Tag NIMS

Cutting Grant Funds Cuts National Practices

Tim Riecker, The Contrarian Emergency Manager Leave a comment

As some rumors become reality for the current fiscal year and budget memos are leaked for the coming fiscal year, one thing is clear – states, local governments, tribal governments, and territories (SLTTs) will be receiving significantly less federal grant funding for preparedness. While some programs are expected to be outright eliminated, others are being reorganized and refocused with significant budget cuts. While not all change is bad, there is a significant shift in preparedness priorities that is largely politically motivated and lacking foundations in reality. I wrote last month on the Future of the US Emergency Management System, which focuses mostly on FEMA-centric topics, but we are also seeing and expecting major cuts to public health emergency preparedness (PHEP) grant funds, the elimination of certain PHEP programs, and indirect impacts to PHEP from cuts to other public health programs.  Similar cuts are also expected with the Hospital Preparedness Program (HPP). While I don’t think preparedness funds will be completely cut, the impacts will be significant until SLTTs are able to adjust their own budgets to address what priorities they can.  

Grant funding, however, is not only to the direct advantage of the recipients. Compliance with grant rules has long supported national standards (note that I use this term loosely. See this article for more information). FEMA preparedness grants, PHEP grants, and HPP grants, among others, have required the adoption of the National Incident Management System (NIMS), the use of the Homeland Security Exercise and Evaluation Program (HSEEP), national focus on certain threats or hazards, and reasonable consistency in building and sustaining defined capabilities. Grants have been the proverbial carrot that encouraged compliance and participation. While some of the results have been poorly measured (see my annual commentary on the National Preparedness Reports), the benefits of others have been much more tangible. Keeping things real, compliance with many of these requirements by some recipients may have been lackluster at best. Enforcement of these requirements has been practically non-existent (despite rumors of the “NIMS Police” circulating for years), which I think is a shame. That said, I think most recipients worked to meet most requirements in good faith; perhaps partly because someone’s signature attested to it, but I think mostly because many of these requirements were viewed as best practices. As such, while the requirements may be going away if there is no carrot for compliance, I think many jurisdictions will continue implementation.

All this, however, looks at past requirements. But what of new practices that would benefit from nation-wide implementation? I fear that without practices being required as part of a grant, adoption will be minimal. We would have to count on several factors for adoption to take place.

1) Emergency managers would need to be informed of the practice and the benefits thereof. Let’s be honest, most emergency managers are not well informed of new practices and concepts. Often, they simply don’t have the time to do any more than what they are doing, but unfortunately some may not care. Agencies like FEMA have also been notoriously bad at circulating information on new programs, practices, and concepts.

2) Emergency managers would have to agree that the practice can be beneficial to them.

3) Emergency managers would need the resources (time, staff, funds, etc.) to actually implement the practice.

4) In a multi-agency environment, partner agencies are more willing to support activities if they are told it’s a grant requirement – even if it’s not their own grant requirement. They may be reluctant to commit resources to something that is simply perceived as a good idea.

There are certainly a number of challenges ahead for emergency management in the broadest of applications. What I discuss here only scratches the surface. Let’s not lose sight of the benefits of best practices and standards, even if no one is telling us we need to adhere to them. That’s a hallmark of professionalism. We need to collectively advocate for our profession and the resources necessary to perform the critical functions we have. We need to take the time to advocate and to be deliberate in our actions. We need to secure multiple funding streams from every level of government possible. We need to identify efficiencies and leverage commonalities among partner agencies. Yes, lend your voice to the national organizations, but know that it’s up to you to advocate in your municipality, county, and state – and those efforts are now more important than ever.

©2025 Tim Riecker, CEDP

Emergency Preparedness Solutions, LLC®

Taking the Reins

Tim Riecker, The Contrarian Emergency Manager 4 Comments

Through the past several years of my blog, the central theme of my posts has really been to ask ‘why?’. Why do we do the things we do in emergency management? Why do we accept things as they are? Why haven’t we endeavored to change, update, or improve upon some of these things that range, at best, from mediocracy to, at worst, absolute crap?

A boss of mine many (so many) years ago taught me the concept of ‘ask why five times’ if you want to get to the root of anything. Of course, you need to seek the proper people to ask or sources to conduct your research, but the concept still stands – often we can’t just ask ‘why’ once and expect that one answer to explain everything for us.

Our field of practice is filled with so many things which can be considered standards. They may be true standards, such as NFPA 1660, or simply a de facto standard – something that has become widely accepted in practice, such as CPG 101.

