In a POETE State of Mind

One of the searches that has most often brought people to my blog over the last couple of years has been POETE.  In case you forgot, POETE stands for Planning, Organizing, Equipping, Training, and Exercising.  If you conduct an internet search for POETE, there are very few relevant results.  Along with a few of my blog posts, there are a couple of articles published by others, and a few FEMA documents that include obscure references to POETE.  Sadly, there is nothing available that provides (official) guidance, much less doctrine.

Why is it that such a great tool has so few tangible references?  Unfortunately, I don’t have an answer to that.  I hope that will soon change.

POETE was most widely indoctrinated several years ago as an analysis step within the State Preparedness Reports (SPRs), which are annual submissions completed by every state, UASI (Urban Area Security Initiative-funded program), and territory.  Note: The SPR templates and guidance are generally not publicly posted, as they are sent directly to the points of contact for each jurisdiction – thus they generally don’t come up in internet search results.

The SPR is a step beyond the THIRA (Threat and Hazard Identification and Risk Analysis), which is a very in-depth hazard analysis.  The SPR examines each jurisdiction’s level of preparedness for hazards, referencing the 32 Core Capabilities.  Each Core Capability is then analyzed through the lens of POETE.

As a conceptual example, let’s use the Operational Communications Core Capability.  The POETE analysis will examine the jurisdiction’s preparedness by examining:

  • Planning (are plans adequate? Have they been tested?  What improvements need to be made?);
  • Organizing (are there organizational barriers to success? What human operational communications resources are available?  Are there gaps?  Have teams been exercised? What improvements need to be made?);
  • Equipment (does the jurisdiction have equipment necessary for operational communications? What needs are there relative to the resource management cycle?);
  • Training (what training has been provided? What training gaps exist?  When/how will they be addressed?);
  • Exercises (what exercises have been conducted that include the operational communications Core Capability? What were the findings of the AAR/IPs?  What future exercises are scheduled that include this Core Capability?).

Along with answering a few questions on each element, jurisdictions are asked to rate their status for each POETE element for each Core Capability.  If they look at their reports submitted historically, they can see the measure of progress (or lack thereof) with each.  They also have a tracking of identified action items to help them improve their measure of preparedness.

While this analysis can be quite tedious, it’s extremely insightful and informative.  Often, stakeholders have conceptual ideas about the state of preparedness for each Core Capability, but absent conducting this type of in-depth analysis, they rarely see the details, much less have them written down.  Documenting these helps with recognition, awareness, tasking, tracking, and accountability.  It’s a valuable activity that I would encourage all jurisdictions and organizations to conduct.

What else can POETE be applied to?  In the past few years, POETE is being included in DHS preparedness grants.  They often want applicants to identify key tasks within the POETE structure, and awardees to chart progress along the same lines.

I’ve advocated in the past to use the POETE structure in improvement plans, which are a step beyond after action reports from exercises, events, and even incidents.  Having key activities identified across each POETE element for the Core Capabilities analyzed is extremely helpful, and ensures that issues are being identified comprehensively.

Using the POETE concept across all preparedness efforts helps to tie them together.  By documenting each element for each Core Capability, you will have full visibility and reference to your current status and what needs to be improved upon.  It helps drive accountability, a comprehensive approach, and reduces duplication of efforts – especially in larger organizations.  While implementing such a program will take some investment up front to begin to identify, organize, and chart progress and establish an organizational system to do so, I feel it’s an investment that will pay off.

I’m hopeful that the use of POETE continues to see adoption across all of emergency management and homeland security, and that it is further reinforced as a standard through DHS, FEMA, NFPA, and other organizations which hold sway for settings standards and/or requirements.

How does your organization, agency, or jurisdiction use POETE?

© 2017 – Timothy M Riecker, CEDP

Emergency Preparedness Solutions, LLC

Do We Need Different Systems for Catastrophic Incidents?

We’ve long heard, albeit in small pockets, people proclaiming that emergency management and public safety need different systems for larger incidents vs smaller incidents.  For years, the Incident Command System (ICS) fought that stigma, with many saying that ICS is only used for hazardous materials incidents (specifically because of OSHA requirements) or for large incidents that required such a high degree of organization.  Following the release of HSPD-5 and the resultant requirements for everyone to use the National Incident Management System (NIMS), we finally seemed to transcend that mentality – although we are still seeing people apply ICS poorly, and often with the thought that it will all work out fine when a large incident occurs.

