By Daryl Lee Spiewak, CEM, TEM, Lead Trainer for the CEM Commission

Last month we started our discussion of the first of ten sections of the Implementation standards beginning with Common Plan Requirements. This month we will be describe the second and third sections of the Implementation standards — Prevention and Mitigation.

The NFPA® 1600 version 2013 defines prevention as “Activities to avoid or stop an incident from occurring.” The standard defines mitigation as “activities taken to reduce the impact from hazards.” Note the differences here. Prevention is concerned with incidents, while mitigation is concerned with hazards.

We know many hazards cannot be eliminated, particularly natural hazards, but we can take actions to avoid vulnerabilities from those hazards should they become incidents. The two activities go hand in hand. Thus I am covering them together in this article.

Prevention Requirements

The NFPA® 1600 version 2013 describes four parts to the Prevention requirements. They are:

1. The entity shall develop a strategy to prevent an incident that threatens life, property, and the environment.
2. The prevention strategy shall be kept current using the information collection and intelligence techniques.
3. The prevention strategy shall be based on the results of hazard identification and risk assessment, an analysis of impacts, program constraints, operational experience, and a cost-benefit analysis.
4. The entity shall have a process to monitor the identified hazards and adjust the level of preventive measures to be commensurate with the risk.

Mitigation Requirements

The 2013 NFPA® 1600 version describes three parts to the Mitigation requirements. They are:

1. The entity shall develop and implement a mitigation strategy that includes measures to be taken to limit or control the consequences, extent or severity of an incident that cannot be prevented.
2. The mitigation strategy shall be based on the results of hazard identification and risk assessment, an analysis of impact, program constraints, operational experience, and cost-benefit analysis.
3. The mitigation strategy shall include interim and long-term actions to reduce vulnerabilities.

The majority of emergency managers understand mitigation. We can reduce or limit the size of the hazard (amount of chemicals stored onsite); remove or eliminate the hazard (eliminate the chemical or change the process to a less hazardous chemical); control the rate of release; establish a hazard warning and communication process/procedures; create a redundancy or diversity of essential personnel, critical systems, equipment, information, operations or materials; avoid hazards through appropriate land use practices; relocate, retrofit or remove structures at risk; and enforce applicable building code and construction standards.

On the other hand, prevention appears at first to be a law enforcement activity – preventing intentional human-caused incidents, like terrorism. These activities are usually referred to as deterrence or disruption, but they can include additional activities such as “gathering intelligence and information and implementing countermeasures, such as enhanced surveillance and security operations; and conducting investigations to determine the nature and source of the threat.” With accidental human-caused incidents, prevention activities can include “accident prevention and safety programs that reduce the frequency of workplace accidents.” Finally, with technology-caused incidents, prevention activities can include the “implementation of network and information security programs to help prevent penetration of networks and to intercept malware; and analyses of the vulnerability of systems to identify means to prevent incidents caused by interruption, disruption, or failure of technology.”

Other common prevention activities include: immunizations, isolation or quarantine; background checks and access controls; land use restrictions; backup and alternate power sources; cyber security; and crime prevention activities.

References

For information and discussion on Implementation (2 and 3): Prevention and Mitigation, refer to the recommended FEMA Independent Study courses and other related references mentioned below. Do not confuse these general resource requirements with the specific procedures found within your organization. While an emergency manager needs to understand and know local procedures to be effective in the position, those procedures could easily differ from the general procedures discussed in the study references and are not found on Independent Study (IS) courses that candidates should review when studying the Common Plan Requirements are:

• IS 1a – Emergency Manager: An Orientation to the Position.
• IS-36 – Multihazard Planning for Childcare.
• IS-55a – Household Hazardous Materials – A Guide for Citizens.
• IS 230d – Fundamentals of Emergency Management.
• IS-271a – Anticipating Hazardous Weather and Community Risk, 2nd Edition.
• IS-318 – Mitigation Planning for Local and Tribal Communities.
• IS-319 – Tornado Mitigation Basics for Mitigation Staff.
• IS-320 – Wildfire Mitigation Basics for Mitigation Staff.
• IS-321 – Hurricane Mitigation Basics for Mitigation Staff.
• IS-322 – Flood Mitigation Basics for Mitigation Staff.
• IS-323 – Earthquake Mitigation Basics for Mitigation Staff.
• IS-340 – Hazardous Materials Prevention.
• IS-394a – Protecting Your Home or Small Business from Disaster.
• IS-915 – Protecting Critical Infrastructure Against Insider Threats.

Next Month

Next month we will describe the Crisis Communications and Public Information, and the Warning, Notifications, and Communications sections of the Implementation standard. We also will provide a recommended list of FEMA Independent Study courses and/or other references to study.

IAEM Bulletin, July 2014

AEM^® and CEM^® are registered trademarks of the International Association of Emergency Managers.