Standards are a double-edged sword. On the better side, they give us commonality. We can expect that, if reasonably applied, the outputs will have substantial similarity and will, at minimum, meet a base-line expectation. Consistency is generally viewed as good and beneficial in largely any application. On the other hand, standards can stifle innovation. They can encourage laziness. They often promote shortcuts like templates, which, while there are benefits, largely remove the inclination of critical thinking from the work that is done and assume that all applications can fit within someone else’s concept of how things should be.

As we face a significant possibility of a number of de facto standards from FEMA no longer being maintained due to changes in focus and reduction in force – things like the homeland security exercise and evaluation program (HSEEP), CPG 101, and even the National Incident Management System (NIMS) – how will things be done in what may become a new era of emergency management?

There are some that are shilling the downfall of emergency management. While I don’t think this extreme is quite realistic, there will most certainly be some significant changes and impacts to which we must adapt. In the realm of standards (and likely other gaps created), I feel the profession will realize the need to take care of itself, taking a path of self-determination and filling a role that has been, most successfully, done by FEMA. Early on, in the absence of a central coordinating entity (FEMA) maintaining these de facto standards, we will see several disparate efforts of upkeep, with results likely following a bell curve of quality – most will be deemed reasonable, though outliers will exist on both ends of the spectrum, with one side being garbage and the other fairly inspired and progressive. Here enters opportunity. Opportunity for improvement, innovation, different perspectives, and simply seeking better ways of doing things. Though this process begs some questions – Whose version will reign supreme? And what authority does the author have to publish any given standard? Is some measure of authority even required for such a thing for it to be, even unofficially, adopted by the profession?

I feel that regardless of this circumstance, we must periodically examine our standards of practice. Ask ‘why?’ five times (or really however many times is necessary). This can range from asking the same question over and over until you get to some foundational answer you are seeking, or asking a chain of related questions to poke at different sides of the standard. Consider questions like ‘Why does the standard exist?’, ‘Why does the standard exist as it is?’, ‘How did this standard evolve?’, ‘What are the strengths of the current standard?’, ‘What are the weaknesses of the current standard?’, ‘What can we do better and how?’.

There has been some effort lately (also spearheaded by FEMA) toward the concept and implementation of continuous improvement. Standards should also fit within this movement. Standards need to evolve and change and support the practice, though they should be constructed in such a fashion that does not limit a range of application (i.e. can it be used by states as well as small towns? Does it need to be?) or stifle innovation. And while evolution is necessary, I’ll also caution against wholesale change – unless a truly better way is developed and validated. Standards should not change based simply on someone’s good idea, a different perspective, or political influence. Standards (true or de facto) or any part thereof and in any industry should be peer developed and peer reviewed. Changes need to be carefully considered, but also not feared. While I feel FEMA has been a good steward of our standards of practice, that time may be coming to an end, at least for a while. The standards of practice across emergency management must be maintained if this disruption comes to fruition. This is a challenge. This is an opportunity. This is a necessity. We must rise to the occasion.

© 2025 – Tim Riecker, CEDP

Emergency Preparedness Solutions, LLC®

Five Domains of Incident Management

Tim Riecker, The Contrarian Emergency Manager 3 Comments

Earlier this summer, RAND, under contract to CDC as part of a five-year project related to examining and assessing incident management practices in public health, developed and released the Incident Management Measurement Toolkit. Overall, I think the tool developed is a solid effort toward standardizing the evaluation of incident management. The tool guides a depth of examination into incident management practices. It can be a bit daunting at a glance, but the methodology of evaluation is generally what I’ve been practicing over the past several years for developing incident and event AARs. I’d also suggest that it’s scalable in application.

I feel it’s important to note that incident management teams involved in non-public health applications were also engaged in the research. The outcomes of the project and the inclusion of non-public health incident management practices in the research indicate to me that this tool can be applied broadly and not limited to public health applications.

Serving as a foundation for the assessment tool and methodology are five Domains of Incident Management that the project team identified. Provided with key activities, these include:

  1. Situational Awareness and Information Sharing – Perception and characterization of incident-related information to identify response needs.
  2. Incident Action and Implementation Planning – Ongoing articulation and communication of decisions in coherent incident action plans.
  3. Resource Management and Mobilization – Deployment of human, physical, and other resources to match ongoing situational awareness, identification of roles, and relevant decisions.
  4. Coordination and Collaboration – Engagement and cooperation between different stakeholders, teams, and departments in managing the incident.
  5. Feedback and Continuous Quality Improvement – The need for ongoing evaluation and refinement of incident management processes.

