An Update of Ontario’s Incident Management System

Just yesterday, the Canadian province of Ontario released an update of its Incident Management System (IMS) document. I gave it a read and have some observations, which I’ve provided below. I will say that it is frustrating that there is no Canadian national model for incident management, rather the provinces determine their own. Having a number of friends and colleagues from across Canada, they have long espoused this frustration as well. That said, this document warrants an examination.

The document cites the Elliot Lake Inquiry from 2014 as a prompt for several of the changes in their system from the previous iteration of their IMS document. One statement from the Inquiry recommended changes to ‘put in place strategies that will increase the acceptance and actual use of the Incident Management System – including simplifying language’. Oddly enough, this document doesn’t seem to overtly identify any strategies to increase acceptance or use; in fact there is scant mention of preparedness activities to support the IMS or incident management as a whole. I think they missed the mark with this, but I will say the recommendation from the Inquiry absolutely falls in line with what we see in the US regarding acceptance and use.

The authors reinforce that ICS is part of their IMS (similar to ICS being a component of NIMS) and that their ICS model is compatible with ICS Canada and the US NIMS. I’ll note that there are some differences (many of which are identified below) that impact that compatibility, though don’t outright break it. They also indicate that this document isn’t complete and that they already identified future additions to the document including site-specific roles and responsibilities, EOC roles and responsibilities, and guidance on resource management. In regard to the roles and responsibilities, there is virtually no content in this document on organizations below the Section Chief level, other than general descriptions of priority activity. I’m not sure why they held off of including this information, especially since the ICS-specific info is reasonably universal.

I greatly appreciate some statements they make on the application of Unified Command, saying that it should only be used when single command cannot be established. They give some clarifying points within the document with some specific considerations, but make the statement that “Single command is generally the preferred form of incident management except in rare circumstances where unified command is more effective” and reinforce that regular assessment of Unified Command should be performed if implemented. It’s quite a refreshing perspective opposed to what we so often see in the US which practically espouses that Unified Command should be the go-to option. Unified Command is hard, folks. It adds a lot of complexity to incident management. While it can solve some problems, it can also create some.

There are several observations I have on ICS-related organizational matters:

  • They use the term EOC Director. Those who have been reading my stuff for a while know that I’m really averse to this term as facilities have managers. They also suggest that the term EOC Command could be used (this might even be worse than EOC Director!).
  • While they generally stick with the term Incident Commander, they do address a nuance where Incident Manager might be appropriate (they use ‘manager’ here but not for EOCs??). While I’m not sure that I’m sold on the title, they suggest that incidents such as a public health emergency that is wide-reaching and with no fixed site is actually managed and not commanded. So in this example, the person in charge from the Health Department would be the Incident Manager. It’s an interesting nuance that I think warrants more discussion.
  • The document refers several times to the IC developing strategies and tactics. While they certain may have input to this, strategies and tactics are typically reserved for the Operations Section.
  • There is an interesting mention in the document that no organization has tactical command authority over any other organization’s personnel or assets unless such authority is transferred. This is a really nuanced statement. When an organization responds to an incident and acknowledges that the IC is from another organization, the new organization’s resources are taking tactical direction from the IC. Perhaps this is the implied transfer of authority? This statement needs a lot of clarification.
  • Their system formally creates the position of Scribe to support the Incident Commander, while the EOC Director may have a Scribe as well as an Executive Assistant. All in all, I’m OK with this. Especially in an EOC, it’s a reflection of reality – especially the Executive Assistant – which is not granted the authority of a Deputy, but is more than a Scribe. I often see this position filled by a Chief of Staff.
  • The EOC Command Staff (? – they don’t make a distinction for what this group is called in an EOC) includes a Legal Advisor. This is another realistic inclusion.
  • They provide an option for an EOC to be managed under Unified Command. While the concept is maybe OK, ‘command’ is the wrong term to use here.
  • The title of Emergency Information Officer is used, which I don’t have any particular issue with. What’s notable here is that while the EIO is a member of the Command Staff (usually), the document suggests that if the EIO is to have any staff, particularly for a Joint Information Center, that they are moved to the General Staff and placed in charge of a new section named the Public Information Management Section. (a frustration here that they are calling the position the EIO, but the section is named Public Information). Regardless of what it’s called or if there is or is not a JIC, I don’t see a reason to move this function to the General Staff.
  • Aside from the notes above, they offer three organizational models for EOCs, similar to those identified in NIMS
  • More than once, the document tasks the Operations Section only with managing current operations with no mention of their key role in the planning process to develop tactics for the next operational period.
  • They suggest other functions being included in the organization, such as Social Services, COOP, Intelligence, Investigations, and Scientific/Technical. It’s an interesting call out whereas they don’t specify how these functions would be included. I note this because they refer to Operations, Planning, Logistics, and Finance/Admin as functions (which is fine) but then also calling these activities ‘functions’ leads me to think they intend for new sections to be created for these. Yes, NIMS has evolved to make allowances for some flexibility in the organization of Intel and Investigations, something like Social Services (for victims) is clearly a function of Operations. While I appreciate their mention of COOP, COOP is generally a very department-centric function. While a continuity plan could certainly be activated while the broader impacts of the incident are being managed, COOP is really a separate line of effort, which should certainly be coordinated with the incident management structure, but I’m not sure it should be part of it – though I’m open to discussion on this one.
  • I GREATLY appreciate their suggestion of EOC personnel being involved in planning meetings of incident responders (ICP). This is a practice that can pay significant dividends. What’s interesting is that this is a measure of detail the document goes into, yet is very vague or lacking detail in other areas.

The document has some considerable content using some different terminology in regard to incidents and incident complexity. First off, they introduce a classification of incidents, using the following terminology:

  • Small
  • Large
  • Major
  • Local, Provincial, and National Emergencies

Among these, Major incidents and Local/Provincial/National Emergencies can be classified as ‘Complex Incidents’. What’s a complex incident? They define that as an incident that involves many factors which cannot be easily analyzed or understood; they may be prolonged, large scale, and/or involve multiple jurisdictions. While I understand that perhaps they wanted to simplify the language associated with Incident Types, but even with the very brief descriptions the document provided on each classification, these are very vague. Then laying the term of ‘complex incident’ over the top of this, it’s considerably confusing.

