CIP Update

September 12, 2008

This newsletter is for public agencies, businesses, non-governmental organizations, and other stakeholders involved or interested in public-private partnerships for joint emergency preparedness, mitigation, response, and recovery.

Michigan State University (MSU) produces the newsletter through the Critical Incident Protocol (CIP)-Community Facilitation Program under a grant awarded by the Training & Exercise Integration/Training Operations, Federal Emergency Management Agency, U.S. Department of Homeland Security. This newsletter provides ideas, suggestions, best practices, and lessons learned to establish critical incident protocols using public-private partnerships.

Michigan State University through the CIP Program will “enhance cities, counties, and region’s capabilities to prepare for, respond to, and recover from man-made and natural disasters through public and private sector collaboration, communication, and cooperation.”  MSU facilitates public-private partnerships and the CIP Program is free of charge to participating communities.

Please visit our website at www.cip.msu.edu for more information about the program.

Participating Communities in the CIP Program
The CIP Program has been initiated in 42 communities in 23 states with over 3,400 participants establishing community public-private partnerships for joint management of critical incidents. We are looking to work with other cities, counties and regions. Is there a location in the nation that you think may be interested in developing a public-private partnership? If so, please let us know.

Currently, we are working with the following communities:
Alabama:  Hoover
Arizona Casa Grande
California Mountain View
Colorado:  Littleton
Connecticut:  Norwalk

Florida:  Western Panhandle
Illinois:  Lake-Cook Regional, Libertyville
Indiana:  Evansville
Kansas Douglas County
Maryland Annapolis, Carroll County, Rockville
Michigan Marquette County, Monroe, Oakland County
Missouri/Illinois:  Gateway Citizen Corps Coalition, St. Louis
Montana:  Lewis & Clark County
Nevada Clark County
North Carolina:  Buncombe County, Greensboro
Ohio:  Brooklyn
Pennsylvania:  Allentown, Bethlehem, Northampton County, Perkiomen Valley

South Carolina:  Columbia, Horry County
Texas:  Dallas
Utah:  Layton, Sandy City
Virginia:  Arlington County, Richmond
Washington:  Redmond
Wisconsin Brown County, Dane County, Eau Claire County, Milwaukee, Outagamie County, Racine County, Superior, Winnebago County

CIP Program Activities

September 14/15, 2008:  Atlanta, GA (ASIS Conference)

September 26, 2008: Detroit, MI (Initiating the CIP Program)

September 30, 2008: Naperville, IL (Initiating the CIP Program)

October 7, 2008:  Dane County, WI (Facilitating Tabletop Exercise)

October 16, 2008:  Clark County, NV (Facilitating Tabletop Exercise)

October 21, 2008:  Atlanta, GA (IEDC Conference)

October 29, 2008:  Richmond, VA (EPA Conference)

NFPA 1600 - Disaster / Emergency Management and Business Continuity Programs
The National Fire Protection Association (NFPA) released their 2007 edition of the NFPA 1600 Standard.  When working with communities in the CIP Program, we encourage businesses to incorporate this standard into their emergency preparedness plans.  With the release of Public Law 110-53, the new voluntary private sector accreditation and certification program, there has been discussion within the federal government that NFPA 1600 “might” be one of the standards that businesses could use in this program.

The non-profit NFPA international organization has been in existence over 100 years and provides codes and standards, research, training, and education on fire prevention and public safety.  NFPA 1600 is an excellent resource that addresses preparedness, mitigation, response, and recovery.  Organizations can use NFPA 1600 to assess current programs or to develop, implement, and maintain aspects relating to this standard.

NFPA 1600 has introduced prevention as a fifth component in the 2007 edition.  According to NFPA (2007), this brings the standard into alignment with related disciplines and practices of risk management, security, and loss prevention.  In Annex A of the document, a prevention strategy includes:

·       Ongoing hazard identification

·       Threat assessment

·       Risk assessment

·       Impact analysis

·       Program assessment

·       Operational experience

·       Ongoing incident analysis

·       Information collection and analysis

·       Intelligence and information sharing (NFPA, 2007)

For more information about NFPA or the NFPA 1600 Standard, please go to www.nfpa.org.  Additionally, the 'CIP Information Exchange' website contains the 2007 edition of NFPA 1600 - Standard on Disaster / Emergency Management and Business Continuity Programs.