In consideration of these domains, I think the activities inherent within them are fairly agnostic of the type of incident management system (i.e. ICS) used. I also think these same domains can be applied for recovery operations, again, regardless of the system or organization being utilized; as well as the principal practice at work (public health, emergency management, fire service, law enforcement, etc.).

I’ve been intending to write about these domains for a while, but each time I considered them, something stood out to me as being a bit askew. I finally realized that these really aren’t domains that encompass all of incident management. Rather, these domains are better associated with an incident management system, such as the Incident Command System (ICS). The first three domains are very clearly applied directly to an incident management system, and the fourth is the general concept of multiagency coordination, which is a common concept of incident management systems. The last domain is simply quality management which is certainly integral across various incident management systems.

While I don’t believe my view undermines the tool’s value, it highlights the need for a clearer understanding of its limitations. An incident management system, like ICS, is just one part of incident management and doesn’t cover all related activities. Some tasks in incident management, such as setting priorities, decision-making, troubleshooting, and dealing with political and social issues, are often not directly related to the tactical management systems we use. Additionally, many important aspects fall within leadership that aren’t covered by the NIMS doctrine or the Planning P. Although organizing resources is a central part of incident management, there are many other activities not addressed in a tactical response that may influence tactical applications but are not part of a defined incident management system. While one could argue these activities fit into the five identified domains, I feel this analysis doesn’t provide a complete picture of a complex response. More information would be needed.

That said, I really like this toolkit. I think it provides a structured mechanism for evaluating common practices of incident management systems, which itself can provide a foundation for a more comprehensive assessment of incident management. That comprehensive assessment, beyond the incident management system, is also more anecdotal and often requires persons experienced in asking the right questions and clarifying perspectives and opinions – things that ultimately can’t be done (or at least done easily) with an assessment tool.

So regardless of what the nature of your incident is, consider using the Incident Management Measurement Toolkit as part of your AAR process.

What are your thoughts on the RAND tool? Have you used it? What do you think of the five domains they have identified?

©2024 Timothy Riecker, CEDP

Emergency Preparedness Solutions, LLC®

ICS: Problems and Perceptions

Tim Riecker, The Contrarian Emergency Manager 4 Comments

Oddly enough, I’ve recently seen a spate of LinkedIn posts espousing the benefits of the Incident Command System (ICS). Those who have been reading my material for a while know that I’m a big proponent of ICS, though I am highly critical of the sub-par curriculum that we have been using for decades to teach ICS. The outcome is an often poorly understood and implemented system resulting in limited effectiveness.

Yes, ICS is a great tool, if implemented properly. Yet most implementations I see aren’t properly conducted. To further muddy these waters, I see emergency plans everywhere that commit our responders and officials to using ICS – this is, after all, part of the National Incident Management System (NIMS) requirement that many have – yet they don’t use it.

So why isn’t ICS being used properly or even at all? Let’s start with plans. Plans get written and put up on a proverbial shelf – physical or digital. They are often not shared with the stakeholders who should have access to them. Even less frequently are personnel trained in their actual roles as identified and defined in plans. Some of those roles are within the scope of ICS while some are not. The bottom line is that many personnel, at best, are only vaguely familiar with what they should be doing in accordance with plans. So, when an incident occurs, most people don’t think to reference the plan, and they flop around like a fish out of water trying to figure out what to do. They make things up. Sure, they often try their best, assessing what’s going on and finding gaps to fill, but without a structured system in place and in the absence (or lack of referencing) of the guidance that a quality plan should offer, efficiency and effectiveness are severely decreased, and some gaps aren’t even recognized or anticipated.

Next, let’s talk about ICS training. Again, those who have been reading my work for a while have at least some familiarity with my criticism of ICS training. To be blunt, it sucks. Not only does the content of courses not even align with course objectives, the curriculum overall doesn’t teach us enough of HOW to actually use ICS. My opinion: We need to burn the current curriculum to the ground and start over. Course updates aren’t enough. Full rewrites, a complete reimagining of the curriculum and what we want to accomplish with it, needs to take place.

Bad curriculum aside… For some reason people think that ICS training will solve all their problems. Why? One reason I believe is that we’ve oversold it. Part of that is most certainly due to NIMS requirements. Not that I think the requirements, conceptually, are a bad thing, but I think they cause people to think that if it’s the standard that we are all required to learn, it MUST be THE thing that we need to successfully manage the incident. I see people proudly boasting that they’ve completed ICS300 or ICS400. OK, that’s great… but what can you actually do with that? You’ve learned about the system, but not so much of how to actually use it. Further, beyond the truth that ICS training sucks, it’s also not enough to manage an incident. ICS is a tool of incident management. It’s just one component of incident management, NOT the entirety of incident management. Yes, we need to teach people how to use ICS, but we also need to teach the other aspects of incident management.

