Six Emergency Management Priorities for the Next Administration

New administrations get to identify their priorities for various areas of focus… this can be both good and bad. It’s not a simple thing. New priorities should embrace progress, while ensuring that certain existing priorities, programs, and projects remain. Yes, some existing programs may deserve to be scrubbed, but far too often we see administrations go ‘clean slate’ doing away wholesale with what has been implemented by their predecessor or their predecessor’s predecessor. Emergency management requires consistency, yet we also require progress. It has been frustrating through the years to see many good practices discarded simply because they were a priority of another administration, and new practices introduced that aren’t well thought through, simply because it was someone’s good idea or they wanted to put their name on something. Emergency management (and I suppose most others) is an area of practice that must embrace forward looking consistency if that makes much sense.  Sometimes tradition needs to be dragged along kicking and screaming, while new practices need to integrate with legacy implementations, lest we continue to create a never-ending complexity of stove piped programs with little to no connective tissue.

Before I jump into the pool, I also want to acknowledge that no one person can obviously be knowledgeable of all the issues facing an area of practice. It requires not just an advisor, but a team of advisors – practitioners with a range of experience and experiences as well as academics. Emergency management is not only a government activity. Emergency management is not only pulled out of the toolbox when a disaster occurs. Emergency management also has more connections to other program areas than arguably any other practice. There is a lot to see and a lot to contextualize.

So on to our show…

Coronavirus/COVID 19

Obviously, this is THE priority of the incoming administration. I’m not going to go on at length about this since I’m pretty sure we’re all aware of the issues, complexities, etc. What I will encourage here is thinking comprehensively. This is a public health crisis, but the solution is not just in the realm of public health. There needs to be a better recognition of the role of emergency management in addressing problems and being part of the solutions, including vaccine distribution. These kinds of logistics are a big part of what emergency management does, so they don’t need to be recreated. Given the scope of this effort, the private sector will be huge partners in this as well. A national-level effort for after action reviews for the pandemic will also be important. Yes, there are a lot of lessons learned that can be put over the whole nation (and even the world), but there are plenty of other lessons learned that may be more dependent upon geography, population, and operational sector. Not only should everyone be doing an after-action report, but a portal where the data (not just the document) can be entered would help the federal government collect this data, the analysis of which would most assuredly provide valuable insight. Speaking of lessons learned…

Public Health Preparedness

The pandemic has shown what works and what doesn’t work. We need to fix what is broken, boost what works, and not forget to examine the grey areas in between (such as our earlier assumptions on pandemic planning… they weren’t all necessarily wrong, they were just wrong for this pandemic). Public health preparedness needs to be re-prioritized, and the relationship with emergency management strengthened (we tried to do this about 18 years ago but fell well short of where it needed to be). Use what exists – there are public health capabilities which are well defined. Public health coalitions have been developed across the nation. We need to do better at supporting public health in meeting and maintaining needs – this needs to be a structured, deliberate effort. DO NOT just throw money at the problem and hope it will get solved. That’s bullshit governing and a waste of tax dollars.

Climate Change

Speaking of bullshit governing and wasting tax dollars, we need a GOOD strategy to integrate climate change issues across everything we do. No more shotgun approach. No more of ‘well that’s the best we can do’. We need a deliberate, coordinated effort. Anything less is a waste of time, money, and effort. Just as emergency management touches practically all other functions, as does climate change. The federal government must do a better job of forming operational coalitions – that is partnering federal agencies, the private sector, non-profits, and even some select state and local governments into functioning entities. (This should be a standard of practice in emergency management as well). The model I’m speaking of isn’t some think tank, group that meets on occasion, or blue-ribbon panel. I’m talking about something that’s operational, with actual employees (specialists) from agencies with responsibility for addressing areas of the problem given temporary duty assignments to an entity whose existence is to work that problem. This is done through identification of priorities and implementation pathways, utilization and allocation of grant funding, advocacy, torch carrying, interagency coordination, problem solving, etc. Just a few of the entities involved in climate change obviously include FEMA, DOT, HHS, DHS, NWS, and more. The best way to solve this is not just getting everyone on the same page or in the same room, but actually organized, led, and synchronized.

