Tag EPS

Don’t Plan Yourself into a Corner

Tim Riecker, The Contrarian Emergency Manager 2 Comments

I’ve long been an advocate for detailed planning. Plans should identify who (by position or title) are decision-makers, who are action agents, and how things are to be done. Without identifying these responsible parties and the processes necessary to execute planned actions, plans will generally lack the ability to be successfully implemented. Context is also important. To address this, plans have a preamble that identifies the scope and objectives of the plan. All of this tells us what circumstances the plan is intended to apply to and what it expects to accomplish. Details matter. That said, making plans too specific can also spell trouble.

(I figured putting up the cover Michael McCaul’s Failures of Imagination was suitable for this post, as it’s all about emergency management suffering from a lack of imagination.)

In terms of context, only some plans need to be very precise about when and how they are used. Give yourself some wiggle room. If you don’t provide a proper and wide enough scope and objectives to the plan, you are already poisoning the well. Case in point – a lot of entities have realized that their pandemic plans have failed them, and as such are re-writing their plans. I’m hearing of many totally scrapping their old pandemic plans and writing the new ones as if all future infectious disease outbreaks will behave exactly as Coronavirus has. The old plans largely failed not necessarily because our assumptions were wrong, but because they were too narrow. Don’t make the same mistake. A proper scope and objectives will help properly define what you want to address. If these are too focused or narrow, you leave out a lot of possibilities.

When it comes to strategies and procedures, plans often fail because they don’t have enough detail. But plans can also fail if they are too restrictive or if the strategies and procedures don’t align with the scope and objectives. Restrictive plans define rigid circumstances under which approaches are taken, and/or those approaches are so rigidly defined that they will only work under certain circumstances or with all the right personnel and resources. You’ve been through disasters, right? You realize that disasters impose extreme circumstances upon us; impacting health, safety, and infrastructure; and we rarely ever have all the resources we would like to have in resolving that disaster. In fact, I’d argue that if disasters only impacted us the way we want them to, it would be more of an inconvenience rather than a disaster.

So unless you expect your title to change to Inconvenience Manager, remember that all preparedness starts with planning. Do your research and know your hazards, threats, and vulnerabilities, but don’t be totally encumbered by them either. Broaden your planning assumptions where you can, which will open your scope. Ensure that your planning objectives truly define what you intend for the plan to accomplish. Plan with greater detail and fewer restrictions. Ensure that succession and chain of command are addressed, so it’s not just a certain title or position that has authority over certain actions. Ensure that people are cross trained and that both people and plans are exercised with a certain extent of random factors in scenarios. Our plans and our resources must be agile to be successful.

Sure, we can improvise and get out of a corner that our plans back us into or don’t address, but we are better prepared if we can acknowledge the possibility of other scenarios. This is why planning teams contribute to successful plans. It’s the different perspectives they bring, with a lot of ‘what ifs’ and different viewpoints. Open your eyes and look around. One of the biggest enemies of emergency management is tradition. Is it any wonder why the same corrective actions keep rising to the surface?  Do better. Be better.

Thoughts?

© 2020 Timothy Riecker, CEDP

Emergency Preparedness Solutions, LLC®

Incident Management Advisors

Tim Riecker, The Contrarian Emergency Manager 2 Comments

It’s frustrating to see poor incident management practices. For years I’ve reviewed plans that have wild org charts supposedly based on the Incident Command System (ICS); have conducted advanced-level training with seasoned professionals that still don’t grasp the basic concepts; have conducted and evaluated exercises and participated in incident responses in which people clearly don’t understand how to implement the most foundational aspects of ICS. On a regular basis, especially since people know my focus on the subject, I’m told of incident management practices that range from sad to ridiculous.

Certainly not everyone gets it wrong. I’ve seen plans, met people, and witnessed exercises and incidents in which people clearly understand the concepts of ICS and know how to put it into action. ICS is a machine, but it takes deliberate and constant action to make it work. It has no cruise control or auto pilot, either. Sometimes just getting the incident management organization to stay the course is a job unto itself.

If you are new here, I’ve written plenty on the topic. Here’s a few things to get you pointed in the right direction if you want to read more.

ICS Training Sucks. There are a series of related posts that serve as a key stone to so much that I write about.

The Human Factor of Incident Management. This bunch of related articles is about how ICS isn’t the problem, it’s how people try to implement it.  