We also don’t use ICS enough. ICS is a contingency system. It’s not something we generally use every day, at least to a reasonably full extent. Even our first responders only use elements of ICS on a regular basis. While I don’t expect everyone to be well practiced in the nuances and specific applications of ICS, we still need more practice at using more of the system. It’s not the smaller incidents where our failure to properly implement ICS is the concern – it’s the larger incidents. It’s easy to be given a scenario and to draw out on paper what the ICS org chart should look like to manage the scenario. It’s a completely different thing to have the confidence and ego in check to make the call for additional resources – not the tactical ones – but for people to serve across a number of ICS positions. Responders tend to have a lot of reluctance to do so. Add to that the fact that most jurisdictions simply don’t have personnel even remotely qualified to serve in most of those positions. So not only are we lacking the experience in using ICS on larger incidents, we also don’t have experience ‘ramping up’ the organization for a large response. An increase in exercises, of course, is the easy answer, but exercises require time, money, and effort to implement.

One last thing I’ll mention on this topic is about perspective. One of the posts I read recently on LinkedIn espoused all the things that ICS did. While I understand the intent of their statements, the truth is that ICS does nothing. ICS is nothing more than a system on paper. It takes people to implement it. ICS doesn’t do things; PEOPLE do these things. The use of ICS to provide structure and processes to the chaos, if properly done, can reap benefits. I think that statements claiming all the things that ICS can do for us, without inserting the critical human factor into the statement, lends to the myth of ICS being our savior. It’s not. It must be implemented – properly – by people to even stand a chance.

Bottom line: we’re not there yet when it comes to incident management, including ICS. I dare say too many people are treating it as a hobby, not a profession. We have a standard, now let’s train people on it PROPERLY and practice it regularly.

©2024 Timothy Riecker, CEDP

Emergency Preparedness Solutions, LLC®

NIMS Intel and Investigations Function – A Dose of Reality

Tim Riecker, The Contrarian Emergency Manager 1 Comment

Background

Soon after the initiation of the National Incident Management System (NIMS) as a result of Homeland Security Presidential Directive 5 in 2003, the Intelligence and Investigation (I/I) function was developed and introduced to NIMS, specifically to the Incident Command System (ICS). While we traditionally view I/I as a law enforcement function, there are other activities which guidance indicates may fall within I/I, such as epidemiology (personally, I’d designate epidemiology as a specific function, as we saw done by many during the COVID-19 response), various cause and origin investigations, and others. Integration of these activities into the response structure has clear advantages.

The initial guidance for the I/I function was largely developed by command personnel with the New York City Police Department (NYPD). This guidance offered several possible locations for the I/I function within the ICS structure, based on anticipated level of activity, needed support, and restrictions of I/I related information. These four possible ways of organizing the I/I function per this guidance are depicted here, and include:

  1. Placement as a Command Staff position
  2. Organized within the Operations Section (i.e. at a Branch level)
  3. Developed as its own section
  4. Included as a distinct unit within the Planning Section

These concepts have been included in the NIMS doctrine and have been supported within the NIMS Intelligence/Investigations Function Guidance and Field Operations Guide, though oddly enough, this second document ONLY addresses the organization of an I/I Section and not the other three options.

The Reality

Organization of I/I can and does certainly occur through any one of these four organizational models, though my own experiences and experiences of others as described to me have shown that very often this kind of integration of I/I within the ICS structure simply does not occur. Having worked with numerous municipal, county, state, federal, and specially designated law enforcement agencies, I’ve found that the I/I function is often a detached activity which is absolutely not operating under the command and control of the incident commander.

Many of the sources of I/I come from fusion centers, which are off-scene operations, or from agencies with specific authorities for I/I activities that generally have no desire or need to become part of the ICS structure, such as the FBI conducting a preliminary investigation into an incident to determine if it was a criminal act, or the NTSB investigating cause and origin of a transportation incident. These entities certainly should be communicating and coordinating with the ICS structure for scene access and operational deconfliction, but are operating under their own authority and conducting specific operations which are largely separate from the typical life safety and recovery operations on which the ICS structure is focused.

My opinion on this is that operationally it’s completely OK to have the I/I function detached from the ICS structure. There are often coordination meetings and briefings that occur between the I/I function and the ICS structure which address safety issues and acknowledge priorities and authorities, but the I/I function is in no way reporting to the IC. Coordination, however, is essential to safety and mutual operational success.