Since the mid-2000s, coupled with the push for ‘catastrophic planning’, I’ve been hearing people proclaiming that catastrophic incidents require different systems – be it for planning or management.  Recently, I’m hearing this mentioned again.  Yet, interestingly enough, none of the arguments identify specifically what it is about our current systems of preparedness or incident management that fail at the sight of a catastrophic incident.

While I’m a critic of various aspects of our current systems, I’m a believer in them overall.  Do we need a new system of planning?  No, we just need to do it better.  When we plan for a catastrophic level event, we must consider that NOTHING will work in the aftermath of such an incident.  I’m shocked that some people are still counting on the existence and functionality of critical infrastructure following a catastrophic event.  No roads, no communications, no life lines.  These surprised disclosures are revealed in the After Action Reports (AARs) of incidents and exercises that test catastrophic incidents, such as the recent Cascadia Rising exercise.

Fundamentally, are these losses all that different than what we experience in smaller disasters?  Not so much.  Smaller disasters still take out our roads and disable our communications systems – but such disasters are small enough that we can work around these issues.  So how is it a surprise that a large hurricane or earthquake will do even more damage?  It really shouldn’t be.  It’s essentially a matter of scale.

That said, I certainly acknowledge the difficulties that come with the combined impacts of a catastrophic disaster, coupled with the sheer magnitude of it all.  There are challenges offered that we don’t normally see, but a new system of planning is not the answer.  The current frameworks and standards, such as CPG-101 and NFPA 1600 are absolutely substantial.  The processes are not flawed.  The issue is a human one.  We can’t blame the standards.  We can’t blame the plans.  The responsibility lies with the people at the table crafting the plan.  The responsibility lies with them to fully understand the hazards and the potential impacts of those hazards.  Conducting a hazard analysis is the first step for a planning team to accomplish, and I think this is often taken for granted.  While the traditional hazard analysis has value, the current standard is the Threat and Hazard Identification and Risk Assessment (THIRA).  It is an exhausting and detailed process, but it is highly effective, with engaged teams, to reveal the nature and impacts of disasters that can impact a community.  Without a solid and realistic understanding of hazards, including those that can attain catastrophic levels, WE WILL FAIL.  It’s that simple.

As we progress through the planning process and identify strategies to accomplish objectives, alternate strategies must be developed to address full failures of infrastructure and lack of resources.  Assumptions are often made in plans that we will be able to apply the resources we have to fix problems; and if those resources are exhausted, we will ask for more, which will magically appear, thus solving our problems.  Yes, this works most of the time, but in a catastrophic incident, this is pure bullshit.  This assumption needs to be taken off the table when catastrophic incidents are concerned.  The scarcity of resources is an immediate factor that we need to address along with acknowledging that a severely damaged infrastructure forces us out of many of the technological and logistical comforts we have become accustomed to.  It doesn’t require a new system of planning – just a realistic mentality.

This all logically ties to our incident management system – ICS.  ICS is fully able to accommodate a catastrophic-level incident.  The difficulties we face are with how we apply it (another human factor) and integration of multiple ICS organizations and other incident management entities, such as EOCs.  The tenant in ICS is that one incident gets one incident command system structure.  This is obviously not a geo-political or practical reality for a catastrophic incident that can have a large footprint.  This, however, doesn’t mean that we throw ICS out the window.  This is a reality that we deal with even on smaller disasters, where different jurisdictions, agencies, organizations, and levels of government all have their own management system established during a disaster.  Through implementations such as unified command, multi-agency coordination, agency representatives and liaison officers, and good lines of communication we are able to make effective coordination happen.  (Side note: this is absolutely something I think we need to plan for and tighten up conceptually.  It’s often pulled together a bit too ad-hoc for my comfort).

While some time and effort needs to be applied to develop some solid solutions to the issues that exist, I’m confident that we DO NOT need to create alternate preparedness or response systems for addressing catastrophic incidents – we simply need to apply what we have better and with a more realistic perspective.  The answers won’t come easy and the solutions might be less than ideal, but that’s the nature of a catastrophic event.  We can’t expect it to be easy or convenient.

© 2016 – Timothy Riecker, CEDP

Emergency Preparedness Solutions, LLCYour Partner in Preparedness

Must Read – Evaluating Preparedness at Different Levels of Analysis by Brandon Greenberg

In the past I’ve made references to the DisasterNet blog written by Brandon Greenberg.  If you aren’t reading his blog, you certainly should be, as he routinely posts great material.  Yesterday’s post was no exception.

Brandon has been doing some research on evaluating preparedness, which is a topic I’ve also written about in the past and I feel is of great importance to continued improvements in emergency management.  His article, Evaluating Preparedness at Different Levels of Analysis provides a number of insightful thoughts and information which are certainly going down the right path.  With all hope, Brandon’s continued work may help us find better ways to evaluate preparedness.