As I’ve mentioned in other posts, it’s unrealistic for us to expect most local jurisdictions to assemble and maintain anything close to a formal incident management team. We need, instead, to focus on improving implementation of foundational ICS concepts at the local level, which means we need to have better training and related preparedness activities to promote this. Further, we also know that from good management practices as well as long-standing practices of incident management teams, that mentoring is a highly effective means of guiding people down the right path. In many ways, I see that as an underlying responsibility of mine as a consultant. Sometimes clients don’t have the time to get a job done, but often they don’t have the in-house talent. While some consultants may baulk at the mere thought of building capability for a client (they are near sighted enough to think it will put them out of work), the better ones truly have the interests of their clients and the practice of emergency management as a whole in mind.

So what and how do we mentor in this capacity? First of all, relative to incident management, I’d encourage FEMA to develop a position in the National Qualification System for Incident Management Advisors. Not only should these people be knowledgeable in implementations of ICS and EOC management, but also practiced in broader incident management issues. Perhaps an incident doesn’t need a full incident management team, but instead just one or two people to help the local team get a system and battle rhythm established and maintained. One responsibility I had when recently supporting a jurisdiction for the pandemic was mentoring staff in their roles and advising the organization on incident management in a broader sense. They had some people who handled things quite well, but there was a lot of agreement in having someone focus on implementation. I also did this remotely, demonstrating that it doesn’t have to be in person.

In preparedness, I think there is similar room for an incident management advisor. Aside from training issues, which I’ve written at length about over the years (of course there will be more!), I think a lot of support is needed in the realm of planning. Perhaps a consultant isn’t needed to write an entire plan, but rather an advisor to ensure that the incident management practices identified in planning documents are sound and consistent with best practices, meet expectations, and can be actually implemented. So much of what I see in planning in regard to incident management has one or more of these errors:

  1. Little mention of incident management beyond the obligatory statement of using NIMS/ICS.
  2. No identification of how the system is activated and/or maintained.
  3. As an extension of #2, no inclusion of guidance or job aids on establishing a battle rhythm, incident management priorities, etc.
  4. An obvious mis-understanding or mis-application of incident management concepts/ICS, such as creating unnecessary or redundant organizational elements or titles, or trying to force concepts that simply don’t apply or make sense.
  5. No thought toward implementation and how the plan will actually be operationalized, not only in practice, but also the training and guidance needed to support it.

In addition to planning, we need to do better at identifying incident management issues during exercises, formulating remedies to address areas for improvement, and actually implementing and following up on those actions. I see far too many After Action Reports (AARs) that softball incident management shortfalls or don’t go into enough detail to actually identify the problem and root cause. The same can be said for many incident AARs.

When it comes to emergency management, and specifically incident management, we can’t expect to improve without being more direct about what needs to be addressed and committing to corrective actions. We can do better. We MUST do better.

New polling function in WordPress… Let’s give it a try.

©2020 Timothy Riecker, CEDP

Emergency Preparedness Solutions, LLC®

A NEW NYS Public Employer Emergency Planning Requirement

Tim Riecker, The Contrarian Emergency Manager 1 Comment

On Labor Day, NYS Governor Cuomo signed a bill requiring public employers to develop a very specific emergency plan for future public health emergencies. This may include a continuation of the Coronavirus pandemic, or another emergency. Some details and guidance below…

WHO

The requirement applies to public employers, including:

  • State, county, and local governments
  • Public authorities (bridge, water, airport, etc.)
  • Commissions
  • Public corporations
  • Agencies
  • School districts
    • It’s important to note that the requirement for school districts has also been codified into state education law through this bill, to be included in school safety plans.

WHAT

The new law requires these plans to include the following:

  • A list and description of positions and titles considered essential
    • Note that the definition of ‘essential’ in the bill means employees who must work on site.
  • Protocols which will enable non-essential employees to work remotely
  • A description of how work shifts can be staggered to reduce overcrowding on public transportation and in the workplace
  • Protocols for procuring, storing, and distributing PPE
  • Protocols to prevent the spread of disease if an employee is exposed, symptomatic, or tests positive for the disease in question
  • Protocols for documenting hours and work locations of all employees for contract tracing
  • Protocols for coordinating with applicable government entities for emergency housing for employees, if needed

WHEN

Though there were no timeframes included in the bill itself, the Governor’s website provided two benchmarks of time. It states that plans are to be submitted to unions and labor management committees within 150 days, and all plans must be finalized by April 1, 2021.

