Project Responder and DHS’ Inability to Follow Standards

I was recently made aware of Project Responder, a publication sponsored by the DHS Science and Technology Directorate, which examines emergency response capability needs within the scope of current operational requirements, threats, and, hazards; with an ultimate focus on the identification of needs an correlating these with technological fixes.  The project description states that ‘the findings from the project can inform the US Department of Homeland Security’s decisions about investments in projects and programs to promote capability enhancement…’.  Project Responder 5 was published in August of this year.  Prior to this edition, I’ve not been familiar with the project, which started in early 2001.

The executive summary of the document states that ‘the document describes 37 capability needs identified by emergency responders…’ <record scratch>.  Hold on a moment… I thought DHS defined 32 Core Capabilities.  Yep, they still do.  The first page of Project Responder 5 includes a foot note that states ‘For purposes of this document, a capability is defined as “the means to accomplish one or more tasks under specific conditions”’.  So in other words, DHS can’t follow it’s own standards.  In many of my articles I’ve regularly remarked about the continual need to streamline our emergency management processes so we can make easier comparisons between these processes, efforts, and activities without having to establish cross walks or translations.  By working from the same standards, we can move easily move between mission areas, which don’t always have boldly marked lines between them, and have an ability to define target results and measure progress.  The Core Capabilities established by the National Preparedness Goal go a long way toward accomplishing this standardization.  It seems the folks in the Science and Technology Directorate don’t think they are that important, and this infuriates me.

The document outlines the 37 capability needs within nine capability domains.  These are:

  • Risk Assessment and Planning
  • Communication and Information Sharing
  • Command, Control, and Coordination
  • Training and Exercise
  • Responder Health and Safety
  • Intelligence and Investigation
  • Logistics and Resource Management
  • Casualty Management
  • Situational Awareness

Some of these appear to have direct correlation to some of what we know as the 32 Core Capabilities, while others seem to combine, redefine, or create new ones.  As the gaps within each domain are discussed, they reference applicable standards.  Interestingly enough, certain standards which you would expect to see aren’t present, such as NIMS being referenced in the Command, Control, and Coordination capability; and HSEEP referenced in the Training and Exercise capability.  Regardless of what technology applications are used to support these areas, these standards are fundamental.

It’s not that the data and analysis that comes out of Project Responder is entirely bad.  It isn’t.  But it’s not great either.  It seems to fall short consistently throughout the document.  The information also needs to be organized within the current lexicon, allowing the reader to make direct correlations to what we are familiar with.  I’m guessing that the project team who did the research and pulled the document together actually knows very little about emergency management or homeland security.  Their inability to communicate context and work within established standards seems to demonstrate this.  It’s fine that the document has a focus on technology implementations that can address gaps, but the fundamentals within the field of practice can’t be ignored.  I don’t see why this project could not have been conducted within the established industry standards.

Perhaps I’ve given a more soap-boxish post than I usually do.  I’m frustrated to see so much wasted time, effort, and dollars in something that could have been more impactful.  Please take a look through the document and let me know what your impressions are.  Also, if you happen to have any insight on this publication which I have missed or am not aware, I’d love to hear it.

Thanks for reading and be safe this holiday season.

© 2017 – Timothy Riecker, CEDP

Emergency Preparedness Solutions, LLC

Advertisements

2017 National Preparedness Report – A Review

With my travel schedule, I missed the (late) release of the 2017 National Preparedness Report (NPR) in mid-October.  Foundationally, the findings of the 2017 report show little change from the 2016 report.  If you are interested in comparing, you can find my review of the 2016 NPR here.

The 2017 NPR, on the positive side, provided more data and more meaningful data than its predecessor.  It appeared to me there was more time and effort spent in analysis of this data.  If you aren’t familiar with the premise of the NPR, the report is a compilation of data obtained from State Preparedness Reports (SPRs) submitted by states, territories, and UASI-funded regions; so the NPR, fundamentally, should be a reflection of what was submitted by these jurisdictions and regions – for the better or worse of it.  The SPR asks jurisdictions to provide an honest analysis of each of the core capabilities through the POETE capability elements (Planning, Organizing, Equipping, Training, and Exercising).