Economic Recovery

Economic recovery is an aspect of emergency management, but I’m no economist, so I’ll address it briefly. The pandemic has hit our economy hard. Yes, I think a lot of it will naturally heal as the pandemic comes to an end, but we also can’t just sit around and wait for that nor can we hope for the best and accept (or not) the outcome we get. Economic recovery needs to be deliberate and structured. And remember, in emergency management we don’t just ‘recover’ – we ‘build back better’. This is an opportunity to integrate resiliency into our economy, governments, businesses, and society as a whole.

Integrated Preparedness

I’ve long been complaining about the stove piped programs we see in emergency management. Perhaps from a program administration perspective, focused activity works, but at the state and local levels, practitioners need to see how these things come together so they can easily link efforts. To do it well requires more than crosswalk developed by some junior consultant. It takes a deliberate effort at the doctrinal level to not only demonstrate, but provide sensible pathways to implementation that show how disparate concepts such as NIMS, HSEEP, the National Preparedness Goal, CPG 101, Community Lifelines, etc. actually come together IN PRACTICE. These are all good things taken individually, yet so many either don’t think to combine them, don’t know how to combine them, or are too intimidated or lack the understanding of the benefits to care.

HSEEP has done away with the training and exercise planning workshop (TEPW) and introduced the integrated preparedness planning workshop (IPPW), which we hope would contribute to actual integrated preparedness, but how many know about this? How many actually care? How many know how to do it? Let’s face it… most used the TEPW solely to put exercises on a calendar. That’s all. The training aspect was largely ignored. Is the mention of an IPP in updated HSEEP doctrine alone going to get people to talk even more broadly about preparedness? Nope. If exercises aren’t part of someone’s responsibility (or if they don’t have the time or inclination to do them) they aren’t going to read the updated HSEEP doctrine. Even if they do, will they catch this pretty important change? Possibly not. FEMA held webinars on the IPP concept. These webinars communicated very little, and reinforced that integrated preparedness is an HSEEP concept rather than an EMERGENCY MANAGEMENT concept. You can’t bury something that is so broad reaching into such focused doctrine. Integrated preparedness needs to have its own doctrine and have its own effort – and with the understanding that most mid to large sized emergency management agencies have different parts of the organization responsible for each area of preparedness. If the feds don’t give it the attention it deserves, most state and local governments certainly won’t. We do have a National Integration Center, don’t we? Hmmmm….

Hazard Mitigation Programs, Grants, and Tools

Similar to the matter of integrated preparedness, we really need to do better at hazard mitigation. Hazard mitigation planning has turned into a bureaucratic mess, with jurisdictions spending a lot of money on plans every five years that they rarely reference, much less put into deliberate action. We need to do better.

Standards for hazard mitigation planning also need to be expanded. Rarely is an ‘all hazard’ hazard mitigation plan actually ‘all hazard’. Do they address cyber security? Active shooter/hostile event incidents? Most do not. We also need to see better and more consistent integration of societal data into hazard mitigation planning. There is usually heavy analysis of risk, but not vulnerability in these types of plans. Things like community vulnerability indices give a better perspective on the fragility of our populations. Without doing so, we really aren’t considering the whole community.

~~

So, these are my top six priorities as I see them. Each of these has lasting impact coupled with a more timely urgency. Certainly, there are other things that can be viewed as priorities, but if the list is exhaustive, it pretty much loses the concept of being priority. These are the primary emergency management efforts I would build an administration around. Obviously other activities must continue, but these form the areas of emphasis.  

In re-reading my post, I realized there is a word I used an awful lot… deliberate. I’m guessing it wasn’t accidental, more an influence of my sub-conscious emphasizing well planned and established activities instead of the hap-hazard and half-hearted efforts we often see. There is no sense in showing up to only play part of the game. We need to see it through to the end. That’s how we make a difference.

What thoughts do you have on emergency management priorities for the incoming administration?

© 2020 Timothy Riecker, CEDP

Emergency Preparedness Solutions, LLC®

NIMS Alert: NQS Qualifications and Task Books for Recovery, Mitigation, and Incident Evaluation

The National Integration Center (NIC) has been busy with developing more National Qualification System (NQS) tools for incident management.  Here are the titles for the latest release open to public comment:

  • Damage Assessment Coordinator
  • HM Community Education and Outreach Specialist
  • HM Community Planner Specialist
  • HM Engineering and Architect Specialist
  • HM Floodplain Management Specialist
  • EHP Environmental Specialist
  • EHP Historic Preservation Specialist
  • Incident/Exercise Evaluator
  • Public Assistance
  • State Disaster Recovery Coordinator

There may be some incident management and response purists out there wondering why they should care about these particular titles.  I’ll agree that most of them aren’t used in a life-saving response capacity, but these are the people you want to have backing you up – otherwise you may never get away from the incident and you will find yourself in a very foreign land where complex requirements from FEMA and other federal agencies are the rules of play.

