Tag Timothy Riecker

Build a Smart Exercise and Respond to the Unexpected

Tim Riecker, The Contrarian Emergency Manager Leave a comment

A few days ago I caught a documentary on NatGeo called Inside: 21st Century Warship. The documentary was produced in 2013 and told of the cutting-edge design of the USS Freedom and USS Independence. One segment of the documentary captured an exercise the USS Freedom engaged in, with the objective of testing the ship’s firepower to destroy several remote-controlled fast attack boats in open seas. The Captain, well experienced in my opinion, was able to neutralize the boats through the massive wake created by the ship’s sizeable turbines. EndEx.

The lead controller was clearly upset with this. The objective of the exercise, after all, was to test the ship’s guns, which were not fired in this exercise. The controller vented his frustration with the Captain, needing to reemphasize the parameters of the exercise.

Who was at fault in this? Was the objective of the exercise communicated to the Captain? That wasn’t made clear in the documentary. If it was, perhaps it wasn’t made clear that use of the ship’s guns was the only means by which the Captain could engage the attacking boats. I do applaud the Captain’s initial defensive methods, which is perhaps what he was trained to do, though that obviously circumvented the intent of the exercise. Either way, there was a miscommunication or misunderstanding as to the intent and parameters of the exercise.

While this is a military example, the portability to emergency management and homeland security is pretty direct. How do we mitigate against this type of miscommunication or misunderstanding? It starts with a well-defined concept and objectives for our exercise. Those build the foundation from which the rest of the exercise is constructed. Part of exercise design is anticipating how players may respond to the information they are provided and the situations which they will face. This constant analysis helps us to ensure a well-designed exercise, especially in regard to reducing any and all ambiguity, particularly as information relates to the objectives of the exercise and the ‘rules of the game’. It helps us to craft clear injects and even contingency injects in the event players don’t respond the way in which we expect them. Finally, when it comes to deployment of the exercise, an effective player briefing is very important.

Can things still go wrong? Sure they can. That’s why it helps to have a well experienced Exercise Director and/or Lead Controller, and a proficient SimCell Manager (if you are using a SimCell). They can help get the exercise out of a rut. I’ve seen and performed all manner of intervention… most often it’s some ad-hoc development of contingency injects to help steer them down the right path. I’ve also engaged chief executives, who sometimes weren’t expected to participate in the exercise, to make a call, functioning in their own capacity but working for me as an actor, with clear direction to poke, prod, inquire, or otherwise re-direct to get players back into my sandbox. If necessary, it’s a conversation directly with the ‘leader’ of the players, pulling them out of the exercise for a moment and letting them know what they can or can’t be doing. If you have to call a time out and reset something, do it, but do it quickly.

It may be cliché but expect the unexpected. Sometimes players will do something you don’t anticipate. While this may be the circumstance, however, it could very well be on you. Either you didn’t communicate the rules or communicate them well enough. Ensure understanding in this communication. Certainly, ensure that during the exercise, there is good communication between controllers and the SimCell to identify when, if, and how players might be straying a bit. If it’s caught early enough, it will usually just take a gentle nudge to get them back on track. It’s important to recognize and address it as soon as possible – otherwise you will quickly lose your exercise, wasting time and money, and certainly frustrating the players.

Have you had an exercise go off the rails? How did you correct it?

©2020 Timothy Riecker, CEDP

Emergency Preparedness Solutions, LLC®

Keeping the C in CERT

Tim Riecker, The Contrarian Emergency Manager 1 Comment

I’m a big fan of Community Emergency Response Teams (CERT). For several years I was, in addition to other duties, New York State’s CERT program coordinator. I had interactions with most CERT programs in the state, conducted many CERT train-the-trainer courses, and managed federal CERT and Citizen Corps grant programs. CERT programs, when properly organized, managed, and maintained hold incredible value to their communities.

For those not fully aware of what CERT is, it is a construct that arose from high earthquake hazard communities in California a few decades ago. It is founded on the recognition that the true first responders to a disaster are in fact community members who will tend to themselves, their families, and their neighbors. The core CERT training provides information and skills practice on team organization, first aid, light search and rescue, hazard recognition, and more. Fundamentally, CERT organizations will self-activate in the event of a sudden disaster to care for those immediately around them. CERT programs have evolved in a positive fashion through the years, spreading around the nation and the world. Ideally, they should be formed with a linkage to local emergency responders, and can be leveraged to support community preparedness and mitigation efforts as well. CERT programs are organized around the needs of their communities, with their operational protocols and training rooted in that local need. The C in CERT is for COMMUNITY.

For many years, FEMA has been developing the National Qualification System (NQS), which supports resource typing as a key component of the National Incident Management System (NIMS). The primary purpose of the NQS is to establish standards for positions and functions utilized in emergency management, with the greatest benefit being the requesting, processing, deployment, and utilization of resources to disaster areas. These efforts strongly support effective resource management by providing consistent definitions of capability for various kinds and types of resources, backed up by a means for resources to track and even certify progress toward meeting those qualifications.

