A New CPG – 101 for Emergency Planning (v 3)

I know I’m a big nerd when it comes to this stuff, but I was really excited to receive the notice from FEMA that the new Comprehensive Preparedness Guide (CPG) 101: Developing and Maintaining Emergency Operations Plans has been published! This has been a long time coming. This update (version 3) replaces the previous version which was published in November 2010. The update process was also rather lengthy, with the first public review occurring in November 2019 and the second in November 2020.

Did a lot change? No.

Is it better? Yes.

Could it be even better? You bet.

The changes that are included in the new document are meaningful, with an emphasis on including accessibility concepts in plans; and references to current practices and standards, such as new and updated planning guides, CPG 201 (THIRA), Community Lifelines, and more. It even highlights a couple of lessons learned from the COVID 19 pandemic. I’m particularly pleased to see Appendix D: Enhancing Inclusiveness in EOPs, which I think is an excellent resource, though more links to other resources, of which there are many, should be provided in this appendix.

The format of the document is largely the same, with a lot of the content word-for-word the same. As a standard, a lot of change shouldn’t be expected. While we’ve seen some changes in our perspectives on emergency planning, there really hasn’t been anything drastic. Certainly “if it ain’t broke, don’t fix it”, but I think there could have been some better formatting choices, narrative, graphics, and job aids to enhance readability and implementation.  

There is some added content as well as a bit of highlighting of planning approaches, such as the District of Columbia’s services-based emergency operations plan. While I advocated for heavy reference to newer implementations and standards, such as THIRA, into the document (which was largely done) I also advocated for more user-friendly approaches, such as a hazard analysis matrix, to be included. My feedback from both public comment periods heavily emphasized the need to develop a document that will mostly benefit novice emergency planners. To me this means the inclusion of more graphic depictions of processes and tasks, as well as job aids, such as checklists and templates. The new CPG 101 does include more checklists. At first glance these are buried in the document which is not very user friendly. However, they did make a separate Compilation of Checklists document available, which I’m really happy about. It’s not highly apparent on the website nor is it included as part of the main document, so it could be easily missed.

I would have really liked to see a comprehensive library of job aids provided in the appendices to support implementation by new planners. We have other doctrine and related documents that provide rather extensive job aids to support implementation, such as HSEEP and NIMS (and not only the ICS component of NIMS). Not including that kind of supporting material in this update is very much a missed opportunity. Planning really is the cornerstone of preparedness, yet it doesn’t seem we are providing as much support for quality and consistent planning efforts. Given the extent of time between updates, I expected better. While being largely consistent in the format and content between versions is practically a necessity, there really should have been a parallel effort, separate from document revision, to outline practices and approaches to emergency plan development. Integrating that content into the update, ideally, would have done more to support HOW each step of the planning process is accomplished, as well as providing some job aids.

Speaking of implementation support, I’m curious about how EMI’s new Advanced Planning course, which I didn’t get into the pilot offering of, builds on the Emergency Planning course and compliments use of CPG 101.

Be sure to update your own personal reference library with this new version of CPG 101. If you are interested in a review with FEMA personnel, they are providing a series of one-hour webinars. What are your thoughts on the new CPG 101?

© 2021 Tim Riecker, CEDP

Emergency Preparedness Solutions, LLC®

ICS 400 Training – Who Really Needs It?

A few days ago I had a bit of discussion with others on Twitter in regard to who actually has a need for ICS 400 training. I think a lot of people are taking the ICS 400 (Advanced ICS for Command and General Staff) course for the wrong reasons. While I’d never dissuade anyone from learning above and beyond what is required, we also, as a general statement, can’t be packing course offerings with people who don’t actually need the training. There is also an organizational expense to sending people to training, and the return on that investment decreases when they don’t need it and won’t apply it. Overall, if you are a new reader, I have a lot of thoughts on why our approach to ICS Training Sucks, which can be found here.

Before we dig any deeper into the topic, let’s have a common understanding of what is covered in the ICS 400 course. The course objectives identified in the National Preparedness Course Catalog for some reason differ from those actually included in the current 2019 version of the course, so instead I’ll list the major topics covered by the two-day course:

  • Incident Complex
  • Dividing into multiple incidents
  • Expanding the Planning Capability
  • Adding a second Operations or Logistics Section
  • Placement options for the Intel/Investigations function
  • Area Command
  • Multi-Agency Coordination
  • Emergency Operations Centers
  • Emergency Support Functions

For this discussion, it’s also important to reference the NIMS Training Program document, released in the summer of 2020. This document states many times over that it includes training recommendations and that the authority having jurisdiction (AHJ) determines which personnel are to take which courses. This document indicates the ICS 400 is recommended for:

  1. ICS personnel in leadership/supervisor roles
  2. IMT command, section, branch, division, or group leaders preparing for complex incidents

Note that while #1 above seems to fully capture anyone in a leadership/supervisor role, the document also says that IMT unit, strike team, resource team, or task force leaders preparing for complex incidents do NOT need the training. I’d say this certainly conflicts with #1 above.

With that information provided, let’s talk about who really needs to take the ICS 400 from a practical, functional perspective. First of all, looking at recommendation #1 above, that’s a ridiculously broad statement, which includes personnel that don’t need to have knowledge of the course topics. The second recommendation, specific to IMTs, I’ll agree is reasonably accurate.

Having managed a state training program and taught many dozen deliveries of the ICS 400 course, I’ll tell you that the vast majority of people taking the course don’t need to be in it. I’d suggest that some deliveries may have had absolutely no one that actually needed it, while most had a scant few. Much of this perspective comes from a relative determination of need of personnel that fit within recommendation #1 above. Just because someone may be an incident commander or a member of command and general staff, doesn’t necessarily mean they need to take ICS 400. It’s very likely that through their entire career all of the incidents they respond to and participate in the management of can be organized using standard ICS approaches.

