Tag preparedness

Operational Readiness in Emergency Management

Tim Riecker, The Contrarian Emergency Manager Leave a comment

Back in 2017 I wrote a piece on defining operational readiness.  It’s a topic, which, after some recent discussion with a colleague, I think bears revisiting and expanding upon.  Specifically, how we apply it in emergency management, or not.  Readiness is really a final comprehensive perspective of preparedness.  That is, once you have reached a certain level of preparedness, you can be ready, but being prepared doesn’t necessarily make you ready.  Preparedness is generally perceived as an ongoing process, though a state of readiness is typically a snapshot in time.

It struck me that the military tends to have more of a focus on readiness, while emergency management has a focus on preparedness.  While you will find both concepts within the doctrine of emergency management and military, the actual applications are considerably skewed.  After my discussion, I began to wonder why there this difference exists and what we can learn from it.

Having worked a considerable amount with various National Guard elements, I’ve come to highly respect their processes and their endeavor for readiness.  Not that we don’t have similar rigor in emergency management, but the focus seems to be more on the processes of preparedness rather than a state of operational readiness.  Sometimes the differences are so subtle that I have to sit back and think them through, but they are certainly there, and they are meaningful.  Given the military’s focus on operational readiness, they serve as a good source of information, though it needs to be properly filtered for application to emergency management.

As I’ve applied more thought to this, I’ve assembled a refined definition of readiness as it applies to emergency management, that being:

[Readiness is the nexus of benchmark outcomes of preparedness matched with the needs of a specific kind and type of response. A state of operational readiness is achieved when all applicable preparedness benchmarks are met and the organization is willing and able to adequately leverage the resulting capabilities against a corresponding threat or hazard.]

I’ve put together a graphic I think reasonably represents this relationship below.  Readiness is represented by a cloud because, as I explore further in this writing, it is itself rather amorphic and complex.

Readiness

To explain the components of my definition…  Readiness comes from a culmination of outcomes from preparedness activities, but only when each of these outcomes achieves a specific benchmark state.  The achievement of benchmarked preparedness activities define a measure of capability.  These capabilities are associated with a specific threat(s) or hazard(s).  As such, that state of readiness is only applicable to a specific kind (threat or hazard) and type (size and complexity) incident.  To help illustrate my points, here are a couple of examples using field response scenarios:

We can assume that a volunteer fire department is prepared to handle a room and contents fire.  They should have all the elements needed to do so, and in fact, these elements have standards (benchmarks) defined by the NFPA and state fire marshals.  Does this mean they have achieved readiness?  Hopefully yes, but perhaps not.  Given the rather extensive crisis of low membership in volunteer fire departments, the department in question may not have adequate staff to respond to this fire if it occurs, for example, in the middle of a week day.  This gives them a measure of degraded, or even negligible readiness.

Similarly, if we take the same fire department, having accomplished the benchmarks of preparedness for response to a room and contents fire, and even given adequate staff to do so, they may not have a state of readiness to fully address a hazardous materials incident.  While many of the elements of preparedness apply to both types of incidents, there are some critical differences which they would have to overcome to establish a state of readiness for a different type of incident.  Likewise, we could revert back to the room and contents fire and make it bigger – say a fully involved structure fire. While the department might have operational readiness to address the room and contents fire, they may not have the operational readiness to address a structure fire.

I think it’s fair to say that we can be prepared for something without having operational readiness for it.  Years ago, when there was a planetary ‘near miss’ by a meteor, a news outlet contacted our state OEM PIO.  They asked if we had a plan for a meteor strike.  The PIO acknowledged that we didn’t have a plan specific to that, but we did have a comprehensive emergency management plan, through which, and supported by various functional annexes, we were prepared to respond to such an incident and its effects should it occur.  Was the PIO wrong?  Not at all.  Assuming the other elements of preparedness were reasonably in place (and they were), it would be fair to say we were generally ‘prepared for anything’.  Were we ready, however?  Absolutely not.  The operational readiness needs for such an extraordinary, high impact incident are near-impossible to achieve.

When we examine this, it’s important to identify that a state of readiness can wax and wane, based on our ability to apply the identified preparedness measures to the incident in question. Considering the first example of the fire department and the room and contents fire, the department has a state of operational readiness when, as included in the definition I gave, all the preparedness benchmarks are met and they are willing and able to adequately leverage the resulting capabilities against a corresponding threat or hazard.  Changes in capability and/or the willingness or ability to apply those capabilities will result in degradation of readiness.  Depending on the factor in question, it may fully disqualify their readiness, or it may decrease their readiness by some measure.

So why is readiness important?  Readiness is the green light.  If we accomplish a state of operational readiness, we increase our chances of success in addressing the threat or hazard in question.  If we haven’t achieved readiness, we still can obviously be successful, but that success may come at a greater cost, longer period of time, and/or increased error.

How do we achieve readiness?  The current approach we have in emergency management certainly isn’t enough.  While some efforts may culminate in operational readiness, there is, as a whole, a significant lack of focus on operational readiness.  This seems to largely be a cultural issue to overcome.  In general, we seem to have the attitude that preparedness equates to readiness, and that preparedness itself is an end state. Even though we intuitively, and doctrinally, know that preparedness is a cycle, we seem to take comfort in ‘completing’ certain tasks among the preparedness elements – planning, organizing, equipping, training, exercises, and improvement – and then assuming readiness.  Readiness itself is actually the end state, though it is a dynamic end state; one that we can easily lose and must constantly strive to maintain.  To accomplish and maintain operational readiness, it is imperative that we aggressively and rigorously pursue activity in each of the elements of preparedness.  We must also continually monitor our ability to execute the capabilities we are preparing.  That ability, ultimately, is our measure of readiness.

The scale and unit of measuring readiness is something I’m not exploring in depth here (it really warrants its own deliberate effort), but expect to revisit in the future.  I surmise that the factors may be different based upon the various capabilities, and types and kinds of threats/hazards we are trying to address.  We need to examine capability requirements at a granular (task) level to truly assess our current state of readiness and identify what we need to address to increase our readiness.  I also assume that there is a somewhat intangible factor to readiness, one that likely revolves around the human factor. Things like leadership, decision-making, confidence, and ability to improvise. The measure of readiness may also involve certain external factors, such as weather.  The measurement of readiness certainly is complex and involves numerous factors.