Yesterday, FEMA released a NIMS Alert for NQS information for several CERT positions. To be honest, this frustrates the hell out of me. CERT is a community-level resource. Not one that is intended to be deployed. Yes, FEMA has called for and deployed CERT personnel in the past, but this is not a consistent practice, has not happened often, and as far as I know was deemed a less than effective utilization. The draft position task books provided by the NQS for comment for CERT indicate roles in support of the CERTs in the jurisdictions in which they are being deployed. While some jurisdictions have prepared CERT members for roles beyond the core tasks associated with CERT, such as EOC support or field data collection, CERT is not fundamentally expected to be a long-term function in the aftermath of a disaster, so to be deploying personnel to support sustained ‘normal’ CERT operations is largely a misutilization and clearly a misunderstanding of what CERT is fundamentally about, especially when most external resources requests occur days or even weeks after a disaster.

CERT members and CERT programs are and should be focused on their own neighborhoods and communities. As individuals and as organizations they are generally not trained, equipped, or otherwise prepared to be deployable resources. They are also not being deployed to a disaster in a professional capacity, many of which have their own NQS documents. While it may sound like a great opportunity for people who want to make a difference, there are a lot of pitfalls – many of which I saw when FEMA requested CERT volunteers from around the nation to deploy for Gulf coast hurricanes about 15 years ago.

The NQS documents identify several trainings in addition to the Basic CERT course, most of which are FEMA Independent Study courses which only provide a general baseline of knowledge; and none of which specifically address issues associated with actually deploying to a disaster area. If CERT personnel wish to be deployable resources, they should do so through organizations such as the Red Cross, Team Rubicon, World Central Kitchen, or the myriad faith-based groups who are established and reputed providers of various disaster-essential services. These are entities that are also organizationally capable of managing personnel and the logistical and procedural requirements of a deployment, of which there are many. These organizations train and prepare personnel for deployments, have experienced personnel that manage and coordinate deployments, they ensure they are managed and cared for on site, they support supply chains, and are experienced in addressing liability matters.

The bottom line here is that we are expecting too much from people signed up to support a disaster response in or even near their own communities, but not to be deployed around the country. I’m sure I’ll get some responses from people espousing some specific successes in deploying CERT personnel outside their jurisdiction, of which I’m sure there are; however that is the exception and not the rule. It’s not what CERT is or ever was intended to be. I’m a big fan and supporter of CERT, and believe in the extraordinary abilities of trained, organized volunteers, but I strongly feel that CERT is not a deployable asset. Personnel who are interested in such endeavors should be steered towards organizations that have the expertise in doing so.

Your thoughts, of course, are welcome.

© 2020 Timothy Riecker, CEDP

Emergency Preparedness Solutions, LLC®

A National Disaster Safety Board

Tim Riecker, The Contrarian Emergency Manager 4 Comments

You’ve heard of the National Transportation Safety Board (NTSB), right? If not, the nitty gritty of it is that they are an independent federal accident investigation agency. They determine probable cause of the full range of major transportation incidents, typically putting forward safety recommendations. They are granted some specific authorities related to these investigations, such as being the lead federal agency to investigate them (absent criminal aspects) and they maintain a schedule of deployment-ready teams for this purpose.  They can conduct investigative hearings (ever see the film Sully?) and publish public reports on these matters. Overall, I’ve had positive interactions with NTSB representatives and have found their work to be highly effective.

While certainly related to emergency management, the main purpose for my quick review of the NTSB in this post is to provide a starting point of understanding for Congressional legislation urging the formation of a National Disaster Safety Board (NDSB). The draft bill for discussion can be found here. This bill has been put forth with bi-partisan sponsors in both the US Senate and the House of Representatives.

The purpose of the NDSB, per this bill, is:

  1. To reduce future losses by learning from incidents, including underlying factors.
  2. Provide lessons learned on a national scale.
  3. Review, analyze, and recommend without placing blame.
  4. Identify and make recommendations to address systemic causes of incidents and loss from incidents.
  5. Prioritize efforts that focus on life safety and injury prevention, especially in regard to disproportionately impacted communities.

To execute this mission, the bill provides that the NDSB will have the authority to review incidents with 10 or more fatalities; may self-determine the need for board review of an incident; and shall have the full ability to investigate, review, and report on incidents.

The bill directs the NDSB to coordinate with all levels of government to identify and adopt standard methods of measuring impacts of disasters to provide for consistent trend analysis and comparisons, and to ensure that these standards are uniformly applied. The bill requires the NDSB to coordinate with all levels of government in their investigations during incident responses, and to participate in the incident command system for coordination of efforts as well as investigative purposes. Affected authorities shall have an opportunity to review the NDSB report 30 days prior to publication.

The NDSB will be comprised of seven board members, selected by the President from a slate of candidates provided by both houses of Congress, with no more than four board members having affiliation with the same political party, and with all members having technical and/or professional qualifications in emergency management, fire management, EMS, public health, engineering, or social and behavioral sciences.

There is a lot of other legalese and detail in the bill, but I’m happy to find that the language supports coordination among and with federal agencies, including FEMA, NIST, NTSB, and others; and also has an emphasis on investigating impacts to disproportionately impacted communities. The bill also charges the NDSB with conducting special studies as they see fit and providing technical support for the implementation of recommendations.