**Edit – I realized that the differentiator between small incident and large incident is the number of responding organizations. They define a small incident as a single organization response, and a large incident as a multi agency response. So the ‘typical’ two car motor vehicle accident that occurs in communities everywhere, requiring fire, EMS, law enforcement, and tow is a LARGE INCIDENT????? Stop!

Another note on complex incidents… the document states that complex incidents involving multiple response organizations, common objectives will usually be high level, such as ‘save lives’ or ‘preserve property’, with each response organization developing their own objectives, strategies, and tactics.  I can’t buy into this. Life safety and property preservation are priorities, not objectives. And allowing individual organizations to develop their own objectives, strategies, and tactics pretty much breaks the incident management organization and any unity of effort that could possibly exist. You are either part of the response organization or you are not.

Speaking of objectives, the document provides a list of ‘common response objectives’ such as ‘save lives’ and ‘treat the sick and injured’. These are not good objectives by any measure (in fact they can’t be measured) and should not be included in the document as they only serve as very poor examples.

So in the end there was a lot in this document that is consistent with incident management practices, along with some good additions, some things that warrant further consideration, and some things which I strongly recommend against. There are certainly some things in here that I’d like to see recognized as best practices and adopted into NIMS. I recognize the bias I have coming from the NIMS world, and I tried to be fair in my assessment of Ontario’s model, examining it for what it is and on its own merit. Of course anyone who has been reading my posts for a while knows that I’m just as critical of NIMS and related documents out of the US, so please understand that my (hopefully) constructive comments are not intended to create an international incident. I’m a big fan of hockey and poutine – please don’t take those away from me!

I’m always interested in the perspectives of others. And certainly if you were part of the group that developed this document, I’d love to hear about some of your discussions and how you reached certain conclusions, as well as what you envision for the continued evolution for the Provincial IMS.

© 2021 Timothy Riecker, CEDP

Emergency Preparedness Solutions, LLC®

A Few Thoughts on Emergency Planning

A conversation I find myself having fairly often is about people not using plans. It’s amazing that we invest so much time, money, and effort into building plans to never see them used, even if the opportunity presents itself. Why is this? I see four primary reasons:

1. People don’t know the plans exist. There is really no excuse for this one. I find it shameful and wasteful, especially if these people are identified as action agents within that plan. There was practically no point in even developing the plan no one knows about it and their respective roles identified within. Socialization of plans once they are developed is extremely important. Minimalist effort can be made by simply sending the plan or a link to the plan, but I consider this to be inadequate as many people will dismiss it, never get to reviewing it, or not understand what they are reading. Structured briefings are the best way to initially familiarize people with the plans and their roles. It helps to have refresher training as well as ensuring that new hires are similarly trained. This can even be done as a recorded presentation or webinar, though providing a contact for questions is important. Along with socializing, remember the importance of exercises, not only to validate plans but also to help people become more familiar with plans their respective roles by taking a scenario-drive dive into the content. Does everyone in your organization or jurisdiction who has a role in a plan know about it?

2. People don’t remember the plans exist. This one is a bit more forgivable, especially for newer plans, rarely implemented plans, or for personnel who are used to “doing things the way they’ve always been done”. Still, I find these excuses to be weak at best. People’s inability to remember the plans, even granting them the distraction of the incident itself, means that the plans haven’t been socialized and reinforced enough (see item 1 above).

3. People don’t care if the plans exist. This one has been underscored considerably over the past year related to pandemic plans, point of distribution (POD) plans, and other related plans. We’ve seen many senior leaders and elected officials be completely dismissive of established plans, choosing instead to “do it their way” in an effort to exert greater control or to ensure that their name is front and center. Since this one involves a lot of ego, particularly of senior leaders and elected officials, it can be difficult to work around. That said, this underscores the importance of ensuring that elected officials and newly appointed senior leaders are adequately briefed on the existing plans when they take office, and given confidence in the plans and the people identified to implement them, as well as the important roles of elected and appointed officials.

4. People think the plans are faulty. This option is the likely more well-intentioned version of #3, where people are intentionally not using the plan because they feel (maybe true, maybe not) the plan is inadequate and feel that “winging it” is the better option. Part of this lack of confidence may be unfamiliarity with and/or validation of the plans (see item 1 above re socialization and exercises). This could be a difference of opinion or even something intentionally obstructionist. Along with socialization and exercises, I’ll also add the value of including key people in the planning process. This gives them a voice at the table and allows their input to be heard and considered for development of the plan. While you can’t include everyone in the planning process, consider that the people you do choose to involve can serve as representatives or proxies for others, especially if they are well respected, giving less reason for others to push back.

A separate, but somewhat related topic (mostly to #4 above) is about people being often dismissive of or lacking confidence in plans by expressing the saying of “No plan survives first contact with the enemy”. This saying is credited to nineteenth century Prussian military commander Helmuth van Moltke. We see this saying tossed around quite a bit in various circles, including emergency management. While I understand and respect the intent of the phrase, I don’t think this necessarily holds true. I’ve seen great plans fail and mediocre plans be reasonably successful. Why? Circumstances dictate a lot of it. Implementation as well (this is the human factor). What we need to understand is that plans provide a starting point and hopefully some relevant guidance along the way. If a plan is so detailed and rigid, it is more likely to fail. So should our plans not be detailed? No, we should put as much detail as possible into our plans as these will help guide us in the midst of the incident, especially if certain activities are highly technical or process-oriented; but we also need to allow for flexibility. Consider a plan to be a highway. Highways have exits which take us off to different places, but they also have on-ramps to help us return. A deviation from a plan does not mean we throw the plan away, as we can always get back onto the plan, if it’s appropriate. It’s also smart to build in options, as possible, within our plans to help minimize deviations. 

How we develop plans is strongly related to step 2 of CPG-101, and that is “Understand the Situation”. Without an understanding of the situation, we can’t account for the various factors involved and may not account for the circumstances for which we must develop contingencies or options. And while this assessment is part of the planning process, as well as training, exercises, and other facets of preparedness, I feel that a wholistic assessment also has value. I’ve written a lot about the POETE preparedness elements and have begun advocating for APOETE, with the A standing for Assessment. This assessment is broad based to help guide our overall preparedness activity but is not a replacement for the element-specific assessments.