I do know that practice is a significant factor in operational readiness.  Earlier I mentioned my experience with the National Guard.  Much of that revolves around exercises, which is one of the best (though not the only) measures of readiness.  Operational military units seem to constantly exercise.  Sometimes small scale, sometimes large.  They exercise different aspects, different scenarios, and different approaches.  It’s the regular repetition that builds competence and confidence, along with identifying shortfalls within the capability such as planning gaps, equipment failures, and the need to anticipate and prepare for certain contingencies.  While we exercise a fair amount in emergency management, we still don’t exercise enough.  I see a lot of people in emergency management leadership develop a complacency and virtually declare that ‘close enough is enough’.  It’s absolutely not enough to exercise a plan or capability once a year, which is something we often see (and often at best).

Preparedness is not something we achieve, it’s something we do; but through it we strive to achieve and maintain readiness.

It’s interesting to note that at the level of federal doctrine, we have a National Preparedness Goal.  We need to recognize that preparedness isn’t the goal – Readiness is.  A possible starting point for change would be the assembly of a blue-ribbon panel, likely by FEMA, to explore this topic and provide recommendations on a unified way ahead for emergency management to recognize the need for operational readiness, including purposeful changes in doctrine and culture to emphasize this desired end state.  We need a solid definition, means of measurement, guidelines for implementation, and an identification of the barriers to success with recommendations on how to overcome them (yep, I already know money and staff are the big ones).

I hope I’ve given some food for thought in regard to readiness.  The simple act of writing this and the bit of associated reading and thinking I’ve done on the topic certainly has me thinking about things differently.  As always, I’m curious to hear your thoughts on operational readiness, what it means to you, and what we can do to achieve it.

© 2020 Timothy Riecker, CEDP

Emergency Preparedness Solutions, LLC®

 

 

 

NEW: 2020 HSEEP Revision

Tim Riecker, The Contrarian Emergency Manager 3 Comments

Earlier today FEMA dropped the latest version of the Homeland Security Exercise and Evaluation Program (HSEEP) doctrine.  Doing a quick comparison between this new version and the previous (2013) version, I’ve identified the following significant changes:

  • They replaced the ‘Elected and Appointed Officials’ mentions within the document with ‘Senior Leaders’. This makes sense, since often the elected and appointed officials simply aren’t involved in many of these activities.  The previous terminology is also exclusionary of the private sector and NGOs.
  • The document specifically references the Preparedness Toolkit as a go-to resource.
  • A big emphasis through the document is on the Integrated Preparedness Cycle (see the graphic with this post). The Integrated Preparedness Cycle covers all POETE (Planning, Organizing, Equipping, Training, and Exercising) elements plus Evaluate/Improve.  The graphic also eludes to these activities not necessarily happening in a specific order, as well as the consideration of Preparedness Priorities and Threats, Hazards, and Risks.  Developing a preparedness plan is something I wrote about back in 2016.
  • Integrated Preparedness Cycle
    • Going along with the Integrated Preparedness Cycle, they have done away with the Training and Exercise Plan (TEP) and replaced it with the Integrated Preparedness Plan (IPP), which is developed through input obtained during an Integrated Preparedness Planning Workshop (IPPW). I serious HOPE this shift is successful, as I’ve mentioned in the past how often the training aspect of the TEP was ignored or phoned in.  This approach also does a lot to integrate planning, organizing, and equipping (but ESPECIALLY planning) into the effort.  This is all tied together even more if a jurisdiction has completed a THIRA.  The Integrated Preparedness Cycle and IPP are the things I’m happiest about with the updated document.
  • The new document provides easier to find and read layouts for information associated with exercise types and each of the planning meetings.
  • For years, HSEEP doctrine has suggested (though thankfully not required) an ICS-based organization for exercise planning. I’ve never used this as I found it awkward at best (though I know others often use it and have success in doing so).  The update provides a different suggestion (better, in my opinion) of a functionally organized planning team organization.  Consider that this is still a suggestion, and that you can use it, or a version of it, or an ICS-based one, or anything else you desire.
  • The update provides better delineation between the planning and conduct needs of discussion-based exercises vs those of operations-based exercises. Those of us who have been doing it for a while know, but for those who are new to exercises this should be very helpful.
  • Lastly, the document suggests making corrective actions SMART, as these are really objectives.

FEMA is hosting a series of webinars (listed on the HSEEP website) to discuss these changes.

I’m very happy with the changes made to the doctrine.  It’s a great continued evolution of HSEEP and preparedness as a whole.  For as much as I’m a champion of the Integrated Preparedness Plan, though, having it (thus far) only included in the HSEEP doctrine makes it easy to miss or dismiss by some.  I’m hopeful broader promotion of this concept, perhaps even including it as an emergency management performance grant requirement, will help adoption of this concept.

What are your thoughts?

© 2020 Timothy Riecker, CEDP

Emergency Preparedness Solutions, LLC®

Public-Private Partnerships Should be a Two-Way Relationship

Tim Riecker, The Contrarian Emergency Manager Leave a comment

Public-private partnerships are not a new concept to emergency management.  There are municipalities, regional areas, and states that have formed committees and strategized how the private sector can provide support during a disaster.  Certainly we have seen a lot of support, on both a large scale and locally, from the ‘big box’ stores, such as Wal-Mart, Lowes, and Home Depot.  Tide’s Loads of Hope program, something so simple but extraordinarily impactful, provides a means for disaster victims to have clean clothing.  Insurance companies have established a response capability to expedite their assessments and services to their clients.  Private sector partners know that these things are not just good public relations, but that they have a means of supporting communities that government and relief organizations may not.

There is another aspect to public-private partnerships that doesn’t seem to be widely addressed, and that’s the community business.  How can they help the community in a disaster?  First, business continuity is essential, since they may also be impacted by the disaster.  Small businesses don’t have the level of capability to leverage that large companies do.  Yes, the SBA can help them with long-term recovery, but the ability of some small businesses to get back to operations quickly can directly help a community recover.  I work with a lot of small communities, many of them serviced by small shops and independent grocers.  There are no big box stores for many, many miles.  For grocers, power outages result in spoiled food.  Road closures result in crippling supply chain problems.  While we’d like all businesses to have mitigation measures and preparedness for disasters, many small businesses simply don’t have the capitol to invest in things like generators and they obviously can’t control road closures.