I’m thrilled with this effort and I’m hopeful the bill progresses to law. We have had a history of outstanding research from academic institutions and after action reports from government entities, which should all still continue, but it’s incredibly substantial that the NDSB will establish standards and consistency in how we examine disasters over time. We’ve seen how impactful the NTSB has been since its inception in 1967, and I feel the NDSB could have an even greater impact examining a broader spectrum of disasters. This is an effort which has been long encouraged by various emergency management related groups. The NDSB, I suspect, will also support a stronger and more defined FEMA, as well as strengthening all aspects of emergency management at all levels.

What thoughts do you have on the NDSB? What do you hope will come of it?

© 2020 Timothy Riecker, CEDP

Emergency Preparedness Solutions, LLC

COVID-19 Vaccine Administration Preparedness

Tim Riecker, The Contrarian Emergency Manager 4 Comments

On September 16, the CDC released the COVID-19 Vaccination Program Interim Playbook for Jurisdiction Operations. This document lays out some fairly realistic expectations of jurisdictions (mostly states) in their distribution, administration, and tracking of COVID-19 vaccinations. That said, even though there continue to be many unknowns about the vaccines to be utilized, dosages, timetable of availability, and how and where vaccines will be delivered to states, there are reasonable assumptions that could be made and high probability strategies identified, which the CDC failed to do. Instead, as is a hallmark of many poor managers, they provided a punch list of considerably detailed demands but not the very essential information and parameters needed to support good planning. Information is everything.

Garbage in/garbage out is a pretty simple concept of utilizing poor or lacking information to inform a process, which will result in similar outputs. After reviewing New York State’s COVID-19 Vaccination Plan, that concept is fully demonstrated. Most sections of New York State’s plan are vague at best, saying what they will do but not how they will do it. They do identify some roles and responsibilities, but without delineating the boundaries between functionaries. For example: they will utilize pharmacies, local health departments, and state-run facilities, among others, to accomplish public vaccination. This is a solid and expected strategy, but the responsibilities for each are poorly defined for their own operations, much less how they will or won’t work together. Many concepts in the plan are vague at best, and even lacking more defined federal guidance, should have better detail. A big component of vaccination will be community delivery through local health departments, yet this is barely acknowledged. I would have expected this plan to provide guidance and outline preparedness requirements for local health departments, even if they were communicated separately. I acknowledge this is intended to be a strategic level plan, but it doesn’t seem to even consistently provide that measure of detail. I’m left with a lot of questions. And while it may be petty, the document itself is poorly written and published – I expect better from state government.

I’ve not looked at the plans of other states, but if this is indicative of the general state of things, the term ‘shit show’ is the phrase that comes to mind. While we will no doubt improve, there is a long way to go and I think jurisdictions will find themselves in a bind, being poorly prepared when they receive notice of an imminent delivery of vaccines with no detailed plan or assigned resources to get the job done. If anything, we have had plenty of time to prepare for vaccination efforts. There are clearly failures at all levels. While communication between and among federal, state, and local jurisdictions has certainly taken place beyond these documents, the standards and measures need to be more apparent.

We need to do better and be better. Reflecting a bit on the piece I wrote yesterday, we need to be thorough and imaginative in our preparedness efforts without excluding possibilities. Local jurisdictions must be prepared to support vaccinations in their communities. As I’ve written before, most health departments simply don’t have the capacity to do this. Jurisdictions need to engage with their health departments for the best guidance possible and work from that. An 80% solution now is better than a 20% solution later. As with any disaster, local communities are the first stakeholder and the last.

What are you seeing from your states? What do you think is missing in our overall efforts?

© 2020 Timothy Riecker, CEDP

Emergency Preparedness Solutions, LLC®

Don’t Plan Yourself into a Corner

Tim Riecker, The Contrarian Emergency Manager 2 Comments

I’ve long been an advocate for detailed planning. Plans should identify who (by position or title) are decision-makers, who are action agents, and how things are to be done. Without identifying these responsible parties and the processes necessary to execute planned actions, plans will generally lack the ability to be successfully implemented. Context is also important. To address this, plans have a preamble that identifies the scope and objectives of the plan. All of this tells us what circumstances the plan is intended to apply to and what it expects to accomplish. Details matter. That said, making plans too specific can also spell trouble.

(I figured putting up the cover Michael McCaul’s Failures of Imagination was suitable for this post, as it’s all about emergency management suffering from a lack of imagination.)

In terms of context, only some plans need to be very precise about when and how they are used. Give yourself some wiggle room. If you don’t provide a proper and wide enough scope and objectives to the plan, you are already poisoning the well. Case in point – a lot of entities have realized that their pandemic plans have failed them, and as such are re-writing their plans. I’m hearing of many totally scrapping their old pandemic plans and writing the new ones as if all future infectious disease outbreaks will behave exactly as Coronavirus has. The old plans largely failed not necessarily because our assumptions were wrong, but because they were too narrow. Don’t make the same mistake. A proper scope and objectives will help properly define what you want to address. If these are too focused or narrow, you leave out a lot of possibilities.