My last thought is about pandemic and POD plans. I’m curious about who has used their plans during this pandemic, and if not, why not? Of course many of the assumptions we used for pandemic planning weren’t realized in this pandemic. Does this mean our pandemic plans were faulty? Not entirely. Clearly there should have been many content areas that were still useful, and even though some of the assumptions we had didn’t apply to this pandemic, they may still hold true for future public health emergencies. We’ve also learned a lot about our response that needs to be considered for plan updates, and we need to weigh how much of the reality of political blundering we should account for in our plans. In the end, what I caution against is developing a pandemic plan that centers on the COVID-19 pandemic. Preparing for the last disaster doesn’t necessarily prepare us for the next one.

Those are some of my thoughts for the morning. As always, I welcome your thoughts and feedback.

© 2021 Timothy Riecker, CEDP

Emergency Preparedness Solutions, LLC®

What Actually is Emergency Management?

Many people have a concept of what emergency management is, typically shaped by their own experiences or aspirations, but it is so much more. I think a part of the seeming identity crisis emergency management suffers as well as the issues expressed by some that emergency management isn’t a recognized profession stem from that the fact that so much of emergency management is actually a unified effort of an amalgamation of other professions. So let’s consider what emergency management actually is. The list below is not exhaustive and is largely formed around common professions, major activities, and areas of academic study.

  • Grants management
  • Accounting
  • Procurement
  • Logistics
  • Equipment Maintenance
  • GIS
  • Information Technology
  • Planning
  • Document Development and Publishing
  • Marketing
  • Communications
  • Public and Media Relations
  • Community Outreach
  • Volunteer Management
  • Instructional Design and Delivery
  • Data Analysis
  • Engineering
  • Project Management
  • Policy and Political Science
  • Business/Public Administration
  • Organizational Management and Leadership
  • Consulting and SME
  • Academics and Research
  • Physical Sciences (Geology, Meteorology, Earth Science, etc.)
  • Social Sciences (Sociology, Anthropology, etc.)

These are all distinct functions and major activities/professions I’ve seen in emergency managers and emergency management agencies. Many emergency managers do a lot of these, while some focus on a few or even just one. Some of these activities may be outsourced to other agencies or to the private sector. Yet any of the items on the list taken out of the context of emergency management are then no longer (at least directly) emergency management. This may be a permanent state for someone holding one of these positions, or perhaps they are brought into the realm of emergency management on more of an ad-hoc or temporary basis. On the other hand, the application of these activities within emergency management often requires them to have knowledge of the areas of emergency management in which they are being applied.

Defining what emergency management is and does without the context of these other professions/activities is difficult. There is a big part of emergency management that is less defined and tangible, filling in the gaps and connective tissue between and among all of these; harnessing and focusing the collective capabilities toward distinct efforts across preparedness and the five mission areas, by way of a highly complex effort which we encapsulate with one simple word – coordination. So oddly enough, emergency management is all of these, yet it is also something else.

I think the recognition of this will go a long way for us, helping to progress the profession while also being less rigid in our approach to pigeon-hole what an emergency manager is.

© 2021 Timothy Riecker, CEDP

Emergency Preparedness Solutions, LLC®

You’ve Been Trained, Now What?

I just sat through a good webinar on incident response and management. The panel consisted of fire and law enforcement personnel. A law enforcement official was rather honest in saying that one of their identified deficiencies from an AAR was poor implementation of ICS. He said that while all police personnel had received ICS training back during the NIMS push of the mid-2000s, most officers had done little with it since. We see so many endless lists of training that people have taken on their CVs, resumes, LinkedIn, etc., but how much of that do they still know? Take an honest look at your own resume of training and I bet you will see some of the same.

In public safety we love to get training. A lot of the training is good. Some less so. Much of the training we take is awareness-level training, providing us with knowledge. It’s fairly easy to flex those muscles after the training by reading about, writing about, teaching, or doing other things with that information. Still, some of that acquired knowledge stagnates. Some of the training we take is more operations-based – it’s hands on or procedural. Most certainly, without using the knowledge and skills acquired in operations-based training, those skills atropy.

So what should we do to protect our loss of these valuable knowledge and skills acquired? Obviously application is the best means of preserving what we have learned. Even if you are using it, though, it’s good to stay on top of best practices, new practices, and updated training; not only as a means of staying current on the latest and greatest, but also to hedge against bad habits as well as certain nuggets of that original training we might not regularly perform. Apply and practice skills, either on the job or in exercises. For things that are more knowledge-based, talk about it, read about it, write about, or present on it. This repetition will keep the subject matter familiar and quicken your recall of facts and increase your ability to analyze it. Writing can be in any form, up to and including developing or updating plans and procedures. A special shout out goes to presentations and training (if you are qualified), though. Training and presentations often require the instructor/presenter to have a depth of knowledge beyond the learning domain of what they are teaching or presenting on. This is often required to answer questions, support implementation, and address the many what-ifs related to the subject matter.

I’d argue that your organization also has a role (and responsibility) in preserving these gained knowledge and skills as well. First, sharing of the experience is important. Since not everyone in your organization can attend every training opportunity, it’s a best practice for those who receive training to tell others about their experience, what they learned, and the relevance they see to their work. Simpler subject matter can be provided in an email or printed handout, while more complex subject matter might be better conveyed through a presentation. Unless your training was received to help you support an existing plan or procedure, your organization should also support implementation of what you have learned, if appropriate. Keeping knowledge and skills fresh should also be endorsed through opportunities for refresher training and other related training which may expand the knowledge and skills or hone specific application. Organizations should also identify what knowledge and skills they need and must maintain, and ensure that they identify staff that need the opportunities for training and development, as well as how to maintain what is learned.

With the personal and organizational costs of training, we reap the greatest benefit by maintaining or advancing the knowledge and proficiency gained. While the quest for knowledge is endless and admirable, and I’d generally never block an opportunity for someone to gain more, we should be assessing what the benefit is to learner and to the organization. Part of that is determining what commitments the organization and the learner must make to preserve what is gained. I believe that employee development plans can be a big part of this, as they should be informed by what the employee needs to improve upon, what we want them to excel at, and what future roles we may have planned for them. These factors drive the goals and objectives of the employee development plan which should also lead to what training opportunities are ideal to support these goals and objectives. Even if your organization doesn’t do any formal employee development plans, you can develop one for yourself.