What’s to be done?  Local municipalities absolutely need to bring these small business owners to the table, establish relationships, identify their needs, and consider identifying them as part of the community’s critical infrastructure.  The resilience of small grocers, lumber companies, and other purveyors is essential to the resilience and recovery of so many small towns.  The impacts are easy to see… if a store can keep running, they are not only providing essential goods and services to the community, they are also supporting the economy by keeping their employees working. What do they need?  Things like power and access, obviously, but tangential things like the availability of child care is huge.  Following disasters schools usually close and often become community shelters. Many parents work when their kids are in school.  If school is closed, they need access to child care.

How far can government go in supporting the private sector?  Many governments tend to avoid supporting the private sector as if it were some kind of disease.  It took many months to convince FEMA in the aftermath of Sandy to make dredging of private marinas eligible for disaster cost recovery.  These marinas (mostly small businesses themselves) support capabilities of fire and police watercraft, recreation (which has economic impact), and a significant fishing and crabbing industry, which is the livelihood of many off and on shore.  Obviously, FEMA needs to maintain accountability of funds and ensure they are being spent appropriately, but a big part of this was resistance to the idea of government providing direct support to the private sector.

While I agree that there are many nuances to this situation, it seems that in many cases the impact of small, local businesses in short-term recovery are disregarded, especially by state and federal governments, and that there exists a one-way door for business participation, where in this ‘partnership’ they are asked to provide goods and services, but how is government contributing to that partnership?  With the big box stores and other large companies, local governments certainly help with some permit expediting and perhaps physical space to set up and access to utilities, there is typically not much support required beyond that.  Small businesses may need more direct support to recover.  They may need help clearing their private access road or parking lot.  They may need the public road they are located on to be cleared for traffic sooner.  They may need a generator that can power their building.  They may need quantities of potable water brought on-site.  Their employees may need child care or public transportation.  These are things they either can’t immediately afford or simply don’t have access to. Local government may have better access to these resources, though, and with the justification of these small businesses providing essential goods and services to the community, the choice is easy.

Does this open government to potential criticism?  Absolutely.  Some business owners may claim discriminatory practices of government supporting some businesses and not others.  Some tax payers may even complain about the use of tax dollars in such a fashion.  While people may always complain, legal consequences and public relations problems should certainly be mitigated.  The road to addressing this is preparedness.  Engage your local attorney and the legal council for the state’s emergency management agency.  Municipal laws and state laws regarding authorities that can be enacted during a state of emergency need to be explored to not only make sure that local government has the legal ability to provide this support, but the conditions and procedures required for doing so.  The legal sources and procedures and standards for providing this support should be documented and made part of the local emergency plan. The municipality should have a criteria for determining what types of businesses could be included in such direct support (what is regarded as the municipality’s privately owned critical infrastructure?), and even outline requirements for those businesses, such as having a business continuity plan, implementing certain resiliency measures, or participating in coordination activities prior to a disaster.  Memoranda of understanding may be required, or other legal tools to identify the terms and conditions of support.

While this type of support from government to the private sector isn’t common, there are some municipalities who do it well.  I’m certainly interested in hearing what you’ve implemented and what best practices you’ve identified.

© 2020 Timothy Riecker, CEDP

Emergency Preparedness Solutions, LLC®℠

The 2019 National Preparedness Report, or ‘How Are We Measuring Preparedness?’

Tim Riecker, The Contrarian Emergency Manager Leave a comment

FEMA recently released the 2019 National Preparedness Report.  Simply put, I’m confused.  Nothing in the report actually lines up with doctrine.  It leaves me wondering how we are actually measuring preparedness.  So what’s the issue?

While the National Preparedness Report is initially structured around the five mission areas (Prevention, Protection, Mitigation, Response, and Recovery), the only full inclusion of the Core Capabilities in the report is a table on page 9, outlining usage of grant funds per Core Capability.  After this, the Core Capabilities for each mission are listed in the title page for each mission area within the detailed findings for those mission areas.  No detail of progress within these Core Capabilities is provided, however.  With the absence of this analysis, we are not seeing data on the progression of preparedness, which, per the National Preparedness Report, is measured through the lens of each of the Core Capabilities.

This is further confused on pages 45 and 48, in particular, where tables list the Community Lifelines with some sort of correlated ‘capabilities’ (noted with a lowercase ‘c’… thus not the Core Capabilities).  These capabilities are not from any doctrine that I can find or recall, including the components and subcomponents for each Community Lifeline provided in the Community Lifelines Toolkit.  For each of these they provide some analytical data, but it’s unclear what this is based upon.  The methodology provided early in the document does nothing to identify why this change in format has occurred or where these specific data sets come from, much less why they are deviating from the previous format and the standards provided through the National Preparedness Goal.

Some perspective… It would seem logical that the National Preparedness Report would be assessing our national state of preparedness relative to the National Preparedness Goal, as it has since its inception.  The National Preparedness Goal is structured around the five mission areas and the 32 Core Capabilities.  With the emergence of the Community Lifelines and their inclusion in the recent update of the National Response Framework, it makes sense that we will see Community Lifelines further integrated into standards, doctrine, and reports, but they have yet to be integrated into the National Preparedness Goal (the current version is dated 2015).  We have not yet seen a comprehensive crosswalk between the Community Lifelines and the Core Capabilities, but it should be recognized that there are certain aspects, even if you just examine the Response Mission Area, that don’t match up.

In an unrelated observation on the National Preparedness Report, the trend continues with citing after action reports from the year, but not actually providing any analysis of lessons learned and how those are being applied across the nation.

Bottom line… while there are some valuable nuggets of information included in this report, I find most of it to be confusing, as it lacks a consistent format on its own, as well as inconsistency with the existing standard of measurement as defined by the National Preparedness Goal.  Why is this a big deal?  First, it’s a deviation from the established standard.  While the standard may certainly have room for improvement, the standard must first be changed before the metrics in the reporting can be changed.  Second, with the deviation from the standard, we aren’t able to measure progress over time.  All previous National Preparedness Reports have provided data within the scope of Core Capabilities, while this one largely does not.  This breaks the possibility of any trend analysis.  Third, there is no reasoning provided behind the capabilities (lowercase ‘c’) associated with each of the Community Lifelines in the report.  It’s simply confusing to the extent that it becomes irrelevant because the information provided is not within the existing lexicon which is used for measurement of practically everything in preparedness.

Simply put, this year’s report is even more disappointing than those provided in previous years.  In fact, since it doesn’t conform with the current standard, I’d suggest it’s not even valid.  This should be far better.

