Hot Topic: Emergency Financial Managers

The recent and ongoing water crisis in Flint, Michigan has resulted in the term ‘emergency manager’ being used quite often in relation to this incident – but not in a way we are used to.  Instead of speaking of a profession or position that is concerned with coordinating resources for disaster preparedness, response, and recovery; they are instead speaking of an emergency financial manager.  An emergency financial manager is someone who is, as I understand it, appointed by state government when a jurisdiction goes into receivership (i.e. they are bankrupt).  This ABC news article provides some background of the system.

Unfortunately, there are a number of documents out there that refer to these emergency financial managers as emergency managers.  To be honest, much of the public doesn’t have a good understanding of what emergency managers do, and this certainly lends to mucking that up even further.  This link has some explanation of what an emergency (financial) manager should be and the laws under which they are authorized.

Last week, the International Association of Emergency Managers (IAEM) published a press release which pointed out this difference and urged a more careful use of these terms.  The release can be found here.

While I applaud IAEM’s effort, I think they need to continue this further.  The term ‘emergency manager’ seems to be used in place of ‘emergency financial manager’ in government documents, which are the source documents used by the media and others.  I would urge IAEM to use its lobby power within the states which have these laws and regulations to ensure that the proper terminology is used, encouraging amendments to these documents as necessary.  Being soft handed doesn’t always work, and change won’t often happen unless it is more strongly encouraged.

© 2016 – Timothy Riecker, CEDP

Advertisements

7 Emergency Management Priorities for the Next Administration

Heritage.org recently published a piece outlining the top four homeland security priorities for the next administration, which can be found here.  It’s a thought provoking article that certainly identifies some important issues.  In the same spirit, I’d like to offer what I think are the emergency management priorities for the next administration.

1) Support an Effective FEMA Organizational Model

The Heritage.org model pointed out several issues with the DHS organization that need to be addressed sooner rather than later.  I’d like to add some FEMA-specific items to their suggestions, regardless of if FEMA is kept within DHS or not (honestly, I think that ship has sailed and FEMA is there to stay).

In building a bit of background for this article, I took a look at FEMA’s current strategic plan, knowing that the document already identifies some of their priorities.  Within in that list of priorities, they mention mission and program delivery, becoming an expeditionary organization, posturing and building capability for catastrophic disasters, and strengthening their organizational foundation.  To me, these four all directly relate to their organizational model.

Along with having a strong central administration of programs, FEMA needs to have agility in their program delivery.  This is best accomplished through the FEMA regional offices, which act as an extension of the ‘central administration’ by coordinating directly with states and neighboring regions to apply those programs in the best possible manner within the guidelines of the program.  While this is currently performed, it is not performed to the greatest extent possible.  John Fass Morton provides some great perspective on this approach in his book ‘Next-Generation Homeland Security’.  Info on the book can be found here.

2) Bolster Risk Reduction Programs

I write often about preparedness, as that has always been a focus of my career.  Risk reduction, however, is essential to eliminating or reducing the impacts of hazards on communities.  Risk reduction includes all aspects of hazard mitigation and resilience, which are ideally applied at the local level but supported by state and federal programs, policies, and resources.

While the National Weather Service has implemented and promoted the StormReady program, which encourages community resilience, the best program we have ever had in our field is Project Impact.  I’d love to see a revival of Project Impact (call it that or something else – I don’t really care), incorporating the concepts of StormReady as well as other best practices in risk reduction.  A big part of this program MUST be incentivization, especially access to funds that can be applied for in the present for hazard mitigation activities.

3) Build a Better Cybersecurity Program

This item was added to the list by a colleague of mine.  It’s also found on the Heritage.org list.  It must be pretty important, then.

Yes, there are a LOT of initiatives right now involving cybersecurity, but I think there can be more.  Jon, the same colleague who suggested this for my list has also stated repeatedly that cybersecurity is really a Core Capability that cuts across all mission areas – Prevention, Protection, Response, Mitigation, and Recovery.  The recent update of the National Preparedness Goal suggests this, but sadly doesn’t commit.

What do we need in regard to cybersecurity?  First of all, we need to demystify it.  There are plenty of people out there who have just enough tech savvy to turn on their computer, send some email, and post to Facebook.  While that may work for them, they are likely intimidated by talk of cybersecurity, hackers, and the like.  We need to continue programs in plain speak that will help to inform the average consumer about how to protect themselves.

Better coordination with the private sector will pay off heavily when it comes to cybersecurity.  Not only is the private sector generally better at it, they also have a tendency to attract experts through better incentives than the government can offer, such as higher pay.  Cybersecurity also impacts everyone.  We’ve seen attacks of all types of systems.  The only way to stop a common enemy is to work together.  Let’s think of it as a virtual whole-community approach.