-TR

 

 

 

Planning for Preparedness

Yes, planning is part of preparedness, but organizations must also have a plan for preparedness.  Why?  Preparedness breaks down into five key elements  – remember the POETE mnemonic – Planning, Organizing, Equipping, Training, and Exercising.  I’m also in favor of including assessment as a preparedness element.  Needless to say, we do a lot when it comes to preparedness.  Each of these elements alone involves significant activity, and together there are opportunities for activities to be synchronized for maximum benefit.  In smaller organizations, these elements may be addressed by one or two people, which itself can be challenging as these are the same people running the organization and addressing myriad other tasks.  In larger organizations each element alone may be addressed by a number of people, which also provides a complication of synchronizing tasks for maximum benefit.  Either way, as with all project and program management, without a plan of action, we may forget critical tasks or do things out of order.

By establishing a preparedness plan, we can address many of these issues.  The plan can be as detailed as necessary, but should at least identify and address requirements (internally and externally imposed) as well as benchmarks to success.  But what do we plan for?

Assessment – Yes, I’m including this as an element.  Assessment is something we should constantly be doing.  Just as we strive to maintain situational awareness throughout an incident, we have to be aware of and assess factors that influence our state of readiness.  There are a variety of assessments that we do already and others that can be done as they relate to the other five elements.  In fact, assessments will inform our preparedness plan, helping us to identify where we are and where we need to be.  We can review after action reports from incidents, events, and exercises to determine what improvements must be made.  We can research best practices and examine funding requirements, legal requirements, and standards such as EMAP or NFPA 1600 which can broadly influence our programs.  We assess current plans to identify what our gaps are and what plans need to be revisited.  We can assess our organization to determine if staffing is maximized and that policy, procedure, and protocol support an agile organization.  The status of equipment can be assessed to determine what is operational and ready to deploy.  We can conduct a training needs assessment to identify what training is needed; and lastly, we can assess opportunities to exercise.  Not only should our assessments inform what needs to be accomplished for each of the POETE elements, but regular assessment check ins and activities should be identified, nay planned for, within our preparedness plan.  Consider what else can inform our preparedness plan.  A recent hazard analysis, THIRA, or state preparedness report (SPR) can feed a lot of information into a preparedness plan – especially the state preparedness report, as it is specifically structured to identify POETE gaps.

Planning – We should always examine what we have.  If plan reviews aren’t scheduled, they often fall to the wayside.  Plan review teams should be identified for each plan, and a review schedule or cycle established.  Benchmark activities for plan review activities should also be identified.  The need for new plans should also be highlighted.  Based on standards, requirements, best practices, or other need, what plans do you organization need to assemble in the next year or two?  Again, identify benchmarks for these.

Organization – Assessments of your organization, either as direct efforts or as part of after action reports or strategic plans can identify what needs to be accomplished organizationally.  Maybe it’s a reorganization, an increase in staffing levels, an impending change in administration, expected attrition, union matters, or something else that needs to be addressed.  As with many other things, some matters or organization are simple, while others are very difficult to navigate.  Without a plan of action, it’s easy to allow things to fall to the wayside.  What changes need to be made?  Who is responsible for implementing them?  Who else needs to be involved? What’s a reasonable timeline for making these changes happen?

Equipping – Many logisticians are great at keeping accurate records and maintenance plans.  This measure of detail isn’t likely needed for your preparedness plan, but you still should be documenting the big picture.  What benchmarks need to be established and followed?  Are there any large expenditures expected for equipment such as a communications vehicle?  Is there an impending conversion of equipment to comply with a new standard?  Are there any gaps in resource management that need to be addressed?

Training – Informed by a training needs assessment, a training plan can be developed.  A training plan should identify foundational training that everyone needs as well as training needed for people functioning at certain levels or positions.  Ideally, you are addressing needs through training programs that already exist, either internally or externally, but there may be a need to develop new training programs.  A training plan should identify what training is needed, for who, and to what level (i.e. to steal from the hazmat world – Awareness? Operations? Technician?).  The plan should identify who will coordinate the training, how often the training will be made available, and how new training will be developed.

Exercises – We have a standard of practice for identifying exercises into the future – it’s called the multi-year training and exercise plan (MYTEP).  While it’s supposed to include training (or at least training related to the identified exercises), training often falls to the wayside during the training and exercise planning workshop (TEPW).  The outcomes of the TEPW can be integrated into your preparedness plan, allowing for an opportunity to synchronize needs and activities across each element.