Thoughts?

© 2019 – Timothy Riecker, CEDP

Emergency Preparedness Solutions, LLC

 

 

An Updated Community Lifelines Toolkit and Relationships to Incident Management

Tim Riecker, The Contrarian Emergency Manager 4 Comments

Earlier this year, FEMA released guidance on the Community Lifelines.  I wrote a piece in the spring about integrating the concept into our preparedness and response activities.  Last month, FEMA issued updated guidance for Community Lifeline Implementation through Toolkit 2.0.  In this update, FEMA cites some lessons learned in actually applying the Lifeline concept in multiple exercises across the nation, as well as from feedback received by stakeholders. Based on these lessons learned and feedback, they have made some adjustments to their toolkit to reflect how they understand, prioritize, and communicate incident impacts; the structure and format for decision-making support products. And planning for these impacts and stabilization prior to and during incidents.  They have also made some changes based upon the updated National Response Framework.  The documents associated with the updated Community Lifelines all seem to reflect an inclusion in the efforts of the National Response Framework.  It’s great to see FEMA actually tying various efforts together and seeking to provide grounded guidance on application of concepts mentioned in doctrine-level documents.

The biggest addition to the Community Lifelines update is the inclusion of the FEMA Incident Stabilization Guide.  The ‘operational draft’ is intended to serve as a reference to FEMA staff and a resource to state, local, and tribal governments on how “FEMA approaches and conducts response operations”.  It’s a 77-page document the obviously leans heavily into the Community Lifelines as a standard for assessing the impacts to critical infrastructure and progress toward restoration, not only in response, but also into recovery operations.  It even reflects on bolstering Community Lifelines in resilience efforts, and ties in the THIRA and capability analysis efforts that states, UASIs, and other governments conduct.  I’m not sure the document is really a review of how FEMA conducts operations, as they say, but it does review the ideology of a portion of those operations.  Overall, there is some very useful information and references contained in the document, but this brings me to a couple of important thoughts:

  1. The utility of this document, as with the entire Community Lifelines concept, at the state and local level is only realized through integration of these concepts at the state and local levels.
  2. We finally have guidance on what ‘incident stabilization’ really entails.

To address the first item… In my first piece on Community Lifelines, I had already mentioned that if states or communities are interested in adopting the concept of Community Lifelines, that all starts with planning.  An important early step of planning is conducting assessments, and the most pertinent assessment relative to this initiative would be to identify and catalog the lifelines in your community.  From there the assessment furthers to examine their present condition, vulnerabilities, and align standards for determining their operational condition aligned with the Community Lifelines guidelines.  I would also suggest identifying resiliency efforts (hopefully these are already identified in your hazard mitigation plan) which can help prevent damages or limit impacts.  As part of your response and short-term recovery lexicon, procedures should be developed to outline how lifeline assessments will be performed, when, and by who, as well as where that information will be collected during an incident.

As for my second item, the concept of incident stabilization has an interesting intersection with a meeting I was invited to last week.  I was afforded the opportunity to provide input to an ICS curriculum update (not in the US – more on this at a later time), and as part of this we discussed the standard three incident priorities (Life Safety, Incident Stabilization, and Property Conservation).  We identified in our discussions that incident stabilization is incredibly broad and can ultimately mean different things to different communities, even though the fundamental premise of it is to prevent further impacts.  This Incident Stabilization Guide is focused exclusively on that topic.  In our endeavor to make ICS training better, more grounded, less conceptual, and more applicable; there is a great deal of foundational information that could be distilled from this new document for inclusion in ICS training to discuss HOW we actually accomplish incident stabilization instead of making a one-off mention of it.

Going a bit into my continued crusade against the current state of ICS training… I acknowledge that any inclusion of this subject matter in ICS training would still be generally brief, and really more of a framework, as implementation still needs to be grounded in community-level plans, but this document is a great resource.  This also underscores that “learning ICS” isn’t just about taking classes.  It’s about being a professional and studying up on how to be a more effective incident manager.  ICS is simply a tool we use to organize our response… ICS is NOT inclusive of incident management.  Not only are we teaching ICS poorly, we are barely teaching incident management.

While I’ve been away for a while working on some large client projects, I’m looking forward to ending the year with a bang, and getting in a few more posts.  It’s great that in my travels and interactions with colleagues, they regularly mention my articles, which often bring about some great discussion.  I’m always interested in hearing the thoughts of other professionals on these topics.

© 2019 Timothy Riecker, CEDP

Emergency Preparedness Solutions, LLC®

A Deeper Review of FEMA’s E/L/G 2300 EOC Intermediate Course

Tim Riecker, The Contrarian Emergency Manager 2 Comments

A couple months ago I got my hands on the materials for the ELG 2300 EOC Intermediate course.  Back in early June I gave an initial review of this course, based on information from a webinar and the course’s plan of instruction.   Unfortunately, upon reviewing the actual course materials, my initial concerns have been reinforced.

First, I’ll start off with what I think are the positives of this course. The course doesn’t stray from NIMS, and applies a practical integration of the NIMS management concepts, which we are mostly used to seeing in ICS, into the EOC environment.  This is 100% appropriate and should always be reinforced.  The course also references the EOC National Qualification System skillsets.  It’s great to see the NQS referenced in training as they otherwise receive very little attention, which actually brings about a lot of concern as to their overall adoption.  Two units within the course provide some incredibly valuable information.  Those are Unit 5 (Information and Intelligence Management) and Unit 7 (EOC Transition to Recovery).

On to the down side of things… As mentioned in my review a couple months back, the course objectives simply don’t line up with what this course needs to do – that is, it needs to be teaching people how to work in an EOC.  So much of the content is actually related to planning and other preparedness activities, specifically Units 3, 4, and 8. Unit 3 dives into topics such as position tack books, organizational models, EOC design, staff training and qualifications, exercises and more.  Though, ironically enough, there is little to no emphasis on deliberate PLANNING, which is what all this relates to.  This isn’t stuff to be thinking about during an EOC activation, but rather before an activation.  Unit 4, similarly, gets into triggers for activation, how to deactivate the EOC, and other topics that are planning considerations.  Unit 8 dives more into design, technology, and equipment.  While it’s valuable for people to know what’s available, this is, again, preparedness content.