Interface with an EOC does not mean you need to take ICS 400. There is, in fact, a better course for that, aptly named ‘ICS/EOC Interface’. More people need to take this course than the ICS 400. I’m also aware that some jurisdictions require ICS 400 for their EOC staff. The ICS 400 course doesn’t teach you how to function in or manage an EOC. Again, the ICS/EOC Interface course is the better solution, along with whatever custom EOC training is developed (note that none of the FEMA EOC courses will actually teach you how to manage or work in YOUR EOC). If you feel that people in your EOC need to know about some of the concepts within the ICS 400, such as Multi-Agency Coordination or Area Command, simply include the appropriate content in your EOC training. To be honest, I can tell most EOC personnel what they need to know about an Area Command in about three minutes. They don’t need to sit through a two-day course to learn what they need to know.

Cutting to who does need it (aside from IMT personnel), personnel who would be a member of Command and General Staff for a very large and complex incident (certainly a Type I incident, and MAYBE certain Type 2 incidents) are the candidates. Yes, I understand that any jurisdiction can make an argument for their fire chief or police chief, for example, being the IC for an incident of this size and complexity, though let’s consider this in a relative and realistic sense. Most incidents of this size and complexity are likely to span multiple jurisdictions. Particularly in a home rule state, that fire chief or police chief is typically only going to be in charge of that portion of the incident within their legal borders. Although that incident may be a Type I incident taken as a whole, it will likely be managed in large part by a higher AHJ, which may use some of the concepts outlined in the ICS 400. While local government is still responsible for managing the portion of the incident within their borders, they are much less likely to utilize any of the ICS 400 concepts themselves. Along a similar line of thought, most jurisdictions don’t have hazards that, if they become incidents, would be of such size or complexity within their jurisdiction that would require use of these concepts. This leaves larger, more populous jurisdictions generally having a greater need for this level of training.

At some point, every state and UASI was required, as part of their NIMS implementation, to develop a NIMS training plan. Most of the plans I’ve seen further perpetuate the idea that so many people must have ICS 400 training. As part of this, many states require that anyone holding the position of fire chief must have ICS 400. Considering my argument in the paragraphs above, you can see why this is tremendously unnecessary. We must also consider erosion of knowledge over time. As people do not use the knowledge, skills, and abilities they have learned, that knowledge erodes. This is highly likely with the concepts of ICS 400.

A lot of states and other jurisdictions need to take a more realistic look at who really needs ICS 400 training. I’d also like to see some clarification on the matter in FEMA’s NIMS Training Guidance. It’s not about making this training elite or restricting access, but it is about decreasing the perceived and artificially inflated demand for the course.

What’s your jurisdiction’s take on ICS 400 training?

© 2021 Tim Riecker, CEDP

Emergency Preparedness Solutions, LLC®

Preparing for Disaster Deployments

I wrote last year about my trepidation over Community Emergency Response Teams (CERT) being considered as a deployable resource. The problem is that even most professionally trained emergency personnel aren’t prepared for deployment. We need to do better.

One of the key aspects of a disaster is that it overwhelms local resources. This often requires help from outside the impacted jurisdiction(s). Working outward from the center, like the bullseye of a dartboard, we are usually able to get near-immediate assistance from our neighbors (aka mutual aid), with additional assistance from those at greater distances. When I use the word ‘deployment’, I’m referring to the movement of resources from well outside the area and usually for a period of time of several days or longer.

The US and other places around the world have great mutual aid systems, many supported by laws and administrative procedures, identifying how requests are made, discerning the liability for the requesting organization and the fulfilling organization(s), and more. Most of these are intended for response vs deployment, but may have the flexibility to be applicable to deployment. Some, such as the Emergency Management Assistance Compact (EMAC) are specifically written for deployments. While all this is certainly important, most organizations haven’t spent the time to prepare their people for deployment, which is a need that many organizations seem to take for granted. Those organizations which are, practically be definition, resources which are designed to deploy, such as Type 1 and 2 incident management teams (IMTs), often have at least some preparations in place and can be a good resource from which others can learn.

What goes into preparing for deployment? First, the sponsoring organization needs to recognize that their resources might be requested for deployment and agree to take part in this. That said, some organizations, such as volunteer fire departments, might have little control over their personnel deploying across the country when a call for help goes out publicly. These types of requests, in my opinion, can be harmful as large numbers of well-intentioned people may abandon their home organization to a lack of even basic response resources – but this is really a topic to be explored separately.

Once an organization has made a commitment to consider future requests, leadership needs to develop a policy and procedure on how they will review and approve requests. Will requests only be accepted from certain organizations? What are the acceptable parameters of a request for consideration? What are the thresholds for resources which must be kept at home? 

Supporting much of this decision making is the typing of resources. In the US, this is often done in accordance with defined typing from FEMA. Resource typing, fundamentally, helps us to identify the capabilities, qualifications, and eligibility of our resources. This is good not only for your own internal tracking, but is vitally important to most deployment requests. Organizations should do the work now to type their resources and personnel.

If an organization’s leadership decides they are willing to support a request, there then needs to be a canvass and determination of interest to deploy personnel. This is yet another procedure and the one that has most of my focus in this article. Personnel must be advised of exactly what they are getting into and what is expected of them (Each resource request received should give information specific to the deployment, such as deployment duration, lodging conditions, and duties.). The organization may also determine a need to deny someone the ability to deploy based on critical need with the home organization or other reasons, and having a policy already established for this makes the decision easier to communicate and defend.

These organization-level policies and procedures, along with staff-level training and policies should be developed to support the personnel in their decision and their readiness for an effective deployment.