When it comes to strategies and procedures, plans often fail because they don’t have enough detail. But plans can also fail if they are too restrictive or if the strategies and procedures don’t align with the scope and objectives. Restrictive plans define rigid circumstances under which approaches are taken, and/or those approaches are so rigidly defined that they will only work under certain circumstances or with all the right personnel and resources. You’ve been through disasters, right? You realize that disasters impose extreme circumstances upon us; impacting health, safety, and infrastructure; and we rarely ever have all the resources we would like to have in resolving that disaster. In fact, I’d argue that if disasters only impacted us the way we want them to, it would be more of an inconvenience rather than a disaster.

So unless you expect your title to change to Inconvenience Manager, remember that all preparedness starts with planning. Do your research and know your hazards, threats, and vulnerabilities, but don’t be totally encumbered by them either. Broaden your planning assumptions where you can, which will open your scope. Ensure that your planning objectives truly define what you intend for the plan to accomplish. Plan with greater detail and fewer restrictions. Ensure that succession and chain of command are addressed, so it’s not just a certain title or position that has authority over certain actions. Ensure that people are cross trained and that both people and plans are exercised with a certain extent of random factors in scenarios. Our plans and our resources must be agile to be successful.

Sure, we can improvise and get out of a corner that our plans back us into or don’t address, but we are better prepared if we can acknowledge the possibility of other scenarios. This is why planning teams contribute to successful plans. It’s the different perspectives they bring, with a lot of ‘what ifs’ and different viewpoints. Open your eyes and look around. One of the biggest enemies of emergency management is tradition. Is it any wonder why the same corrective actions keep rising to the surface?  Do better. Be better.

Thoughts?

© 2020 Timothy Riecker, CEDP

Emergency Preparedness Solutions, LLC®

Incident Management Advisors

Tim Riecker, The Contrarian Emergency Manager 2 Comments

It’s frustrating to see poor incident management practices. For years I’ve reviewed plans that have wild org charts supposedly based on the Incident Command System (ICS); have conducted advanced-level training with seasoned professionals that still don’t grasp the basic concepts; have conducted and evaluated exercises and participated in incident responses in which people clearly don’t understand how to implement the most foundational aspects of ICS. On a regular basis, especially since people know my focus on the subject, I’m told of incident management practices that range from sad to ridiculous.

Certainly not everyone gets it wrong. I’ve seen plans, met people, and witnessed exercises and incidents in which people clearly understand the concepts of ICS and know how to put it into action. ICS is a machine, but it takes deliberate and constant action to make it work. It has no cruise control or auto pilot, either. Sometimes just getting the incident management organization to stay the course is a job unto itself.

If you are new here, I’ve written plenty on the topic. Here’s a few things to get you pointed in the right direction if you want to read more.

ICS Training Sucks. There are a series of related posts that serve as a key stone to so much that I write about.

The Human Factor of Incident Management. This bunch of related articles is about how ICS isn’t the problem, it’s how people try to implement it.  

As I’ve mentioned in other posts, it’s unrealistic for us to expect most local jurisdictions to assemble and maintain anything close to a formal incident management team. We need, instead, to focus on improving implementation of foundational ICS concepts at the local level, which means we need to have better training and related preparedness activities to promote this. Further, we also know that from good management practices as well as long-standing practices of incident management teams, that mentoring is a highly effective means of guiding people down the right path. In many ways, I see that as an underlying responsibility of mine as a consultant. Sometimes clients don’t have the time to get a job done, but often they don’t have the in-house talent. While some consultants may baulk at the mere thought of building capability for a client (they are near sighted enough to think it will put them out of work), the better ones truly have the interests of their clients and the practice of emergency management as a whole in mind.

So what and how do we mentor in this capacity? First of all, relative to incident management, I’d encourage FEMA to develop a position in the National Qualification System for Incident Management Advisors. Not only should these people be knowledgeable in implementations of ICS and EOC management, but also practiced in broader incident management issues. Perhaps an incident doesn’t need a full incident management team, but instead just one or two people to help the local team get a system and battle rhythm established and maintained. One responsibility I had when recently supporting a jurisdiction for the pandemic was mentoring staff in their roles and advising the organization on incident management in a broader sense. They had some people who handled things quite well, but there was a lot of agreement in having someone focus on implementation. I also did this remotely, demonstrating that it doesn’t have to be in person.

In preparedness, I think there is similar room for an incident management advisor. Aside from training issues, which I’ve written at length about over the years (of course there will be more!), I think a lot of support is needed in the realm of planning. Perhaps a consultant isn’t needed to write an entire plan, but rather an advisor to ensure that the incident management practices identified in planning documents are sound and consistent with best practices, meet expectations, and can be actually implemented. So much of what I see in planning in regard to incident management has one or more of these errors:

  1. Little mention of incident management beyond the obligatory statement of using NIMS/ICS.
  2. No identification of how the system is activated and/or maintained.
  3. As an extension of #2, no inclusion of guidance or job aids on establishing a battle rhythm, incident management priorities, etc.
  4. An obvious mis-understanding or mis-application of incident management concepts/ICS, such as creating unnecessary or redundant organizational elements or titles, or trying to force concepts that simply don’t apply or make sense.
  5. No thought toward implementation and how the plan will actually be operationalized, not only in practice, but also the training and guidance needed to support it.