There is a lot of repetitive content, especially in the first few units, along with some typos, which is really disappointing to see.  There are also some statements and areas of content which I wholeheartedly disagree with.  Here are a few:

  • There is ‘no common EOC structure’.   There are actually a few.  Hint: they are discussed in the NIMS document.  I think what they are getting at with this statement is that there is no fixed EOC structure.
  • ‘EOC leaders determine the structure that best meets their needs’. False. Plans determine the structure to be used.  While that organizational model is flexible in terms of size of staff and specific delegations, the lack of context for this statement seems to indicate that the EOC Manager or Director will determine on the fly if they will use the ICS-based model, the Incident Support Model, or another model.
  • One slide indicates that use of the ICS-based model doesn’t require any additional EOC training beyond ICS for EOC staff. Absolutely false!  In fact, this sets you up for nothing but failure.  Even if the model being applied is based on ICS, the actual implementation in an EOC is considerably different.  I’ve written about this in the past.
  • The Incident Support Model ‘is not organized to manage response/recovery efforts’. Wrong again.  With the integration of operations functions within the Resource Support Section, response and recovery efforts can absolutely be managed from the EOC.

There is another area of content I take particular exception with.  One slide describes ‘incident command teams’, and goes on to describe the Incident Command Post (which is a facility, not a team), and an Incident Management Team, with the formal description of a rostered group of qualified personnel.  Not only is this slide wrong to include an Incident Command Post as a ‘team’, they are fundamentally ignoring the fact that ‘incident command teams’ are comprised every damn day on the fly from among responders deploying to an incident.  These are the exact people I espouse the need to train and support in my discussions on ICS.

My conclusions… First of all, this course does not do as it needs to do, which is training people how to work in an EOC.  While the preparedness information it gives is great, operators (people assigned to work in an EOC) will be taking this course expecting to learn how to do their jobs.  They will not learn that.  I’ve advocated before for most training to be set up similar to HazMat training, utilizing a structure of Awareness, Operations, Technician, Management, and Planning focused courses which are designed to TEACH PEOPLE WHAT THEY NEED TO KNOW based upon their function.  Largely, this course is a great Planning level course, that is it’s ideal for people who will be developing EOC operational plans, standard operating guidelines, position qualification standards, and other preparedness material.  I think that Operations, Technician, and Management level training is going to be left to jurisdictions to develop and implement, as it certainly isn’t found here.

I urge a lot of caution to everyone before you decide to teach this course.  Take a look at the material and decide if it’s really what your audience needs.

What are your thoughts on this course?  Will your jurisdiction get use out of it?

© 2019 – Timothy Riecker, CEDP

Emergency Preparedness Solutions, LLC®

10 Strategies for Improving Emergency Management

Tim Riecker, The Contrarian Emergency Manager 2 Comments

I recently listened to an interview with author and professor Sean McFate.  In the interview he discusses the changing landscape of warfare and what the US must do to keep up, particularly since we are still largely stuck in a mindset of conventional warfare.  For those interested in this very insightful interview, it was on The Security Studies Podcast.

Obviously, a great deal has changed over the decades in warfare, but many philosophies and perspectives have remained the same.  As I listened to the interview, I found McFate’s words to ring true for emergency management as well.  We have had some changes in focus from civil defense, to natural hazards, to terrorism, and now toward what seems to be the most comprehensive all-hazards perspective we’ve ever had.  We’ve also had changes in technology and methodologies, but we still seem stuck in a lot of old ways of thinking.  Emergency management isn’t linear.  In fact the lines are blurred so much that it’s hardly cyclical (another old way of thinking).

McFate espoused that high-level warfare strategies should span administrations and leadership changes.  They should be durable and adaptable.  In the interview he discussed 10 new rule of war, which were summarized from his new book.  As such, I offer 10 strategies for improving emergency management.  You will see that most of these items aren’t radical.  The fundamentals of what we do in emergency management must certainly persist, but some perspectives do need to change.  Here’s what I have to offer:

  1. More incentivization for data-driven hazard mitigation and resilience

There are a few items to unpack in this one.  First of all, fully bringing the concept of resilience on board and marrying it up hazard mitigation.  Where there is some overlap in the two, there are also distinct differences.  Ultimately, however, the ideal end state for the two is the same: eliminate or significantly reduce hazards and impacts from those hazards.  The more we start discussing hazard mitigation and resilience together, the more we will see the linkages between the two.  Hazard mitigation funding, likewise, needs to be broadened to incorporate concepts of resilience.

Another key item here is making these projects data-driven.  Let’s do a better job of quantifying risk in relatable terms.  Risk needs to include not only immediate potential impacts, but also cascading effects.  Once we have that impact data, then root cause analysis is important.  Some of this is regulation, some engineering, some human behavior.  Also keep in mind that this needs to truly be all-hazards.

Lastly, incentivization.  Incentivization isn’t just funding, and gold stickers are not tangible incentives.  Make it meaningful.  Also make these incentives more immediate.  It’s great that mitigation measures can result in a locality paying a lower percentage in the event of a future public assistance declaration, but that could happen years from now, or it might not.  That’s still good to include, but let’s be real – tax payers and law makers don’t just want to dream about the reward, they want to enjoy it now.

  1. Ground preparedness in reality

I’ve seen a lot of preparedness activities (planning, organizing, equipping, training, and exercises) based on someone’s “good ideas” instead of actual data and needs.  It’s no coincidence that I just mentioned data in the previous point.  How many jurisdictions actually use all that data from their hazard mitigation plan, generally synthesized at significant expense, for other emergency management needs?  It’s quite a rare occasion.  Why?  Most practitioners view hazard mitigation to be a totally different animal.  It’s not sexy response stuff, so they don’t see a need to pay attention to it.  Instead, they fully dismiss what was done for hazard mitigation planning and do their own hazard analysis.  It seems to be a no-brainer that we should do better at developing one system to meet both needs.

Needs assessments take time and that has a cost, but leadership should be making informed decisions about what preparedness needs exist.  Absent conducting a needs assessment, the wrong decisions can easily be made, which results in a waste of time and money.  Most every emergency management agency has a story of time and money wasted on knee-jerk reactions.

Needs assessments should be applied to every aspects of preparedness.  In planning, we want to minimize assumptions and maximize data.  If an incident of the type you are looking at has never happened in your jurisdiction, make comparisons other similar jurisdictions.  Training programs should be based on identified needs, and individual courses should be developed based upon identified needs.  Probably a good opportunity for me to mention that ICS Training Sucks (but a realistic training needs assessment would fix it).  Similarly, the objectives we identify for exercises should be grounded in recognizing what capabilities and plans we need to validate.