What’s your take on keeping current with what you’ve learned?

© 2021 Timothy Riecker, CEDP

Emergency Preparedness Solutions, LLC®

FEMA’s First Lessons Learned From COVID-19

FEMA recently released the Pandemic Response to Coronavirus Disease 2019 (COVID-19): Initial Assessment Report (January – September 2020). The report has many elements of a traditional after-action report. The authors reinforce that the report only evaluates FEMA’s response, not those of other agencies or entities. That said, emergency management, by nature is collaborative and FEMA’s interactions with other agencies and entities are cited as necessary. The report covers five primary areas of evaluation:

  1. Coordinating Structures and Policy
  2. Resources
  3. Supporting State, Local, Tribal, and Territorial (SLTT) Partners
  4. Preparedness and Information Analysis
  5. Organizational Resilience

Also, with similarity to a traditional after-action report, this report provides a table of key findings and recommendations as Appendix A.

Here are some of my primary observations:

Following the executive summary is a the COVID-19 Pandemic Overview, which is a well-constructed piece providing a combined narrative timeline and topical highlights, providing information and context to the pandemic and the response, as well as some of the complexities encountered. While the report does well to acknowledge the myriad disasters that SLTT partners and federal agencies responded to over 2020, I find it shameful that they very obviously ignore the societal impacts of the US political climate (related to the pandemic and otherwise) as well as events surrounding the BLM movement. I firmly believe this report should fully acknowledge these factors and could have done so without itself making a political statement. These were important, impactful, and far-reaching, certainly influencing the operating environment, public information, and other very real facets of the response. I feel that the exclusion of these factors leaves this report incomplete.

Relative to the Coordinating Structures and Policy section, FEMA reinforces many, many times that they were put into a leadership position for this disaster that was unexpected and perhaps led to some coordination problems. I feel FEMA should always be a lead or co-lead agency for the federal response for large disasters regardless of the hazard. While a pandemic is certainly a public health hazard, FEMA has practiced experience in federal coordination to major disasters, mobilization of resources and logistical support, SLTT coordination, and overall incident management. The Unified Coordination Group is a sound application in situations where other federal agencies share significant authority. The kinks should be worked out of this, with the National Response Framework updated to reflect such.

Also mentioned within this section is the creation of a White House Task Force which was intended to make executive decisions of the highest level. This is not unprecedented and should certainly be expected for other large-scale disasters in the future. I feel, however, that removing the FEMA Administrator from having a direct line of communication with the White House during ‘peace time’ has significant impact on FEMA leadership’s ability to integrate. Positioning FEMA subordinate to the Secretary of Homeland Security is akin to putting a police officer in charge of a pool and keeping the lifeguard in the breakroom. Sure, the police officer can do a lot, but there are specific skills needed which necessitate that the lifeguard has a constant presence at the pool rather than only being called in when something gets bad enough. 

FEMA makes a point about inheriting eight task forces created by HHS which then needed to be integrated into the NRCC organization. These task forces had some overlap with the existing NRCC and ESF structure, resulting in duplications of effort and coordination problems. While FEMA says they were able to overcome this over time, it is obviously something that, given the National Response Framework, should have not happened in the first place. FEMA’s recommendations associated with this matter do not once cite the National Response Framework and instead point the finger at NIMS/ICS use, fully ignoring that the foundation of preparedness is planning. Either HHS made these task forces up on the fly or had a plan in place that accounted for their creation. Either way, it’s the National Response Framework that was ignored. NIMS/ICS helps support plan implementation.

The next section on resource management demonstrates that FEMA learned a lot about some intricacies of resource management they may have not previously encountered. With the full mobilization of resources across the nation for the pandemic, along with targeted mobilizations for other disasters, the system was considerably stressed. FEMA adapted their systems and processes, and in some cases developed new methodologies to address resource management needs. One key finding identified was a need to better integrate private sector partners, which isn’t surprising. I think we often take for granted the resources and systems needed to properly coordinate with the private sector on a large scale during a disaster. One of the largest disasters within this disaster was that of failed supply chains. Granted, the need was unprecedented, but we certainly need to bolster our preparedness in this area.

To help address supply chain issues, novel solutions such as Project Airbridge and specific applications of the Defense Production Act were used. The best practices from these strategies must be memorialized in the form of a national plan for massive resource mobilizations.

SLTT support for the time period of the report was largely successful, which isn’t a surprise since it’s fundamentally what FEMA does as the main coordination point between SLTT partners and federal agencies. Significant mobilizations of direct federal support to SLTT partners took place. The pandemic has provided the best proof of concept of the FEMA Integration Teams (FIT) since their development in 2017. With established relationships with SLTT partners and knowledge of needs of the federal system, they provided support, liaised, and were key to shared situational awareness. I appreciate that one of the recommendations in this section was development of a better concept of operations to address the roles and responsibilities of FIT and IMATs.

One item not directly addressed in this section was that in emergency management we have a great culture of sharing resources and people. Sharing was pretty limited in the pandemic since everyone was impacted and everyone needed resources. This caused an even greater demand on FEMA’s resources since SLTT partners largely weren’t able to support each other as they often do during disasters.

The section on preparedness and information analysis was interesting, especially on the information analysis side. The preparedness findings weren’t really much of a surprise, including not anticipating supply chain issues or SLTT needs. What this boils down to is a lack of effective plans for nation-wide disasters. On the information side, the key findings really boil down to not only improved defining of data sets and essential elements of information relative to specific needs, audiences, functions, capabilities, and lines of effort. It appears a lot was learned about not only the information needed, but also how to best utilize that information. Analytics makes data meaningful and supports better situational awareness and common operating picture.

The last section on FEMA’s organizational resilience is a good look at some of the inner workings and needs of FEMA as an agency and how they endured the pandemic and the varied demands on the agency. FEMA has always had a great culture of most employees having a disaster job which they are prepared to move into upon notice. They learned about some of the implications associated with this disaster, such as issues with engaging such a large portion of their employees in long-term deployments, public health protection, and mental health matters.