Just as we do with most of our planning efforts, I would suggest forming a planning team to shepherd your preparedness plan, comprised of stakeholders of each of the elements.  I envision this as a group that should be in regular communication about preparedness efforts, with periodic check-ins on the preparedness plan.  This engagement should lead to synchronization of efforts.  Identify what activities are related and how.  Has a new plan been developed?  Then people need to be trained on it and the plan should be exercised.  Has new equipment been procured?  Then people should be trained in its use and plans should account for the new or increased capability.

Like any effort, endorsement from leadership is necessary, especially when multiple stakeholders need to be brought together and working together.  Many emergency management and homeland security organizations have positions responsible for preparedness, often at the deputy director level.  The formation and maintenance of a comprehensive preparedness plan should be a foundation of their efforts to manage preparedness and forecast and synchronize efforts.

Does your organization have a plan for preparedness beyond just a multi-year training and exercise plan?  What elements do you tie in?  Do you find it to be a successful endeavor?

Do you need assistance in developing a preparedness plan?  Contact us!

© 2016 – Timothy Riecker

Emergency Preparedness Solutions, LLCYour Partner in Preparedness

2016 National Preparedness Report Released

The fifth National Preparedness Report has been released by FEMA.  The National Preparedness Report is based upon, as the report states, input of more than 450 data sources and 190 stakeholders, including 66 non-federal organizations (which would account for state preparedness report submissions and information from Urban Area Security Initiative regions).  The report is intended as a summary of where the nation stands in regard to each of the 32 Core Capabilities outlined in the National Preparedness Goal.

As mentioned, this is the fifth National Preparedness Report to hit the streets.  While they have some value and demonstrate that the data collection that is done is actually collated, I feel that through the years they are offering less meat and more potatoes.  I appreciate the highlighting of best practices for each mission area, but, to me, there is a missed opportunity if a report is simply providing data and not recommendations.  While it’s understood that the goal of the National Preparedness Report is not to provide recommendations (it would also take longer to publish the report, and the people pulling the data together do not likely have the expertise to create recommendations), I’d like to see FEMA (and stakeholders) have follow up efforts to provide recommendations in each mission area and not miss this valuable opportunity to then apply the findings and look forward.

Below, I’ve included their overall findings with a bit of my own commentary.  Overall, I will say that there is nothing eye opening in this report for anyone who pays attention.  It’s pretty easy to guess those Core Capabilities which are at the top and those which are at the bottom.

  • Planning; Public Health, Healthcare, and Emergency Medical Services; and Risk and Disaster Resilience Assessment are the three Core Capabilities in which the Nation has developed acceptable levels of performance for critical tasks, but that face performance declines if not maintained and updated to address emerging challenges.
    • My commentary: BULLSHIT.  If these Core Capabilities are at ‘acceptable levels’, then our standards must be pretty low.  Planning is the one that disturbs me most.  We continue to see plenty of poor plans that are not realistic, can’t be operationalized, and are created to meet requirements (which are typically met by formatting and buzzwords).  Have we improved?  Sure.  But I wouldn’t say we are at ‘acceptable levels’.  As for Public Health, Healthcare, and Emergency Medical Services, we are struggling in certain areas to simply keep our heads above water.  While we are fairly solid in some areas of public health, one only needs to look at the Ebola incident to view how fragile our state of readiness is.  The findings for Planning and Public Health, to me, are nothing but shameful pandering and we need to get realistic about where we are at and the challenges we face.  Gold stars won’t stand up to the next disaster.  As for Risk and Disaster Resilience Assessment I have admittedly less experience personally.  I do know that we have some pretty incredible tools available that can help us determine impacts of various hazards for any given area under a variety of conditions, which is an amazing application of technology.  My concerns here are that there are still many who don’t know about these tools, don’t use them, and/or don’t follow the findings of information from these tools in their hazard mitigation actions.
  • Cybersecurity, Economic Recovery, Housing, and Infrastructure Systems remain national areas for improvement. Two additional Core Capabilities – Natural and Cultural Resources, and Supply Chain Integrity and Security – emerged as new national areas for improvement.
    • My commentary: NO KIDDING. While we have made a great deal of progress on Cybersecurity, we are still far behind the criminal element in most respects.  It also needs to be fully recognized in the National Preparedness Goal that Cybersecurity is a Core Capability common to all five mission areas.  Economic Recovery will always be a challenge, as every community impacted by an incident has a certain way it heals, essentially along the lines of Maslow’s Hierarchy.  A strong local economy is important to this healing, ensuring that the community has access to the resources it needs to rebuild and a return to normalcy.  While I’m sure studies have been done, we need to examine more closely how the economic recovery process evolves after a disaster to identify how it can be best supported.  Housing is the absolutely most challenging Core Capability in the National Preparedness Goal.  While I don’t have a solution for this, I do know that our current approaches, philosophies, and ways of thinking haven’t moved us an inch toward the finish line on this one.  We need to change our current way of thinking to be successful.  As for Infrastructure Systems, I could go on for days about this.  I’ve written previously, several times, (as have many others) on the critically fragile state of our infrastructure.  It’s no big secret.
  • States and territories continue to be more prepared to achieve their targets for Response Core Capabilities, while they are least prepared to meet their targets in the Recovery Mission Area.
    • This is another NO KIDDING. While we must always have a greater focus on Response, as that’s where lives are saved and the immediate danger is addressed, we can’t lose sight of Recovery.  Some recovery activities are more clear cut than others, and FEMA often muddies the waters more by inadvertently intimidating state and local governments when it comes to disaster recovery, as the focus becomes centered more on reimbursable activities vs doing what needs to be done.  The report included some interesting findings (take a look in the Recovery Mission Area drop down on the web site) on ‘mixed trends in exercising recovery capabilities’.  Again, this is nothing earth shattering, but it’s nice to see the matter addressed.  Yes, we clearly need to exercise Recovery Mission Area Core Capabilities better and more often.