The 150-day timeframe is obviously a bit confusing, as it doesn’t give a start date (i.e. 150 days from when?). I’ve sent inquiries to the Governor’s office, as well as my State Assemblyman and State Senator for clarification. Once I have an answer, I’ll provide it as a comment to this post. I will note that if the 150 day clock started on Labor Day, that alarm will go off on Friday February 4, 2021.

Once finalized, the plan must be included in any existing employee handbook and made otherwise available to employees. In terms of any kind of oversight or audit, there is no provision for such identified in the legislation. Aside from the requirement for school districts to meet this requirement being appended to state education law, this bill appends state labor law. As such, the NYS Department of Labor would have enforcement oversight, if they chose to or are directed to do so. That said, the bill does direct the NYS Department of Labor to establish procedures to allow for public employees to contact and inform the Department of any alleged or believed violations of the provisions of the law. Further, they are directed to establish a webpage and hotline to facilitate such.

HOW

Unfortunately, no existing planning requirement or standard will meet this requirement. While there are elements of continuity of operations planning in this, the focus is shifted and hits some very specific elements which are likely not included in many continuity of operations plans. That said, a new plan needs to be developed to meet this requirement. These elements certainly can be appended into a continuity of operations plan, but it’s important to note that these provisions are intended for future public health emergencies (not that some couldn’t be used for other hazards), and that, should any kind of audit occur, for those purposes it’s usually better to meet requirements through stand-alone documents.

As most public employees are members of labor organizations (unions), and the bill itself was endorsed by the AFL-CIO, there is a requirement for employers to submit the plans to unions and labor management committees for review. These entities have an option to provide comment, to which the employer is required to provide written responses prior to finalizing the plan.

There is some thought and coordination required to make this an effective and meaningful plan which also meets the legal requirements. Detail will need to be developed, specific to each public employer and their circumstances, for the protocols required in the plan. When developing procedure and protocol, be sure to:

  1. identify specifically what needs to be done,
  2. who the action agents are,
  3. what the ideal end state is,
  4. the timeframe in which it should be accomplished, and
  5. who has decision-making authority over those actions

Of course, in developing the plan, the best guidance I can give is to follow the planning process identified in FEMA’s CPG 101. Lastly, be sure to consider that the specific actions we have taken in response to the Coronavirus pandemic may not be the actions we take for another disease. Plans must maintain this flexibility.

NEED HELP?

Recognizing the challenges associated with developing this plan for small and large entities alike, my company – Emergency Preparedness Solutions (EPS) – has developed a template to support these planning requirements. We are making this template free for use by NYS public employers. I continue to have concerns with templates, cautioning against people simply ‘pencil whipping’ the document, but the developed template includes a lot of guidance and identifies content areas which need to be specifically developed by the public employer, so if the planning process is properly followed, I don’t expect that will be a problem with this template.

A BIT OF AN AD

Further, if jurisdictions want assistance in developing these plans, EPS is available to assist (contractually, of course). We’ve spent a lot of time reviewing these new requirements since they were signed and we’re already slated to discuss these in some webinars for specific public employer groups in New York State. Knowing that some small jurisdictions may be in a bit of a bind to meet this requirement, we are offering our services relative to this plan at not cost for the first 10 NYS public employers which employ between 1 and 10 full time employees if we have an executed contract by November 30th of this year – so be sure to contact us soon!

© 2020 Timothy Riecker, CEDP

Emergency Preparedness Solutions, LLC®

A New National Response Framework

Tim Riecker, The Contrarian Emergency Manager 4 Comments

Yesterday FEMA announced the release of an updated National Response Framework (the fourth edition).  The most notable changes in this version of the NRF are the inclusion of Community Lifelines and a change to Emergency Support Function (ESF) #14.  Previously, ESF #14 was Long-Term Community Recovery.  With efforts to further engage and coordinate with the private sector in disaster response, ESF #14 has been changed to Cross-Sector Business and Infrastructure.

So what of Long-Term Community Recovery?  The National Disaster Recovery Framework (2016) outlines Recovery Support Functions (RSFs), which, at the federal level, are organized as coordinating structures along with the ESFs.  There are six RSFs, which generally align with the Core Capabilities for the Recovery Mission Area.  For anyone who has worked with FEMA in disaster recovery operations, you know these can be massive organizations, so why create an even large organization?  This structure should support the ESFs in focusing on immediate needs, while the RSFs can address long-term recovery.  When the Federal disaster response organization is initially set up for a disaster, the ESFs are immediately put to work to support state and local emergency needs.  In this phase, the RSFs are able to organize, gather data, and plan for eventually being the lead players as response transitions to recovery.  Recovery is very much a data-driven operation.  As this transition occurs, with the RSFs taking over, many of the ESF resources can be demobilized or tasked to the RSFs.