In addition to planning, we need to do better at identifying incident management issues during exercises, formulating remedies to address areas for improvement, and actually implementing and following up on those actions. I see far too many After Action Reports (AARs) that softball incident management shortfalls or don’t go into enough detail to actually identify the problem and root cause. The same can be said for many incident AARs.

When it comes to emergency management, and specifically incident management, we can’t expect to improve without being more direct about what needs to be addressed and committing to corrective actions. We can do better. We MUST do better.

New polling function in WordPress… Let’s give it a try.

©2020 Timothy Riecker, CEDP

Emergency Preparedness Solutions, LLC®

A NEW NYS Public Employer Emergency Planning Requirement

Tim Riecker, The Contrarian Emergency Manager 1 Comment

On Labor Day, NYS Governor Cuomo signed a bill requiring public employers to develop a very specific emergency plan for future public health emergencies. This may include a continuation of the Coronavirus pandemic, or another emergency. Some details and guidance below…

WHO

The requirement applies to public employers, including:

  • State, county, and local governments
  • Public authorities (bridge, water, airport, etc.)
  • Commissions
  • Public corporations
  • Agencies
  • School districts
    • It’s important to note that the requirement for school districts has also been codified into state education law through this bill, to be included in school safety plans.

WHAT

The new law requires these plans to include the following:

  • A list and description of positions and titles considered essential
    • Note that the definition of ‘essential’ in the bill means employees who must work on site.
  • Protocols which will enable non-essential employees to work remotely
  • A description of how work shifts can be staggered to reduce overcrowding on public transportation and in the workplace
  • Protocols for procuring, storing, and distributing PPE
  • Protocols to prevent the spread of disease if an employee is exposed, symptomatic, or tests positive for the disease in question
  • Protocols for documenting hours and work locations of all employees for contract tracing
  • Protocols for coordinating with applicable government entities for emergency housing for employees, if needed

WHEN

Though there were no timeframes included in the bill itself, the Governor’s website provided two benchmarks of time. It states that plans are to be submitted to unions and labor management committees within 150 days, and all plans must be finalized by April 1, 2021.

The 150-day timeframe is obviously a bit confusing, as it doesn’t give a start date (i.e. 150 days from when?). I’ve sent inquiries to the Governor’s office, as well as my State Assemblyman and State Senator for clarification. Once I have an answer, I’ll provide it as a comment to this post. I will note that if the 150 day clock started on Labor Day, that alarm will go off on Friday February 4, 2021.

Once finalized, the plan must be included in any existing employee handbook and made otherwise available to employees. In terms of any kind of oversight or audit, there is no provision for such identified in the legislation. Aside from the requirement for school districts to meet this requirement being appended to state education law, this bill appends state labor law. As such, the NYS Department of Labor would have enforcement oversight, if they chose to or are directed to do so. That said, the bill does direct the NYS Department of Labor to establish procedures to allow for public employees to contact and inform the Department of any alleged or believed violations of the provisions of the law. Further, they are directed to establish a webpage and hotline to facilitate such.

HOW

Unfortunately, no existing planning requirement or standard will meet this requirement. While there are elements of continuity of operations planning in this, the focus is shifted and hits some very specific elements which are likely not included in many continuity of operations plans. That said, a new plan needs to be developed to meet this requirement. These elements certainly can be appended into a continuity of operations plan, but it’s important to note that these provisions are intended for future public health emergencies (not that some couldn’t be used for other hazards), and that, should any kind of audit occur, for those purposes it’s usually better to meet requirements through stand-alone documents.

As most public employees are members of labor organizations (unions), and the bill itself was endorsed by the AFL-CIO, there is a requirement for employers to submit the plans to unions and labor management committees for review. These entities have an option to provide comment, to which the employer is required to provide written responses prior to finalizing the plan.

There is some thought and coordination required to make this an effective and meaningful plan which also meets the legal requirements. Detail will need to be developed, specific to each public employer and their circumstances, for the protocols required in the plan. When developing procedure and protocol, be sure to:

  1. identify specifically what needs to be done,
  2. who the action agents are,
  3. what the ideal end state is,
  4. the timeframe in which it should be accomplished, and
  5. who has decision-making authority over those actions

Of course, in developing the plan, the best guidance I can give is to follow the planning process identified in FEMA’s CPG 101. Lastly, be sure to consider that the specific actions we have taken in response to the Coronavirus pandemic may not be the actions we take for another disease. Plans must maintain this flexibility.

NEED HELP?

Recognizing the challenges associated with developing this plan for small and large entities alike, my company – Emergency Preparedness Solutions (EPS) – has developed a template to support these planning requirements. We are making this template free for use by NYS public employers. I continue to have concerns with templates, cautioning against people simply ‘pencil whipping’ the document, but the developed template includes a lot of guidance and identifies content areas which need to be specifically developed by the public employer, so if the planning process is properly followed, I don’t expect that will be a problem with this template.