I find that the relationship of I/I to the ICS structure most often depends on where law enforcement is primarily organized within the ICS structure and who is managing that interest. For example, if the incident commander (IC) is from a law enforcement agency, interactions with I/I activities are more likely to be directly with the IC. Otherwise, interactions with I/I are typically handled within the Operations Section through a law enforcement representative within that structure. Similarly, I’ve also experienced I/I activity to have interactions with an emergency operations center (EOC) through the EOC director (often not law enforcement, though having designated jurisdictional authority and/or political clout) or through a law enforcement agency representative. As such, compared to the options depicted on an org chart through the earlier link, we would see this coordination or interaction depicted with a dotted line, indicating that authority is not necessarily inherent.

I think that the I/I function organized within the ICS structure is more likely to happen when a law enforcement agency has significant responsibility and authority on an incident, and even more likely if a law enforcement representative is the IC or represented in a Unified Command. I also think that the size and capabilities of the law enforcement agency is a factor, as it may be their own organic I/I function that is performing within the incident. As such, it would make sense that a law enforcement agency such as NYPD, another large metropolitan law enforcement agency, or a state police agency leading or heavily influencing an ICS structure would be more likely to bring an integrated I/I function to that structure. Given this, it makes sense that representatives from NYPD would have initially developed these four possible organizational models and seemingly exclude the possibility of a detached I/I function, but we clearly have numerous use cases where these models are not being followed. I’ll also acknowledge that there may very well be occurrences where I/I isn’t but should be integrated into the ICS structure. This is a matter for policy and training to address when those gaps are identified.

I believe that NIMS doctrine needs to acknowledge that a detached I/I function is not just possible, but very likely to occur. Following this, I’d like to see the NIMS Intelligence/Investigation Function Guidance and Field Operations Guide updated to include this reality, along with operational guidance on how best to interact with a detached I/I function. Of course, to support implementation of doctrine, this would then require policies, plans, and procedures to be updated, and training provided to reflect these changes, with exercises to test and reinforce the concepts.

What interactions have you seen between an ICS or EOC structure and the I/I function? What successes and challenges have you seen from it?

© 2024 Tim Riecker, CEDP

Emergency Preparedness Solutions, LLC®

Properly Applying ICS in Function-Specific Plans

Tim Riecker, The Contrarian Emergency Manager Leave a comment

As with many of my posts, I begin with an observation of something that frustrates me. Through much of my career, as I review function-specific plans (e.g., shelter plans, point of distribution plans, debris management plans, mass fatality incident management plans) I see a lot of organization charts that are inserted into those plans. Almost always, the org chart is an application of a ‘full’ incident command system (ICS) org chart (Command, Command Staff, General Staff, and many subordinate positions). This is obviously suitable for a foundational emergency operations plan (EOP), an emergency operations center (EOC) plan, or something else that is very comprehensive in nature where this size and scope of an organization would be used, but function-specific plans are not that. This, to me, is yet another example of a misinterpretation, misunderstanding, and/or misuse of the principles of National Incident Management System (NIMS) and ICS.

Yes, we fundamentally have a mandate to use ICS, which is also an effective practice, but not every function and facility we activate within our response and recovery operations requires a full organization or an incident management team to run. The majority of applications of a function-specific plan are within a greater response (such as activating a commodity POD during a storm response). As such, the EOP should have already been activated and there should already be an ‘umbrella’ incident management organization (e.g., ICS) in place – which means you are (hopefully) using ICS. Duplicating the organization within every function isn’t necessary. If we truly built out organizations according to every well intentioned (but misguided) plan, we would need several incident management teams just to run a Type 3 incident. This isn’t realistic, practical, or appropriate.

Most function-specific plans, when activated, would be organized within the Operations Section of an ICS organization. There is a person in charge of that function – depending on the level of the organization in which they are placed and what the function is, there is plenty of room for discussion on what their title would be, but I do know that it absolutely is NOT Incident Commander. There is already one of those and the person running a POD doesn’t get to be it. As for ‘command staff’ positions, if there is really a need for safety or public information activity (I’m not even going to talk about liaison) at these levels, these would be assistants, as there is (should be) already a Safety Officer or PIO as a member of the actual Command Staff. Those working within these capacities at the functional level should be coordinating with the principal Command Staff personnel. As for the ‘general staff’ positions within these functions, there is no need for an Operations Section as what’s being done (again, most of the time that’s where these functions are organized) IS operations. Planning and Logistics are centralized within the ICS structure for several reasons, the most significant being an avoidance of duplication of effort. Yes, for all you ICS nerds (like me) there is an application of branch level planning (done that) and/or branch level logistics that can certainly be necessary for VERY complex functional operations, but this is really an exception and not the rule – and these MUST interface with the principal General Staff personnel. As for Finance, there are similarly many reasons for this to be centralized within the primary ICS organization, which is where it should be.