Observation: When we look at the 32 Core Capabilities from the National Preparedness Goal, Threat and Hazard Identification is a Core Capability sitting in the Mitigation mission area.  If threat and hazard identification is so fundamental to what we do across all of emergency management, why isn’t it a common capability along with Planning, Operational Coordination, and Public Information and Warning?  Perhaps that needs to change?

  1. Boost regional efforts and coalitions

It’s interesting that everyone talks about how emergency management is a collaborative effort, yet in practice so many are resistant, reluctant, or negligent in working collaboratively.  Sure, it’s often easier to write a plan yourself, but the end result likely isn’t as good as it would be from a group effort.  In healthcare preparedness (yep, that’s a part of emergency management, too), they have been using regional healthcare coalitions.  These coalitions cover all aspects of healthcare, from hospitals, to clinics, to private practices, nursing homes, and EMS, along with health departments.

There is certainly precedent in emergency management to work collaboratively.  There are required collaborations, such as Local Emergency Planning Committees (LEPCs), as well as those emphasized in practice, such as in plan development.  LEPCs are great, and often under-utilized in a lot of areas.  In some areas, especially those with heavy industry, they are large and busy, and can’t really take on any more than they already do, but in other areas they have much less to do and could certainly work with a dual purpose as a standing emergency management coordination or advisement entity.  Regardless of how it’s done, build a local or regional EM coalition.  The relationships and perspectives, if properly organized and tasked, will reap some great benefits.  Don’t forget to make them regional, if that makes sense for you.  Disasters don’t give a damn about the funny lines we draw on maps.  And don’t just make these groups about meetings… actually engage them in meaningful preparedness activities and other aspects of emergency management.

  1. Embrace scholar-practitioners

One of the items McFate mentioned in his interview was embracing scholar-practitioners. Now I’m not the kind of person to espouse that a practitioner is any better than a scholar, or vice versa.  They each have an important role, especially in a profession like emergency management, where there is a lot of theory (more than most people realize) and a lot of application.  That said, we don’t have to pick a side.  You can be whoever you want, in fact you can even do both.  Does being a practitioner mean that you have to be a full-time emergency manager? Nope.  Being a scholar doesn’t necessarily mean you must be a professor or a student pursuing an advanced degree, either.  I would absolutely argue that regularly reading some research papers or a book on related topics, or even this blog, makes you a scholar.  If you have interest beyond just direct application, and like to think or discuss broader ideas in emergency management, that makes you a scholar.

I think it is scholar-practitioners that have that capacity to advance our profession more than others.  Not only is this group doing, but they are thinking about how to do it better.  If they come up with an idea of how to do it better, they have the greatest chance of actually giving their idea a try.  They are also the ones most prone to share their lessons learned, both successes and otherwise.

  1. Understand emergency management as a social science

Speaking of theory, we need to recognize emergency management for what it is.  While specific applications of emergency management may be within niche areas of practice and academic disciplines, most of emergency management is really a social science.  Social science is fundamentally about the relationships of people.  That is what we do in emergency management.  There are aspects of social science that may apply more than others, such as sociology or public health, but we also need to embrace political science.

In application, emergency managers need to become more astute in politics.  Not the partisan running for office type of politics, but politics as an aspect of governance, policy, and relationship building.  As an emergency manager, it’s your job to understand what every agency and department does in your jurisdiction, and how they fit into the function of emergency management.  Yes, you can espouse the benefits of emergency management and business continuity to them, but how do they fit into emergency management?  Some connections are easy to make, especially the public safety ones or extensions of that such as transportation, public works, and public health.  But many are quick to dismiss administrative, support, and social welfare agencies.  The better you understand them and are able to champion their involvement in emergency management, the stronger coalition you will build.

  1. Mindset: always in the disaster space

I mentioned in the introduction that the lines between the phases of emergency management are blurred.  We used to teach (and some still do) of distinct phases of emergency management: mitigation, preparedness, response, and recovery.  Sure it’s easier to teach about these when we put them in their own box, but that gives the impression to many that we only do one at a time.  The reality is that most jurisdictions are certainly doing mitigation, preparedness, and recovery right now – and maybe even some element of response.

The main point here is that we need to change mindsets of people.  I’ve had plenty of people ask me what emergency managers do when there isn’t an active disaster.  I certainly have no problem satisfying this common curiosity, but the simple fact that they ask means that we aren’t promoting enough of what we do.  We need put ourselves and others in the mindset that are always operating in the disaster space.  It doesn’t need to mean that there is always a disaster response we are involved in, but we need to be very clear that we are active every single day in disaster-related work.

I’ll take this one step further, and that’s to suggest that the primary function of every government agency is emergency management.  Consider that we have roads not only for ease of everyone’s transportation, but so that we can more quickly and efficient respond to save lives and property.  Our public works departments provide potable water and sewage systems for public health purposes, which is part of the greater emergency management family.  I could give examples for every government agency.  The administrative departments support those agencies and the implementation of their missions.

It’s also worth mentioning here that since several of these agencies have involvement in our infrastructure that we need to seriously step up our investments in infrastructure, which not only make it better and more effective and efficient, but also more resilient (tying back to my first point)

  1. Step away from tactics

Far too many emergency managers still focus on tactics.  In defense of that, it’s easy to do, especially if you come from a public safety background.  I still think it’s important to understand tactics.  That said, an effective emergency manager needs to think less about implementation and more about strategy and relationships. There are plenty of tacticians out there.  One more isn’t needed.  What is needed is someone who can step back and see the forest for the trees, as they say.

  1. Private citizens won’t prepare, but volunteers can be engaged

We need to let citizen preparedness go.  I’m not saying we should give up on our message of individual and family preparedness, because it can make a difference, but we need to recognize that most citizens simply won’t do it.  This is a concept that has largely evolved out of society.  In the days of civil defense we were engaging a different generation of people.  We also presented them with a credible and scary threat that was being put in their face all the time.  Now is not that time.  Sure, there are models of citizen preparedness that still work to extraordinary lengths, such as in Cuba, but government oppression and a cold war mentality contribute significantly to that.  Our society has evolved to an extent of individuals not having the time, wherewithal, or interest in preparing themselves.  Sure there are exceptions to every rule, but largely, society has an expectation of being provided for by the government.