What does this mean for states and locals?  Fundamentally, nothing.  States simply need to have an appropriate interface with the new ESF #14.  Do states and locals need to mirror this organization?  No, and in fact most of the time when I see an organization centered around ESFs, I tend to cringe.  The ESF/RSF system works for the federal government because of the multitude of federal agencies that have responsibility or involvement in any given function.  Fundamentally, ESFs/RSFs are task forces.  Recall the ICS definition of a task force, being a combination of resources of varying kind and type.

Certainly, most local governments, aside from perhaps the largest of cities, simply don’t have this measure of complexity and bureaucracy.  It can work for some state governments, but for many it may not make sense.  Let’s consider ESF #1 – Transportation.  How many state agencies do you have that have responsibility and assets related to transportation?  In some states, like New York, there are many, ranging from State DOT, NYS Parks, the Thruway Authority, and the multitude of other bridge, road, and transit authorities in the State. Smaller states may only have a State DOT.  One agency doesn’t make a task force.  There are other options for how you organize your emergency operations plan and your EOC that can make more sense and be far more effective.  Essentially what I’m saying is to not mirror the way the feds organize because you think you have to.  All plans must be customized to YOUR needs.

On to the integration of community lifelines.  The goal of the new ESF #14 is to not only engage the private sector, but also coordinate cross-sector operations for stabilizing community lifelines.  I’m interested to see how this plays out, since the community lifelines are already addressed by other ESFs, so I suspect that once the new framework is tested, there may be some supplemental materials that come out to balance this.  That said, the integration of community lifelines is a good thing and I’m glad to see this gaining more traction and truly being integrated rather than existing as a good idea that’s never actually tasked.  Integration of community lifelines is something that every state and local government can at least track, if not take action on, depending on their capability and resources.  The updated NRF added some additional context to community lifelines, with information that supports integrating this concept into planning, response, and recovery.  I happen to appreciate this community lifeline focused timeline that is in the NRF.

While the focus of the NRF is on how the federal government will response, it is intended to be reflective of a whole community response.  It doesn’t necessarily provide guidance (nor should it) on planning, but it certainly serves as a reference.  Since it seems the feds are going all in on the community lifeline concept, I urge state, local, tribal, and territorial governments to examine how they can integrate them into your operations.  That all starts with planning.  It may begin as a function of situational awareness, but then what actions should a jurisdiction take when lifelines are impacted?  Even if a jurisdiction doesn’t have the capabilities to address the root cause, they still need to address the affects.

What thoughts do you have on the NRF update?

© 2019 – Timothy Riecker, CEDP

Emergency Preparedness Solutions, LLC

Emergency Management and Public Safety Should Prepare Like a Sports Team

Tim Riecker, The Contrarian Emergency Manager Leave a comment

When and how did a once-annual exercise become the standard for preparedness?  I suppose that’s fine for a whole plan, but most plans can be carved into logical components that can be not only exercised to various degrees, but training can also be provided to support and compliment each of those components.  There are a lot of elements and activities associated with preparedness.  Consider how sports teams prepare. They are in a constant yet dynamic state of readiness.

Sports teams will review footage of their opponents playing as well as their own games.  We can equate those to reviews of after-action reports, not only of their own performance, but also of others – and with high frequency.  How well does your organization do with this quiz?

  • Do you develop after action reports from incidents, events, and exercises?
  • Are they reviewed with all staff and stakeholders or just key individuals?
  • Are they reviewed more than once or simply archived?
  • Are improvements tracked and reviewed with staff and stakeholders?
  • Do your staff and stakeholders review after action reports from other incidents around the nation?

Planning is obviously important – it’s the cornerstone of preparedness.  Coaches look at standards of practice in the sport, best practices, and maybe come up with their own innovations.  They examine the capabilities of their players and balance those with the capabilities of the opposing team.  They have a standard play book (plan), but that may be modified based upon the specific opponent they are facing.  Their plans are constantly revisited based upon the results of practices, drills, and games.  Plans let everyone know what their role is.

  • Do your plans consider the capabilities of your organization or jurisdiction?
  • Do they truly include the activities needed to address all hazards?
  • Are your plans examined and updated based upon after action reports from incidents, events, and exercises?
  • Are your plans flexible enough for leadership to call an audible and deviate from the plan if needed?
  • Is your organization agile enough to adapt to changes in plans and audibles? How are ad-hoc changes communicated?