4) Prepare for Complex Coordinated Attack

Another of Jon’s suggestions.  While terrorism is often quickly shoved into the category of homeland security, there is a lot that emergency management can assist with.  These types of attacks (think Mumbai or Paris) have a significant impact on a community.  They require a multi-faceted approach to all mission areas – again, Prevention, Protection, Response, Mitigation, and Recovery.  While law enforcement is clearly a lead, they must be strongly supported by emergency management as part of a whole-community approach to be successful. Preparedness across all these mission areas must be defined and supported by federal programs.

5) Infrastructure Maintenance

We have roads, bridges, rail, pipes, and other infrastructure that MUST be maintained.  Maintenance (or replacement) will not only prevent failure of the infrastructure as a disaster itself, but will also make it more resilient to impacts from other disasters.  Yes, these are projects with huge price tags, but what alternative do we have?

6) Continuity of Existing Model Programs

There are few things more infuriating than a new administration wiping the slate clean of all predecessor programs to make room for their own.  While every administration is entitled to make their own mark, getting rid of what has been proven to work is not the way to do that.  Eliminating or replacing programs has a significant impact all the way down the line, from the federal program administrators, to the state program people, to the local emergency managers who are often understaffed and underfunded to begin with.

Changing gears is not as simple as using a different form tomorrow, it requires research and training on the new program and costs time to re-tool.  While I would never say there is nothing new under the emergency management sun, as I believe we are still innovating, I’m pretty skeptical of some new appointee walking into their job and making wholesale changes.  While improvements can certainly be made, summary execution of successful programs does no one any good.  Let’s not make change simply for the sake of change.

Related to this, I fully support the efforts of FEMA in the last few years to gain comprehensive input on changes to documents and doctrine through the formation of committees and public comment periods.  This approach works!

7) Pull Together Preparedness Programs

NIMS, HSEEP, NPG, THIRA, etc… While each of these programs have their own purpose and goals, more  can be done to bring them together.  I’m not suggesting a merger of programs – that would simply make a huge mess.  What I’m suggesting is to find the connections between the programs, where one leads to another or informs another, and highlight those.  Things like better application of the Core Capabilities within HSEEP exercises to have a more effective evaluation of NIMS capabilities (I suggested this while being interviewed for a GAO report), or referencing the THIRA when building a multi-year training and exercise plan.  While some jurisdictions may already do this, these are best practices that should be embraced, promoted, and indoctrinated.  These links typically don’t add work, in fact they capitalize on work already done, allowing one project/program/process to be informed or supported by another, creating efficiencies and supporting a synchronization of efforts and outcomes.

There is my list of seven.  What are your thoughts on the list?  There are certainly plenty of other ideas out there.  If you had the ear of the next President, what would you suggest be their administration’s emergency management priorities?

© 2016 – Timothy Riecker

Emergency Preparedness Solutions, LLCYour Partner in Preparedness

A New NFPA 1600

Several weeks ago (I forgot to post it!) the National Fire Protection Association (NFPA) released the 2016 update of their 1600 standard, and with a slightly different name: Standard on Disaster/Emergency Management and Business Continuity/Continuity of Operations Programs.  More on the name change in a bit.

For those not familiar with NFPA 1600, if you are in the emergency management field, you should be familiar with it.  While not legally binding (unless specifically referenced by a law or regulation), NFPA 1600 is an excellent standard for modeling an emergency management program.  Like any good standard, it provides guidance on what components you should have, but doesn’t tell you how to do it. NFPA 1600 is also very complimentary to the Emergency Management Accreditation Program (EMAP), with no conflicts between these standards – mostly because EMAP foundationally references much of NFPA 1600.  NFPA 1600 can be found here.  The NFPA provides a free download of the standard (it is heavily copyrighted, so exercise prudence in how you handle it) or you can pay to obtain paper copies.

On to the changes in this update.  As mentioned, the title has been altered a bit by adding ‘Continuity of Operations’.  While it doesn’t say so, I’m guessing that some government-types may have approached NFPA 1600 a bit skeptically thinking that it was really intended for the private sector.  The thing is, business continuity is a specific function within emergency management, but largely follows many of the same processes, just with a particular focus.

Within the standard, the early section titled ‘The Origin and Development of NFPA 1600’ summarizes the evolution of the standard, and provides some information on the changes to the 2016 update.  They mention that “The purpose of the standard has been changed to reflect the Committee’s decision to emphasize that the standard provides fundamental criteria for preparedness and that the program addresses prevention, mitigation, response, continuity, and recovery.  In other words, “preparedness” is no longer just an element of the program – it is the program.” That perspective on preparedness is a great continued evolution of the concept within emergency management.  While the standard in emergency management used to be the emergency management cycle with preparedness as one phase, that is thankfully beginning to go away (although it’s still seen out there way too much for my taste).

old em cycle

The Old Emergency Management Cycle – DON’T USE THIS ANYMORE!