Having worked disaster recovery for some massive incidents, such as Hurricane Sandy, I can personally attest to the value so many of these people bring to the table.  It’s great to see qualification standards being established for them, just as they are for core incident management team personnel and resources.  While my experience with most of these is ancillary, however, I’ll leave specific commentary on them to those functional experts.

There is one role in here that I’m particularly pleased to see and will comment on, and that’s the Incident/Exercise Evaluator.  I wrote last year on this topic specifically and have reflected on its importance in other posts.  I see the inclusion of an Incident Evaluator in the NQS as being a huge success and the beginning of a conscious and deliberate shift toward evaluation and improvement in what we do.  Looking at the resource typing definition, I’m pretty pleased with what the NIC has put together.

What I like… I appreciate that they include a note indicating that personnel may need additional training based upon the nature or specialization of the incident or exercise.  They include a decent foundation of NIMS/ICS, exercise, and fundamental emergency management training across the various position types (although most of these are FEMA Independent Study courses -which I think are great for introductory and supplemental matter, but shouldn’t be the only exposure personnel have), including a requirement of completion of the Homeland Security Exercise and Evaluation Program (HSEEP) for a Type 1.

What I feel needs to be improved…  Considering that the Type 1 Incident/Exercise Evaluator is expected to lead the evaluation effort, I’d like to see more than just HSEEP training being the primary discerning factor.  Just because someone has completed HSEEP doesn’t mean they can plan a project, lead a team, or extrapolate HSEEP exercise evaluation practices to be effective for incident evaluation.  I suggest HSEEP should be the requirement for the Type 2 position (which would correlate well to the position description), with additional training on project management and leadership supporting the Type 1 position.  While the note is included re: the potential need for additional training, there is nothing in this about operational experience, which I think is rather important.  Lastly, this seems to identify a need for course and/or guidance specific to incident evaluation, which can and should use the principals of HSEEP as its foundation, but identify the differences, best practices, and approaches to applying them to an incident or event.

I’d love to hear your thoughts on incident evaluation as well as the other positions being identified in the NQS. Do you participate in the national engagements and provide feedback?

© 2018 – Timothy Riecker, CEDP

Emergency Preparedness Solutions, LLC™

 

 

Failed Attempts to Measure NIMS Compliance – How can we get it right?

Yesterday the US Government Accountability Office (GAO) released a report titled Federal Emergency Management Agency: Strengthening Regional Coordination Could Enhance Preparedness Efforts.  I’ve been waiting for a while for the release of this report as I am proud to have been interviewed for it as a subject matter expert.  It’s the second GAO report on emergency management I’ve been involved in through my career.

The end game of this report shows an emphasis for a stronger role of the FEMA regional offices.  The GAO came to this conclusion through two primary discussions, one on grants management, the other on assessing NIMS implementation efforts.  The discussion on how NIMS implementation has thus far been historically measured shows the failures of that system.

When the National Incident Management System (NIMS) was first created as a nation-wide standard in the US via President Bush’s Homeland Security Presidential Directive (HSPD) 5 in 2003, the NIMS Integration Center (NIC) was established to make this happen.  This was a daunting, but not impossible task, involving development of a standard (lucky much of this already existed through similar systems), the creation of a training plan and curricula (again, much of this already existed), and encouraging something called ‘NIMS implementation’ by every level of government and other stakeholders across the nation.  This last part was the really difficult one.

As identified in the GAO report: “HSPD-5 calls for FEMA to (1) establish a mechanism for ensuring ongoing management and maintenance of the NIMS, including regular consultation with other federal departments and agencies and with state and local governments, and (2) develop standards and guidelines for determining whether a state or local entity has adopted NIMS.”