The Protective Security Advisor and Critical Infrastructure Protection
The U.S. Department of Homeland Security Protective Security Advisor (PSA) focuses on critical infrastructure protection, in addition to other job responsibilities.  To better partner with state governments, local communities, and businesses, the PSA professional has an average of 20 years of anti-terrorism and security experience.  These critical infrastructure and vulnerability assessment experts provide a federally funded resource to communities and businesses to assist in the protection of critical assets.  PSA professionals are assigned to each state.

The role of the Protective Security Advisor is to:

·       Support the development of the national risk picture by assisting in identifying, assessing,

  monitoring, and minimizing risk to critical assets at the local or regional level.

·       Facilitate, coordinate, and / or perform vulnerability assessments for local critical

  infrastructure and key resources.

·       Assist in and support comprehensive risk and physical / technical security analyses.

·       Provide guidance on established security practices.

·       Convey local concerns to DHS and other federal agencies.

·       Communicate requests for federal protection training and exercises.

·       Provide local context and expertise to DHS to ensure that community resources are used

  appropriately, efficiently and effectively (Weber, 2006).

To locate a PSA professional in your state, either contact your state homeland security department or call the PSA Duty Desk, Risk Management Division at (703) 235-5724.

Measuring the Effectiveness of a Partnership

There are several different public-private partnerships that are formed as a result of a common interests or regulatory issues.  Partnerships are developed at local, state, regional, national, and international levels.  The CIP Program is a partnership program funded by Training and Exercise Integration, U.S. Department of Homeland Security; therefore, the program is provided for through federal tax dollars.  It is important that processes are analyzed to ensure that DHS programs are meeting the mission and needs across all levels.

The CIP Program creates or enhances a public-private partnership and encourages participation from individuals at the decision-maker level (executives, administrators, managers, etc.) for cities, counties, and regions.  MSU administers two to four workshops over a period of six to twelve months to build the partnership. 

How do you measure the effectiveness of a partnership?  MSU administers the social capital survey which measures the level of networking and critical incident preparedness in communities.  In addition, the survey assesses perceptions of community groups and public agencies relative to the implementation of partnerships to solve community problems.  Feedback from the survey assists the community in identifying strengths and weaknesses in the experiences and relationships of the participants, particularly in the area of the joint critical incident preparedness. 

The results of respondents from 21 communities who completed the survey during the CIP Program are highlighted below.   Individuals who answered “yes” to the following questions are reported in the findings, which contain pre-test and post-test percentages. 

·       Does your organization have a critical incident response plan?  An increase from 87% to

     93%

·       Did you participate in joint public/private sector meetings during the development of your

     organization’s response plans? An increase from 35% to 52%

·       Was a common incident command system adopted by public/private sectors in your

     community?  An increase from 72% to 88%

·       During a critical incident, or exercise, have you participated in a joint incident command

     post?  An increase from 40% to 51%

·       Is there a joint public/private sector taskforce in your community focusing on security or anti-

     terrorism?  An increase from 68% to 83%

·       Have you participated in joint public/private sector exercises within your present

     organization during the past two years?  An increase from 44% to 60%

The social capital survey also measures the level of networking and attitudes toward community groups.  If you would like to know more about social capital, please contact MSU staff or visit our website at www.cip.msu.edu; go to the menu and click on social capital.

Planning and Crisis Management Methods

When businesses and non-profit organizations partner with the public sector for critical incident management, there are several steps that should be included in the process.

§       The first step of emergency planning is to evaluate the risks or threats to your organization.

§       Determine how public and private sector resources can be shared.

§       Create a centralized database of the resources.

§       Partnership planning facilitates more efficient and effective business resumption and

     recovery.

§       Planning should also focus on recovery, as this is often the weakest link between the

     business community and public sector.

§       Managing events through collaboration and cooperation minimizes the impact of natural or

     man-made disasters.

§       Emphasis should be placed on mitigation; a strong partnership will enhance that process.

§       Joint exercising will quickly identify shortfalls and gaps.

§       Partnership planning creates knowledge of limitations, resources, strengths, and

     challenges.

An Excellent Resource for Partnerships

The Critical Incident Protocol – A Public and Private Partnership is a 42-page how-to-guide that discusses the mutual benefits of joint planning, the value of leadership, why and how to conduct a risk assessment, critical incident planning, exercising and training, mitigating the impact of a crisis, how to collaborate with the media, emergency response, and the importance of recovery and business resumption.  It contains additional resources as well, including personal statements from both public and private sector leaders.