Training is a tool for communicating the plan and specific roles, as well as giving people the knowledge and skills needed to execute those roles with precision.  Sports players study their playbooks.  They may spend time in a classroom environment being trained by coaches on the essential components of plays.  Training needs are identified not only from the playbook, but also from after action reviews.

  • Is your training needs-based?
  • How do you train staff and stakeholders to the plan?
  • What training do you provide to help people staffing each key role to improve their performance?

Lastly, exercises are essential.  In sports there are drills and practices.  Drills are used to hone key skill sets (passing, catching, hitting, and shooting) while practices put those skill sets together.  The frequency of drills and practices for sports teams is astounding.  They recognize that guided repetition builds familiarity with plans and hones the skills they learned.  How well do you think a sports team would perform if they only exercised once a year?  So why do you?

  • What are the essential skill sets your staff and stakeholders should be honing?
  • What is your frequency of exercises?
  • Do your exercises build on each other?

I also want to throw in a nod to communication.  Even if you aren’t a sports fan, go attend a local game.  It could be anything… hockey, baseball, soccer, basketball, football… whatever.  It doesn’t necessarily have to be pro.  Varsity, college, or semi-pro would certainly suffice.  Even if you don’t stay for the whole game, there is a lot you can pick up.  Focus on the communication between and amongst players and coaches.  Depending on where you are sitting, you might not be able to hear or understand what they are saying, but what you will notice is constant communication.  Before plays, between plays, and during plays.  Sometimes that communication isn’t just verbal – it might be the tapping of a hockey stick on the ice, clapping of hands, finger pointing, or a hand wave or other silent signal.  Coaches are constantly talking to each other on the bench and with players, giving direction and encouragement.  There is a lot going on… strategy, tactics, offense, defense.  What lessons can you apply to your organization?

Lastly, accomplishments should be celebrated.  In public safety, we tend to ignore a lot of best practices not only of sports teams, but also in general employee relations.  Because of the nature of emergency management and other public safety endeavors, it’s easy to excuse getting stuck in the same rut… we get ready for the next incident, we respond to that incident, and we barely have time to clean up from that incident before the next one comes.  Take a moment to breathe and to celebrate accomplishments.  It’s not only people that need it, but also organizations as a whole.

What lessons can you apply from sports teams to your organization?

© 2019 – Timothy Riecker, CEDP

Emergency Preparedness Solutions, LLC℠

A New NFPA Standard for Active Shooter/Hostile Event Response

Tim Riecker, The Contrarian Emergency Manager 2 Comments

The National Fire Protection Association (NFPA) has recently published a new standard for Active Shooter/Hostile Event Response (ASHER) programs.  NFPA 3000 is consistent with other standards we’ve seen published by the organization.  They don’t dictate means or methods, leaving those as local decisions and open for changes as we learn and evolve from incidents and exercises.  What they do provide, however, is a valuable roadmap to help ensure that communities address specific considerations within their programs.  It’s important to recognize that, similar to NFPA 1600: Standard on Disaster/Emergency Management and Business Continuity/Continuity of Operations Programs, you aren’t getting a pre-made plan, rather you are getting guidance on developing a comprehensive program.  With that, NFPA 3000 provides information on conducting a community risk assessment, developing a plan, coordinating with the whole community, managing resources and the incident, preparing facilities, training, and competencies for first responders.

NFPA standards are developed by outstanding technical committees with representation from a variety of disciplines and agencies across the nation.  In the development of their standards, they try to consider all perspectives as they create a foundation of best practices.  While the NFPA’s original focus was fire protection, they have evolved into a great resource for all of public safety.

I urge everyone to take a look at this new standard and examine how you can integrate this guidance into your program.  The standard is available to view for free from the NFPA website, but is otherwise only available by purchase.  Also available on their website is a fact sheet and information on training for the new standard.

© 2018 – Timothy Riecker, CEDP

Emergency Preparedness Solutions, LLC

Guidance for Operational Security and Access

Tim Riecker, The Contrarian Emergency Manager Leave a comment

Operational security can be a big issue, especially on prolonged incidents.  An incident occurs.  Evacuations have to take place.  A scene has to be secured.  Issues like safety and evidence preservation are priorities.  Inevitably someone says they ‘need access’.  Who are they?  Do they really need access?   Are they an evacuee?  A responder?  Media?  A government official?  A critical infrastructure operator?  When is it OK to allow someone access and under what circumstances?