Citizen engagement, on the other hand, is still a great reserve that we can spend more effort tapping.  Trained, organized volunteers can accomplish an incredible extent of activity.  Volunteer management is no easy task, though.  Programs need to be developed and promoted, volunteers recruited and trained, and organizations sustained.  Volunteers must be given purpose and don’t forget about the critical link with government… how will this happen.  Religious institutions, corporate and union volunteer groups, and entities such as CERT are all great.  We just need to do a better job at incentivizing, managing, and engaging.

  1. Plan better for recovery

Ah, recovery.  Everyone talks about how we need to do it better, but too few resources are applied to making that happen.  Remember that preparedness starts with a needs assessment and planning.  We can identify estimates of disaster impacts from which we then extrapolate reasonable benchmarks of performance within the core capabilities of recovery.  The problem is that most recovery plans are written at too high a level and generally not followed through on.  Why? Maybe because the emphasis is always on the life safety aspect of response plans.  Certainly that’s important (and we can still do so much better with our response plans), but most recovery oriented plans fall incredibly short.  It seems that most governments that even bother to write recovery plans only do so to the extent of the plan being a framework.  They identify what the goals are, what agencies are involved, and provide some high-level objectives.  Typically no strategy is provided and the management of the recovery function is rarely mentioned, despite such a focus that we have on incident management.

I just recently had a discussion with a client about recovery exercises.  They were approached about the need to conduct more of them.  Smartly, they responded by putting the focus back on the requester by asking if the recovery plans were ready to be exercised.  Once the requestor took a moment to consider, their answer was no.  Remember that (in most cases) exercises validate plans.  We can conduct an exercise in the absence of a plan, but generally that only confirms the lack of a plan.  Plans establish the standards of performance that we use in exercises and in real life.

  1. Use technology to the greatest extent, but prepare for austerity

Ah, technology.  It’s a wonderful thing, until it doesn’t work.  I’m a big fan of the efficiencies that technology provide, especially when technology is developed to solve a specific problem, not to create new ones.  Processes should dictate technology needs, not the other way around.

Technology is mostly a data tool.  It helps us to communicate more quickly and efficiently; access, organize, and transmit data; visualize data; and collect data.  More specifically, we use technology platforms such as EOC management systems and GIS.  These have allowed us to make significant strides in what we do and how we do it.  I’ve used dashboards, databases, maps, 3D models, simulators, and more to do my job.

I’ve seen some emergency managers simply not embrace technology.  And I mean at all.  Not even a computer.  I understand how they are able to function, and though they may have brilliant minds for emergency management, they are simply not able to do much without an assistant to research, type, print, and even communicate for them.  While I’m seeing this less and less, there are still some of these folks out there, and it’s not just older generations, either.

There are many who have a reasonable literacy of technology, but still aren’t embracing inexpensive or even free resources that would make them more effective.  This is even more important for the majority of emergency managers, who are typically one-person offices with few resources.   Maybe listing some of these resources will occur in a future post of mine.

Despite the wonders of technology, I often advocate procedures for going dark (i.e. when your technology fails).  After all, we are emergency managers, are we not?  Every EOC that uses a technology tool to manage functions within their EOC should absolutely have a low tech back up, procedures and training in how to implement it, and an annual exercise to test those procedures and keep people in practice.  Carbon paper and gas station maps are your friends.

~~

Well there they are: 10 strategies for improving emergency management.  As I stated in the introduction, there really isn’t anything revolutionary here, although some concepts might be a bit controversial, which I am happy to embrace.  Perhaps I missed an important point or have a poor perspective on something.  I absolutely welcome your comments and feedback, as always.

© 2019 – Timothy Riecker, CEDP

Emergency Preparedness Solutions, LLC℠®

 

Incident Management vs Incident Command

Tim Riecker, The Contrarian Emergency Manager Leave a comment

As I was writing my thoughts on the updated ICS-100 course in my previous post, I got to thinking that it may be prudent to reinforce the difference between incident management and the incident command system (ICS).  ICS is a specific application of incident management, while incident management is, in all, much broader than ICS.  Incident management includes field responses, emergency operations centers (EOCs), activities of secondary and tertiary organizations, funding streams, public information, and even the mechanics of politics focused on that disaster response.  Ideally, we would prefer these to all be orchestrated, such that they operate lock-step, but rarely, if ever, do we see such a thing.  It would be as if a chorus, band, orchestra, stage performers, ushers, concessioners, stage hands, lighting and sound operators, and custodial staff were all working on the same performance and conducted by one person.  They don’t.  It just doesn’t happen that way.  That’s why incident management systems, such as ICS, were developed.

Knowledge and application of systems, like ICS, are certainly important.  The beginning of every ICS class tells you why, so I don’t need to get into that here.  But to continue with my oft criticized analogies, if ICS is the trees, incident management is the forest.  And, as it turns out, many people can’t see the forest for the trees.  While ICS may be concerned with putting out the fire, stopping the bleeding, or catching the proverbial bad guy, incident management is about so much more.  Even doctrinally, consider that the National Incident Management System (NIMS), comprised of key elements, such as resource management, command and coordination (this is the ICS piece, and more), and communications and information management.  We also need to consider incident management beyond these, in as broad a scope as possible.

Incident management is a deliberate series of actions taken to solve problems associated with incidents and disasters.  There are a lot of problems that can be caused, directly or indirectly, by whatever issue we are dealing with, be it flood, fire, or hostile event.  Incident management needs to prioritize these problems and take action to address them.  While it may sound like our incident command system structures do the same type of thing, they are often concerned with immediate effects and actions that save lives and stabilize the incident, as they should be.  But that focus, necessarily, is narrow in scope and doesn’t address all the ancillary and important issues that an incident may cause.

Consider FEMA’s Emergency Support Function (ESF) structure and the matters they address.  Here are a few:

  • Transportation
  • Communications
  • Public Works and Engineering
  • Mass Care, Emergency Assistance, Housing, and Human Services
  • Public Health and Medical Services
  • Agricultural and Natural Resources
  • Energy
  • External Affairs

Do your plans address these issues?  And by plans, I mean real, actionable plans.  Many jurisdictions have functional annexes to their plans, most following the federal ESF structure, which do little more than state what agencies participate in each of the jurisdiction’s ESFs and what their primary goals are.  Let’s be honest… these are aren’t plans.  They are fully inadequate to be plans.  These are prose I might use for the introduction of a plan, but certainly not the substance of the plan itself.  This is exactly why we are missing the mark when it comes to incident management.  We talk a lot about ICS, ICS is in our plans, we train people in ICS (though not as good as we should be), emphasize ICS in exercises, and focus on ICS when an incident occurs, but how much attention is given to broader incident management?  Typically far too little.  I’ve actually had conversations with local public safety officials, asking them how well they feel they are prepared for the next disaster, and they responded that they are fine because they are trained in ICS.  I’ve received this response in more than one jurisdiction.  That’s pretty scary, especially given the lackluster condition of their plans.