While there was generally no funding directly allocated to NIMS compliance activities for state and local governments, FEMA/DHS associated NIMS compliance as a required activity to be eligible for many of its grant programs.  (So let’s get this straight… If my jurisdiction is struggling to be compliant with NIMS, you will take away the funds which would help me to do so????)  (the actual act of denying funds is something I heard few rumors about, but none actually confirmed).

NIMS compliance was (and continues to be) a self-certification, with little to no effort at the federal level to actually assess compliance.  Annually, each jurisdiction would complete an online assessment tool called NIMSCAST (the NIMS Compliance Assistant Support Tool).  NIMSCAST ran until 2013.

NIMSCAST was a mix of survey type questions… some yes/no, some with qualified answers, and most simply looking for numbers – usually numbers of people trained in each of the ICS courses.  From FEMA’s NIMS website: “The purpose of the NIMS is to provide a common approach for managing incidents.”  How effective do you think the NIMSCAST survey was at gauging progress toward this?  The answer: not very well.  People are good at being busy but not actually accomplishing anything.  It’s not to say that many jurisdictions didn’t make good faith efforts in complying with the NIMS requirements (and thus were dedicated to accomplishing better incident management), but many were pressured and intimidated, ‘pencil whipping’ certain answers, fearing a loss of federal funding.   Even for those will good faith efforts, churning a bunch of people through training courses does not necessarily mean they will implement the system they are trained in.  Implementation of such a system required INTEGRATION through all realms of preparedness and response.  While NIMSCAST certainly provided some measurable results, particularly in terms of the number of people completing ICS courses, that really doesn’t tell us anything about IMPLEMENTATION.  Are jurisdictions actually using NIMS and, if so, how well?  NIMSCAST was a much a show of being busy while not accomplishing anything as some of the activities it measured.  It’s unfortunate that numbers game lasted almost ten years.

In 2014, the NIC (which now stands for the National Integration Center) incorporated NIMS compliance questions into the Unified Reporting Tool (URT), including about a dozen questions into every state’s THIRA and State Preparedness Report submission.  Jurisdictions below states (unless they are Urban Area Security Initiative grant recipients) no longer need to provide any type of certification about their NIMS compliance (unless required by the state).  The questions asked in the URT, which simply check for a NIMS pulse, are even less effective at measuring any type of compliance than NIMSCAST was.

While I am certainly being critical of these efforts, I have and continue to acknowledge how difficult this particular task is.  But there must be a more effective way.  Falling back to my roots in curriculum development, we must identify how we will evaluate learning early in the design process.  The same principal applies here.  If the goal of NIMS is to “provide a common approach to managing incidents”, then how do we measure that?  The only acceptable methodology toward measuring NIMS compliance is one that actually identifies if NIMS has been integrated and implemented.  How do we do that?

The GAO report recommends the evaluation of after action reports (AARs) from incidents, events, and exercises as the ideal methodology for assessing NIMS compliance.  It’s a good idea.  Really, it is.  Did I mention that they interviewed me?

AARs (at least those well written) provide the kinds of information we are looking for.  Does it easily correlate into numbers and metrics?  No.  That’s one of the biggest challenges with using AARs, which are full of narrative.  Another barrier to consider is how AARs are written.  The HSEEP standard for AARs is to focus on core capabilities.  The issue: there is no NIMS core capability.  Reason being that NIMS/ICS encompasses a number of key activities that we accomplish during an incident.  The GAO identified the core capabilities of operational coordination, operational communication, and public information and warning to be the three that have the most association to NIMS activities.

The GAO recommends the assessment of NIMS compliance is best situated with FEMA’s regional offices.  This same recommendation comes from John Fass Morton who authored Next-Generation Homeland Security (follow the link for my review of this book).  Given the depth of analysis these assessments would take to review AAR narratives, the people who are doing these assessments absolutely must have some public safety and/or emergency management experience.  To better enable this measurement (which will help states and local jurisdictions, by the way), there may need to be some modification to the core capabilities and how we write AARs to help us better draw out some of the specific NIMS-related activities.  This, of course, would require several areas within FEMA/DHS to work together… which is something they are becoming better at, so I have faith.

There is plenty of additional discussion to be had regarding the details of all this, but its best we not get ahead of ourselves.  Let’s actually see what will be done to improve how NIMS implementation is assessed.  And don’t forget the crusade to improve ICS training!