We need to have flexibility balanced with practicality in our organizations. We also need to understand that personnel (especially those trained to serve in certain positions) are finite, so it is not feasible to duplicate an ICS structure for every operational function, nor is it appropriate. The focus should be on what the actual function does and how it should organize to best facilitate that. My suggestion is that if you are writing a plan, unless you REALLY understand ICS (and I don’t mean that you’ve just taken some courses), find someone who (hopefully) does and have a conversation with them. Talk through what you are trying to accomplish with your plan and your organization; everything must have a purpose so ask ‘why?’ and question duplication of effort. This is another reason why planning is a team sport and it’s important to bring the right people onto the team.

© 2024 Tim Riecker, CEDP

Emergency Preparedness Solutions, LLC®

AHIMTA Incident Management Certification

Tim Riecker, The Contrarian Emergency Manager 2 Comments

I was very pleased to see last week’s announcement by the All-Hazards Incident Management Team Association (AHIMTA) about their certification services for incident management personnel. From their website, AHIMTA is utilizing the National Incident Management System (NIMS) and the National Qualification System (NQS) as the baseline for their AHIMTA Incident Management Certification System (AIMCS). Information, including trainee application information can be found at https://www.ahimta.org/certification. In many ways, the AIMCS is a continuation of the Interstate Incident Management Qualifications System (IIMQS) Guide that AHMITA developed in 2012.

AHIMTA is providing a much-needed service, filling a vacuum that has always existed in the all-hazards incident management team (IMT) program in the US. While FEMA is responsible for maintaining the NQS, they have not actually provided certification or qualification of IMTs or IMT personnel. Last year it was decided that the US Fire Administration would discontinue their management of the AHIMT program. While the USFA didn’t provide any certification services, the program guidance they provided was valuable. They were also the primary federal agency doing anything with external AHIMTs. While some states have implemented the FEMA NQS standard for IMTs and associated positions, others have not. Even among the states that have, some have only done so, officially, for state-sponsored teams/personnel and not for those affiliated with local governments or other entities. Clearly gaps exist that must be filled. AHIMTA has continued to advocate for quality AHIMTs and personnel across the nation.

AHIMTA’s role as a third-party certification provider presents an interesting use case. While not unique, a third party providing a qualification certification (not a training certificate) based on a federal standard is not necessarily common. AHIMTA doesn’t have any explicit authority to provide this certification from FEMA or others, but as a respected organization in the AHIMT area of practice, I don’t think their qualifications to do so can be denied. Certification demands a certain rigor and even assumes liability. The documentation of the processes associated with their certification are well documented in their AIMCS Guide. While AHIMTA can’t require their certification, states and other jurisdictions may very well adopt it as the standard by which they will operate, and can make it a requirement for their jurisdiction. Aside from some very specific certifications that have existed, such as those for wildfire incident management personnel, much of AHIMT practices has been self-certification, which can vary in quality and rigor. The AIMCS program can provide consistency as well as relieve the pressure from states and other jurisdictions in forming and managing their own qualification systems. There will also be an expected level of consistency and excellence that comes from AHIMTA.

All that said, I continue to have reservations about membership organizations offering professional certifications. While membership organizations arguably have some of the greatest interest in the advancement of their profession and adherence to standards, as well as the pool of knowledge within their practice, the potential for membership influencing the process or injecting bias against non-members can never fully be eliminated. I feel that certifications should be provided by government agencies or fully independent organizations that are not beholden to a membership. Not wishing to stall AHIMTA’s progress or success in this program, I’m hopeful they may be willing to create a separate organization solely for the purposes of certification credentialing. I’d also love to see, be it offered in conjunction with this program or otherwise, an EOC qualification certification program, ideally centered upon FEMA’s EOC Skillsets, but with qualification endorsements for various EOC organizational models, such as the Incident Support Model.

I’m very interested to see the progress to be made by the AIMCS and how states and other jurisdictions adopt it as their standard. This certification should have significant impact on the continued development of quality all-hazard incident management teams.

What are your thoughts on this certification program?

© 2023 Timothy Riecker, CEDP

Emergency Preparedness Solutions, LLC®

Gaps in ICS Doctrine and Documents

Tim Riecker, The Contrarian Emergency Manager 2 Comments

Last month I got to spend several days with some great international colleagues discussing problems and identifying solutions that will hopefully have a meaningful and lasting impact across incident management and emergency response. No, this wasn’t at an emergency management conference; this was with an incredible group of ICS subject matter experts convened by ICS Canada, with a goal of addressing some noted gaps in ICS doctrine, training, and other related documents. While the focus was specific to the documents under the purview of ICS Canada, most of these matters directly apply to ICS in the United States as well.