Can ICS be applied to broader incident management issues?  It sure can.  It’s simply a management system that can be applied to anything you want.  But the problem is that people conceptualize ICS as something to only use ‘in the field’ and during the more urgent initial period of response.

The take-away from this is that we need to identify what our issues are and how we are going to manage them.  These are essential parts of the planning process.  Write good plans.  Invest time, effort, and likely some money into it.  Do you need to use the ESF structure?  No, but certainly make sure that all concerns are addressed.  Think about the cascading impacts of an incident.  Leverage stakeholders from across the community to ensure that you are getting input from multiple perspectives and interests.  Doing so will help you be better prepared to manage the entirety of the incident.

As always, thoughts are appreciated.

© 2018 – Timothy Riecker, CEDP

Emergency Preparedness Solutions, LLC

Updated IS-100 Course: Missing the Target

Tim Riecker, The Contrarian Emergency Manager 1 Comment

Earlier this week, FEMA’s Emergency Management Institute (EMI) released course materials, including student manual, handouts, instructor guide, and visuals, for the updated IS-100/ICS-100: An Introduction to the Incident Command System.  Note that this update (IS-100.c) has been available online since the summer.  The release of materials, however, included no errata, so absent comparing the previous version to this, I can’t speak specifically to what the changes include, though I’m aware from their release of the online course several months ago that there were adjustments to account for some of the revised content of the third edition of the NIMS doctrine, released in October of last year.

Those familiar with my running commentary for the past few years of ‘ICS Training Sucks’ are aware that much of my wrath was focused on the ICS-300 and ICS-400 courses.  That said, with the release of the third edition of NIMS (my review of the document can be found here), there were some needed additions to incident management fundamentals and my realization that the ICS-100 and ICS-200 courses are ignoring a significant population of professionals in their content.  While ICS itself was largely built for field personnel working within a command (vice coordination) structure, over the years, the prevalence of various forms and types of emergency operations centers (EOCs) has grown significantly.  One of the biggest additions in the most recent version of the NIMS document was, in fact, the inclusion of much more meaningful content on EOCs and their potential organizational models.  While still a minority compared to first responders, there is a significant audience of people taking ICS-100 because of their assignment to a local, county, state, or organizational EOC.  Yet, the ICS-100 materials have scantly more than ONE SLIDE talking about EOCs.

Yes, we do have courses such as the ICS/EOC Interface course and others that dive deeper into EOC operations and how they coordinate with each other and with command structures, but the introduction to all of this is often the ICS-100 course, which all but ignores EOCs and the audiences who primarily serve in them.  In fact, there are many jurisdictions that require EOC personnel to have ICS training (smartly), which starts with the ICS-100 course (why?  Because it’s the best/only thing generally available to them), but I’m sure many people taking the course are a bit confused, as it doesn’t speak at all to their role.  While I feel that ICS training for EOC personnel is important, an introductory course like this should include a bit more on EOCs.

As with my original writing on ICS Training Sucks, I bring this back to the fundamentals of instructional design, which is focused on the AUDIENCE and what THEY NEED TO LEARN.  It’s evident that these fundamentals are being ignored in favor of a quick update, which might change some content but does not improve quality.  Let’s actually look at who are audience groups are and either incorporate them all into the course, or develop another course and curriculum to meet their specific needs (aka EOC-100).  Otherwise, they are simply ignoring the fact that what is currently available is like fitting a square peg into a round hole.  Sure it fills a lot of space, but there are also some significant gaps.

While a number of jurisdictions have identified this need and developed their own EOC training, there are a lot of standards and fundamentals that could be addressed by FEMA in a national curriculum.  This is certainly a missed opportunity, and one that makes many of our responses less than what they should be.

© 2018 – Timothy Riecker, CEDP

Emergency Preparedness Solutions, LLC

CDC Releases New Public Health Emergency Preparedness and Response Capabilities

Tim Riecker, The Contrarian Emergency Manager Leave a comment

The CDC recently released its updated Public Health Emergency Preparedness and Response Capabilities.  While this is certainly important for public health preparedness personnel, these are something that most emergency management professionals should also be aware of.  Public Health is an incredibly integral partner in emergency management and homeland security.  Last year I did a review of the new HHS ASPR Health Care Preparedness and Response Capabilities and also included the previous version of the CDC Public Health capabilities in my discussion.

The new CDC standards, at a glance, are the same as the previous version.  All 15 capabilities have been continued.  Upon closer examination, there has certainly been some refinement across these capabilities, including some adjustments in the functions, or primary activities, associated with each capability; as well as a better look at preparedness measures for each.  As with the previous version, they front load some guidance on integrating the capabilities into preparedness and response activities.

For those keeping track from the previous version, each capability narrative includes a summary of changes which were adopted from lessons learned over the past several years.  Similar to the previous version, each capability is broken into functions and tasks, with suggested performance measures.  For those of you who remember the old Target Capabilities List and Universal Task List, it’s a similar, although more utilitarian, concept.

So what do emergency managers need to know?  Fundamentally, be aware that these capabilities are what public health will be primarily focused on rather than the National Preparedness Goal’s 32 Core Capabilities.  These aren’t mutually exclusive to each other, though.  In fact, the new CDC document references the National Preparedness Goal.  There are some public health capabilities that cross walk pretty easily, such as Fatality Management.  The public health capability, however, has a strong focus on the public health aspects of this activity.  Some public health capabilities don’t necessarily have a direct analog, as many of them would be considered to be part of the Public Health, Healthcare, and Emergency Medical Services Core Capability.

My recommendation is to have a copy of this document handy.  Review it to become familiar with it, and, depending on how heavy your involvement is with public health, you may be making some notes on how these capabilities compare with and interact with the 32 Core Capabilities.

© 2018 – Timothy Riecker, CEDP

Emergency Preparedness Solutions, LLC℠