Many things that should be determined and addressed would include:

  • Matters of pay, expenses, and insurance
  • Liability of personal actions
  • Code of conduct
  • What personnel are expected to provide vs what the organization will provide (equipment, supplies, uniform, etc.)
  • Physical fitness requirements and inoculations
  • Accountability to the home organization

Personnel also need to be prepared to work in austere conditions. They may not have a hotel room; instead they could be sleeping on a cot, a floor, or in a tent. This alone can break certain people, physically and psychologically. Access to showers and even restrooms might be limited. Days will be long, the times of day they work may not be what they are used to, and they will be away from home. They must be ready, willing, and able to be away from their lives – their families, pets, homes, jobs, routines, and comforts – for the duration of the deployment. Their deployment activity can subject them to physical and psychological stresses they must be prepared for. These are all things that personnel must take into consideration if they choose to be on a deployment roster.

This is stuff not taught in police academies, fire academies, or nursing schools. FEMA, the Red Cross, and other organizations have policy, procedures, training, and other resources available for their personnel because this is part of their mission and they make these deployments regularly. The big problem comes from personnel with organizations which don’t do this as part of their core mission. People who are well intentioned, even highly trained and skilled in what they do, but simply aren’t prepared for the terms and conditions of deployment can become a liability to the response and to themselves.

Of course, organizational policy and procedure continues from here in regard to their methods for actually approving, briefing, and deploying personnel; accounting for them during the deployment; and processing their return home. The conditions of their deployment may necessitate follow up physical and mental health evaluations (and care, as needed) upon their return. They should also be prepared to formally present lessons learned to the organization’s leadership and their peers.

I’ll say that any organization interested in the potential of deploying personnel during a disaster is responsible for making these preparations, but a broader standard can go a long way in this effort. I’d suggest that guidance should be established at the state level, by state emergency management agencies and their peers, such as state fire administrators; state departments of health, transportation, criminal justice, and others. These state agencies often contribute to and are even signatories of state-wide mutual aid plans which apply to the constituents of their areas of practice. Guidance developed at the state level should also dovetail into EMAC, as it’s states that are the signatories to these agreements and often rely on the resources of local organizations when requests are received.

There is clearly a lot to consider for organizations and individuals in regard to disaster deployments. It’s something often taken for granted, with the assumption that any responder can be sent to a location hundreds of miles away and be fully prepared to live and function in that environment. We can do better and we owe our people better.

Has your organization developed policies, procedures, and training for deploying personnel?

© 2021 Tim Riecker, CEDP

Emergency Preparedness Solutions, LLC®

When to AAR

A discussion with colleagues last week both on and off social media on the development of after-action reports (AARs) for the COVID 19 pandemic identified some thoughtful perspectives. To contextualize, the pandemic is arguably the longest and largest response the world has ever faced. Certainly, no one argues the necessity for organizations to develop AARs, as there have been an abundance of lessons learned that transcend all sectors. It’s thankfully not often we are faced with such a long incident, but in these circumstances, we need to reconsider our traditional ways of doing things, which has generally been to develop an AAR at the conclusion of the incident.

One central aspect of the discussions was about the timing of the AARs. When should we develop an AAR for an incident? I certainly think that with most incidents, we can safely AAR when the incident is complete, particularly given that most incidents don’t last as long as the pandemic has. The difficulty with the pandemic, relative to AARs, is time. The more time goes on, the more we focus on recent concerns and the less we remember of the earlier parts of the response. This likely remains within tolerable limits for an incident that will last several weeks or even up to a few months, but eventually we need to recognize that that longer we go without conducting the after-action process, the more value we lose. Yes, we can recreate a lot with through documentation, but human inputs are critical to the AAR process, and time severely erodes those. Given this, I suggest the ideal practice in prolonged incidents is to develop interim AARs to ensure that chunks of time are being captured.

Another aspect related to this is to determine what measure we are using for the incident. The vast majority of AARs focus mostly on response, not recovery. This is an unfortunate symptom of the response-centric mentality that persists in emergency management. We obviously should be conducting AARs after the response phase, but we also need to remember to conduct them once the recovery phase is substantially complete. Given that recovery often lasts much longer than the response, we certainly shouldn’t wait until recovery is complete to develop a single AAR for the incident, rather we should be developing an AAR, at a minimum, at the substantial completion of response and another at the substantial completion of recovery.

Yet another complication in this discussion is that timing is going to be different for different organizations. I presently have some clients for which the pandemic is much less of a concern operationally as it was a year ago, especially with a vaccinated workforce. So much less of a concern, in fact, that they have largely resumed normal operations, though obviously with the continuation of some precautionary measures. Other organizations, however, are still in a full-blown response; while there are still yet others somewhere in the middle. This means that as we go through time, the pandemic will largely be over for certain organizations and jurisdictions around the world, while others are still consumed by the incident. While the WHO will give the official declaration of the conclusion of the pandemic, it will be over much sooner for a lot of organizations. Organizations should certainly be developing AARs when they feel the incident has substantially ended for them, even though the WHO may not have declared the pandemic to have concluded.

Consider that the main difference between evaluating an exercise and evaluating an incident is that we begin the exercise with the goal of evaluation. As such, evaluation activities are planned and integrated into the exercise, with performance standards identified and staff dedicated to evaluation. While we evaluate our operations for effectiveness during a response and into recovery, we are generally adjusting in real time to this feedback rather than capturing the strengths and opportunities for improvement. Be it during the incident or after, we need to deliberately foster the AAR process to not only capture what was done, but to help chart a path to a more successful future. I’ve been preaching about the value of incident evaluation for several years, and have been thankful to see that FEMA had developed a task book for such.