Ultimately, despite my disagreement with a couple of recommendations and leaving out some very important factors, the report is honest and, if the corrective actions are implemented, will support a stronger FEMA in the future. I’m hopeful we see a lot of these AAR types of documents across federal agencies, state agencies, local governments, the private sector, etc. EVERYONE learned from this pandemic, and continues to learn. That said, while the efforts of individual entities hold a lot of value, there also needs to be a broader, more collective examination of ‘our’ response to this disaster. This would be a monumental first task for a National Disaster Safety Board, would it not? 

© 2021 Timothy Riecker, CEDP

The Contrarian Emergency Manager™

Emergency Preparedness Solutions, LLC®

New EOC Toolkit Documents

FEMA announced the release of five EOC Toolkit documents on their website. In downloading these documents, I’m actually finding six documents, all with file dates of January 8, 2021. What’s there:

  • Tips for Healthcare Professionals: Coping with Stress and Compassion Fatigue
  • Tips for Disaster Responders: Preventing and Managing Stress
  • An Exercise for Creating Position Task Books from EOC Skillsets
    • Exercise Cards for the above referenced exercise (probably why they indicate only five documents, though this is a separate download)
  • EOC Financial Tools Reference Fact Sheet
  • EOC Operations Period Briefing Template

A quick review:

Coupling together the Tips for Healthcare Professionals and Tips for Disaster Responders as they both deal with workplace stress; these are really good documents that provide information, tools, and resources for recognizing and managing stress. Both are developed by the HHS Substance Abuse and Mental Health Services Administration. What I’d like to see, though, are documents actually developed for EOCs. It might seem a bit petty, while nearly 100% of the information in these documents is applicable to an EOC environment, this is yet another example of emergency management needing to borrow best practices from others and not getting something of our own. A simple change in the title and focusing the scope of the documents can go a long way. I would hope that FEMA and the National Integration Center would be supporting emergency management a bit more by at least giving us things that are intentionally developed for us.

I’m also coupling together the two documents of the EOC Skillsets Exercise instructions and cards; the purpose of the exercise is to create position task books (PTBs) from the list of EOC Skillsets. The exercise is used to help familiarize participants with the EOC Skillsets and to give leaders a practical, scenario-based experience in building position qualifications based on an organization’s needs and resources. I’ll be honest that I have some mixed feelings about this. I’m not sure of the real value of this exercise. Sure it’s nice to teach people new things and an exercise like this can be useful for getting buy-in on the qualifications certain positions should have, but the EOC Skillset Guide already gives us alignment of the EOC Skillsets for each of the primary EOC positions for the common, NIMS-identified EOC model organizations. That said, if your EOC has an organizational deviation from these models, the exercise could be helpful.

The EOC Financial Tools Reference Fact Sheet is a pretty good overview and list of resources for incident financial management, including guidelines and practices for reimbursement. A solid document. I think the document could be expanded upon by some experienced Finance/Admin Section Chiefs, Public Assistance SMEs, and Individual Assistance SMEs – to not only provide additional information, guidance, and tools, but also to address the continuum of financial management and reimbursement that starts with preparedness and goes through response then into disaster recovery, with the ultimate goal of maximizing reimbursement for eligible expenses.

Lastly, the EOC Operations Period Briefing Template. The document provides the pretty standard guidance for an Ops Period Briefing seen in ICS-related publications and introduces a couple of topics that are important to EOCs which are typically not found in field-level applications. That said, this is called a template. It’s laid out as a template. The instructions even say that the template is customizable. They give you the document as a PDF. <shrug>

Wrapping this up, these are documents that really can help EOCs and EOC personnel, but we see some shortfalls because of simple lack of thought, perspective, and utility. Continuous improvement, however, should always be a goal, and we need to start somewhere. I’m hoping these, and other documents will evolve as needs and opportunities are identified.

© 2021 Timothy Riecker, CEDP

The Contrarian Emergency Manager™

Emergency Preparedness Solutions, LLC®

The Contrarian Emergency Manager

Going into the new year, I’ve changed the title of my blog to The Contrarian Emergency Manager. It’s a moniker I don’t take lightly, and I feel it reflects many of my positions and attitudes on our field of practice. Emergency management struggles with a number of issues, including a bit of an identity crisis, accountability (mostly to ourselves), and complacency. Yes, we have an incredibly hard working, dedicated slate of professionals and those who have been reading my blog know that it’s a rare exception for me to sling mud at any persons specifically. Our culture, systems, perceptions, and attitudes are what I endeavor to shed light on. Some positive, some negative, some simply are what they are.

Perhaps one of my most consistent pursuits has been to crack open some of the things which emergency managers are too accepting of. Through the years I’ve ranted about things like ICS training and National Preparedness Reports. The state of those, and others, is simply not good, yet not holding accountability for those responsible for them coupled with a complacent attitude about the current state of them has us stuck in the mud. It is not a role of emergency managers to look at things differently than others and to solve problems?

Words have meaning and provide us with some interesting lexicons and perceptions. The word ‘contrarian’ seems to often have a negative connotation, one of someone who is constantly a nay-sayer. In reality, it’s defined as someone who challenges the norm, which I think is often a healthy reality check. Complacency is an enemy of which we must always be vigilant. Challenges, to serve proper purpose, should also be constructive. I’ve worked with and for obstructionists. People who aren’t challenging norms or providing constructive feedback; these are people who dig in on anything that opposes their opinions and perceptions. Obstructionists thrive in negativity. While I’ve pointed out many of the things in emergency management I feel need to be fixed, I’ve also celebrated accomplishments. In holding myself accountable, I endeavor to give thoughtful critiques to the subjects about which I write. Simply saying something is bad is superficial and not at all helpful. I like to dig deeper, give some thoughtful analysis, and explain why I have the opinions I do, and as often as possible, provide my thoughts on alternative approaches which could lend improvement.

