Emergency Management Presented by Steve Davis Principal, DavisLogic & All Hands Consulting
Comprehensive Emergency Management
Incident Command System (ICS)
Are We Ready For Anything? Eighty-one per cent of CEOs say that their company's plans were inadequate to handle the myriad of issues arising from the World Trade Center tragedy
What is Emergency Management?
Emergency Management is the process of mitigating threats and preparing for, responding to, and recovering from an emergency.
Planning is only one component of a CEMP. Hazard mitigation, preparedness, training, testing, and coordination are all equally important activities.
What’s an Emergency?
An unexpected situation or event, which places life and/or property in danger and requires an immediate response to protect life and property.
“Organized analysis, planning, decision-making, and assignment of available resources to mitigate, prepare for, respond to, and recover from the effects of all hazards. The goal of emergency management is to save lives, prevent injuries, and protect property and the environment if an emergency occurs.”
Comprehensive Emergency Management (CEM)
An integrated approach to the management of all emergency programs and activities for all four emergency phases (mitigation, preparedness, response, and recovery), for all types of emergencies and disasters (natural, man-made, and attack.)
Includes continuity, disaster recovery, and related activities.
Contains policies, authorities, concept of operations, legal constraints, responsibilities, and emergency functions to be performed. Agency response plans, responder SOPs, and specific incident action plans are developed from this strategic document.
Provides the framework for development, coordination, control, and direction of all CEM planning, preparedness, readiness assurance, response, and recovery actions
The plan documents the program
The overall coordination of an organization's response to a crisis, in an effective, timely manner, with the goal of avoiding or minimizing damage to the organization's profitability, reputation, or ability to operate.
CEM Planning Activities
Conducting a Hazard Identification and Vulnerability Assessment;
Obtaining executive support;
Developing a work schedule;
Assembling and coordinating the plan; and,
Maintaining the plan and the program.
The Four Phases of Emergency Management Mitigation Recovery Preparedness Response
Mitigation is any action of a long-term, permanent nature that reduces the actual or potential risk of loss of life or property from a hazardous event.
Building and Facility Design
Critical Infrastructure Protection
Acquisition or Relocation of Structures
Hazards Control Measures
Public Education, Awareness, Outreach
Preparedness is planning now on how to respond in case of emergency in order to protect human lives and property, and developing capabilities and programs that contribute to a more effective response.
Establishing an Emergency Management Program
Training and Education
Tests and Exercises
Emergency response activities are conducted during the time period that begins with the detection of the event and ends with the stabilization of the situation following impact.
Implement Preparedness Measures
Emergency Response Teams
Provide Emergency Assistance
Confront Hazard Effects & Reduce Damage
Enhance Recovery Potential
Recovery refers to those non-emergency measures following disaster whose purpose is to return all systems, both formal and informal, to as normal as possible.
Debris Clearance (non-critical)
Develop Recovery Strategy
Civil Defense/Emergency Preparedness
Business Continuity/Contingency Planning
Crisis or Consequence Management
Disaster Recovery, Management or Services
Hazard Management or Mitigation
Recovery/Business Resumption Planning
What Does Comprehensive Emergency Management Include?
Comprehensive Emergency Management Contingency Planning Disaster Recovery Security Business Continuity Crisis Communications Traditional Emergency Management
CEMP Plan Components Check Valve Flood Proofing Prevention Prevent or Reduce Impact Mitigation Use Manual Process New Equip. New Bldg. Dry Out & Restart Hot Site Recovery Solution Loss of Application Building Fire Laboratory Flood Mainframe or server failure Example Event Make Do Return to Normal Process Recovery Data Recovery Focus Process Workaround Process Restoration Critical Business Processes Critical Computer Apps Objective Contingency Planning Business Resumption Business Continuity Disaster Recovery CEMP
Emergency Planning Concepts
Incident Command System (ICS)
All Hazards Addressed
All-inclusive – Everyone Participates
Emergency Response Coordination
Effective Crisis Communication
Training for Responders and Employees
Communication and Information Sharing
Assess - identify and triage all threats (BIA)
Evaluate - assess likelihood and impact of each threat
Mitigate - identify actions that may eliminate risks in advance
Prepare – plan for contingent operations
Respond – take actions necessary to minimize the impact of risks that materialize
Recover – return to normal as soon as possible
Emergency Support Functions
1 Laws and Authorities 2 Hazard Identification and Risk Assessment 3 Hazard Management 4 Resource Management 5 Planning 6 Direction, Control and Coordination 7 Communications and Warning 8 Operations and Procedures 9 Logistics and Facilities 10 Training 11 Exercises 12 Public Education and Information 13 Finance and Administration
A “Standard on Disaster/Emergency Management and Business Continuity.
It may become the industry standard for all organizations, including governments and businesses.
Describes the basic criteria for a comprehensive program that addresses disaster recovery, emergency management, and business continuity.
Addresses methodologies for defining and identifying risks and vulnerabilities and provides planning guidelines which address:
Restoration of the physical infrastructure
Protecting the health and safety of personnel
Crisis communications procedures
Management structures for both short-term recovery and ongoing long-term continuity of operations
Capabilities Assessment for Readiness
The aim of a CAR project is to research, identify, and report on the scope of the Organization’s Emergency Management Program to ensure compatibility with federal and state emergency management standards.