Given the complexity and duration of the pandemic, I started encouraging organizations to develop interim AARs longer than a year ago, and in fact supported a client in developing their initial response AAR just about a year ago. FEMA smartly assembled an ‘Initial Assessment Report’ of their early response activity through September of 2020, though unfortunately I’ve not seen anything since. There was a question about naming that came up in the discussions I had, suggesting that the term ‘AAR’ should be reserved for after the incident, and a different term used for any other reports. I partially agree. While I think we should still call it what it is – even if it’s done in the midst of an incident, it is still an after-action report – that being an analysis of actions we’ve taken within a defined period of time. Afterall, it’s not called an ‘after incident report’. That said, I do think that any AARs developed during the incident do warrant some clarification, which can incorporate the inclusion of a descriptor such as ‘interim’ or ‘phase 1, 2, 3, etc’, or whatever is most suitable. I don’t think we need anything standardized so long as it’s fairly self-explanatory.

Have you already conducted an AAR for the pandemic? Do you expect to do another?

© 2021 Tim Riecker, CEDP

Emergency Preparedness Solutions, LLC®

Emergency Management Budgets

Last week there were some posts circulating around Twitter expressing some considerable dismay about emergency management budgets. While I obviously agree that emergency management programs should be better funded, there is some important context to consider when looking at (most) emergency management agency budgets in the US.

While jurisdictions having emergency management programs provide some measure of funding, typically the largest quantity of funding comes from federal grant programs, with the most significant grant for operational expenses being the Emergency Management Performance Grant (EMPG). EMPG is part of the Homeland Security Grant Program (HSGP) and is budgeted each year in the federal budget with administrative responsibilities in the hands of FEMA. States are the grantees of EMPG. While a considerable amount of the funds are retained by states, there is a requirement for a certain percentage to be applied to local emergency management programs. States have different models for how the funds are allocated – some states award funds directly to county/local governments (subgrantees), others spend the funds on behalf of the subgrantees through the provision of direct services to county/local governments. Many states also use a hybrid of the two models. Those receiving an allocation of EMPG are ideally accounting for it in their published budgets, but we should be aware that some releases of budget information may not include EMPG numbers.

There are also additional grant funds available to county and local governments to support an array of emergency management and emergency management-related programs. These include hazard mitigation grants, the Urban Area Security Initiatives (UASI) grant, Secure the Cities, and others. Yes, a lot of these funds are targeted to more ‘homeland security’ types of activities, but we should also recognize the considerable overlap in a lot of EM and HS. I took a small sample of a few mid to large sized cities (mostly since they have established and funded emergency management offices), seeing ratios of 1:3 to 1:4 for local share funding compared to grant funding (this did not include COVID-related supplemental funding). Of course, you may see numbers significantly different in your jurisdiction.

I’ll also suggest that activities across many other local government agencies and departments support some measure of emergency management. While a lot of these expenditures may not have the input of an emergency management office, there are a variety of local infrastructure projects (hopefully contributing to hazard mitigation), health and human services investments (mitigation and preparedness), code enforcement (mitigation), and others that do contribute to the greater emergency management picture for the jurisdiction. In fact, some of the funding allocations received by these agencies may be through discipline-specific emergency management grant programs, such as those which may come from US DOT or CDC/HHS.

Overall, emergency management funding tends to be a lot larger than the casual observer may think, though even a budget analyst would require some time to identify how it all comes together, especially for a larger jurisdiction that tends to have larger departments, more complex expenditures, and more grant funding. As mentioned, I’d still love to see more direct funding allocations for emergency management programs, especially as emergency management can hopefully direct efforts where and how they are needed most within their communities. I’m also hopeful that officials leading different programs at the local level are coming together to jointly determine how best to allocate federal funds (obviously within the grant terms and conditions), even if they are coming from different federal and state agencies and being awarded to different local departments, with a goal of addressing local threats, hazards, and capabilities in the best ways possible for communities.

While what I wrote is a broad-brush example of how emergency funding is allocated across much of the US, different states do administer grants different. It can be as simple as I’ve outlined, or a lot more complex. We also have a lot of examples of the haves and have-nots, with many smaller jurisdictions being left woefully behind in funding. I’d love to hear what the funding situation looks like for your jurisdiction. Also, for those not in the US, how are your local programs funded?

© 2021 Timothy Riecker, CEDP

Emergency Preparedness Solutions, LLC®

An Update of Ontario’s Incident Management System

Just yesterday, the Canadian province of Ontario released an update of its Incident Management System (IMS) document. I gave it a read and have some observations, which I’ve provided below. I will say that it is frustrating that there is no Canadian national model for incident management, rather the provinces determine their own. Having a number of friends and colleagues from across Canada, they have long espoused this frustration as well. That said, this document warrants an examination.

The document cites the Elliot Lake Inquiry from 2014 as a prompt for several of the changes in their system from the previous iteration of their IMS document. One statement from the Inquiry recommended changes to ‘put in place strategies that will increase the acceptance and actual use of the Incident Management System – including simplifying language’. Oddly enough, this document doesn’t seem to overtly identify any strategies to increase acceptance or use; in fact there is scant mention of preparedness activities to support the IMS or incident management as a whole. I think they missed the mark with this, but I will say the recommendation from the Inquiry absolutely falls in line with what we see in the US regarding acceptance and use.

The authors reinforce that ICS is part of their IMS (similar to ICS being a component of NIMS) and that their ICS model is compatible with ICS Canada and the US NIMS. I’ll note that there are some differences (many of which are identified below) that impact that compatibility, though don’t outright break it. They also indicate that this document isn’t complete and that they already identified future additions to the document including site-specific roles and responsibilities, EOC roles and responsibilities, and guidance on resource management. In regard to the roles and responsibilities, there is virtually no content in this document on organizations below the Section Chief level, other than general descriptions of priority activity. I’m not sure why they held off of including this information, especially since the ICS-specific info is reasonably universal.