These reports are always worth looking through, even though much of the information is generally known by those of us in the profession.  There are always little nuggets of learning available, and data from the report may be used to support your own endeavors for additional funding or resources for your own program.

As always, I’m interested in your insights and thoughts on this post and the National Preparedness Report.

© 2016 – Timothy Riecker, CEDP

Emergency Preparedness Solutions, LLC – Your Partner in Preparedness

 

Measuring Return on Investment in Emergency Management and Homeland Security: Improving State Preparedness Reports

A lot of money is spent within the emergency management and homeland security enterprise.  Looking just at the last couple of years of annual Homeland Security Grant Program (HSGP) (this is the annual grant provided by the US Federal government to states and urban areas), $1.044 billion was allocated in FFY 2015 and $1.043 billion allocated in FFY 2014.  These billions of dollars only account for a portion of spending within EM/HS.  There are other federal initiatives as well as state, tribal, territorial, and locally funded efforts.  Businesses and NGOs also invest significantly in emergency management, homeland security, and business continuity activities.  But where does it all get us?

Through the past decade or so there have been a few efforts by DHS/FEMA to try to measure preparedness, ideally to identify improvements in our preparedness as the result of the billions of dollars invested.  None of these efforts have really provided obvious and tangible results.  The current measure is through annual State Preparedness Reports (SPRs), which utilize the THIRA process (Threat and Hazard Identification and Risk Assessment) outlined in Comprehensive Preparedness Guide (CPG) 201 as a foundation, but with the POETE analysis (Planning, Organizing, Equipping, Training, and Exercising) for each of the 31 Core Capabilities.  (You can find articles I’ve written on the utility and application of POETE here.) The SPR is a good methodology for identifying the current condition of preparedness for each state as viewed through the 31 Core Capabilities.  The POETE analysis helps to identify the strengths and weaknesses within each Core Capability.

The SPR, however, still falls short.  How can we improve it?

1. Include historical data for trend analysis. The SPR largely provides only a snapshot of current conditions.  The format of the SPR does not provide for any analysis of historical data to identify trends (i.e. improvements or otherwise) in the state’s assessed condition of its 31 Core Capabilities.  FEMA regional offices, upon receipt of an SPR, do provide a brief feedback report of the current SPR with a passing mention of the previous year’s submission, but the report provides so little information it could hardly be called an analysis.

A rudimentary table identifying trends for a selected Core Capability is below.  For those not familiar, higher scores rate a higher measure of capability.  In this table, I’ve identified POETE elements which have trended lower from year to year with a RED highlight, and those which have trended higher with a GREEN highlight.  A simple analysis such as this give an at-a-glance comparison.  To make this analysis more comprehensive, I would suggest the addition of narrative for each trend (higher or lower) which explains what has changed to warrant the new ranking.