The report will support strategic planning by identify program areas needing immediate development, updating, or improvement, and those elements to be accomplished during the later planning phases.
Capabilities Assessment for Readiness Benefits
Identify existing strengths and weaknesses
Evaluate the current state of readiness
Develop strategic plans to improve identified weaknesses for terrorism and other threats
Justify existing program staffing and budget
Demonstrate need for additional program development resources, e.g. staff, budget, support from other community agencies, etc
Support professional development and accreditation programs
Using the Incident Command Structure
The Incident Command System in use today is an outgrowth of California’s FIRESCOPE program developed in the 1970s to improve management of large wildfires.
It was designed to provide a commonly accepted management structure that would result in better decisions and more effective use of available resources.
It was specifically designed for incidents that involve many local, state, and federal agencies and multiple political jurisdictions.
Incident Action Plan
Span of Control
Unity of Command
Common ICS Terminology
Operations, Intelligence, Logistics, and Finance.
Functions pre-designated and named for the ICS.
Refers to the combination of personnel and equipment used in response and recovery.
Common identifiers used for those facilities in and around the incident area which will be used during the course of the incident. These facilities include the command center, staging areas, etc.
ICS's organizational structure is modular.
As the need arises, functional areas may be developed.
Several branches may be established.
Structure based upon the needs of the incident.
One individual can simultaneously manage all major functional areas in some cases.
If more areas require independent management, someone must be responsible for that area.
Typical EOC Organization Emergency Response and Recovery Teams
Cisco’s EOC Based on the Incident Command System
In Charge at the Incident
Assigned by Responsible Jurisdiction or Agency
May Have One or More Deputy Incident Commanders
May Assign Personnel for Command Staff & General Staff
Manages the EOC - not the incident
Makes sure everything is working
Maintains a safe environment
Facilitates and coordinates
EOC Staff Members
Check-in with the EOC Manager.
Review the situation report (SitReps) and incident logs.
Make sure that your name is listed on the current EOC organization chart.
Review the staff Operating Guide (SOG) and set up your work station.
Start an incident log which details your actions (chronologically.)
Incident Action Plan (IAP) Concepts
Planning process has been developed as a part of the ICS to assist planners in the development of a plan in an orderly and systematic manner.
Incidents vary in complexity, size, and requirements for detailed plans.
Not all incidents require detailed plans.
Incident Action Plan (IAP) Responsibilities
Planning Chief - conducts a planning meeting and coordinates preparation of the incident action plan.
Incident Manager - conducts planning meeting and coordinates preparation of the IAP.
Operations Chief - conduct the planning meeting and coordinates preparation of the IAP.
Finance Chief - provides cost implications of control objectives as required.
Logistics Chief - ensures resources.
IAP Meeting Participants
For major incidents, attendees should include:
Command and general staff members
Resource unit leader
Situation unit leader
Communications unit leader
Technical/Specialists (As Required)
Agency representatives (As Required)
IAP Briefing on Situation and Resource Status
The planning section chief and/or resources and situation unit leaders should provide an up-to-date briefing on the situation as it currently exists.
Specify Tactics for Each Division.
Place Resource and Personnel Order.
Consider Communication Requirements.
Finalize, Approve, and Implement the Incident Action Plan.
It’s Not Enough Just to Plan
Use focus groups and brainstorming
Seek “what can go wrong”
Find alternate plans & manual work arounds
Find innovative solutions to risks
Plans must be exercised
Hold table top exercises for disasters
Conduct “fire drills” of plans
Train staff for action during emergencies
Be creative but not too creative
Think about how bad it should be
Loss of Lifelines?
Supply Chain Disruptions?
Develop likely scenarios and develop scenario-based plans
Emergency Operations Centers
The Purpose of the EOC
The EOC’s purpose is to coordinate incident information and resources for management .
The EOC must receive, analyze, and display information about the incident to enable CEO decision-making.
The EOC must find, prioritize, deploy, and track critical resources.
The EOC must enhance decision making, communication, collaboration, and coordination.
The EOC is really a place where:
Meet in cramped conditions
To play unfamiliar roles
Making unpopular decisions
Based on inadequate information
In much too little time
While drinking way too much coffee….
A Good Concept of Operations
What Makes the EOC Work?
Basic Management Functions
Incident Action Planning
Unity of Command
Span of Control
What Makes the EOC Work?
The Challenge of Coordination
The Ideal Information System
Easy to use and robust information and decision management system
Central command and control
Early alert communications function
Event tracking and logging
SOP and automated check lists
Documentation of response actions for due diligence
A “Virtual EOC” enables managers to:
participate in critical decision-making processes regardless of physical location
effectively direct and control resources
automate processes and methodologies
assign and track tasks
efficiently communicate real-time information
protect communication and data with needed redundancy and flexibility
Advantages of a Virtual EOC
Augments physical centers
Anyone, anywhere can participate
Ease of use, flexibility
Requires shared communications and data
Data can be hosted off-site using redundant servers in hardened sites
Little or no infrastructure required – uses readily available Internet technology
Lead a top-notch team
Assess all hazards and risks
Complete and test contingency plans
Design a robust Command Center
Drill the Command Center
Implement a system for command, control, communication, and intelligence
A Good Plan "The plan is nothing. Planning is everything.“ General Eisenhower