From the perspective of the jurisdictions, no one wants to look bad.  Not to say that any jurisdiction has lied, but certainly agendas can sway subjective assessments.  Jurisdictions want to show that grant money is being spent effectively (with the hopes of obtaining more), but not with such terrific results that anyone would think they don’t need more.  Over the past few years the SPRs, I believe, have started to normalize and better reflect reality.  I think the authors of the NPR have also come to look at the data they receive a little more carefully and word the NPR to reflect this reality.

The 2017 NPR (which evaluates 2016 data from jurisdictions) identified five core capabilities the nation needs to sustain.  These are:

  • Environmental Response/Health and Safety
  • Intelligence and Information Sharing
  • Operational Communications
  • Operational Coordination
  • Planning

I’m reasonably comfortable with the first two, although they both deal with hazards and details that change regularly, so keeping on top of them is critical.  Its interesting that Operational Communication is rated so high, yet is so commonly seen as a top area for improvement on after-action reports of exercises, events, and incidents.  To me, the evidence doesn’t support the conclusion in regard to this core capability.  Operational Coordination and Planning both give me some significant concern.

First, in regard to Operational Coordination, I continue to have a great deal of concern in the ability of responders (in the broadest definitions) to effectively implement the Incident Command System (ICS).  While the implementation of ICS doesn’t comprise all of this core capability, it certainly is a great deal of it.  I think there is more room for improvement than the NPR would indicate.  For example, in a recent exercise I supported, the local emergency manager determined there would be a unified command with him holding ‘overall command’.  Unfortunately, these false interpretations of ICS are endemic.

I believe the Planning core capability is in a similar state inadequacy.  Preparedness lies, fundamentally, on proper planning and the assessments that support it. While I’ve pontificated at length about the inadequacy of ICS training, I’ve seen far too many plans with gaps that you could drive a truck through.  I’ve recently exercised a college emergency response plan that provided no details or guidance on critical tasks, such as evacuation of a dormitory and support of the evacuated students.  The plan did a great job of identifying who should be in the EOC, but gave no information on what they should be doing or how they should do it.  The lack of plans that can be operationalized and implemented is staggering.

The NPR identified the top core capabilities to be improved.  There are no surprises in this list:

  • Cybersecurity
  • Economic Recovery
  • Housing
  • Infrastructure Systems
  • Natural and Cultural Resources
  • Supply Chain Integrity and Security

Fortunately, I’m seeing some (but not all) of these core capabilities getting some needed attention, but clearly not enough.  These don’t have simple solutions, so they will take some time.

Page 10 of the NPR provides a graph showing the distribution of FEMA preparedness (non-disaster) grants by core capability for fiscal year 2015.  Planning (approx. $350m) and Operational Coordination (approx. $280m) lead the pack by far.  I’m curious as to what specific activities these dollars are actually being spent on, because my experience shows that it’s not working as well as is being reported.  Certainly there has been some positive direction, but I’m guessing that dollars are being spent on activities that either have negligible impact or actually have a negative impact, such as funding the development of some of the bad plans we’re seeing out there.

I’m curious as to what readers are seeing out in real life.  What capabilities concern you the most?  What capabilities do you see successes in?  Overall, I think everyone agrees that we can do better.  We can also get better and more meaningful reports.  This NPR was a step in the right direction from last year’s, but we need to continue forward progress.

© 2017 – Timothy Riecker, CEDP

Emergency Preparedness Solutions, LLC

Learning From a 10-Year-Old Report

I’ll admit that I’m often dismissive of information, especially in the field of emergency management and homeland security, if it’s over 10 years old.  There is a lot that’s changed in the past 10 years, after all.  But, realistically, for as much as we’ve changed, things have stayed the same.  Arguably, the first decade of this millennium saw much more change in EM/HS than the second decade has, at least so far.  The first decade saw events like 9/11 and Hurricane Katrina.  Yes, there certainly have been major events in this second decade, but none, it seems, were as influential to our field of practice than those in the first decade.