Overall, our doctrine, curriculum, etc. (collectively, documents) across ICS is a mess. Broadly, the issues include:

  • Poor definitions of key concepts and features of ICS.
  • Lack of proper emphasis or perspective.
  • Lack of inclusion of contemporary practices. (management concepts, social expectations, moral obligations, even legal requirements, etc.)
  • Lack of continuity from doctrine into supporting documents and curriculum. – Everything needs to point back to doctrine. Not that every tool needs to be explicitly included in the doctrine, but they should be based upon consistent standards.
  • A need to support updated training to improve understanding and thus implementation.

As we discussed among the group and I continued thought on this, I’ve realized that ICS, as it relates to the US (NIMS) has so little doctrine spread across a few NIMS documents (the core NIMS doctrine, National Qualification System documents, and a few guidance/reference documents – which aren’t necessarily doctrine). In the US, via the National Wildfire Coordinating Group (NWCG), we used to have a whole array of documents which could be considered ICS doctrine (in the days of NIIMS <yes, that’s two ‘eyes’>). When the responsibility for the administration of ICS (for lack of better phrasing) shifted to DHS, these documents were ‘archived’ by the NWCG and not carried over or adopted by the NIMS Integration Center (NIC) in DHS who now has responsibility for NIMS oversight and coordination. The NIC has developed some good documents, but in the 20 years since the signing of HSPD-5 (which created and required the use of NIMS) it seems the greatest progress has been on resource typing and little else.

Looking at current NIMS resources, I note that some are available from the core NIMS site https://www.fema.gov/emergency-managers/nims while others are available from EMI at https://training.fema.gov/emiweb/is/icsresource/. All these documents really need to be consolidated into one well organized site with doctrine identified separate from other resources and documents (i.e. job aids, guidance, etc.).

I thought it might be fun to find some examples so I decided to open up the ICS 300 instructor guide, flip through some pages, and look at a few concepts identified therein that might not have much doctrinal foundation. Here’s a few I came up with:

  • Formal and Informal Communication
    • These concepts aren’t cited anywhere in NIMS documents. While superficially they seem to be pretty straight forward, we know that communication is something we constantly need improvement in (see practically any after-action report). As such, I’d suggest that we need inclusion and reinforcement of foundational communications concepts, such as these, in doctrine to ensure that we have a foundation from which to instruct and act.
  • Establishing Command
    • This is mentioned once in the core NIMS doctrine with the simple statement that it should be done at the beginning of an incident. While often discussed in ICS courses, there are no foundational standards or guidance for what it actually means to establish command or how to do it. Seems a significant oversight for such an important concept.
  • Agency Administrator
    • While this term comes up several times in the core NIMS doctrine, they are simple references with the general context being that the Agency Administrator will seek out and give direction to the Incident Commander. It seems taken for granted that most often the Incident Commander needs to seek out the Agency Administrator and lead up, ask specific questions, and seek specific permissions and authorities.
  • Control Objectives
    • Referenced in the course but not defined anywhere in any ICS document.
  • Complexity Analysis
    • The course cites factors but doesn’t reference the NIMS Incident Complexity Guide. Granted, the NIMS Complexity Guide was published in June 2021 (after the most recent ICS 300 course material), but the information in the Complexity Guide has existed for some time and is not included in the course materials.
  • Demobilization
    • Another big example of the tail wagging the dog in NIMS. Demobilization is included across many ICS trainings, but there is so little doctrinal foundation for the concept. The core NIMS doctrine has several mentions of demobilization, even with a general statement of importance, but there is no standard or guidance on the process of demobilization beyond what is in curriculum – and training should never be the standard.

For ICS being our standard, we haven’t established it well as a standard. A lot of work needs to be done to pull this together, fill the gaps, and ensure that all documents are adequately and accurately cross-referenced. This will require a significant budget investment in the National Integration Center and the formation of stakeholder committees to provide guidance to the process. We need to do better.

What doctrine and document gaps do you see as priorities in NIMS?

© 2023 Tim Riecker, CEDP

Emergency Preparedness Solutions, LLC®

NIMS Change – Information and Communications Technology Branch

Tim Riecker, The Contrarian Emergency Manager 4 Comments

FEMA recently released a draft for the National Incident Management System (NIMS) Information and Communications Technology (ICT) guidance, providing a framework for incorporating ICT into the Incident Command System (ICS). The draft guidance in many ways formalizes many of the functional changes ICS practitioners have been incorporating for quite a while.