Historical Comparison of a Core Capability

2. Include a financial analysis for the current year to identify return on investment. An identification and summary of key program area investments for the year will lay the groundwork for a return on investment (ROI) analysis.  ROI will help identify how much bang for the buck you are getting in certain areas.  It’s easy to lose sight through the year from a program management perspective on how much money was spent on certain programs and activities – especially for larger agencies with a layered bureaucracy.  Incorporating this analysis into an SPR is not only good financial and program management, but provides an opportunity to identify where money was spent and to measure, at least on a broader scale, what the results were.  Certainly we have to fund continued operations to simply sustain our capabilities, but we should also be funding, where possible, programs to enhance our high priority capabilities and those needing the most improvement.

Again, as a rudimentary example, we can build on the table provided earlier to identify where funds were spent to see if they made a difference in our level of preparedness.  As with the earlier example, a narrative should be provided for each investment to identify what it was and assess the impact.  This also provides an excellent opportunity to review the investment justification written for grants to determine if the investment met the intended objectives (which should have been to maintain or enhance some aspect of the capability).  Historic investment data can also be included for each year.  This all leads directly to identifying the return on investment – did the investment make a difference and to what extent?

Historical Analysis of a Core Capability with Identified Investments


Ultimately this added data and analysis requires more work, potentially the involvement of more people, and likely more time to complete the SPR.  However, this new process will also result in a positive return on investment itself by helping to identify trends and outcomes.  Financial information is regularly reported to DHS (for those grants that originate with them) in the form of progress reports, but that information is stovepiped and usually not associated with a more comprehensive assessment such as the THIRA/SPR.  Bringing this data together paints a much more accurate picture.

The concept of preparedness is difficult to put in a box.  It’s amorphic and challenging to identify, yet people often ask the question ‘Are we prepared?’  States, locals, DHS, and Congress often have difficulties measuring preparedness and advances in preparedness, especially relative to the dollars spent on it.  The GAO has regularly recommended efforts to better identify return on investment, yet we haven’t gotten there.  The recommendations identified here can bring us much closer to nailing down where we are and where we need to be.  Armed with this knowledge, we can make better decisions for future investments and activities.

Moving forward, I expect to write a bit on each POETE element, with my thoughts on how we can identify return on investment for each.  As always, I’m very much interested in your thoughts on the approach I identified above and how we can better identify return on investment in the realm of emergency management and homeland security.

If you are interested in utilizing this approach to better identify your return on investment for local, state, tribal, territorial, or organizational preparedness efforts (whether or not you do a State Preparedness Report), Emergency Preparedness Solutions is here to help!  Check out our website at www.epsllc.biz or contact me directly to discuss what we can do for you.

© 2015 – Timothy Riecker

Emergency Preparedness Solutions, LLC

WWW.EPSLLC.BIZ

A book of worst-case scenarios

I came across this article yesterday about US Rep Michael McCaul from Texas (who happens to chair the House Homeland Security committee) penning a book titled “Failures of Imagination: The Deadliest Threats to Our Homeland — and How to Thwart Them”.  The book, set to be published in January, will apparently outline a variety of terrorist attack scenarios against the US and how they can be stopped.

I’ve written in the past about the necessity to consider credible worst-case scenarios (natural and human-caused) which can impact your jurisdiction or organization.  Following the model outlined by Comprehensive Preparedness Guide (CPG) 201 for the Threat and Hazard Identification and Risk Assessment (THIRA) process, it’s not just enough to say you are vulnerable to flood or wild fire.  To identify what your specific vulnerabilities are (location, duration, severity), it is necessary to flesh these out into scenarios.  Identification of these vulnerabilities will then help identify impacts, such as those to infrastructure, resources, and populations.  Plans should then be based upon these impacts.

I’m doubtful that Rep McCaul’s book will provide any foundation for planning (although I don’t think it’s intended to), however the scenarios contained may be eye opening to EMHS professionals and even citizens.  Regular readers of this blog know I feel that we are on borrowed time regarding terrorist attacks.  Yes we have experienced some on US soil (and the UK, Canada, Australia, France, India, and many other nations), and they have been devastating, but we have to know that with organizations such as ISIS thriving on our planet, more will come.  Mumbai-type scenarios, with multiple coordinated simultaneous attacks can be crippling and certainly demonstrate what a credible worst-case scenario could look like.

I’m interested to see what Rep McCaul’s book contains.  I’ll be sure to publish a review once it comes out and I’ve had an opportunity to read it.

© 2015 – Timothy Riecker

Emergency Preparedness Solutions, LLC

WWW.EPSLLC.BIZ 

Are You Really Considering All Hazards?

Natural hazards, such as flooding, tornados, wildfire, and earthquakes, bring about the greatest losses, calculated in nearly every metric possible, as compared to human-caused incidents.  Human-caused incidents, either accidental or intentional, still bring tremendous impact to communities world-wide on a daily basis.  While working to prepare for, mitigate, respond to, and recover from natural hazards will always continue to be important, it seems that many still often forget about human-caused incidents despite all the conversations out there.