Some statements of interest from the publication are listed below.

Both the public and private sectors commented that support for the partnership process must start from the top.  Too many managers and community administrators are still in a state of denial or hoping disasters won’t happen on their watch. (Jones, 2000, p.7)

A fire chief said that a major industry in his community was talking about leaving town and as a result he had been informed by his city manager that the fire truck the department was planning to buy was no longer budgeted.  The same circumstances could occur in a community if a business was hit with a disaster. (Jones, 2000, p.5)

One community that had a very strong public/private partnership in place received an excellent return from their request for a risk survey. Fortunately, the value of returns has not yet been put to test.  (Jones, 2000, p.11)

A community said their ability to prepare and respond to emergencies is a factor in the community’s quality of life and attractiveness to new businesses.  (Jones, 2000, p.13)

A corporate security director said that a Local Emergency Planning Committee (LEPC), as mandated by EPA regulations, might be a good forum to critique actual event responses and to share lessons.  These groups are found typically at the county level and can be a valuable resource. (Jones, 2000, p.14)

One security manager said that he didn’t think the public incident commander knew in some cases the tremendous resources available to them in an emergency.  It is just there for the asking.  (Jones, 2000, p.17)

This publication is relevant for today’s business, agency, or non-profit leader.  To view or download the publication, please visit our website at www.cip.msu.edu and click on “Booklet” on the main menu.

Next Steps for Communities Participating in the CIP Program

In the CIP Program, there are two to four workshops with each community over a period of six to twelve months.  Break-out sessions are utilized during the first workshop to build the partnership between the public and private sectors.  These break-out sessions are designed so that participants may become acquainted with one another and discuss an emergency preparedness topic common to both sectors.  By the end of the day, they have discussed the value of partnership building, joint emergency response, command and control, risk assessment, and more.  Participants have realized there are other topics that need further discussion between the public sector and business community.

We note the topics that communities elect to incorporate into their future agenda.  Here are some of the ideas that were presented from the CIP workshops around the nation, which may be of value to you. 

Recent Postings to the CIP Information Exchange Website
The CIP Information Exchange website is a large database for public and private sector professionals interested in homeland security, emergency preparedness, business continuity, disaster recovery, and emergency management.  It also contains research publications, government documents, news items, and more.

To enter the CIP Information Exchange website, please go to https://angel.msu.edu and click on Angel Guest Account from the drop-down menu.  Click on proceed and in the next webpage box, enter “msu.msu@angel” and “partnership” (both without quotation marks) as the password. On the next page, click on Critical Incident Protocol (CIP) – Community Facilitation, which launches the main menu.

Located in the folder "Bulletin Board - Information for all Communities" are a variety of recent postings, including:

·       Small Businesses Are Unprepared For Power Outages - Survey of 451 Small Businesses

·       Predicting Organizational Crisis Readiness: Perspectives and Practices Toward a Pathway to Preparedness

·       Legal Risks & Solutions in Disaster Management & Business Continuity Planning

There are numerous other resources located on the website. To locate a specific topic, utilize the "search" function. 

Past Newsletters
If you are interested in viewing past CIP Update newsletters, please go to www.cip.msu.edu and select "Newsletters" from the main menu.

Closing
If you have any topics and/or ideas for a future CIP Update newsletter, please contact Brit Weber at weberbr@msu.edu or (517) 355-2227 or other MSU staff members. About every three weeks you will receive this newsletter via email. If you no longer wish to be on this list, please reply to this email.

Disclaimer
The views expressed here are those of the author and do not necessarily reflect the views of the U.S. Department of Homeland Security or Michigan State University.

Sources

Jones, R.W.  (2000).  Critical Incident Protocol – A Public and Private Partnership.  U.S. Department of Justice, Office of Justice Programs, Office for Domestic Preparedness. p. 1-40.

NFPA.  (2007).  NFPA 1600 Standard on Disaster/Emergency Management and Business Continuity Programs.  p.1-57.  Retrieved on September 11, 2008 from:  http://www.nfpa.org/assets/files/PDF/NFPA1600.pdf.

Weber, B.  (June 09, 2006).  'CIP Update' newsletter.  The Protective Security Advisor - U.S. Department of Homeland Security (DHS) article.