I greatly appreciate some statements they make on the application of Unified Command, saying that it should only be used when single command cannot be established. They give some clarifying points within the document with some specific considerations, but make the statement that “Single command is generally the preferred form of incident management except in rare circumstances where unified command is more effective” and reinforce that regular assessment of Unified Command should be performed if implemented. It’s quite a refreshing perspective opposed to what we so often see in the US which practically espouses that Unified Command should be the go-to option. Unified Command is hard, folks. It adds a lot of complexity to incident management. While it can solve some problems, it can also create some.

There are several observations I have on ICS-related organizational matters:

  • They use the term EOC Director. Those who have been reading my stuff for a while know that I’m really averse to this term as facilities have managers. They also suggest that the term EOC Command could be used (this might even be worse than EOC Director!).
  • While they generally stick with the term Incident Commander, they do address a nuance where Incident Manager might be appropriate (they use ‘manager’ here but not for EOCs??). While I’m not sure that I’m sold on the title, they suggest that incidents such as a public health emergency that is wide-reaching and with no fixed site is actually managed and not commanded. So in this example, the person in charge from the Health Department would be the Incident Manager. It’s an interesting nuance that I think warrants more discussion.
  • The document refers several times to the IC developing strategies and tactics. While they certain may have input to this, strategies and tactics are typically reserved for the Operations Section.
  • There is an interesting mention in the document that no organization has tactical command authority over any other organization’s personnel or assets unless such authority is transferred. This is a really nuanced statement. When an organization responds to an incident and acknowledges that the IC is from another organization, the new organization’s resources are taking tactical direction from the IC. Perhaps this is the implied transfer of authority? This statement needs a lot of clarification.
  • Their system formally creates the position of Scribe to support the Incident Commander, while the EOC Director may have a Scribe as well as an Executive Assistant. All in all, I’m OK with this. Especially in an EOC, it’s a reflection of reality – especially the Executive Assistant – which is not granted the authority of a Deputy, but is more than a Scribe. I often see this position filled by a Chief of Staff.
  • The EOC Command Staff (? – they don’t make a distinction for what this group is called in an EOC) includes a Legal Advisor. This is another realistic inclusion.
  • They provide an option for an EOC to be managed under Unified Command. While the concept is maybe OK, ‘command’ is the wrong term to use here.
  • The title of Emergency Information Officer is used, which I don’t have any particular issue with. What’s notable here is that while the EIO is a member of the Command Staff (usually), the document suggests that if the EIO is to have any staff, particularly for a Joint Information Center, that they are moved to the General Staff and placed in charge of a new section named the Public Information Management Section. (a frustration here that they are calling the position the EIO, but the section is named Public Information). Regardless of what it’s called or if there is or is not a JIC, I don’t see a reason to move this function to the General Staff.
  • Aside from the notes above, they offer three organizational models for EOCs, similar to those identified in NIMS
  • More than once, the document tasks the Operations Section only with managing current operations with no mention of their key role in the planning process to develop tactics for the next operational period.
  • They suggest other functions being included in the organization, such as Social Services, COOP, Intelligence, Investigations, and Scientific/Technical. It’s an interesting call out whereas they don’t specify how these functions would be included. I note this because they refer to Operations, Planning, Logistics, and Finance/Admin as functions (which is fine) but then also calling these activities ‘functions’ leads me to think they intend for new sections to be created for these. Yes, NIMS has evolved to make allowances for some flexibility in the organization of Intel and Investigations, something like Social Services (for victims) is clearly a function of Operations. While I appreciate their mention of COOP, COOP is generally a very department-centric function. While a continuity plan could certainly be activated while the broader impacts of the incident are being managed, COOP is really a separate line of effort, which should certainly be coordinated with the incident management structure, but I’m not sure it should be part of it – though I’m open to discussion on this one.
  • I GREATLY appreciate their suggestion of EOC personnel being involved in planning meetings of incident responders (ICP). This is a practice that can pay significant dividends. What’s interesting is that this is a measure of detail the document goes into, yet is very vague or lacking detail in other areas.

The document has some considerable content using some different terminology in regard to incidents and incident complexity. First off, they introduce a classification of incidents, using the following terminology:

  • Small
  • Large
  • Major
  • Local, Provincial, and National Emergencies

Among these, Major incidents and Local/Provincial/National Emergencies can be classified as ‘Complex Incidents’. What’s a complex incident? They define that as an incident that involves many factors which cannot be easily analyzed or understood; they may be prolonged, large scale, and/or involve multiple jurisdictions. While I understand that perhaps they wanted to simplify the language associated with Incident Types, but even with the very brief descriptions the document provided on each classification, these are very vague. Then laying the term of ‘complex incident’ over the top of this, it’s considerably confusing.

**Edit – I realized that the differentiator between small incident and large incident is the number of responding organizations. They define a small incident as a single organization response, and a large incident as a multi agency response. So the ‘typical’ two car motor vehicle accident that occurs in communities everywhere, requiring fire, EMS, law enforcement, and tow is a LARGE INCIDENT????? Stop!

Another note on complex incidents… the document states that complex incidents involving multiple response organizations, common objectives will usually be high level, such as ‘save lives’ or ‘preserve property’, with each response organization developing their own objectives, strategies, and tactics.  I can’t buy into this. Life safety and property preservation are priorities, not objectives. And allowing individual organizations to develop their own objectives, strategies, and tactics pretty much breaks the incident management organization and any unity of effort that could possibly exist. You are either part of the response organization or you are not.

Speaking of objectives, the document provides a list of ‘common response objectives’ such as ‘save lives’ and ‘treat the sick and injured’. These are not good objectives by any measure (in fact they can’t be measured) and should not be included in the document as they only serve as very poor examples.