Emergency management is a practice that often thrives on theory, despite some harsh realities of implementation and impacts. We do many things a certain way because that’s how they’ve been done for years. We do other things because there is no convenient alternative. There is much we accept simply because we don’t really take the time to peel back some layers. We like to think things are better than they are, even though we live in a world of ‘what-ifs’. Perhaps doing so is overwhelming to some, but we need to remember that our work impacts the lives of real, actual people. Our work is more than just words in a plan or a training certificate or a pat on the back after an exercise. We may not perceive that impact because we aren’t putting water on fires or stopping bleeding. That, unfortunately, is a reflection of attitudes that others have of us. Our work is just as important, if not more so, because we address the big picture of emergencies and disasters.

Emergency management is an amalgamation of a field, inheriting practices from partner public safety disciplines and other sources. Those practices may work well in those disciplines, but they may not for us. Change and evolution can be difficult pills to swallow. I feel that often as a culture we’re also afraid of being critical. I think this stems from the essence of emergency management – collaboration. By nature we must work well with other agencies and organizations because that’s how emergency management as a concept works. Our fear of offending holds us back. Let’s not equate critical thinking and analysis with making offense.

I’ve railed on FEMA pretty hard over the years on things like ICS training, doctrine, and other matters. They unfortunately become the target because they are the action agent at the center of so much in emergency management. They are, however, heavily influenced by politics, priorities from external entities, and (lack of) budget. I get quite a bit of feedback from folks at FEMA, which I greatly appreciate. It’s a rare occasion they can comment publicly or in writing, but the phone calls I receive from professionals in FEMA are encouraging. Believe it or not, I’ve been thanked, with sincerity, for many of the perspectives I’ve offered. I’m told that I’ve been able to unknowingly serve as their proxy for fights they aren’t allowed to take up. I know I’ve pissed some people off, too. That’s generally not my intent, though that’s a reality I accept. My goal is to satisfy most of the people most of the time with thoughtful diatribes.

The goal of what I write is to encourage the emergency management community to consider our attitudes, practices, perceptions, and ways of thinking. For some of our practices, the status quo may very well be fine; but we should pull back the curtain and shine a light on others. There are many areas in which I feel we can do better and be better.

As we start the new year, please remember that your thoughts and feedback are always appreciated. The absolute best way for us to learn is through dialogue (the topic of my wife’s doctoral dissertation).

© 2021 Timothy Riecker, CEDP

The Contrarian Emergency Manager

Emergency Preparedness Solutions, LLC®

Contingency Planning

I’m going to wrap up 2020 by discussing contingency planning, which is a practice not seen often enough. Before I get started, I should contextualize my use of the term ‘contingency plan’. My general use of the term, at least in emergency management applications, is intended to refer to a plan which may be needed to address the disruption of current event management, incident response, or recovery operations. Essentially, it’s the emergency plan to use while dealing with an emergency, in the event that something bad occurs.

When might you need a contingency plan? Contingency plans should be developed for the kind of situations that have you looking over your shoulder or asking ‘what if…’. Weather events are often good examples, such as a response taking place during some very active tornado weather. You might be responding to the impacts of an earlier tornado, or something completely unrelated, but a tornado warning is in effect, meaning that one could materialize at any time. This could also be a response taking place in a low-lying area during a flash flood warning. We sometimes build contingency plans into our standard operating guidelines or procedures (SOPs/SOGs) by having back-up teams, such as rapid intervention teams (RITs) in the fire service, which are standing by to rescue firefighters in trouble during an interior firefighting operation. Assessing risks on an ongoing basis and developing contingency plans should be part of your incident management battle rhythm.

Where to start with contingency planning? Let’s fall back to the CPG 101 planning process. Yep, that works here, too. The first step is to build your planning team. Contingency planning is a responsibility of the Planning Section, but others need to be involved. Working from a traditional ICS structure, I’d certainly suggest involving Safety and Operations, at a minimum, but depending on circumstances, you may wish to expand this, such as considerations for failures in the supply chain (thus Logistics and Finance/Admin), which may be less of a life safety matter, but can heavily impact operational continuity.

With consideration to the Safety Officer, I’d argue that tactical safety is the primary focus of the Safety Officer; while things that can have much broader impact to the incident, while still a concern of the Safety Officer, may require more in-depth and coordinated planning, thus why I tag the Planning Section to lead contingency planning efforts. My experience has always had the Planning Section taking the lead in this. That said, your incident management organization may decide to assign this to the Safety Officer or an assistant Safety Officer. That’s totally fine in my book, so long as it’s being addressed.

Step two of the planning process is to understand the situation. Some of your risks might be really apparent, such as the tornado warning, but others may require a bit more assessment and discussion. If you need to dig deeper, or are looking at a potential need for a variety of contingency plans, I’d recommend using a risk assessment matrix to help assess the likelihood and impacts of the risks you are examining. Here’s an example of a risk assessment matrix from the United States Marine Corps. Sadly, the risk assessment matrix is not yet a common tool in our incident management doctrine and practices in the US, though I do see it referenced elsewhere. In looking at the tool, obviously those with higher probabilities and severity of impact are the priorities on which to focus. Be sure to consider cascading impacts! Keep in mind that this risk assessment, depending on the duration and kinetics of your response and the dynamics of the environment, may need to be performed more than once throughout your operations. It should at least be considered every operational period.

Step three is to identify goals and objectives. Of course, in the broadest sense, our operational priority is always life safety, but we need to refine this a bit based on the specific hazard we are planning for. Second to life safety, we should also be considering operational continuity, ensuring that we can return to current operations with the least disruption possible OR be able to immediately respond to emergent needs created by the hazard in the event of the hazard creating a more kinetic environment. Your plan may also need to address impacts to the public at large (essentially anyone not part of your incident management organization). Depending on your operational scope and the area of responsibility, this may actually exceed the capacity and mandate of your incident management organization. You will need to determine how to ‘right size’ the scope of your planning efforts. This is perhaps a good opportunity to consult the local emergency manager. Don’t lose focus, though. The contingency plan is not intended to save the world. Remember, responder safety is our number one priority.