A BIT OF AN AD

Further, if jurisdictions want assistance in developing these plans, EPS is available to assist (contractually, of course). We’ve spent a lot of time reviewing these new requirements since they were signed and we’re already slated to discuss these in some webinars for specific public employer groups in New York State. Knowing that some small jurisdictions may be in a bit of a bind to meet this requirement, we are offering our services relative to this plan at not cost for the first 10 NYS public employers which employ between 1 and 10 full time employees if we have an executed contract by November 30th of this year – so be sure to contact us soon!

© 2020 Timothy Riecker, CEDP

Emergency Preparedness Solutions, LLC®

When the Solution Becomes the Problem

Tim Riecker, The Contrarian Emergency Manager Leave a comment

Ever think a problem was fixed just to find that the solution was really more of a problem or a totally different kind of problem. While this can certainly happen in our person lives, I see this happen a lot in my professional life, and I’m sure you do as well. Through my tenure in emergency management, I’ve seen a lot of ill-informed assessments, poorly written plans, misguided training programs, bad hires or contracts, unwise equipment purchases, and exercises that could really be called damaging. Not only is the time, money, and effort put into developing these a waste of time (aside from learning how not to do them), they can have ramifications that cause issues to be solved in the short term or down the road.

Poorly conducted assessments can result in a lot of problems. If the data, the analysis, or conclusions are wrong, this can have considerable consequences if that assessment was intended to inform other projects, such as plans, construction, hazard mitigation efforts, staffing, and more. I’ve seen people point to reports with the assumption that the data was complete, analysis was unbiased, and conclusions are correct, and with something akin to blind obedience. When an assessment is used to justify spending and future efforts, we need to ensure that the assessment is carefully planned and executed. Similarly, we’ve all seen a lot of decisions based on no assessment at all. This can be just as dangerous.

Bad planning is a problem that has always, and I fear will always, plague emergency management. Of course, there are some really stellar plans out there, but they seem to be the exception. There are an abundance of mediocre plans in existence, which I suppose are fine but in the end aren’t doing anyone any favors because while the plans themselves may be fine, they tend not to include much useful information, specifics on procedure, or job aids to support implementation of the plan.

Here’s an example of how disruptive bad plans can be: A few years ago, my firm was hired by a UASI to design, conduct, and evaluate a couple of exercises (one discussion-based, the other operations-based) to validate a new plan written for them by another firm. Being that the exercises were to be based on the plan, I took a deep dive into the plan. I honestly found myself confused as I read. I forwarded the plan to a member of our project team to review and, quite unsolicited, I received a litany of communications expressing how confounded he was by the plan. At the very best, it was unorganized and poorly thought out. The subject matter lent itself to a timeline-based progression, which they seemed to have started then abandoned, which resulted in a scattering of topic-based sections that were poorly connected. After conferring with that team member to develop some very specific points, I approached our client for a very candid conversation. I came to find out that the planning process recommended and established by CPG-101, NFPA 1600, and others, was not at all used, instead the firm who built the plan didn’t confer with stakeholders at all and delivered (late) a final product with no opportunity for the client to review and provide feedback. This is a firm that gives other consulting firms a bad name. Working with the client, we restructured our scope of work, turning the tabletop exercise into a planning workshop which we used to inform a full re-write of the plan, which we then validated through the operations-based exercise.

Having been involved in training and exercises for the entire duration of my career, I’ve seen a lot of ugly stuff. We’ve all been through training that is an epic waste of time – training that clearly was poorly written, wasn’t written with the intended audience in mind, and/or didn’t meet the need it was supposed to. For the uninitiated, I’ll shamelessly plug my legacy topic of ICS Training Sucks. Possibly even worse is training that teaches people the wrong way to do things. Similarly, poorly designed, conducted, and evaluated exercises are not only a waste of time, but can be very frustrating, or even dangerous. Don’t reinforce negative behavior, don’t make things more complex than they are, don’t put people in danger, and DO follow established guidance and best practices. Finally, if you are venturing into unknown territory, find someone who can help you.

Equipment that’s not needed, has different capability than what is needed, is overpurchased, underperforms, undertrained, poorly stored and maintained, readily obsolete, and not used. Familiar with any of this? It seems to happen with a lot of agencies. Much of this seems to stem from grant funding that has very specific guidelines and must be spent in a fairly short period of time. Those who have been around for a while will remember the weapons of mass destruction (WMD) preparedness program that started prior to 9/11 and was bolstered by post-9/11 program funding. The centerpiece of this program was equipment purchases. While there was some good that came from this program, I witnessed a lot of wasted money and mis-guided purchases for equipment that wasn’t needed, for jurisdictions that didn’t need it or couldn’t sustain it, and supporting training and exercises to teach people how to use the equipment and keep them proficient. A lot of this circles back to poor (or non-existent) assessments used to inform these purchases, but the real culprit here is the ‘spend it or lose it’ mentality of grant surges like this. Foundational aspects of this program, such as defined need, sustainability, and interoperability were often skewed or ignored in favor of simply spending the funds that were thrust upon jurisdictions. I really blame the poor structuring of this program at the federal level on the poor implementations I saw and heard of at the state and local levels.