So in the end there was a lot in this document that is consistent with incident management practices, along with some good additions, some things that warrant further consideration, and some things which I strongly recommend against. There are certainly some things in here that I’d like to see recognized as best practices and adopted into NIMS. I recognize the bias I have coming from the NIMS world, and I tried to be fair in my assessment of Ontario’s model, examining it for what it is and on its own merit. Of course anyone who has been reading my posts for a while knows that I’m just as critical of NIMS and related documents out of the US, so please understand that my (hopefully) constructive comments are not intended to create an international incident. I’m a big fan of hockey and poutine – please don’t take those away from me!

I’m always interested in the perspectives of others. And certainly if you were part of the group that developed this document, I’d love to hear about some of your discussions and how you reached certain conclusions, as well as what you envision for the continued evolution for the Provincial IMS.

© 2021 Timothy Riecker, CEDP

Emergency Preparedness Solutions, LLC®

What Actually is Emergency Management?

Many people have a concept of what emergency management is, typically shaped by their own experiences or aspirations, but it is so much more. I think a part of the seeming identity crisis emergency management suffers as well as the issues expressed by some that emergency management isn’t a recognized profession stem from that the fact that so much of emergency management is actually a unified effort of an amalgamation of other professions. So let’s consider what emergency management actually is. The list below is not exhaustive and is largely formed around common professions, major activities, and areas of academic study.

  • Grants management
  • Accounting
  • Procurement
  • Logistics
  • Equipment Maintenance
  • GIS
  • Information Technology
  • Planning
  • Document Development and Publishing
  • Marketing
  • Communications
  • Public and Media Relations
  • Community Outreach
  • Volunteer Management
  • Instructional Design and Delivery
  • Data Analysis
  • Engineering
  • Project Management
  • Policy and Political Science
  • Business/Public Administration
  • Organizational Management and Leadership
  • Consulting and SME
  • Academics and Research
  • Physical Sciences (Geology, Meteorology, Earth Science, etc.)
  • Social Sciences (Sociology, Anthropology, etc.)

These are all distinct functions and major activities/professions I’ve seen in emergency managers and emergency management agencies. Many emergency managers do a lot of these, while some focus on a few or even just one. Some of these activities may be outsourced to other agencies or to the private sector. Yet any of the items on the list taken out of the context of emergency management are then no longer (at least directly) emergency management. This may be a permanent state for someone holding one of these positions, or perhaps they are brought into the realm of emergency management on more of an ad-hoc or temporary basis. On the other hand, the application of these activities within emergency management often requires them to have knowledge of the areas of emergency management in which they are being applied.

Defining what emergency management is and does without the context of these other professions/activities is difficult. There is a big part of emergency management that is less defined and tangible, filling in the gaps and connective tissue between and among all of these; harnessing and focusing the collective capabilities toward distinct efforts across preparedness and the five mission areas, by way of a highly complex effort which we encapsulate with one simple word – coordination. So oddly enough, emergency management is all of these, yet it is also something else.

I think the recognition of this will go a long way for us, helping to progress the profession while also being less rigid in our approach to pigeon-hole what an emergency manager is.

© 2021 Timothy Riecker, CEDP

Emergency Preparedness Solutions, LLC®

Building Local Incident Management Capability

Just over a year ago I wrote An Alternate Concept of Incident Management Support, identifying the gap that exists in most local communities and areas for improved incident management capability. While I still think that formal Incident Management Teams (IMTs) are the gold standard, not every community or even multi-county region can support a formal IMT, which requires dozens of personnel and rigorous qualification and maintenance. Over the past year, we’ve seen a lot of use of IMTs across the nation, supporting the COVID-19 response and myriad other incidents. Sitting in over the last few days on the All Hazard Incident Management Team Association (AHIMTA) virtual symposium, there is a lot of exciting evolution happening with IMTs as they continue to enhance their capabilities. And while this is great, I feel we are leaving a lot of areas behind. This isn’t on the AHIMTA, but rather on the emergency management community as a whole. That said, there are certainly some intersections, as a lot of the training available to IMT personnel may need to be made more accessible to those who would be part of the Incident Support Quick Response Teams (ISQRTs) as I came to call them in the article I mentioned from last year, and addressing a fundamental need I’ve been espousing for a long time.

As I’ve soaked in a lot of great information from the AHIMTA symposium about IMTs, the need to build local capability in the absence of IMTs is even more apparent. Some may argue that IMTs are available to deploy to any area if requested. Possibly. Obviously there are a lot of conditions… what are other teams dealing with? What’s the relative priority of the requesting area? EMAC is certainly an option, but States need to approve the local request if they are to put the request into the EMAC system. The state may not agree with the need, may not want to spend the funds for an incoming team for an incident that may not receive a federal declaration, or it may not be practical to wait a couple of days to get an IMT on the ground when the response phase of the incident may be resolved or near resolved by then.   

Fundamentally, every area should have its own organic incident management capability. As mentioned, most areas simply can’t support or sustain the rigors of a formal IMT, but they can support a short roster of people who are interested, able, and capable. This is a situation where a little help can go a long way in making a difference in a local response for a more complex Type 4 incident or the onset of a Type 3 incident – or simply to do what they can for a larger incident where additional help simply isn’t available. I mentioned in last year’s article that the focus should really be on incident planning support, with an Incident Management Advisor to support the IC and local elected officials, an Incident Planning Specialist to help the local response organization harness the Planning Process, a Planning Assistant to support the detailed activities involved in a Planning Section such as situational awareness and resource tracking, and an Operations and Logistics Planner to support local responders who may have great tactical knowledge, but not much experience on operational planning much less forecasting logistical needs associated with this. Largely these are all advisors, who are likely to integrate into the incident management organization, so we aren’t creating new ICS positions, though I still encourage some deeper and deliberate application of incident management advisors.