Step four is developing the plan. This is largely an outline of the essential elements. There are a number of components to consider for your plan. First, with consideration of cascading impacts, we should identify what aspects of the hazard we can mitigate and how. If there are hasty mitigation steps we can take, those may help limit the risk to life, resources, and operations. Next, consider your concept of operations for the life safety aspect of this plan. As with any other emergency operations type of plan, we need to maintain situational awareness and have protocols for notification and warning. Using the tornado warning (during an active response) as an example, who is responsible for maintaining a watchful eye on the skies and keeping tabs on dynamic weather products? If they see something of concern, who do they notify and how? Is there an emergency radio frequency that everyone’s radio will automatically go to if used? Perhaps three blasts of an air horn? Identify what will work for your operating environment. Keep in mind that if the matter is of urgent life safety, you want to minimize the number of steps and the amount of time taken between awareness and notification to responders. Next, upon notification, what is the emergency action plan – i.e., what needs to take place? Evacuation? Shelter in place? Some other action? A great reference for this from the wildfire incident management community is Lookouts, Communications, Escape Routes, and Safety Zones (LCES), which is part of their incident safety analysis.

What happens after those protective actions? Ideally some kind of status check-in of the impacted personnel for accountability and continued situational awareness. Who is responsible for communicating that and to whom is it communicated? Is it wise to have some sort of rescue team standing by incase anyone is in trouble? If so, what resources need to be tasked to it, what is its organization, and what are their operating protocols? Can you reasonably keep the rescue team out of harm’s way to help ensure continuity of their capability?

You may also have a continuity of operations (COOP) aspect to this plan, to address how the incident management organization will minimize down time, restore prior operations, and possibly even identify alternate methods of operations. Depending on the hazard, a reassessment of the operation may need to take place to see if objectives will change to address a new situation created by impacts from this secondary incident.

Consider the current operational environment that every jurisdiction is facing at this moment. Jurisdictions, EOCs, and others should certainly have a contingency plan in place right now that addresses things like potential Coronavirus exposures, symptomatic personnel, and personnel that test positive. Many have been dealing with it, but do they have their protocols in writing? Most do not. In New York State, all public employers are now required to develop a plan to address these and other factors for public health emergencies.

Step 5 is plan preparation, review, and approval. This is the actual writing of the plan. Of course, you are in the middle of an incident, and it’s likely that the contingency(ies) you are planning for is breathing down your neck. Depending on how much haste is needed, your plan might be a few bullet points, or it could be a few pages long with more detail. Obviously do whatever is appropriate. Have the planning team members review the plan to ensure that it addresses all critical points and accurately reflects the necessary steps. Have you identified what will trigger the plan? Who is responsible for monitoring the situation? Who is responsible or activating the plan? How will they activate it and notify others? What are the responsibilities of others once they are notified?  Once you and the planning team are satisfied that you’ve addressed all the important points, the plan should be forwarded to the appropriate authority for approval, such as the incident commander, EOC manager, agency administrator, etc.

I’ll also note here that if you have multiple threats and/or hazards for which you are developing contingency plans, try to keep your contingency operations as similar as possible. The more complexity you have, especially to deal with different hazards, the more problems can occur during implementation. For example, your means and methods for notifying personnel of a tornado and a flash flood can likely be the same if their protective actions are also the same.

Lastly, step 6 is implementation of the plan. This is where someone should be working on any mitigation actions that you identified and personnel should be briefed on the plan, so they know what they are responsible for and what they need to do, when, and how.

It seems like a long process, but it can be done in a few minutes for urgent hazards. Some contingency plans may certainly be longer and more complex, especially if you are preparing for something that has a lower risk factor or something that isn’t yet a hazard, like a distant weather front. Several years back, I was part of the overhead team for a state-wide months-long debris removal initiative in the aftermath of a late season hurricane. As operations went on, we eventually entered the next hurricane season, and with that we identified the threat of future tropical storms to our area of operations (an entire state) and the operations we were responsible for. We needed to identify who and how systems would be monitored, trigger points for activation of the plan, and how to communicate emergency actions to several debris removal and debris monitoring contractors. We had time leading into hurricane season and were able to develop a well-crafted plan to meet this need. Fortunately, we didn’t have to use it.

Have you written contingency plans for incidents and events? What lessons have you learned from contingency planning?

~~

As a final bit on 2020, we are all certainly happy to see it pass. Keep in mind that while the new year offers a mental benchmark, we still have months ahead of us continuing to manage the consequences of the pandemic and our response to it. We have learned a lot of lessons from this response, which every organization should be capturing, if you haven’t already. As we go into the new year, resolve to do something meaningful with those lessons learned. Don’t just let them languish in yet another after-action report. Implement those corrective actions!

Stay safe.

© 2020 Timothy Riecker, CEDP

Emergency Preparedness Solutions, LLC

FEMA’s 2020 National Preparedness Report – A Review

It seems an annual tradition for me to be reviewing the National Preparedness Report. I’ve endeavored to provide constructive criticism of these documents, which are compilations of data from state and federal agencies, national-level responses, and other sources.

This year’s National Preparedness Report emphasizes that it is based on data from the 2019 calendar year. In looking back on past reports (note: they are no longer on the FEMA site – I was able to find them in the Homeland Security Digital Library) this has been the past practice. Perhaps I never realized it before, but a report talking about data from practically a full year ago seems to hold even less relevance. That means that enacting changes on a national level based on this data may not even begin to occur until two years have passed. Even taking into consideration that states and UASIs are compiling their reports early in a year for the previous year, it still seems a long time to wait for the national level report. This extent of lag is further emphasized by the document’s foreword, written by the FEMA Administrator, which makes many references to COVID-19 and how much different next year’s report will be, while not really speaking at all about the current report. This speaks a lot to how much we, as a practice, are attracted by the shiny objects dangled in front of us, seemingly ignoring all else.

My first pass of the 2020 report brought two primary impressions: 1) The instructive content of the document is some of the best I’ve seen out of FEMA, and 2) There is a considerable lack of data, with a low value for much of what they have included.

In regard to my first impression, the discussion of concepts such as risk (including emerging risk and systemic risk), capabilities, cascading impacts, community lifelines, public-private partnerships, and vulnerable populations has the perfect level of depth and detail. Not only do they discuss each of these concepts, but they also identify how they each connect to each other. This is EXACTLY the kind of consolidation of information we have needed for a long time. This lends itself to truly integrated preparedness and the kinds of information I’ve mentioned many times as being needed, including in the next version of CPG-101. I’m truly impressed with this content, the examples they provide, and how they demonstrate the interconnectedness of it all. I’ll certainly be using this document as a great source of this consolidated information. Now that I’ve extolled my love and adoration for that content, I’m left wondering why it’s in the National Preparedness Report. It’s great content for instructional material and doctrinal material on integrated preparedness, but it really has no place, at least to this extent of detail in the National Preparedness Report. Aside from the few examples they use, there isn’t much value in this format as a report.