There are so many other examples of poor implementations that cause problems. Poorly built infrastructure, misguided hazard mitigation projects, and even poor responses. In the realm of response, I’ll draw on another example that I was involved in. Large disasters really do need to draw on a whole-community approach, which often leads to agencies who aren’t used to large-scale and long-duration incident operations going in over their heads. In one large disaster, I had been hired to help lead a team assembled to fix just such an occurrence, charged with rescuing a functionally necessary program that had been managed into the ground by a well intentioned but overly bureaucratic agency with high degrees of micromanagement. The time, money, and effort exerted to support saving this program from itself was fairly extensive, and, in implementation, challenging given the layers and nuances created by the agency that built it. In the end, the biggest issues they had were not listening to subject matter experts, some of which were in their own agency, and, ultimately, a failure of executives to deal with very apparent problems.

Most emergency management agencies operate on very slim and limited budgets. Being efficient and effective is of great importance. Don’t waste limited money or limited time of limited staff. Sometimes the things with greatest impact are simple, but if executed poorly the consequences can be high. Think things through and consult the right people. It makes a difference.

©2020 Timothy Riecker, CEDP

Emergency Preparedness Solutions, LLC

What Makes an Emergency Manager?

Tim Riecker, The Contrarian Emergency Manager Leave a comment

Over the weekend I posted a question on Twitter that prompted a fair amount of discussion with my EM colleagues. What I asked:

Does simply working in emergency management make you an emergency manager? (Even with my ego) it took several years of working in the field before I was comfortable calling myself an emergency manager.

The resulting discussion brought up considerations of time on the job, job responsibilities and titles, education, professional certifications, standards, and other relevant topics. I fully admitted to my own biases, initially directed toward myself and my own career trajectory, but that I honestly have a tendency to carry over to others who might be new to an emergency management job; certainly, with no intent to belittle anyone or gatekeep the profession. The discussions over the weekend on Twitter led me to realize that part of my bias came from what roles I performed early in my career. My primary being a training technician, helping to prepare for and conduct training courses – certainly not managing the program until a few years later. Similarly, early in my career, any emergency deployments or taskings were at the ‘doer’ level, not anywhere near the actual supervision or management responsibilities that came a few years into my career. All of this was appropriate for early in my career. Certainly, I felt that I worked in the field of emergency management, but not that I was a true emergency manager. Not until I was given responsibility and authority, both in my primary job and emergency assignments, that I felt that I was an emergency manager.

I’d also suggest that I was influenced by my own impressions of many of the people I worked with and worked for. I was fortunate enough to learn and be mentored by some really incredible emergency managers (both in their primary and emergency roles). I was awed by their knowledge, their talent, and their ability to coordinate some very diverse groups of people and resources into a unity of effort. In my early years I couldn’t yet do that. I had a lot to learn and respect to garner before I felt I could call myself an emergency manager.

Certification is an interesting thing. While there are certifications in many professions, these fall into two significant types: Those that require experience and those that do not. I think they each have their place and are often appropriate to the profession which they are in. Standards are a related yet still different matter, especially since, in emergency management and related professions, there are several ‘certifications’ that can be obtained. The ideal is to have a standard in the profession. I think standards are something to be explored further, and I give a shoutout to friend and colleague Ashley Morris (@missashes92) who has a lot of thoughts about where standardization should go in emergency management. Personally, I think one standard of practice should be internships or mentorships. These are required by certain professions and I think that, when structured well, they are a great way to gain the proper kind of experience necessary.

Education was another topic that has relevance but also a lot of nuance, as it also has ties to job duties, certification, and standards. I don’t feel that someone having a degree at any level can simply call themselves an emergency manager. There is a lot of consideration for what degrees are applicable, and that’s a challenge given how broad emergency management is. Despite so many of us beating the drum that emergency management is not just response, we still see so many emergency management job postings listing experience requirements as a first responder. It’s a challenge for us to identify as a unique profession when so many jurisdictions simply appoint a police officer or fire fighter to an emergency management job because it’s “close enough” (given no other screening or qualifications). We all know emergency management is so much broader than response applications yet, as a profession, we tolerate that crap. Emergency management has so many niche functions within, many of which are supported by their own unique education standards: engineers, finance and grants, technology, communications, public and/or business administration/management, instructional design, human services, public health, and so much more. Think about all the business units within a large emergency management agency, or a ‘day in the life’ of a one-person emergency management shop. Recovery, mitigation, preparedness, response, grants, volunteer management, community engagement, interagency coordination, logistics, etc. None of that is one skillset. Yet many education programs in emergency management will just talk history and theory. Others will focus on response. Few seem to do it right, giving a good, comprehensive picture of it all. Depending on where they will work, some practitioners need to know about a lot of different things, while in others they can specialize.