It’s important to reflect upon lessons observed and to examine what lessons we’ve actually learned.  How far have we come in implementing improvements from the 9/11 Report?  What still needs to be accomplished to meet the intent of the Post-Katrina Emergency Management Reform Act (PKEMRA)?  Perhaps when I have some time to devote I’ll review those documents again and look on them reflectively and provide my thoughts here.

Yesterday I received the latest email from DomesticPreparedness.com.  I refer often to their work in my articles.  This weekly brief included an article from one of my favorite authors in this field, John Morton.  I’ve referenced his work in a few of my past articles.  This article, titled The What If Possibility: A Chilling Report, talks about planning for a rogue nuclear attack, the likely lead role the federal government would have to take in response to such an attack (versus a locally-led response), and what the situation would be the day after.  With the threat of North Korean nuclear weapons capability looming, this article was an interesting read and spot-on.  I noticed a problem, though… It referenced Ash Carter as an assistant secretary of defense in the Clinton administration.  While this was true, Carter’s highest office was SecDef under President Obama.  Surely John Morton, with his incredible attention to detail that I’ve come to recognize couldn’t have made this error.

Nope.  No error on his part.  I looked at the date of the article.  June 27, 2007 – over a decade old.  Incredibly, this article is still highly relevant today.  The article does reference the drafting of certain federal plans for nuclear attack.  Plans which I am not privy to, but that must assuredly exist today.  I’m curious as to the model these plans follow, what has been learned from exercising them, and how we might be able to apply elements of these plans to other catastrophic occurrences.

Despite change, so much seems to stay the same. Of course a decade isn’t that long.  Given that emergency management and homeland security are primarily government roles, we have to acknowledge that the (usually necessary) bureaucracy simply doesn’t move that quickly.  Unfortunately, there are things we are far too slow to adopt, not just from a government perspective, but socially.  As a lover of history and sociology, I see lessons observed from the 1900 Galveston hurricane as well as the eruption of Mt Vesuvius in 79 CE.  There is much that history can teach us, if we are willing to listen. Lessons observed, but not learned.

© 2017 – Timothy Riecker

Emergency Preparedness Solutions, LLC

The NIMS Refresh, aka NIMS 3.0

This morning my inbox was inundated with notices from FEMA and from colleagues about the release of the ‘refreshed’ NIMS, which has finally occurred at almost exactly 18 months after the draft of this document was released.  You can find the new document here. 

As I’m reading through the updated document, there are a few things catching my eye:

  • The term ‘center management system’ has apparently been scrapped, thankfully. First of all, there should not be a separate system for managing emergency operations centers (EOCs) and similar facilities.  I’ve seen the greatest success come from an organization model that mirrors ICS.  Second, the acronym CMS is most commonly related to the Centers for Medicare and Medicaid Services, particularly in regard to the CMS rules for healthcare facility preparedness.  (Want to know more about this?  See my article here)
  • Multi-Agency Coordination as a concept is briefly defined and referenced often without being described enough. It’s such an essential concept of incident management, yet it’s being paid very little heed. There is material on a MAC Group, which, while an implementer of multi-agency coordination at a policy level, is not the only multi-agency coordination that takes places within incident management.
  • The final version still uses the term ‘EOC Director’.  This is a term that is fundamentally incorrect when held to ICS doctrine.  Those in charge of facilities in ICS are called managers.  An EOC, even a virtual one, functions as a facility.  Similarly, the EOC analogs to the command staff, should be referred to as ‘management staff’ in an EOC, not command staff.
  • In the draft there were nearly two pages of references to federal EOC-like facilities. It was unnecessary and irrelevant to the document.  Thankfully those references and descriptions were removed.
  • One of my favorite graphics continues to be used! Figure 10 on page 48 is, to me, one of the most meaningful graphics in all of emergency management.  It pays heed to all critical elements in a response and shows the flow of requests and assistance.
  • I’m a big fan of the Essential Elements of Information (EEI) concept included in the Incident Information section of the document. This should serve as a foundation to all situation assessment and size up documents in all public safety disciplines, moving forward.
  • The appendices offer some additional information, but are largely redundant of the core document.