While NIMS has been advocating for credentialing as an effort to identify responders and their qualifications, along with ensuring that they have appropriate identification to grant them access to an incident scene and to utilize them to the best ability, there is still a lot of work to do, and little has been done beyond first responders.  I’ve been on incidents where the perimeter was not well established and anyone could stroll in to an incident site or a command post.  I’ve been on incidents where the flash of a badge or ID was good enough to get through, even though the person at the perimeter didn’t actually examine it, much less verify it.  I’ve also been on incidents where no entry was allowed with a badge, official ID, and a marked car – even though entry was necessary and appropriate. Thankfully, I’ve also been on some incidents where identification is examined, and the access request is matched to a list or radioed in for verification.  This is how it should work.

While credentialing and access control are two separate topics, they do have a degree of overlap.  Like so many aspects in incident management, little ground has been gained on more complex matters such as these because there is little to no need for them on the smaller (type 4 and 5) incidents.  Type three (intermediary) incidents generally use an ad-hoc, mismanaged, band-aid approach to these issues (or completely ignore them), while larger (type 1 and 2) incidents eventually establish systems to address them once a need (or usually a problem) is recognized.  While every incident is unique and will require an-incident specific plan to address access control and re-entry, we can map out the primary concerns, responsibilities, and resources in a pre-incident plan – just like we do with so many of our other operational needs in an Emergency Operations Plan (EOP).  Also, like most of what we do in the development of an EOP, access control and re-entry is a community-wide issue.  It’s not just about first responders.

Here’s an example of why this is important.  A number of years ago I ran a tabletop exercise for the chief information officer (CIO) agency of a state government.  The primary purpose was to address matters of operational continuity.  I used the scenario of a heavy snow storm which directly or indirectly disabled their systems.  We talked about things like notification and warning, remote systems access (the state didn’t have a remote work policy at the time), redundant infrastructure, and gaining physical access to servers and other essential systems.  Without gaining physical access, some of their systems would shut down, meaning that many state agencies would have limited information technology access.  Closed roads and perimeter controls, established with the best of intentions, can keep critical infrastructure operators from accessing their systems.  The CIO employees carried nothing but a state agency identification, which local police wouldn’t give a damn about.  Absent a couple hours of navigating state politics to get a state police escort, these personnel would have been stuck and unable to access their critical systems.  Based upon this, one of the recommendations was to establish an access control agreement with all relevant agencies where their infrastructure was located.

Consider this similar situation with someone else.  Perhaps the manager of a local grocer after a flood.  They should be able to get access to their property as soon as possible to assess the damage and get the ball rolling on restoration.  Delays in that grocer getting back in business can delay the community getting back on their feet and add to your work load as you need to continue distributing commodities.

There are a lot of ‘ifs’ and ‘buts’ and other considerations when it comes to access control, though.  There aren’t easy answers.  That’s why a pre-plan is necessary.  Like many things we do in emergency management and homeland security, there is guidance available.  The Crisis Event Response and Recovery Access (CERRA) Framework was recently published by DHS.  It provides a lot of information on this matter.  I strongly suggest you check it out and start bringing the right people to the table to start developing your own plan.

© 2018 – Timothy Riecker, CEDP

Emergency Preparedness Solutions, LLC

FEMA’s 2018-2022 Strategic Plan: The Good, the Bad, and the Ignored

Tim Riecker, The Contrarian Emergency Manager 3 Comments

FEMA recently released their 2018-2022 Strategic Plan.  While organizational strategic plans are generally internal documents, the strategic plans of certain organizations, such as FEMA, have a significant link to a broader array of stakeholders.  The community of emergency management in the United States is so closely linked, that FEMA, through policy, funding, or practice, has a heavy influence on emergency management at the state and local levels.  Here are my impressions of the 38-page document.

Picture1

Right from the beginning, this document continues to reinforce the system of emergency management and the involvement of the whole community. I’m glad these concepts have been carried forward from earlier administrations.  Far too often have we seen new administrations trash the concepts of the previous for reasons none other than politics.  Things often take time in emergency management, and it sometimes seems that just as we are getting a grasp on a good concept or program, it’s stripped away in favor of something new which has yet to be proven.

The foreword of the document, as expected, lays out the overall focus of the strategic plan.  What I’m really turned off by here is the mention, not once but twice, of ‘professionalizing’ emergency management.  Use of this phrase is an unfortunate trend and a continued disappointment.  We are our own worst enemy when statements like this are made.  It seems that some in emergency management lack the confidence in our profession.  While I’m certainly critical of certain aspects of it, there is no doubt in my mind that emergency management is a profession.  I wish people, like Administrator Long, would stop doubting that.  Unfortunately, I’ve heard him recently interviewed on an emergency management podcast where he stressed the same point.  It’s getting old and is honestly insulting to those of us who have been engaged in it as a career.

