PPBI - 1702-ppbi - Disaster Recovery Journal

Return to the
Spring 2004 Issue

DISASTER RECOVERY
JOURNAL

P. O. Box 510110
St. Louis, MO 63151
(314) 894-0276
Fax: (314) 894-7474
Internet www.drj.com
E-mail drj@drj.com

PUBLISHER &
EDITOR-IN-CHIEF
Richard L. Arnold, CBCP
richard@drj.com

SENIOR EDITOR
Janette Ballman
janette@drj.com

MANAGING EDITOR
Jon Seals
jon@drj.com

COPY EDITORS
Richard Sandhofer
richards@drj.com
Pamela Clifton
pamelaclifton@hotmail.com

ADVERTISING
Robert Arnold
bob@drj.com

_____________

Corporate

President/CEO
Richard L. Arnold, CBCP
richard@drj.com

Vice President
Robert Arnold
bob@drj.com

CONFERENCE COORDINATOR
Patti Fitzgerald, CBCP
patti@drj.com

CONFERENCE REGISTRAR
Merce Knese
mercedes@drj.com

CIRCULATION
Laura Baugh
laurab@drj.com

EXECUTIVE COUNCIL
Jeff Dato, MBCP, KPMG
John Jackson, IBM
Edward S. Devlin, E.S. Devlin & Associates
James Hammill, CBCP, JMH Consulting Inc.
Pat McAnally, SunGard Availability Services
Brian Turley, Strohl Systems
Belinda Wilson, Hewlett-Packard

INTERNATIONAL
CONTACTS
England: Thom Hetherington
Business Continuity
Phone: 0161-237-1007
thomh@tempus.demon.co.uk

Australia: Anthony J. Harvey
Journal of Business Continuity
Phone: 0011-613-953-0055-8
fax: 0011-613-953-0528
sector@notability.com.au

Japan: Shinji Hosotsubo
Quake Japan Co., Ltd.
Phone: 03-3215-2880
fax: 03-3215-2881

Brazil: Jose Carlos Ferreira
Disaster Recovery Mercosul
Phone: 55 11 3666-9506
conc2000@uol.com.br
www.drms.com.br

Click Here for a Printable Version

Emergency Management Accreditation: The New Wave?

By DR. THOMAS D. PHELAN

Certification of individuals as qualified business continuity planners at various levels of experience and competence is well established in our practice. A number of our colleagues are certified by DRII and IAEM as either Certified Business Continuity Professionals or Certified Emergency Managers respectively. New on the horizon is an emergency management accreditation program created for public emergency management programs.
The plan works like the standard compliance program designed by the National Fire Protection Association (NFPA) or NFPA 1600: Standard for Disaster/Emergency Management and Business Continuity Programs. NFPA 1600 development began in January 1991 and recommended practices in 1995. In 1998 it underwent restructuring and the first standard became available in February 2000. It has since been under discussion, review, and commenting for a new, revised version.
In addition to NFPA’s effort, private and not-for-profit organizations have created audit checklists and assessments that can be used by emergency managers to review, assess, and revise existing plans. Firms have offered audit services to municipalities and corporations including vulnerability assessments, crisis management audits, and business continuity/incident management “maturity models.” PPBI, for example, developed an incident management maturity model based on a self-assessment of those aspects of an incident management plan recommended in NFPA 1600. The model was first presented at DRJ in San Diego, and has since been revised, reviewed and improved through input and feedback from companies and municipalities who volunteered to use the instrument and comment on it. It was the focus of a DRJ workshop in Orlando, 2004, after it was revised.
The approach an organization might take to achieving accreditation or in conducting a reliable audit may depend on the budget. Self-assessment is by far the least costly. More in-depth assessment, including a visit from an on-site professional assessment team, is more expensive. Private firms offering vulnerability assessments or program evaluations appear to be the most highly respected and the most thorough. Selecting an assessment firm may be a matter of budget, firm reputation, expertise, or individual certification of the assessors.
The newly created Emergency Management Accreditation Program (EMAP) reportedly grew from a commission from the State Council of Governments in January 2002. It is comprised of nine commissioners, each with a three-year term. They are emergency management practitioners, government officials and public safety representatives. Their stated purpose is to “evaluate and improve delivery of emergency management services to the public through accreditation of government programs.” The EMAP intent is to “promote consistent, high-quality state and local emergency management programs.” EMAP has conducted pilot tests at the state and local levels since August 2001. It opened for state program accreditation applications in April 2002, and about 15 assessments have been conducted to date. EMAP is a voluntary program. EMAP standards describe elements that constitute an effective program. It appears that EMAP has included three categories in addition to the NFPA 1600: (1) Hazard ID and risk management, (2) hazard mitigation, and (3) planning. According to sources, EMAP standards include NFPA language plus the EMAP additions.
After a minimal, initial registration fee is paid, an 18-month period is started during which the entire accreditation process is to be completed. There is an on-line self-assessment, a submission of materials for EMAP review, an on-site assessment team visit, an assessment report, and a committee recommendation to the commission for an accreditation decision. Total fees for the program are on a sliding scale based on population of the municipality seeking accreditation. Fees range from about $2,000 to $6,500 plus the ordinary travel expenses associated with the on-site visit. Assessors are trained by EMAP, but not compensated for their on-site assessment activity.
What are the benefits of accreditation? The process provides emergency management professionals with an opportunity to assess their program against established national standards (notably NFPA 1600). It provides discipline and accountability through regular review, maintenance, and documented compliance with standards and best practices. It provides a common structure for review and analysis among state and local government programs nationwide. And, it provides citizens with tangible evidence of their jurisdiction’s compliance with such standards.
Is accreditation the wave of the future? The jury is still out. Reputable organizations, many of which regularly attend DRJ conferences as exhibitors, provide extensive vulnerability assessments, audits, and make valuable recommendations to businesses and municipalities of all sizes and in all locations. The NFPA on-line catalog offers tools for assessments based on the 1600 standard. PPBI offers a free self-assessment checklist and a workshop on its use. Clearly, the more thorough and in-depth the assessment, the more it will cost. The decision is yours to make.
The important factor, in my opinion, is to assess and evaluate your plan; to compare it to best practices and available standards; and to utilize the highest level of expertise, experience, and professional scrutiny your budget will allow.
For more information on EMAP, go to www.emaponline.org. For a complete list of NFPA standards, www.nfpa.org. To request PPBI’s Ultimate Audit BCP Checklist: Best Practices for an Incident Management Plan, contact PPBI at ppbimail@twcny.rr.com. For an excellent overview of professional vendor assessment tools, visit the vendor exhibition at the next DRJ conference in San Diego.

Dr. Thomas D. Phelan is president of Strategic Teaching Associates, Inc., a founding member of the U.S. Department of Homeland Security, and training coordinator for PPBI. He is also a member of the DRJ Editorial Advisory Board.

To comment on this article, go to 1702-ppbi at www.drj.com/feedback