My big thought today is how do we make something like this happen? First, I think we need to sell FEMA and State IMT programs and or State Training Officers on the concept. That comes first from recognizing and agreeing on the gap that exists and that we must support the organic incident management capability of local jurisdictions with fewer resources, through something that is more than the ICS courses, but less than what is required for an IMT. Part of this is also the recognition that these ISQRTs are not IMTs and not intended to be IMTs but fill an important role in addressing this gap. This will go a long way toward getting this past ICS and IMT purists who might feel threatened by this or for some reason disagree with the premise.

Next is establishing standards, which first is defined by general expectations of activity for each of these roles, pre-requisites for credentialing, then training support. The existing position-specific training is likely not fully appropriate for these positions, but a lot can be drawn upon from the existing courses, especially those for Incident Commander and the Planning Section positions, but there are also some valuable pieces of information that would come from Operations Section and Logistics Section Courses. I’d suggest that we work toward a curriculum to address these specific ISQRT roles. There are then some administrative details to be developed in terms of local formation, protocols for notification and activation, etc. State recognition is important, but perhaps approval isn’t necessarily needed, though coordination and support from States may be critical to the success of ISQRTs, again considering that these are most likely to be serving areas with fewer resources. ISQRTs will also need to work with local emergency managers and local responders to gain support, to be included in local preparedness activities, and to be called upon when they should be. A lot of success can be gained from things such as local/county/regional/state meetings of fire chiefs and police chiefs.

Do you agree with the gap that exists for most communities? What do you think we need to get the ball rolling on such a concept?

© 2021 Timothy Riecker, CEDP

Emergency Preparedness Solutions, LLC®

FEMA’s First Lessons Learned From COVID-19

FEMA recently released the Pandemic Response to Coronavirus Disease 2019 (COVID-19): Initial Assessment Report (January – September 2020). The report has many elements of a traditional after-action report. The authors reinforce that the report only evaluates FEMA’s response, not those of other agencies or entities. That said, emergency management, by nature is collaborative and FEMA’s interactions with other agencies and entities are cited as necessary. The report covers five primary areas of evaluation:

  1. Coordinating Structures and Policy
  2. Resources
  3. Supporting State, Local, Tribal, and Territorial (SLTT) Partners
  4. Preparedness and Information Analysis
  5. Organizational Resilience

Also, with similarity to a traditional after-action report, this report provides a table of key findings and recommendations as Appendix A.

Here are some of my primary observations:

Following the executive summary is a the COVID-19 Pandemic Overview, which is a well-constructed piece providing a combined narrative timeline and topical highlights, providing information and context to the pandemic and the response, as well as some of the complexities encountered. While the report does well to acknowledge the myriad disasters that SLTT partners and federal agencies responded to over 2020, I find it shameful that they very obviously ignore the societal impacts of the US political climate (related to the pandemic and otherwise) as well as events surrounding the BLM movement. I firmly believe this report should fully acknowledge these factors and could have done so without itself making a political statement. These were important, impactful, and far-reaching, certainly influencing the operating environment, public information, and other very real facets of the response. I feel that the exclusion of these factors leaves this report incomplete.

Relative to the Coordinating Structures and Policy section, FEMA reinforces many, many times that they were put into a leadership position for this disaster that was unexpected and perhaps led to some coordination problems. I feel FEMA should always be a lead or co-lead agency for the federal response for large disasters regardless of the hazard. While a pandemic is certainly a public health hazard, FEMA has practiced experience in federal coordination to major disasters, mobilization of resources and logistical support, SLTT coordination, and overall incident management. The Unified Coordination Group is a sound application in situations where other federal agencies share significant authority. The kinks should be worked out of this, with the National Response Framework updated to reflect such.

Also mentioned within this section is the creation of a White House Task Force which was intended to make executive decisions of the highest level. This is not unprecedented and should certainly be expected for other large-scale disasters in the future. I feel, however, that removing the FEMA Administrator from having a direct line of communication with the White House during ‘peace time’ has significant impact on FEMA leadership’s ability to integrate. Positioning FEMA subordinate to the Secretary of Homeland Security is akin to putting a police officer in charge of a pool and keeping the lifeguard in the breakroom. Sure, the police officer can do a lot, but there are specific skills needed which necessitate that the lifeguard has a constant presence at the pool rather than only being called in when something gets bad enough. 

FEMA makes a point about inheriting eight task forces created by HHS which then needed to be integrated into the NRCC organization. These task forces had some overlap with the existing NRCC and ESF structure, resulting in duplications of effort and coordination problems. While FEMA says they were able to overcome this over time, it is obviously something that, given the National Response Framework, should have not happened in the first place. FEMA’s recommendations associated with this matter do not once cite the National Response Framework and instead point the finger at NIMS/ICS use, fully ignoring that the foundation of preparedness is planning. Either HHS made these task forces up on the fly or had a plan in place that accounted for their creation. Either way, it’s the National Response Framework that was ignored. NIMS/ICS helps support plan implementation.

The next section on resource management demonstrates that FEMA learned a lot about some intricacies of resource management they may have not previously encountered. With the full mobilization of resources across the nation for the pandemic, along with targeted mobilizations for other disasters, the system was considerably stressed. FEMA adapted their systems and processes, and in some cases developed new methodologies to address resource management needs. One key finding identified was a need to better integrate private sector partners, which isn’t surprising. I think we often take for granted the resources and systems needed to properly coordinate with the private sector on a large scale during a disaster. One of the largest disasters within this disaster was that of failed supply chains. Granted, the need was unprecedented, but we certainly need to bolster our preparedness in this area.

To help address supply chain issues, novel solutions such as Project Airbridge and specific applications of the Defense Production Act were used. The best practices from these strategies must be memorialized in the form of a national plan for massive resource mobilizations.