Human-caused incidents include a variety of hazards such as infrastructure failure, transportation accidents, hazardous materials incidents, and intentional attacks.  These are all things which we can fit into our traditional model of Prepare, Mitigate, Respond, and Recover.  The National Planning Goal introduced the model of the five Mission Areas – Prevention, Protection, Mitigation, Response, and Recovery – to help address our many of our major functions (Core Capabilities) for human-caused incidents (note that Preparedness is now a higher level concept that applies to all Mission Areas).  While this Mission Area model has helped bring these key activities into the greater fold of what we do, it has also kept them largely isolated through the thought that many human-caused incidents are only addressed through Prevention and Protection Mission Area activities.

Nowhere, it seems, do we see this more than in the area of hazard mitigation.  The vast majority of hazard mitigation plans which exist only address natural hazards (even at the state level).  Since many readers view this blog for my opinion, here it is – this is archaic and dangerous thinking!  We have all seen hazard mitigation plans which claim they are ‘all hazards’, yet only list natural hazards.  That’s fine, if by some unbelievable circumstance, your jurisdiction is only impacted by natural hazards.  This is a circumstance which I am highly doubtful of.  Some mitigation plans get a little more realistic and will address human-caused hazards such as dam failure and/or hazardous materials release, which were likely the greatest human-caused threats they may have been vulnerable to in the previous century.  In today’s world this still doesn’t quite get us to where we need to be.  There are a great many mitigation activities which we can leverage against human-caused incidents.

How do we fix this?  It’s easy – start with conducting a hazard analysis.  A hazard analysis, be it as a stand-alone activity or part of the THIRA process, should review all possible hazards which your jurisdiction, company, or organization is vulnerable to.  It should be comprehensive, not just limited to the set of natural hazards.  Along with infrastructure failure and hazardous materials incidents (both in-transit and fixed site), consider hazards such as active shooters, cyber attacks, improvised explosives, and civil unrest.  This may require bringing some additional subject matter experts into the room for your hazard analysis – like your IT director.  In a hazard analysis, each hazard is ranked (at a minimum) by its likelihood to occur and its severity of impact should it occur.

A well conducted hazard analysis provides the basis for everything we do in emergency management and homeland security.  It not only informs our activities such as planning, training, and exercises, it also helps assign priority to those hazards which require the greatest focus and allocation of resources.

© 2015 – Timothy Riecker

Emergency Preparedness Solutions, LLC

WWW.EPSLLC.BIZ

Emergency Managers Need to be More Like Engineers and Less Like Shopkeepers

I was inspired by this short (~1 minute) video from TrainingJournal.com.  In the presenter’s brief but pointed message, he describes many trainers as being akin to shopkeepers, providing organizations often times with rote solutions just as a shopkeeper will pull a product off their shelves. He goes on to say that this these solutions are usually effective, but only for a limited duration.  He offers, instead, that trainers need to be more like engineers, examining every facet of a problem and constructing lasting solutions.  As an experienced trainer and proponent of a detailed root cause analysis, I couldn’t agree more, but as I readied myself to write a post about the implications of this on training, my mind carried this metaphor to many of our practices in emergency management.

Consider how often we quickly dismiss identified gaps with an assumed solution.  Write a plan, conduct a training, install a bigger culvert.  Those are usually our solutions to an identified problem.  Are they wrong?  No – we’re correct more often than not.  Are these lasting solutions?  Rarely!  How often does the problem rear its head again within a relatively short span of time?  How do we address the re-occurrence?  As shop keepers we simply pull another solution off the shelf.  Can we do better?

The things we do in emergency management are often based upon best and current practices.  We address problems through the prevalent way of dealing with such things industry-wide.  Emergency management has a great community of practice.  I’ve mentioned in several previous blog posts the spirit of sharing we have and the benefits we see come of that.  It doesn’t seem often, though, that we engage in an industry-wide groupthink to solve various problems.  We use and adapt ideas of individuals and small groups, we see a steady and determined progression of the practices within our progression, but we rarely see ‘game changing’ ideas that revolutionize how prevent, prepare for, respond to, or recover from disasters.  Why is this?