What are your thoughts on how best to measure NIMS implementation?  Do you think the evaluation of AARs can assist in this?  At what level do you think this should be done – State, FEMA Regional, or FEMA HQ?

As always, thanks for reading!

© 2016 – Timothy Riecker

Updating ICS Training: Identification of Core Competencies

The crusade continues.  ICS training still sucks.  Let’s get enough attention on the subject to get it changed and make it more effective.

If you are a new reader of my blog, or you happened to miss it, check out this post from last June which should give you some context: Incident Command System Training Sucks.

As mentioned in earlier posts on the topic, the ICS-100 and ICS-200 courses are largely OK as they current exist.  Although they could benefit from a bit of refinement, they accomplish their intent.  The ICS-300 course is where we rapidly fall apart, though.  Much of the ICS-300 is focused on the PLANNING PROCESS, which is extremely important (I’ve worked a lot as an ICS Planning Section Chief), however, there is knowledge that course participants (chief and supervisor level responders) need to know well before diving into the planning process.

First responders and other associated emergency management partners do a great job EVERY DAY of successfully responding to and resolving incidents.  The vast majority of these incidents are fairly routine and of short duration.  In NIMS lingo we refer to these as Type IV and Type V incidents.  The lack of complexity doesn’t require a large organization, and most of that organization is dedicated to getting the job done (operations).  More complex incidents – those that take longer to resolve (perhaps days) and require a lot more resources, often ones we usually don’t deal with regularly – are referred to as Type III incidents.  Type III incidents, such as regional flooding or most tornados, are localized disasters.  I like to think of Type III incidents as GATEWAY INCIDENTS.  Certainly far more complex than the average motor vehicle accident, yet not hurricane-level.  The knowledge, skills, and abilities applied in a Type III, however, can be directly applied to Type II and Type I incidents (the big ones).

It’s not to say that what is done in a car accident, conceptually, isn’t done for a hurricane, but there is so much more to address.  While the planning process certainly facilitates a proactive and ongoing management of the incident, there are other things to first be applied.  With all that said, in any re-writing and restructuring of the ICS curriculum, we need to consider what the CORE COMPETENCIES of incident management are.

What are core competencies?  One of the most comprehensive descriptions I found of core competencies comes from the University of Nebraska – Lincoln, which I summarized below.  While their description is largely for a standing organization (theirs), these concepts easily apply to an ad-hoc organization such as those we establish for incident management.

Competency: The combination of observable and measurable knowledge, skills, abilities and personal attributes that contribute to enhanced employee performance and ultimately result in organizational success. To understand competencies, it is important to define the various components of competencies.

  • Knowledge is the cognizance of facts, truths and principles gained from formal training and/or experience. Application and sharing of one’s knowledge base is critical to individual and organizational success.
  • A skill is a developed proficiency or dexterity in mental operations or physical processes that is often acquired through specialized training; the execution of these skills results in successful performance.
  • Ability is the power or aptitude to perform physical or mental activities that are often affiliated with a particular profession or trade such as computer programming, plumbing, calculus, and so forth. Although organizations may be adept at measuring results, skills and knowledge regarding one’s performance, they are often remiss in recognizing employees’ abilities or aptitudes, especially those outside of the traditional job design.

When utilizing competencies, it is important to keep the following in mind:

  • Competencies do not establish baseline performance levels
  • Competencies support and facilitate an organization’s mission 
  • Competencies reflect the organization’s strategy; that is, they are aligned to short- and long-term missions and goals.
  • Competencies focus on how results are achieved rather than merely the end result. 
  • Competencies close skill gaps within the organization.
  • Competency data can be used for employee development, compensation, promotion, training and new hire selection decisions.

So what are the CORE COMPETENCIES OF INCIDENT MANAGEMENT?  What are the knowledge, skills, and abilities (KSAs) that drive organizational success in managing and resolving an incident?  Particularly for this application, we need to focus on WHAT CAN BE TRAINED.  I would offer that knowledge can be imparted through training, and skills can be learned and honed through training and exercises; but abilities are innate, therefore we can’t weigh them too heavily when considering core competencies for training purposes.