The truth is preparedness permeates everything we do – all phases (or mission areas) of emergency management.  That’s why there are five mission areas identified in the National Preparedness Goal (Protection, Prevention, Response, Mitigation, and Recovery).  Where is preparedness?  It’s the root of the document (literally… it’s in the name of the document).  Preparedness is addressed for each mission area.  We must prepare to protect, prepare to prevent, prepare to respond, prepare to mitigate, and prepare to recover.

As usual, I digress…

Back to NFPA 1600.  This 2016 update includes language within “crisis management planning to include issues that threaten the reputation of and the strategic and intangible elements of the entity as a result of an event or series of events…”.  Smart move.  These elements of crisis management are something we see in both the public and private sector and certainly should be addressed.

Since business continuity does remain a focus element of the standard, they have continued to enhance those aspects.  As such, they have included information on supply chain risk and information security within the document.  When considering business continuity, we can’t just look at our own operations.  The vulnerabilities of other organizations can certainly impact us, so examining supply chain vulnerabilities is wise.  As for information security, we have seen plenty of internal and external cybersecurity issues to justify that.  Although a bit late, I’m glad the NFPA is keeping up with technology and current trends and hazards.  They have also rewritten much of the business impact analysis section (within Chapter 5) to address continuity planning and recovery planning, with a specific differentiation between the two.

Lastly, they have added Annex C, a small business preparedness guide (good move NFPA!), and have added material on addressing the needs of persons with access and functional needs, as well as adding some information on the role of social media in crisis communications plans.

These are all positive changes for the NFPA 1600 standard.  I encourage everyone who is part of an emergency management program to take a look at it and see what it has to offer.  It’s good guidance and will probably provide some good ideas for helping you grow and maintain an impactful program.

For those interested, I have a couple of past articles on standards in emergency management:

Standards in Emergency Management Programs

Business Continuity and Emergency Management Standards and Requirements

 

© 2016 – Timothy Riecker

Emergency Preparedness Solutions, LLCWe are your Partner in Preparedness!

Don’t Just Take It From Me – There are Issues with ICS Training

The February 2016 edition of the Domestic Preparedness Journal highlighted, among other things, some concerns with ICS training in the United States.  First off, if you aren’t subscribed to the DPJ, you should be.  It’s free and they offer good content, with few extraneous emails beyond the journals.  Check them out at www.domesticpreparedness.com.

The specific article in this issue I’m referencing is Incident Command System: Perishable if Not Practiced, by Stephen Grainer. Mr. Grainer is the Chief of Incident Management Systems for the Virginia Department of Fire Programs.  Steve has a significant depth in ICS and understands all the nuances of preparedness and application.  I first met him when serving on the national NIMS steering committee with him several years back.

The title of the article is a bit deceptive – it’s not just focused on the issue of the training being perishable.  Right up front, Mr. Grainer, who is a longtime supporter and advocate of ICS, outlines a few shortcomings and constraints related to the application of ICS and ICS training.  He states that “little attention has been given to developing the students’ ability to recognize an evolving situation in which more formalized implementation of the ICS should be undertaken”.  This underscores one of my main points on the failings of the ICS curriculum.  We teach people all about what ICS is, but very little of how to use it.

After giving a few case studies that reflect on the shortcomings he highlighted, Mr. Grainer expresses his support for continued training, refresher training (something not currently required), and opportunities to apply ICS in ways that public safety and emergency management don’t do on a regular basis.  He summarizes by stating that not only does training need to continue to address succession and bench depth, but also the need to address how to maintain competencies and address misunderstandings in NIMS/ICS.

Yes, training does need to continue, but it must be the RIGHT training!  We continue doing a disservice by promoting the current ICS courses which fall well short of what needs to be accomplished.  Mr. Grainer’s mention of the need for our training to address better implementation of ICS, particularly beyond the routine, is perhaps a bit understated, but nonetheless present.  Refresher training also needs to be incorporated into a new curriculum, as these skills are absolutely perishable – particularly the aspects of ICS typically reserved for more complex incidents.

In the event you aren’t familiar with my earlier posts on ICS and my crusade for a better curriculum, check out these posts.  As I’ve said before, this isn’t a pick-up kickball game… this is public safety.  We can do better.

Shameless plug:  Assessments, Planning, Training, Exercises.  Emergency Preparedness Solutions does it all.  Contact us to find out how our experience can benefit your jurisdiction’s or organization’s emergency and disaster preparedness.  We are your partner in preparedness.  www.epsllc.biz.

© 2016 – Timothy Riecker

Emergency Preparedness Solutions, LLC