has recently released their After Action Report (AAR) for Hurricane Harvey that devastated the area last year.  I applaud any AAR released, especially one for an incident of this magnitude.  It requires opening your doors to the world, showing some incredible transparency, and a willingness to discuss your mistakes.  Not only can stakeholders in Harris County learn from this AAR, but I think there are lessons to be learned by everyone in reviewing this document.

First, about making the sausage… The AAR includes an early section on the means and methods used to build the AAR, including some tools provided in the appendix.  Why is this important?  First, it helps build a better context for the AAR and lets you know what was studied, who was included, and how it was pulled together.  Second, it offers a great example for you to use for future incidents.  Developing an AAR for an incident has some significant differences from developing an AAR for an exercise.  Fundamentally, development of an AAR for an exercise begins with design of the exercise and is based upon the objectives identified for that exercise.  For an incident, the areas of evaluation are generally identified after the fact.  These areas of evaluation will focus the evaluation effort and help you cull through the volumes of documentation and stories people will want to tell.  The three focus areas covered in the AAR are Command and Control, Operations, and Mass Care and Sheltering.

Getting into the Harvey AAR itself… My own criticism in the formatting is that while areas for improvement in the AAR follow an Issue/Analysis/Recommendation format, identified strengths only have a sentence or two.  Many AAR writers (for incidents, events, or exercises) think this is adequate, but I do not.  Some measure of written analysis should be provided for each strength, giving it context and describing what worked and why.  I’m also in favor of providing recommendations for identified strengths.  I’m of the opinion that most things, even if done well and within acceptable standards, can be improved upon.  If you adopt this philosophy, however, don’t fall into the trap of simply recommending that practices should continue (i.e. keep doing this).  That’s not a meaningful recommendation.  Instead, consider how the practice can be improved upon or sustained.  Remember, always reflect upon practices of planning, organizing, equipping, training, and exercises (POETE).

As for the identified areas for improvement in AAR, the following needs were outlined:

  • Developing a countywide Continuity of Operations Plan
  • Training non-traditional support personnel who may be involved in disaster response operations
  • Transitioning from response to recovery operations in the Emergency Operations Center
  • Working with the City of Houston to address the current Donations Management strategy

If anything, for these reasons alone, the AAR and the improvement planning matrix attached should be reviewed by every jurisdiction.  Many jurisdictions that I encounter simply don’t have the POETE in place to be successful in addressing these areas.

What is your biggest take away from this AAR?

© 2018 – Timothy Riecker, CEDP

Emergency Preparedness Solutions, LLC™