This brings me to my next early observation: that of very little actual data contained in the report. Given the extent to which states, territories, UASIs, and other stakeholders provide data to FEMA each year by way of their Threat and Hazard Identification and Risk Assessments (THIRAs) and Stakeholder Preparedness Reviews (SPRs), along with various other sources of data, this document doesn’t contain a fraction of what is being reported. There are two map products contained in the entire report, one showing the number of federal disaster declarations for the year, the other showing low-income housing availability across the nation. Given the wide array of information provided by state and UASI, and compiled by FEMA region, surely there must be some really insightful trends and other analysis to provide. There are a few other data sets included in the report showing either raw numbers or percentages – nothing I would really consider analytics. Much of the data is also presented as a snapshot in time, without any comparison to previous years.

Any attempt to view this document as a timely, meaningful, and relevant report on the current state of preparedness in the nation, much less an examination of preparedness over time, is simply an exercise in frustration. The previous year’s report at least had a section titled ‘findings’, even though any real analysis of data there was largely non-existent. This year’s report doesn’t even feign providing a section on findings. To draw on one consistently frustrating example, I’ll use the Core Capability of housing. While this report dances around doctrine and concepts, and even has a section on housing, it’s not addressing why so little preparedness funding or even moderate effort is directed toward addressing the issue of emergency housing, which has arguably been the biggest preparedness gap for time eternal in every state of the nation. Looking broadly at all Core Capabilities, this year’s report provides a chart similar to what we’ve seen in previous years’ reports, identifying how much preparedness funding has gone toward each Core Capability. In relative numbers, very little has changed; even though we know that issues like housing, long-term vulnerability reduction, infrastructure systems, and supply chains have huge gaps. All these reports are telling me is that we’re doing the same things over and over again with little meaningful change.

So there it is… while I really am thoroughly impressed with some of the content of the report, much of that content really doesn’t have a place in this report (at least to such an extent), and for what little data is provided in the report, most of it has very little value. The introduction to the document states that “this year’s report is the product of rigorous research, analysis, and input from stakeholders”. To be blunt, I call bullshit on this statement. I expect a report to have data and various analysis of that data, not only telling us what is, but examining why it is. We aren’t getting that. The National Preparedness Report is an annual requirement per the Post Katrina Emergency Management Reform Act. I challenge that FEMA is not meeting the intent of that law with the reports they have been providing. How can we be expected, as a nation, to improve our state of readiness when we aren’t provided with the data needed to support and justify those improvements?

© 2020 Timothy Riecker, CEDP

Emergency Preparedness Solutions, LLC®

EOC Toolkit: National Comment Period

Yesterday FEMA’s National Integration Center distributed notice of a national engagement period on two new Emergency Operations Center (EOC) related documents: EOC References and Resources Tool and the EOC How-To Quick Reference Guide. This seems to be the initiation of an EOC Toolkit, which I conceptually think is a great idea. My first impression of these documents is that they both have good information and are logically organized. The documents are good, but I’m also not particularly impressed by them.

First up is the EOC References and Resources Tool. The document indicates that the audience is ‘EOC leaders and staff’, and the intent is to provide them with ‘a set of best practices, checklists, references, links, and essential guidance related to EOC operations and administration’. This is a two-page document, seemingly formatted for printing (It’s a PDF), but mostly useless in print form as it has an abundance of internet links to sites and documents which provide much more information. The document itself isn’t really a ‘tool’, per se. It doesn’t have, on its own, any intrinsic utility other than referring you to other sources of information. While the description indicates that this document has checklists, it does not, though several of the documents linked from this document do have checklists. The center of the first page provides a link to the EOC Toolkit website, but it’s not particularly highlighted. To be honest, I think this document should, in essence, be the format and content of the EOC Toolkit site.

The second document is the EOC How-To Quick Reference Guide. This is an 80 page document. I’m not sure I’ve ever seen anything labeled a ‘quick reference guide’ be that long. If anything, the EOC References and Resources Tool document (discussed previous) is really the ‘quick reference guide’, while this document is more of a ‘tool’. There is solid information in this document, nothing that from a quick review I have any quarrel with. The content areas are fairly comprehensive, giving information on hazard, vulnerability, and capability assessment; EOC site selection; EOC capabilities and physical design; information management; and preparedness. That said, it doesn’t give you much content within any of the topic areas. It almost feels like a literature review.

As with the other document, this document is formatted for printing, but is full of hyperlinks to sites that expand greatly on the information provided. So it’s not really anything I would recommend printing and putting in a binder. Electronically, it does make it a good compendium of resources, but with how rapidly things change and the frequency of new sources of good information becoming available, I think this document is also best organized as a website that can be updated in real time as new information comes available. As soon as one link changes, the document becomes obsolete. That said, the resources they link to are all good and worthwhile. An attachment to this document provides a fairly comprehensive EOC self-assessment tool; though the tool doesn’t really address partially or fully virtual EOC operations and remote access; and while it goes to an extent of detail asking about certain things (such as a helicopter landing pad), it completely misses some functional things (such as dry erase boards) and is far from comprehensive in the realm of security.

As with most national comment periods, the NIC has provided the documents (though without numbered lines) and a comment form. These, along with information on webinars they are conducting, are posted here: https://www.fema.gov/media-collection/emergency-operations-center-eoc-toolkit-how-quick-reference-references-and-tools.

All in all, I feel like these documents hit the outer ring of a dart board. They are fine, but not really close to the bullseye. It seems these were assembled by a NIC employee or consultant who has spent little to no time in an EOC, much less having any role in the design or preparedness activities for an EOC. As I mentioned earlier, they feel a lot like a literature review – providing a summary of sources but themselves providing very little information. Not that that’s a bad thing – but I’d rather see this in a website format.

What are your thoughts on the documents? 

© 2020 Timothy Riecker, CEDP

Emergency Preparedness Solutions, LLC®