The U.S. Federal Emergency Management Agency’s (FEMA) operation in Puerto Rico after Hurricane Maria was the largest and longest response in the agency’s history.
Yet, as it had been with its responses to Hurricanes Katrina and Sandy, FEMA was widely criticized for how it handled the disaster, which caused more than $100 billion in damages to the island and killed possibly thousands of people.
There were numerous factors that could have influenced this response. A U.S. Government Accountability Office (GAO) report found that 54 percent of federal emergency personnel were not qualified for the positions they held in October 2017—a month after Hurricane Maria made landfall. This challenge was echoed after Hurricane Katrina as well, largely due to differences between federal hiring processes that emphasize administrative background and education versus those in many state and local emergency management departments that recruit heavily from the fire, law enforcement, and emergency communications services.
FEMA also faced numerous challenges that “complicated response efforts,” the GAO said. These challenges included the timing and overlapping of three major hurricanes that caused staffing shortages and logistical challenges that complicated efforts to deploy resources and personnel quickly.
They also included the overall limited preparedness of the U.S. Virgin Islands and Puerto Rico for a Category 5 hurricane and the “incapacitation of local response functions due to widespread devastation and loss of power and communications,” the GAO explained.
FEMA “essentially served as the first responder in the early response efforts in Puerto Rico,” the GAO found. “FEMA officials said that many services provided—such as power restoration, debris removal, and commodity distribution—are typically provided by territorial or local governments.”
This again highlighted a major lesson learned in the governmental response in New Orleans when planning and infrastructure deficiencies at the local level hindered the federal government’s ability to provide effective support and logistics.
Furthermore, FEMA and other U.S. government agencies also faced challenges in getting personnel on the ground in Puerto Rico to respond to the hurricane because of limitations on air travel and power outages. Instead of using commercial travel, FEMA had to rely on agency partners to provide chartered air transportation.
The GAO’s analysis also found that while officials from Puerto Rico and U.S. Virgin Islands had engaged in disaster preparedness exercises before Hurricane Maria, they had not experienced or stored the resources that would be necessary to respond to a hurricane of its strength. “Specifically, Puerto Rico officials had not considered that a hurricane would cause a loss of power for as long as Hurricane Maria did,” the report said.
The challenges revealed by the response to Hurricane Maria highlight one major concern with emergency management disciplines—that they vary from place to place. Issues arise when the plans, capabilities, and management of the state and local partners receiving emergency management assistance are thwarted by operational issues that may create obstacles to disaster prevention, mitigation, or recovery.
The Role of FEMA
Since 1803, the role of emergency management has morphed from an act of the U.S. Congress requiring that it provide financial assistance to local jurisdictions following disasters to civil defense functions to the current all-hazards approach to continuity of government and disaster recovery.
While the validity of the function of emergency management has never fallen into question, the landscape has changed with the addition of terrorist and active shooter incident mitigation to the already prevalent natural disasters officials plan for, mitigate, and recover from. Emergency managers are responsible for planning for worst-case scenarios.
With FEMA, the U.S. federal government’s ultimate obligation is to help state, local, or individual entities with funding, equipment, and manpower support in overwhelming circumstances. Emergency managers in the private and nongovernmental sector are responsible for the safety of their assets and continuity of essential operations.
Staffing—and even the existence of offices of emergency management—within state and local government agencies, critical infrastructure, education, and business vary widely depending on the area and the scope of the organization.
The role of emergency management has traditionally been defined as a planning and support mechanism for dealing with risk—and risk avoidance—from a broad range of situations. These professionals were normally tasked with disaster planning, emergency communications, command center operations, and obtaining funding for mitigation and recovery.
Emergency managers have had closer relationships with fire services in the past than with the security and law enforcement communities. However, emergency management is integral to the security of organizations, and its integration with the security planning and response landscape is vital to its roles in response to recent major disasters.
To address this area of vulnerability with FEMA, U.S. President Donald Trump appointed Brock Long as FEMA administrator. Before being placed at FEMA, Long worked for the Georgia Emergency Management Agency and was Alabama’s state emergency manager.
The appointment of a career emergency manager marks a departure from prior administrations who typically appointed administrators with no prior experience in disaster management. FEMA is also addressing how it hires, trains, and retains staff to ensure that it is prepared to respond to disasters that may occur simultaneously.
With FEMA revamping its operations and staffing up in response to the latest hurricane season; it is imperative for state, local, and private emergency management to do the same. Many emergency managers outside of the U.S. federal government—and larger states and cities—perform basic business continuity planning to ensure incident survival.