Overall, NIMS 3.0 is a good document to move forward with.  While there are some elements that I don’t necessarily agree with, none of them are damaging to our field of practice.  While NIMS remains our core doctrine for response, what is missing from this document that we saw heavily included in earlier versions was the concept of integrating NIMS into other aspects of emergency management.  Primarily, it is something that must be prepared for.  It simply isn’t enough to include a one-liner in your emergency plans saying that you are using NIMS.  The elements of NIMS, and not just ICS, but things like EOC management, multi-agency coordination, resource management, and joint information management, need to be fully engrained in your plans.  Plans serve as the foundation for preparedness, so what is in our plans must be trained on and exercised in a continuous cycle.  I would have liked to have seen some very apparent reference to the National Preparedness Goal in this document.  Otherwise, it appears to many that these doctrine are unrelated.

Now that the center management system is gone and they were less heavy handed with EOC management concepts, I wonder what that means for training related to EOC management.  The current FEMA curriculum on EOC management is simply horrible (thus why I’ve created EOC management courses for various jurisdictions).

What are your thoughts on the NIMS refresh?  What did they do well?  What did they miss? Was it too safe with too few changes?  Were there other changes needed to improve our coordination of incident management?

As always, thanks for reading!

© 2017 – Timothy Riecker, CEDP

Emergency Preparedness Solutions, LLC

Private Sector Logistics Support for Disasters, aka. To Stockpile or Not to Stockpile

I recently had an article brought to my attention by my friend Keri.  The article is titled Home Depot or Homeland Security and is written by Max Brooks. Before I dive into some commentary on the article and related matters, I want to give a bit of an introduction of Max Brooks.  While many of you may not know of him, you might know of his work; and I’m quite sure you know of his father and his father’s work.  What seems so unlikely is that this article, and others, have been written by Max for West Point’s Modern War Institute.

Max Brooks is the author of, among other books, the New York Times best seller World War Z.  His father is Mel Brooks, who, in my opinion, is the greatest comedic writer and director of all cinema.  Max is a non-resident fellow at the Modern War Institute (MWI).  He has published three zombie-themed books: World War Z, the Zombie Survival Guide, and The Zombie Survival Guide: Recorded Attacks.  I’ve written in the past about the perspective that unorthodox scenarios can bring to homeland security and emergency management.  Max’s writings inspire just that, bringing him to be recognized by the MWI and Naval War College.  You can check out his biography and other information about him here.

As a fellow of the MWI, Max Brooks has been working on a series of lectures and papers.  The one I’m discussing here was posted about a year ago by the MWI.  In his paper, he briefly outlines the role of the Defense Logistics Agency and the importance of the private sector in supporting disaster response and recovery as well as the military.  He smartly identifies this as a potential vulnerability, but I’ve also seen first-hand the reality behind it.

During the 9/11 response, a representative from Grainger sat in the Logistics Section of the NYS Emergency Operations Center.  While the State of New York owns a lot of resources, the availability of those resources, the practicality of moving those resources, and the timeliness of getting those resources to where they were needed (generally the metro-NYC area) sometimes wasn’t workable, despite the nature of the emergency – especially when those resources are more in the nature of supplies and small equipment, and needed in mass quantity.  With several warehouses in and around the metro-NYC area, Grainger could have orders processed and delivered quickly and efficiently.  The same holds true for other companies, which were also leveraged during this response.

Stockpiling is a smart practice, but it needs to be looked at from a practical and fiscal perspective.  The Civil Defense era saw a lot of stockpiling.  Food, water, cots, blankets, radiological detection equipment, fuel, and other supplies.  Most of this went unused for years until officials saw the utility of drawing on these stockpiles in times of natural disaster.  Still, food and water have a shelf life, as does fuel.  Stocks had to be rotated to ensure viability.  Rodents, insects, and water damage goods like cots and blankets.  Mechanical equipment needs to be maintained, even in dis-use.  The physical space, money, and people needed to manage these rarely used stockpiles have a limited return.