Is someone who just does grants management any less of an emergency manager than someone who only does mitigation or someone who only does training? To even put a bit more of a curve on this, how about someone who is an academic, or a researcher, or a consultant? What boxes need to be checked to be labeled as an emergency manager?

The discussion on Twitter to my one question lasted a couple of days, with a lot of really interesting thoughts and insight. Everyone that contributed had very valid perspectives, and it seemed that many agreed that there is no simple answer.

As always, I’m interested in the thoughts of my readers. What do you think is makes an emergency manager?

©2020 Timothy Riecker, CEDP

Emergency Preparedness Solutions, LLC®

The Universal Adversary Mindset

Tim Riecker, The Contrarian Emergency Manager 1 Comment

Some of you are probably familiar with the concept of the Universal Adversary (UA). From previous Homeland Security Exercise and Evaluation Program (HSEEP) doctrine, UA is “a fictionalized adversary created by compiling known terrorist modifications, doctrine, tactics, techniques, and procedures in live, virtual, and constructive simulations. The UA is based on real realistic threats … providing participants with a realistic, capabilities-based opponent.” UA is often executed by a Red Team, which serves as an exercise-controlled opposing force for participants.

Over the past few years, I’ve heard less and less of the Universal Adversary concept. DHS used to have a UA Program supporting terrorism-based prevention and responses exercises, dating back to the early 2000s, but lately I’ve neither seen or heard anything about the continuation of the program or capability. (can any readers confirm the life or death of this capability?)

Regardless, the concept of UA offers a fair amount of opportunity, not only within the Prevention Mission Area, but across all of exercise design and perhaps other areas of preparedness – yes, even across all hazards. Of course, I recognize the difference between human perpetrators and other hazards, but just stick with me on this journey.

The fact of the matter is that we so often seem to have, as the 9/11 Commission Report made the phrase infamous, a failure of imagination in our preparedness. I’m not saying we need to go wild and crazy, but we do need to think bigger and a bit more creatively – not only in the hazards that threaten us, but also in our strategies to address them.

The UA concept is applied based on a set of known parameters, though even that gives me some concern. In the Prevention world, this means that a Red Team will portray a known force, such as ISIS, based upon real intel and past actions. We all know from seeing mutual fund commercials on TV that past performance does not predict future results. While humans (perpetrators and defenders alike) gravitate toward patterns, these rules can always and at any time be broken. The same can be said for instances of human error or negligence (see the recent and terrible explosion in the Port of Beirut), or in regard to someone who we have a love-hate relationship with… Mother Nature. We need to be ever vigilant of something different occurring.

There is the ever-prolific debate of scenario-based preparedness vs capability-based preparedness. In my opinion, both are wrong and both are right. The two aren’t and shouldn’t be set against each other as if they can’t coexist. That’s one mindset we need to move away from as we venture further into this. We need to continue with thinking about credible worst-case scenarios, which will still be informed by previous occurrences of a hazard, where applicable, but we need to keep our minds open and thinking creatively. Fundamentally, as the UA concept exists to foil and outthink exercise participants, we need to challenge and outthink ourselves across all areas of preparedness and all hazards.

A great example of how we were foiled, yet again, by our traditional thinking is the current Coronavirus pandemic. Practically every pandemic response plan I’ve read got it wrong. Why? Because most pandemic plans were based upon established guidance which emergency managers, public health officials, and the like got in line and followed to the letter, most without thinking twice about it. I’m not being critical of experts who tried to predict the next pandemic – they fell into the same trap most of us do in a hazard analysis – but the guidance for many years has remained fairly rigid. That said, I think the pandemic plans that exist shouldn’t be sent through the shredder completely. The scenarios those plans were based upon are still potentially valid, but Coronavirus, unfortunately, started playing the game in another ball field. We should have been able to anticipate that – especially after the 2003 SARS outbreak, which we pretty much walked away from with ignorant bliss.

It’s not to say that we can anticipate everything and anything thrown at us, but a bit of creativity can go a long way. Re-think and re-frame your hazards. Find a thread and pull it; see where it leads you. Be a little paranoid. Loosen up a bit. Brainstorm. Freeform. Improv. Have a hazard analysis party! (I come darn close to suggesting an adult beverage – take that as you will). We can apply the same concepts when designing exercises. Consider that in the world of natural hazards, Mother Nature is a Universal Adversary. Any time we hope to have out-thought her, she proves us wrong, and with considerable embarrassment. We also try to out-think the oft stupidity and negligence of our fellow humans… clearly, we’ve not been able to crack that nut yet.

“Think smarter, not harder” is such an easy thing to say, but difficult, often times, to do. So much of what we do in emergency management is based on traditional practices, most of which have valid roots, but so often we seem reluctant to think beyond those practices. When the media reports that a disaster was unexpected, why the hell wasn’t it expected? Consider that many of our worst disasters are the ones we never thought of. Challenge yourself. Challenge others. It is not in the best interests of this profession or for the people we serve to stay stuck in the same modes of thinking. Be progressive. Break the mold. Do better.

© 2020 Timothy Riecker, CEDP

Emergency Preparedness Solutions, LLC®