The strategic goals put forward in this plan make sense.

  1. Build a culture of preparedness
  2. Ready the nation for catastrophic disasters
  3. Reduce the complexity of FEMA

These are all attainable goals that belong in this strategic plan.  They stand to benefit FEMA as an organization, emergency management as a whole, and the nation.  The objectives within these goals make sense and address gaps we continue to deal with across the profession.

A quote on page 8 really stands out… The most effective strategies for emergency management are those that are Federally supported, state managed, and locally executed.  With the system of emergency management in the US and the structure of federalism, this statement makes a lot of sense and I like it.

Based on objective 1.2 – closing the insurance gap – FEMA is standing behind the national flood insurance program.  It’s an important program, to be sure, but it needs to be better managed, better promoted, and possibly restructured.  There is a big red flag planted in this program and it needs some serious attention before it collapses.

Here’s the big one… It’s no secret that morale at FEMA has been a big issue for years.  The third strategic goal includes an objective that relates to employee morale, but unfortunately employee morale itself is not an objective.  Here’s where I think the strategic plan misses the mark.  While several objectives directly reference improving systems and processes at FEMA, none really focus on the employees.  Most mentions of employees in the document really reference them as tools, not as people.  Dancing around this issue is not going to get it resolved.  I’m disappointed for my friends and colleagues at FEMA.  While I applaud the strategic plan for realizing the scope of external stakeholders it influences, they seem to have forgotten their most important ones – their employees.  This is pretty dissatisfying and, ultimately, is an indicator of how poorly this strategic plan will perform, since it’s the employees that are counted on to support every one of these initiatives.  You can make all the policy you want, but if you don’t have a motivated and satisfied work force, change will be elusive.

Overall, I’d give this strategic plan a C.  While it addresses some important goals and objectives and recognizes pertinent performance measures, it still seems to lack a lot of substance.  External stakeholders are pandered to when internal stakeholders don’t seem to get a lot of attention.  While, as mentioned earlier, FEMA has a lot of influence across all of emergency management, they need to be functioning well internally if they are to successful externally.  Employee morale is a big issue that’s not going to go away, and it seems to be largely ignored in this document.  I absolutely want FEMA to be successful, but it looks like leadership lacks the proper focus and perspective.

What thoughts do you have on FEMA’s new strategic plan?

© 2018 – Timothy Riecker, CEDP

Emergency Preparedness Solutions, LLC SM

 

NIMS Implementation Objectives and A Shot of Reality

Tim Riecker, The Contrarian Emergency Manager Leave a comment

Happy 2018 to all my readers!  Thanks for your patience while I took an extended holiday break.  A minor surgery and the flu had sidelined me for a bit, but I’m happy to be back.

This morning, FEMA issued NIMS Alert 01-18: National Engagement for Draft NIMS Implementation Objectives.  NIMS Implementation Objectives were last released in 2009, covering a period of FY 2009-FY2017.  With the release of the updated NIMS last year, FEMA is updating the implementation objectives and has established a national engagement period for their review.

So first, a bit of commentary on this document…

The new objectives are broken out by major content area of the updated NIMS document, including: Resource Management, Command and Coordination, and Communication and Information Management; as well as a General category to cover issues more related to management and administration of the NIMS program.  What we also see with these updated objectives are implementation indicators, which are intended to help ground each objective.  Overall, the number of objectives in this update has been cut in half from the 2009 version (28 objectives vs 14 objectives).

All in all, these objectives appear to be consistent with the current state of NIMS implementation across the nation.  They are certainly suitable for most matters in regard to the oversight of implementing NIMS and it’s various components.  The biggest sticking point for me is that this document is intended for use by states, tribal governments, and territories.  If the goal is to have a cohesive national approach to implementation, I’d like to know what the implementation objectives are for FEMA/DHS and how they compliment those included in this document.

Objectives 8 through 11 are really the crux of this document.  They are intended to examine the application of NIMS in an incident.  These objectives and their corresponding indicators (which are largely shared among these objectives) are the measure by which success will ultimately be determined.  While it’s a good start for these to exist, jurisdictions must be more open to criticism in their implementations of NIMS and ICS.  In addition, there should be an improved mechanism for assessing the application of NIMS and ICS.  While formal evaluations occur for exercises under the HSEEP model, we tend to see inconsistent application of the feedback and improvement activities to correct deficiencies.  Proper evaluations of incidents, especially at the local level, are often not performed or performed well. For those that are, the same issue of feedback and improvement often stands.