Still, stockpiling is a good thing.  You just have to be smart about what you stockpile and where you position it.  Many states maintain several emergency equipment stockpiles.  The purpose of the stockpiles is to support local governments in extended life-safety activities.  Generators, chain saws, and potable water distribution are among the equipment available.  These do, indeed take up space and require regular maintenance.  The prevalence of floods and storms in the northeast, however, make these high demand items by local governments.  The positioning of the stockpiles helps ensure a timely delivery, often with the support of other state agencies.

There are limits, though, to the ability of a government agency to store, maintain, and distribute supplies and equipment.  Some aren’t often requested, so don’t make sense to stockpile.  Others have such a short shelf life or require expensive maintenance that don’t make financial sense.  Still others may very often be available locally, albeit by the private sector.

Emergency management agencies in recent years have not only looked to private vendors to support supply needs, they have also looked to the private sector to model the management of logistics and resource tracking.  Companies like FedEx or UPS, despite leaving my packages at the wrong door, do an unparalleled job of moving and tracking goods.  Companies like WalMart and Target, who are often victims of local disaster impacts themselves, have a presence in disaster areas to not only restore their own operations, but to also provide as much as they can to communities in need.  Lowes and Home Depot have been better able to meet demands prior to and following disasters with tarps, building materials, generators, and sump pumps.  Despite improvements, the bureaucracy of government simply doesn’t have the capability or capacity to move the quantity of goods needed.

While I acknowledge that there is some vulnerability, as Max Brooks points out, in having a third party as a critical component of your supply chain, we also have strength and efficiency through these partnerships.  Emergency management must continue working with private sector partners, locally, nationally, and internationally to strengthen these partnerships and support the private sector in supporting response and recovery endeavors.

What are your thoughts on the depth of involvement of the private sector in supporting response and recovery?  Do we rely on them too much?  If so, what’s our alternative?

© 2017 – Timothy Riecker, CEDP

Emergency Preparedness Solutions, LLC

 

Taking Care of Your Staff After a Disaster

We are slowly seeing Continuity of Operations (COOP) Plans becoming more popular for organizations ranging from government, private sector, and not for profit.  There are numerous lessons learned that promote the benefits of these efforts to reduce the impacts from an incident on your organization, decrease down time, and increase the overall chances of your organization surviving a disaster.  Most COOP plans, however, are focused on organizational operations and mission essential functions, which is great, but organizations must remember that none of these can be performed without staff.

The ability of an organization to care for its staff, to the greatest extent possible, will not only support the organization’s recovery, it’s also the right thing to do.  Consider that taking care of staff also includes taking care of their families.  It’s difficult for a staff member to come to work focused on your mission when they have family members endangered by a disaster.

What can you do?  I don’t think anyone expects their employer to take care of all needs, but a bit of support and understanding go a long way.  If your organization has a direct role in emergency or disaster response or recovery, the support you provide your staff is even more critical.  While I have a number of tips and lessons learned from my own experiences on this, I came across a paper recently published by the US Department of Health and Human Services (HHS) Office of the Assistant Secretary for Preparedness and Response (ASPR).  While ASPR’s mission is to support hospitals and other healthcare facilities, this four-page document provides great information for all organizations.

Remember – the time to prepare is now!

© 2017 – Timothy Riecker, CEDP

Emergency Preparedness Solutions, LLC

Congressional Primer on Responding to Major Disasters and Emergencies

I believe the Congressional Research Service (CRS), which is a research arm of the Library of Congress, publishes an updated version of this document for each Congress.  While the primary audience is Congressional representatives, it provides a good overview of disaster response fundamentals and the relationship between the federal and state/territorial/tribal governments which can be a good reference for many, including practitioners, students, state and local officials, and members of the media.

Give it a look and pass it on to others.

https://www.hsdl.org/?abstract&did=804217

– TR