Essentially, the guidance creates an ICT branch within the Logistics Section. That branch can include the traditional Communications Unit as well as an Information Technology (IT) Service Unit. They also make allowances for a Cybersecurity Unit to be included the branch – not as an operational element for a cyber incident, but largely in a network security capacity. The creation of an ICT branch is also recommended for emergency operations centers (EOCs), regardless of the organizational model followed.

The IT Service Unit includes staffing for a leader, support specialists, and a help desk function, while the Cybersecurity Unit includes staffing for a leader, a cybersecurity planner, a cybersecurity coordinator, and a cyber support specialist. The position descriptions and associated task books are already identified pending final approvals and publication of this guidance, with the Cybersecurity and Infrastructure Security Agency (CISA) seemingly ready to support training needs for many of the new positions.

I’m fully in support of this change. FEMA is accepting feedback through October 20, 2022, with instructions available on the website provided previous.

Not being a communications or IT specialist myself, I’m interested in the perspectives of others on this.

© 2022 Tim Riecker, CEDP

Emergency Preparedness Solutions, LLC®

Bring MAC Back

Tim Riecker, The Contrarian Emergency Manager Leave a comment

Multi Agency Coordination, or MAC, is a concept most frequently applied to incident management. MAC Groups are the most commonly defined, being a collection of executives from various agencies, organizations, and/or jurisdictions who may commit the resources of their respective agencies, and often provide high-level decision-making and policy coordination to support an incident. Multi Agency Coordination Systems (MACS) have also been commonly defined, essentially as the combination of resources assembled to support the implementation of multi agency coordination. Multi agency coordination, as a concept, however, transcends MAC Groups and MAC Systems. In incident response we see multi agency coordination occur at the field level and in emergency operations centers (EOCs), the latter of which is generally viewed as an operational extension of the MAC Group. We even see the concept of multi agency coordination specifically extended into Joint Information Systems and Joint Information Centers. Multi agency coordination can and often does also exist across all phases and mission areas associated with emergency management. This is simply a reinforcement that emergency management is a team sport, requiring the participation and input of multiple organizations before, during, and after a disaster as well as in steady-state operations. MAC can be applied in many effective ways to support all of this.

But where did MAC (the more formal version) go? MAC was one of the foundational aspects of the National Incident Management System (NIMS) at one time. But now if you look for information on MAC, you will be pretty disappointed. The NIMS doctrine provides barely a single page on MAC, which might be fine for a doctrinal document if there were supplemental material. Yet, when looking through FEMA’s page for NIMS Components, there are no documents specifically for MAC. There used to be a pretty decent independent study training course for MAC, which was IS-701. That course, and the materials provided, no longer exist as of September 2016. (side note… lots of states and other jurisdictions assembled NIMS Implementations Plans. Many of those have not been updated in years and still reference this as a required training course). You will find only scant references to MAC in some of the ICS and EOC courses, but not with the dedicated time that once existed.

So why is this a problem? MAC as a concept is still alive and well, but without doctrine, guidance, and training to reinforce and support implementation, it will fall into disuse and poor practice. Just in the past two weeks alone, I’ve had direct conversations about MAC with three different clients: one in regard to a state COVID AAR; the other for all hazard planning, training, and exercises; and the other for state-level coordination of a response to invasive species. Superficially, MAC seems an easy concept. You get a bunch of executive-level stakeholders in a room, on a call, or in a video chat to talk about stuff, right?  Sure, but there are right and wrong ways to go about it and best practices which should be embraced. There is no single true model for MAC, which is appropriate, but absent any reasonable guidance, MAC may be misapplied, which could become an impediment to a response – something we’ve certainly seen happen.

All that said, we need to bring significant MAC content and guidance back. One of the better resources I’ve found out there comes from Cal OES. It’s a bit dated (2013) but still relevant. While it does have some language and application specific to California, it is an all-hazards guide (actually adapted from a wild-fire oriented FIRESCOPE document). The document is good, but I’d like to see a national approach developed by FEMA (properly the National Integration Center). MAC is an incident management fundamental, with application even broader than response. Their importance for response, especially larger more complex incidents, is huge, yet the information available on MAC is fairly dismissive. While some content exists in training courses, most of the courses where the content is found are not courses which many MAC Group members would be taking. We must also not confuse training with guidance. One does not replace the other – in fact training should reflect guidance and doctrine.

© 2022 Tim Riecker, CEDP – The Contrarian Emergency Manager

Emergency Preparedness Solutions, LLC®