Consideration of security threats is essential to the operational survival of local jurisdictions, businesses, and nongovernmental organizations. Therefore, emergency management must expand its current planning, response, and recovery operations to include security threats to ensure the physical safety of first responders and stakeholders.
Organizations should create emergency management functions within security management roles. Jurisdictions that already have emergency managers can also assess current operations and seek to create preincident working relationships with law enforcement and security agencies. These emergency managers are normally the incident commanders during man-made disasters, like terrorist attacks, until such time as the FBI or law enforcement takes over.
An example of this on the U.S. federal level was illustrated when former President George W. Bush signed the Homeland Security Act of 2002 into law, creating the U.S. Department of Homeland Security (DHS). The act charged the new cabinet-level agency with the mission of protecting the United States from terrorist attacks and minimizing the damage from attacks and disasters. This act incorporated FEMA into DHS.
To ensure that security management and emergency management are working together, the author organized three roles into one directorate while serving as a director for North America’s largest medical board: chief security officer, head of investigations, and emergency manager. This configuration allowed the security department to work with cross-functional staff to create policies, procedures, and countermeasures that would allow the organization to protect its human, physical, and intellectual assets in an efficient way that addressed both emergency mitigation and security threats.
Assuring that emergency management coordinates effectively with all facets of public safety is a key function of mitigation. This differs from other emergency management disciplines in that it presents long-term solutions to reducing risk, instead of accepting that risks exist and preparing, responding to, or recovering from their eventuality.
However, mitigation involves coordination across a wide spectrum of public and private sector stakeholders. For instance, New Orleans officials hampered evacuation efforts after Hurricane Katrina by parking its fleet of buses in a lot susceptible to flooding—which delayed evacuation procedures until a new fleet could be sourced.
In the wake of Hurricane Maria, FEMA conducted its own after-action report—in addition to the GAO analysis—and is making changes to address security planning and mitigation to address the shortcomings of the response in Puerto Rico.
“FEMA…made improvements in staffing for incidents, logistics operations, and refining communications from land mobile radios to satellite communications,” wrote Jim H. Crumpacker, CIA, CFE, director of departmental GAO-OIG Liaison Office for DHS in its response to the GAO report. “Finally, FEMA has updated high priority national level contracts to be better prepared to cope with responding to multiple concurrent disasters across the nation.”
Additionally, FEMA incorporated objectives in its 2018 to 2022 strategic plan, including improving readiness of incident workforce cadres; building staff, equipment, and contract capacity; and streamlining the disaster survivor and grantee experience.
“Disaster can strike at any time and in any place, building slowly, or occurring suddenly without warning,” Crumpacker wrote. “FEMA is part of a larger team of federal agencies, state, local, tribal, and territorial governments, and nongovernmental stakeholders that share responsibility for emergency management and national preparedness.”
Those in charge of security for a particular location need to cross-plan for natural disasters and environmental threats. They also need to factor in the probable response by their federal, state, and local partners.
Just as threats like active shooters, unpermitted protests, and flash mobs have changed the face of security management, security threats have changed the face of emergency management. It’s incumbent upon security and emergency management professionals to work together before an incident to plan and assess their threats accordingly.
A. Benjamin Mannes, CPP, CESP, is the former director, Office of Investigations, for the American Board of Internal Medicine, and has served federal, municipal, and nongovernmental employers in law enforcement, intelligence, and homeland security capacities throughout the continent. He currently serves as a public safety and security consultant and can be contacted at www.mannesandassociates.com.
HOW TO DIAGNOSE YOUR EMERGENCY MANAGEMENT CAPABILITIES
An EVALUATION OF emergency management capabilities begins with questions such as:
If a local jurisdiction is growing exponentially, is the state of its local emergency management planning addressing that growth and forecasting worst-case scenario needs?
If a transit agency’s emergency plans rely on local emergency management capabilities, does the local team have an independent office of emergency management that can weigh its geographic footprint in areas that may have minimal first responder capabilities?
Does a private sector organization include the principles of professional corporate security and emergency management in its business continuity planning?
If the organization relies on public sector stakeholders in emergency management, has it evaluated the effectiveness and track record of their plans and performance when conducting internal emergency management planning?
These questions are critical because private organizations face some of the same challenges as government agencies when addressing emergency management. For instance, medical board administrators secure examinations that have copyrighted trade secrets; the workplace is secured in a similar manner to government offices where classified information is stored. During an emergency, such as a fire, a conflict could arise between security policy and local laws requiring access doors to automatically unlock—enabling people to evacuate the building but also providing access to criminals to steal from the facility.