All in all, the current ICS curriculum, although in need of severe restructuring, seems to cover the knowledge component pretty well – at least in terms of ICS ‘doctrine’.  More knowledge needs to be imparted, however, in areas that are tangential to the ICS doctrine, such as emergency management systems, management of people in the midst of chaos, and other topics.  The application of knowledge is where skill comes in. That is where we see a significant shortfall in the current ICS curriculum.  We need to introduce more SCENARIO-BASED LEARNING to really impart skill-based competencies and get participants functioning at the appropriate level of Bloom’s Taxonomy.

Aside from the key concepts of ICS (span of control, transfer of command, etc.), what core competencies do you feel need to be trained to for the average management/supervisor level responder (not an IMT member)?  What knowledge and skills do you feel they need to gain from training?  What do we need a new ICS curriculum to address?

(hint: this is the interactive part!  Feedback and comments welcome!)

As always, thanks to my fellow crusaders for reading.

© 2016 – Timothy Riecker

Emergency Preparedness Solutions, LLC

FEMA National Preparedness System Updates

This afternoon EMForum.org hosted Donald ‘Doc’ Lumpkins, the Director of the National Integration Center from the National Preparedness Directorate. Doc had some great information on their current and near future activities regarding updates to the National Incident Management System (NIMS) and new Comprehensive Preparedness Guides (CPGs) expected to be released this year.  This is great news as we are always seeking additional national guidance and revisions which help us to maintain standards of practice.

Regarding NIMS, the guiding document has not been revised since 2008.  Doc specifically mentioned updates to NIMS to include:

  • the National Preparedness Goal and the National Preparedness System
  • Expanding NIMS across all five mission areas (Prevention, Protection, Mitigation, Response, and Recovery)
  • Encouraging whole community engagement and understanding
  • Continued emphasis that NIMS is more than just the Incident Command System (ICS)
  • Integrating incident support structures (such as EOCs – more on EOCs later)
  • Integrating situational awareness content
  • Incorporating lessons learned from exercises and real world events (Doc mentioned his office’s activity of culling through LLIS.gov to gain much of this information)
  • Including stakeholder feedback in the revision efforts
  • NIMS update activities will be conducted through the summer with an expected release of a new document this fall

As a significant component of the NIMS update, there will also be continued efforts to update the resource typing list.  Priority will be given to resources which are often requested.

The next topic of discussion was the Comprehensive Preparedness Guides (CPGs).  I was very excited to see a list of likely and potential CPGs either currently under development or expected to be developed soon.  These included:

  • Updating CPG 101
  • A CPG for Strategic Planning (This should shape out to be excellent guidance and essentially serves as a ‘catch all’ for many of the strategic planning tasks we do in emergency management)
  • Incident Action Planning (Doc said this will not be anything new or a replacement of best practices such as the Planning P.  Rather this document will serve to capture these best practices and ensure currency and critical linkages)
  • Planning for mass casualty incidents
  • Social media (a critical aspect of emergency management that is still changing regularly, and I don’t yet feel that we have a firm grasp on it and how to best use it.)
  • Access/Re-Entry to disaster sites
  • Improvised Explosive Devices (crafting hazard-specific annexes)
  • EOC guidelines (I’m hoping this document, while outlining best practices, provides flexibility for different management models of EOCs)
  • Search and rescue management

I’ve come to greatly appreciate that the National Preparedness System is a blanket thrown over the five mission areas, recognizing that each mission area (again – Prevention, Protection, Mitigation, Response, and Recovery) must be prepared for at every level of government to achieve the greatest measure of effectiveness.  There are many critical linkages within preparedness that are found within each or at least most mission areas and the continued efforts of the National Preparedness Directorate seem to be going in a good direction and incorporating the right people and information in their efforts.  Within this frame of thought, Doc mentioned that all of these efforts will utilize subject matter experts from across the country, with many drafts having public comment periods.  Be on the look out for these (I’ll post them as I see them) and be sure to review and comment on them.

As a final note, this was the last broadcast for EMForum.  After 17 years they are shutting down their program.  There has been no mention as to why they are shutting down.  While I’ve not attended every webinar, I do catch a few each year when the topic and/or speaker interest me.  The loss of EMForum is a loss to emergency management and the spirit of sharing information we have.  Through EMForum, there have been many great webinars, such as this one, where new programs and best practices are shared.  I’m hopeful the function that EMForum has served in facilitating this soon replaced so we can continue to stay up to date on what is transpiring.

©2014 Timothy Riecker