Perhaps we need a greater collective voice locally, where practitioners are dealing with the problems directly?  Our methods of practice in emergency management are generally driven by the federal government (THIRA, NIMS, HSEEP, etc.).  I’m not saying any of these are bad – in fact they are excellent standards that we need to continue to refine and apply, but it’s generally not the federal government that is dealing directly with the constant flow of issues being dealt with at a state, and even more so, a local level.  We need to follow that metaphor of being engineers to apply more permanent solutions to these problems.  We need to create, innovate, and problem solve. Or do we?

Necessity, as they say, is the mother of invention.  We often miss the necessity of improving because we have current, functional solutions – we have things that work.  So why fix it if it’s not broken?  I say we can do better.  The realization of the need for lasting solutions is the necessity we need.  If the solutions we have on the shelf don’t work for us 100%, let’s figure out a better way.

I don’t know what or how, but I’m sure that as a community we can identify needs and prioritize what must be addressed.  Given the right people, time, and maybe a bit of money, we can be innovative and effect some lasting change.

I’d love to hear what others think on this topic.

© 2015 – Timothy Riecker

Emergency Preparedness Solutions, LLC

www.epsllc.biz

Best Practices for the New Year – Resolve to be Responsible, Realistic, and Resourceful

As I work with jurisdictions and discuss their capabilities I find a broad range of perception among emergency managers about their jurisdictions’ capabilities and limitations.  Some overestimate their capability, thinking that they can handle anything and don’t need any outside assistance.  Others underestimate their capabilities, with their emergency plans defaulting to calling for help or making someone else responsible for nearly every scenario.  Fortunately some jurisdictions are spot on and have an informed and realistic perception of their capabilities.  Having the wrong awareness of what your jurisdiction can and cannot do can be dangerous.

Be Responsible

First of all, jurisdictions need to be responsible for their people.  Far too often I see an automatic assumption that someone else will handle an incident or a certain aspect of an incident, apparently abrogating the jurisdiction of all responsibility.  One of the more common occurrences of this is with sheltering where I rather often hear ‘The Red Cross will take care of that.’ with no further discussion even considered on the subject.  With no slight intended toward the Red Cross, relying on one entity to provide an absolutely critical capability is simply foolish.  If the Red Cross or any other outside entity is for some reason unable to provide these services for the jurisdiction, the jurisdiction is still left with the responsibility to provide this care for its citizens.  A jurisdiction without a plan to address this need is not being responsible for the welfare of its citizens.

The primary goal of a jurisdiction is to provide for its citizens.  Take this seriously and remember that you can’t assign this responsibility to others.

Be Realistic

Know your capabilities and your capacity.  In other words, know what you can and can’t do; and for what you can do, know how well and how long you can do it for.  Know what your limitations and dependencies are.  If your jurisdiction’s ability to provide advanced life support (ALS) care is dependent upon the only paramedic you have as a member of your ambulance service, you have very little capacity and quite a bit of vulnerability.

A good start to having a realistic view of your jurisdiction’s capabilities is conducting and regularly updating a comprehensive threat and hazard identification and risk assessment (THIRA).  THIRA is an in depth assessment which combines a traditional hazard analysis with a reference to DHS’ 31 Core Capabilities in the context of the threats specific to a jurisdiction.  I strongly suggest that a jurisdiction conducting a THIRA extend this assessment into an analysis of five key elements (Planning, Organizing, Equipping, Training, and Exercising – POETE) for each of their capabilities.  Go here for my post on the POETE analysis which explains the benefits and the process a little more.

A good THIRA helps jurisdictions identify not only their hazards but also the potential worst-case scenario impacts of these hazards.  It then provides an opportunity for the stakeholders of the jurisdiction to take an honest look at their capabilities and their ability to leverage these capabilities against those impacts.  Being honest in this assessment will help jurisdictions see what can hurt them most and identify the gaps and limitations they have in their capabilities.

Bottom line – be realistic in what you can do, how well, and how long you can do it.

Be Resourceful

The ability to endure the impacts of a disaster and, at a minimum, address the critical objectives of life safety, incident stabilization, and property conservation can require a jurisdiction to be creative and resourceful.  This is a key aspect of resiliency.  While assistance may still be needed from outside sources, a jurisdiction’s ability to survive and provide lifeline services for its citizens in the interim is extremely important.  Being resourceful can help a jurisdiction shore up its capabilities in times of need.  Key to being resourceful are good contacts and connections within the whole community.  Religious groups and social organizations, private companies, and even individual citizens can all provide services which can aid a jurisdiction in shoring up capabilities – at least in the short term.  Incorporate these as options within your emergency plans.  While these entities may have issues and commitments of their own during a disaster, they may also be able to help.

Use all available resources to get the job done and to sustain for as long as you can.  It can absolutely be the difference between life and death.