Extending this discussion into reality…

The reality is that many responders are still getting it wrong.  Last year my company conducted and evaluated dozens of exercises.  Rarely did we see consistently good performance as far as NIMS and ICS are concerned.  There are several links in this chain that have to hold firm.  Here’s how I view it:

First, the right people need to be identified for key roles.  Not everyone is suited for a job in public safety or emergency management in the broadest sense.  Organizations need to not set up individuals and their own organization for failure by putting the wrong person in a job.  If a certain job is expected to have an emergency response role, there must be certain additional qualifications and expectations that are met.  Further, if someone is expected to take on a leadership role in an ICS modeled organization during an incident, there are additional expectations.

Next, quality training is needed.  I wrote a couple years ago about how ICS Training Sucks.  It still does.  Nothing has changed.  We can’t expect people to perform if they have been poorly trained.  That training extends from the classroom into implementation, so we can’t expect someone to perform to standards immediately following a training course.  There is simply too much going on during a disaster for a newbie to process.  People need to be mentored.  Yes, there is a formal system for Qualification and Certification in ICS, but this is for proper incident management teams, something most local jurisdictions aren’t able to put together.

Related to this last point, I think we need a new brand of exercise.  One that more instructional where trainees are mentored and provided immediate and relevant feedback instead of having to wait for an AAR which likely won’t provide them with feedback at the individual level anyway.  The exercise methodology we usually see applied calls for players to do their thing: right, wrong, or otherwise; then read about it weeks later in an AAR.  There isn’t much learning that takes place.  In fact, when players are allowed to do something incorrectly and aren’t corrected on the spot, this is a form of negative reinforcement – not just for that individual, but also for others; especially with how interrelated the roles and responsibilities within an ICS organization are.

While I’m all for allowing performers to discover their own mistakes and I certainly recognize that there exist multiple ways to skin the proverbial cat (no animals were harmed in the writing of this blog), this is really done best at a higher taxonomy level.  Many people I see implementing portions of ICS simply aren’t there yet.  They don’t have the experience to help them recognize when something is wrong.

As I’ve said before, this isn’t a school yard game of kickball.  Lives are at stake.  We can do better.  We MUST do better.

As always, thoughts are certainly appreciated.

© 2018 – Timothy Riecker, CEDP

Emergency Preparedness Solutions, LLC SM

 

 

Awareness of Public Health Preparedness Requirements – CMS

Tim Riecker, The Contrarian Emergency Manager 2 Comments

Emergency management and homeland security are collaborative spaces.  Think of these areas a Venn diagram, with overlapping rings.  Some of the related professions overlap with each other separately, but all of them overlap in the center.  This overlap represents the emergency management and homeland security space.  What’s important in this representation is the recognition that emergency managers and homeland security professionals, regardless of what specific agency they may work for, need to have awareness of that shared space and the areas of responsibility of each contributing profession.  One of the biggest players in this shared space is public health.Presentation1

For nearly a year, public health professionals have been talking about new requirements from CMS, which stands for The Centers for Medicare and Medicaid Services.  How does Medicare and Medicaid impact emergency management?  CMS, part of the Department of Health and Human Services (HHS) covers over 100 million people across the US – far more than any private insurer.  As an arm of HHS and a significant funding stream within public health, they set standards.

The most relevant standard to us is the Final Rule on Emergency Preparedness Requirements for Medicare and Medicaid Participating Providers and Suppliers.  The rule establishes consistent emergency preparedness requirements across healthcare providers participating in Medicare and Medicaid with the goal of increasing patient safety during emergencies and establishing a more coordinated response to disasters.

The CMS rule incorporates a number of requirements, which include:

  • Emergency planning
  • Policies and procedures
  • Communications planning with external partners
  • Training and exercises

These are all things we would expect from any emergency management standard.  Given the different types of facilities and providers, however, the implementation of the CMS rule can be complex.  A new publication released by the HHS ASPR (Office of the Assistant Secretary for Preparedness and Response) through their TRACIE program (Technical Resources, Assistance Center, and Information Exchange), provides some streamlined references to the CMS rule.  It’s a good document to study up on and keep on hand to help keep you aware of the requirements of one of our biggest partners.

© 2017 – Timothy Riecker, CEDP

Emergency Preparedness Solutions, LLC