SLTT support for the time period of the report was largely successful, which isn’t a surprise since it’s fundamentally what FEMA does as the main coordination point between SLTT partners and federal agencies. Significant mobilizations of direct federal support to SLTT partners took place. The pandemic has provided the best proof of concept of the FEMA Integration Teams (FIT) since their development in 2017. With established relationships with SLTT partners and knowledge of needs of the federal system, they provided support, liaised, and were key to shared situational awareness. I appreciate that one of the recommendations in this section was development of a better concept of operations to address the roles and responsibilities of FIT and IMATs.

One item not directly addressed in this section was that in emergency management we have a great culture of sharing resources and people. Sharing was pretty limited in the pandemic since everyone was impacted and everyone needed resources. This caused an even greater demand on FEMA’s resources since SLTT partners largely weren’t able to support each other as they often do during disasters.

The section on preparedness and information analysis was interesting, especially on the information analysis side. The preparedness findings weren’t really much of a surprise, including not anticipating supply chain issues or SLTT needs. What this boils down to is a lack of effective plans for nation-wide disasters. On the information side, the key findings really boil down to not only improved defining of data sets and essential elements of information relative to specific needs, audiences, functions, capabilities, and lines of effort. It appears a lot was learned about not only the information needed, but also how to best utilize that information. Analytics makes data meaningful and supports better situational awareness and common operating picture.

The last section on FEMA’s organizational resilience is a good look at some of the inner workings and needs of FEMA as an agency and how they endured the pandemic and the varied demands on the agency. FEMA has always had a great culture of most employees having a disaster job which they are prepared to move into upon notice. They learned about some of the implications associated with this disaster, such as issues with engaging such a large portion of their employees in long-term deployments, public health protection, and mental health matters.

Ultimately, despite my disagreement with a couple of recommendations and leaving out some very important factors, the report is honest and, if the corrective actions are implemented, will support a stronger FEMA in the future. I’m hopeful we see a lot of these AAR types of documents across federal agencies, state agencies, local governments, the private sector, etc. EVERYONE learned from this pandemic, and continues to learn. That said, while the efforts of individual entities hold a lot of value, there also needs to be a broader, more collective examination of ‘our’ response to this disaster. This would be a monumental first task for a National Disaster Safety Board, would it not? 

© 2021 Timothy Riecker, CEDP

The Contrarian Emergency Manager™

Emergency Preparedness Solutions, LLC®

New EOC Toolkit Documents

FEMA announced the release of five EOC Toolkit documents on their website. In downloading these documents, I’m actually finding six documents, all with file dates of January 8, 2021. What’s there:

  • Tips for Healthcare Professionals: Coping with Stress and Compassion Fatigue
  • Tips for Disaster Responders: Preventing and Managing Stress
  • An Exercise for Creating Position Task Books from EOC Skillsets
    • Exercise Cards for the above referenced exercise (probably why they indicate only five documents, though this is a separate download)
  • EOC Financial Tools Reference Fact Sheet
  • EOC Operations Period Briefing Template

A quick review:

Coupling together the Tips for Healthcare Professionals and Tips for Disaster Responders as they both deal with workplace stress; these are really good documents that provide information, tools, and resources for recognizing and managing stress. Both are developed by the HHS Substance Abuse and Mental Health Services Administration. What I’d like to see, though, are documents actually developed for EOCs. It might seem a bit petty, while nearly 100% of the information in these documents is applicable to an EOC environment, this is yet another example of emergency management needing to borrow best practices from others and not getting something of our own. A simple change in the title and focusing the scope of the documents can go a long way. I would hope that FEMA and the National Integration Center would be supporting emergency management a bit more by at least giving us things that are intentionally developed for us.

I’m also coupling together the two documents of the EOC Skillsets Exercise instructions and cards; the purpose of the exercise is to create position task books (PTBs) from the list of EOC Skillsets. The exercise is used to help familiarize participants with the EOC Skillsets and to give leaders a practical, scenario-based experience in building position qualifications based on an organization’s needs and resources. I’ll be honest that I have some mixed feelings about this. I’m not sure of the real value of this exercise. Sure it’s nice to teach people new things and an exercise like this can be useful for getting buy-in on the qualifications certain positions should have, but the EOC Skillset Guide already gives us alignment of the EOC Skillsets for each of the primary EOC positions for the common, NIMS-identified EOC model organizations. That said, if your EOC has an organizational deviation from these models, the exercise could be helpful.

The EOC Financial Tools Reference Fact Sheet is a pretty good overview and list of resources for incident financial management, including guidelines and practices for reimbursement. A solid document. I think the document could be expanded upon by some experienced Finance/Admin Section Chiefs, Public Assistance SMEs, and Individual Assistance SMEs – to not only provide additional information, guidance, and tools, but also to address the continuum of financial management and reimbursement that starts with preparedness and goes through response then into disaster recovery, with the ultimate goal of maximizing reimbursement for eligible expenses.

Lastly, the EOC Operations Period Briefing Template. The document provides the pretty standard guidance for an Ops Period Briefing seen in ICS-related publications and introduces a couple of topics that are important to EOCs which are typically not found in field-level applications. That said, this is called a template. It’s laid out as a template. The instructions even say that the template is customizable. They give you the document as a PDF. <shrug>

Wrapping this up, these are documents that really can help EOCs and EOC personnel, but we see some shortfalls because of simple lack of thought, perspective, and utility. Continuous improvement, however, should always be a goal, and we need to start somewhere. I’m hoping these, and other documents will evolve as needs and opportunities are identified.

© 2021 Timothy Riecker, CEDP

The Contrarian Emergency Manager™

Emergency Preparedness Solutions, LLC®